Microservice Monitoring, Fault Tolerance, Access Security, and Container Technology Overview

In a microservice architecture, comprehensive monitoring is essential to quickly locate failures; the article introduces three main monitoring categories—log monitoring (using the ELK stack), call‑chain tracing, and metric monitoring based on time‑series databases.

Log monitoring collects unstructured event data from applications and infrastructure, typically using Elasticsearch, Logstash, and Kibana, with Kafka as the ingestion queue.

Call‑chain monitoring tracks request flow across services, defining core concepts such as Trace, Span, and Annotation, and discusses open‑source solutions like CAT, Zipkin, and Pinpoint, comparing their features and suitability.

Metric monitoring focuses on quantitative indicators (Gauges, Counters, Histograms, Meters, Timers) and relies on time‑series databases such as Prometheus, OpenTSDB, and InfluxDB, describing components like PromQL, Alertmanager, and integration with Grafana for visualization.

The article outlines a layered microservice monitoring architecture: system layer (CPU, memory, network), application layer (service health, interfaces), and user layer (business‑level metrics), highlighting key indicators like latency, request volume, and error rate.

Fault‑tolerance isolation is presented as a way to limit the impact of service failures, covering risk types (single‑machine, single‑datacenter, cross‑datacenter) and mitigation strategies including timeout, rate limiting, degradation, asynchronous buffering, and circuit‑breaker patterns with states Closed, Open, and Half‑Open.

Hystrix is introduced as a popular open‑source circuit‑breaker, with a step‑by‑step flow diagram illustrating request wrapping, execution modes, cache checks, circuit‑breaker state evaluation, thread‑pool limits, remote call handling, and monitoring collection.

For microservice access security, three models are described: API‑gateway authentication, service‑side autonomous authentication, and token‑based authentication (OAuth2.0). The OAuth2.0 flow, token types (Access Token, Refresh Token, JWT), and four grant types (Authorization Code, Implicit, Resource Owner Password, Client Credentials) are explained.

The article then shifts to container technology, explaining why containers solve environment‑consistency and deployment challenges, contrasting them with virtual machines, and detailing the underlying Linux mechanisms—Namespace for isolation and Cgroups for resource limits.

Container images are described as layered root filesystems (rootfs) built on UnionFS, with immutable lower layers and a writable top layer, enabling reusable base images and efficient distribution.

Finally, container orchestration platforms such as Kubernetes, Mesos, and Omega are mentioned, and the article concludes that the presented concepts give a solid foundation for understanding microservice monitoring, fault tolerance, security, and container‑based deployment.