[Sohcahtoa82]

My thoughts on microservices...

They're fine. But what's NOT fine are nanoservices. I did security on a project once where it seemed that every function was its own microservice. User registration, user login, and password resetting were each a separate microservice. It was an utter nightmare.

[zkldi]

Reminds me of this classic: https://www.youtube.com/watch?v=y8OnoxKotPQ

[Sohcahtoa82]

How have I not seen this channel before?

I'm realizing that the YouTube algorithm has no idea I'm a software/security engineer. It thinks I'm only into gaming, face plants, and dash cam videos.

[jeffbee]

Shoot, that's practically a monolith compared to the nightmare from which I resigned earlier this year. No way would they have allowed the entire password reset to reside in a single service. It would have been in the password-db-reader service, the password-db-mutator service, and the password-checker-service, among others. Absolutely terrifying and unmanageable.

[spmurrayzzz]

This is the flavor of reductio ad absurdum example I always give when people hype up the "micro" part of microservices. Only meant to be illustrative— I had no idea that any org was actually doing that sort of nonsense, yikes.

[coding123]

Did they do this?

user-registration.api.dev.my-company.com

user-login.api.dev.my-company.com

password-reset.api.dev.my-company.com

or paths by some huge k8s nginx ingress?

[Sohcahtoa82]

They started with the latter, but started shifting towards the former.