Supporting micro-services deployment in a safer way

The SOA ecosystem has drastically evolved since its childhood in the early 2000s. From monolithic services, micro-services now cooperate together in ultra-large scale systems. In this context, there is a tremendous need to deploy frequently new services, or new version of existing services. Container-based technologies (e.g., Docker) emerged recently to tool such deployments, promoting a black-box reuse mechanism to support off-the-shelf deployments. Unfortunately, from the service deployment point of view, such form of black-box reuse prevent to ensure what is really shipped inside the container with the service to deploy. In this paper, we propose a formalism to model and statically analyze service deployment artifacts based on state of the art deployment platforms. The static analysis mechanism leverages the hierarchy of deployment descriptors to verify a given deployment, as well as rewrite it to automatically fix common errors. The approach is validated through the automation of the guidelines provided by the user community associated to the reference Docker engine, and the analysis of 20,000 real deployment descriptors (hosted on GitHub).