InfoQ Homepage Microservices Content on InfoQ
-
/articles/dpop-key-storage-unsolved-problem/en/smallimage/dpop-key-storage-unsolved-problem-thumbnail-1777296488937.jpg)
The DPoP Storage Paradox: Why Browser-Based Proof-of-Possession Remains an Unsolved Problem
DPoP closes a real gap in OAuth 2.0. Sender-constrained tokens are a meaningful upgrade over bearer tokens for any client that can implement them. But RFC 9449's silence on browser key storage creates the need for an architectural decision that each team must confront deliberately — there is no safe default that works everywhere.
-
/articles/spring-team-spring-7-boot-4/en/smallimage/spring-team-spring-7-boot-4-thumbnail-1775634533622.jpg)
The Spring Team on Spring Framework 7 and Spring Boot 4
InfoQ recently spoke with key members of the Spring team about the significant architectural and functional advancements in Spring Framework 7 and Spring Boot 4. This conversation explores the strategic shift toward core resilience by integrating features such as retry and concurrency throttling directly into the framework, alongside the performance benefits of modularizing auto-configurations.
-
/articles/beyond-rag-context-aware/en/smallimage/beyond-rag-context-aware-thumbnail-1774531119239.jpg)
Beyond RAG: Architecting Context-Aware AI Systems with Spring Boot
This article introduces Context-Augmented Generation (CAG) as an architectural refinement of RAG for enterprise systems. It shows how a Spring Boot-based context manager can incorporate user identity, session state, and policy constraints into AI workflows, improving traceability, consistency, and governance without altering existing retrievers or LLM infrastructure.
-
/articles/evolution-backend-streaming-application/en/smallimage/thumbnail-evolution-backend-streaming-application-1766049421558.jpg)
Building Streaming Infrastructure That Scales: Because Viewers Won't Wait until Tomorrow
In streaming, the challenge is immediate: customers are watching TV right now, not planning to watch it tomorrow. When systems fail during prime time, there is no recovery window; viewers leave and may not return. One and a half years ago, at ProSiebenSat.1 Media SE, we faced the challenge of scaling streaming applications for international users.
-
/articles/green-microservices/en/smallimage/green-microservices-thumbnail-1753175502128.jpg)
Understanding and Mitigating High Energy Consumption in Microservices
Microservices often consume more energy than monoliths due to distributed overhead. Architects can make design decisions that improve sustainability. This article covers several techniques, such as defining clear service boundaries, optimizing service granularity, using energy-efficient deployment regions, and consolidating workloads.
-
/articles/cloud-prem-architecture-challenges/en/smallimage/cloud-prem-architecture-challenges-thumbnail-1750753890389.jpg)
Engineering Principles for Building a Successful Cloud-Prem Solution
Discover how Cloud-Prem solutions combine cloud efficiency with on-premise control, meeting data sovereignty and compliance demands while optimizing operational costs and enhancing customer security.
-
/articles/microservices-traffic-mirroring-istio-vpc/en/smallimage/microservices-traffic-mirroring-istio-vpc-thumbnail-1749024388746.jpg)
Using Traffic Mirroring to Debug and Test Microservices in Production-Like Environments
Traffic mirroring has evolved from a network security tool to a robust method for debugging and testing microservices using real-world data. By safely duplicating production traffic to a shadow environment, teams can replicate elusive bugs, profile performance under actual load, validate new features, and detect regressions, ensuring that production remains isolated and user experiences intact.
-
/articles/mocking-grpc-microservices/en/smallimage/thumb-Mocking-gRPC-in-Spring-Boot-Microservice-Integration-Tests-with-WireMock-1747815761895.jpg)
Mocking gRPC in Spring Boot Microservice Integration Tests with WireMock
Mocking gRPC services allows you to validate gRPC integration code during your tests while avoiding common pitfalls such as unreliable sandboxes, version mismatches, and complex test data setup requirements. Learn how to use WireMock’s Spring Boot integration to mock gRPC services.
-
/articles/flow-metrics-microservices/en/smallimage/flow-metrics-microservices-thumbnail-1742824163851.jpg)
Applying Flow Metrics to Design Resilient Microservices
Software design with resilience is an acknowledgement to the reality that everything fails. We put metrics in place to help us detect and resolve such problems and failures. Flow metrics, commonly used to measure how well teams deliver software, can be used to measure and improve system resilience.
-
/articles/reactive-notification-system-server-sent-events/en/smallimage/going-reactive-server-logo-small-1732018386771.jpg)
Reactive Real-Time Notifications with SSE, Spring Boot, and Redis Pub/Sub
Explore the power of reactive programming for building scalable real-time notification systems. Using Spring Boot Reactive and Spring WebFlux, leverage non-blocking operations to handle high-volume, asynchronous data flows efficiently. Discover how Redis Pub/Sub enables event-driven messaging and how the SSE protocol provides persistent connections for instant client updates without polling.
-
/articles/cell-based-architecture-adoption-guidelines/en/smallimage/cell-based-architecture-logo-small-1730198054924.jpg)
Cell-Based Architecture Adoption Guidelines
The challenges in building modern, reliable, and understandable distributed systems continue to grow, and cell-based architecture is a valuable way to accept, isolate, and stay reliable in the face of failures. Organizations must ensure that the cell-based architecture is the right fit for them and that the migration will not cause more problems than it solves.
-
/articles/cell-based-architecture-application-security/en/smallimage/cba-security-small-1729762783227.jpeg)
Securing Cell-Based Architecture in Modern Applications
Securing cell-based architecture is essential to fully capitalize on its benefits while minimizing risks. To achieve this, comprehensive security measures must be put in place. Organizations can start by isolating and containing cells using sandbox environments and strict access control mechanisms like role-based and attribute-based access control.