Randomizing Strings In A Microservices World
On 10/12/2019 03:35, Tim Daneliuk wrote:
> On 12/9/19 8:50 PM, Paul Rubin wrote:
>> Tim Daneliuk <info at tundraware.com> writes:
>>> - Imagine an environment in which there may be multiple instances of a given
>>> microservice written in Python.
>> Decide the maximum number of microservice instances, say 1000. Chop up
>> the 10 digit range into 1000 pieces, so 0..999999, 1000000-1999999, etc.
>> Give one range to each microservice instance. Then have the
>> microservices give out the numbers sequentially, but treating them as 10
>> digit numbers and encrypting each one under a 10 digit pseudorandom
>> permutation shared by all the instances. Look up "format preserving
>> encryption" for how to do this.
>> Obvious variants of the above are obvious, and maybe you need some way
>> to hand around chunks of range if some instance gives out more than a
>> million numbers.
> The problem here is that the services are ephemeral and the number of said
> services is not fixed.
Hm. Normally I'd mash together the MAC address of the interface and the
process ID of the service (or whatever individual identifier
microservices have -- indeed, whatever microservices *are* :-), but ten
digits is a bit few for that. So you want some variant of Paul's approach.
* I assume there are a number of machines providing these services.
Give them unique numbers -- I'm guessing three digits should be enough
for that, but you know your own setup better. How you assign those
numbers is up to you; a config file in /etc, a Windows registry key, or
some broadcast protocol that the machines use to dynamically configure
themselves are all options that spring to mind.
* On each machine, something must spin up services when they are needed.
That something will be in a position to assign a unique number (within
an individual machine) to each service. So do that, using whatever
digits you have left after the unique machine number.
* Mash these two numbers into a single ten digit identifier.
Rhodri James *-* Kynesim Ltd