Critical for Managing Your Cloud-Native Supply Chain
In a cloud-native environment, where microservices are deployed at scale, Developers, DevOps, and Security teams can’t easily confirm that the software they deliver to end users is safe for consumption. A microservice environment obfuscates application-level security reporting, SBOMS, CVES, impact analysis, inventory, or even knowing whom to call when an end-user reports an issue. DeployHub microservice catalog is a centralized ‘evidence store’ of supply chain data that clarifies these complexities, making what’s hard about cloud-native computing easy.
Learn More
DeployHub Advantages
Unify your DevOps, Security, and Supply Chain Intelligence into one component and microservice catalog tool that…
Provides the clarity needed to govern microservices at scale. Exposes version drift and reduces redundant services.
Collects each component or microservice’s software bill of material into a unified ‘evidence’ store, exposing how open-source packages are used across all applications and deployed environments.
Aggregates component and microservice SBOMs up to the ‘logical’ application giving your teams an easy way to view their application’s SBOM even in a decoupled, cloud-native architecture.
Features of Our Microservice Catalog Tool
DeployHub is a component and microservice catalog tool that provides governance around the software supply chain. It centralizes your supply chain, security, and DevOps data into a unified dashboard connected to your DevOps pipeline. Its unique microservice catalog tool features include:
A Unified Evidence Store of Your DevOps, Security, and Supply Chain Intelligence
DeployHub automates the collection of your microservice’s software composition analysis data (SCA), an essential tool in the DevSecOps toolbox for cloud-native architectures. Your DevOps pipeline produces software composition intelligence, such as SBOMs, but the reports and logs lay dormant under the pipeline hood or siloed across multiple tools. DeployHub’s component and microservices catalog tool collects this critical supply chain and DevOps intelligence so it can be consumed and acted upon in one place. The result, DeployHub makes it easy to answer the question, ‘who is using Log4J, and where is it running?”
Centralize Componet and Microservice SBOM / CVE Data
Moving to a decoupled architecture makes it difficult to view, track, and manage all SBOM data in a single location. Each service has its own SBOM and CVE information. DeployHub aggregates all lower-level dependency SBOMs to the ‘logical’ application providing you a single point of view to see your software supply chain and CVEs. DeployHub provides this level of ‘logical’ application visibility to mitigate the risk of consuming open-source software.
Learn More
Reduce Supply Chain Security Risks with Open Source Package Analysis
DeployHub’s ‘evidence store’ tracks all open-source packages that your components, microservices, applications, and environment depend upon. A simple search option provides a consolidated report showing open-source package usage across your entire architecture. This makes it simple to answer the question, “who uses Log4J, and where is it running?”
Learn More
Component and Microservice Versioning
The one thing constant about microservices is that they change. DeployHub tracks the changes in your microservices including the software composition metadata, ownership, inventory, and how those changes impact other consuming ‘logical’ applications. With DeployHub’s versioning engine you can easily produce difference reports between any two components, microservices, ‘logical’ applications, or environments.
Learn More
Tracking the Logical Application
Microservice Applications are a logical collection of microservices. DeployHub creates a new version of your microservice application when a microservice is updated. It also shows the difference between any two versions of your microservice application.
Learn More
Microservice Catalog Explored Whitepaper
Tame your microservices by displaying them all in one place. Track deployment details, SBOMs, inventory, consumers, version history, and the teams that support them.
Get the Whitepaper
FAQs
How do microservice catalogs work? Here are some answers to common questions about microservice catalogs.
- What is a Microservice Catalog?
- Unique Attributes
- Features
- Who Uses a Catalog?
- For Developers
- For Operations
- For DevOps
What is a Microservice Catalog?
A microservice catalog simplifies cloud-native architecture by displaying all services in one place. A microservice catalog simplifies a cloud-native implementation by providing a central location to find and share thousands of services consistently across all clusters and teams. A microservice catalog facilitates collaboration across organizational siloes, saves money by encouraging reuse, and tames the difficulty common to a shared service architecture.
What are the Unique Attributes of Microservices?
Every microservice is different, and each has its own unique attributes. The attributes include ownership details, consuming applications, transitive microservice dependencies, versions, and inventory across all clusters. The attributes of a microservice change over time, impacting consuming applications and other dependent services.
Microservice catalogs track and manage the attributes, showing the changes over time, and minimizing the time for root cause analysis. They also provide a ‘predictive’ platform for taming microservices even before deployment.
What Features Do Microservice Catalogs Have?
Here is a list of standard features that microservice catalog tools typically contain:
- Microservice Organization
- Microservice Ownership
- Service to Service Dependencies
- Supply Chain Versioning
- Logical Application Supply Chain with SBOM
- Vulnerability and License Reporting
- Microservice Inventory by Cluster
- Deployment Metadata
Who Uses a Microservice Catalog?
The users of a microservice catalog include producers, consumers, DevOps teams, SREs, production support, and supply chain security. The core purpose of a microservice catalog is to provide everyone, from the API developers to the production support teams, with essential information needed to succeed in a shared services architecture.
How do Microservice Catalogs Work for Developers?
Governance catalogs help developers start creating microservices. They focus on registration of the service to a specific ‘Domain’ and track the developers’ tools used to develop and test services.
How Do Microservice Catalogs Work for Operations?
Governance catalogs focus on tracking what is running in production and maintaining service level objectives (SLOs). Their primary goal is to help support teams and SREs maintain their incident response times through ownership information and the blast radius of a problem service.
How do Microservice Catalogs work for DevOps?
Governance catalogs track the software supply chain with versions. DevOps Teams who manage pipelines use the catalog to determine where a service version runs to minimize drift across clusters. Microservice catalogs can also track who consumes the service as a dependency and manage the blast radius of a high-risk service.
Pricing & Plans
DeployHub has a pay-as-you-go pricing model. Learn more about each DeployHub plan.
DeployHub Team’s microservice dashboard is a free version designed to make moving to microservices a painless experience. Our service catalog provides organization, tracking, and visibility needed to succeed in cloud-native development.
Learn More
DeployHub Pro has expanded features designed to organize thousands of microservices across dozens of enterprise teams DeployHub Pro enables teams to share and reuse services, keeping developers, testers, and support teams continually informed.
Learn More
DeployHub Team Sign-up
Sign Up for Our Microservice Catalog
Get the DeployHub Jenkins Plug-in
Integrations
- Helm
- CI/CD
- Syft
- CycloneDX
- SPDX
- CircleCI
- Jira, Bugzilla, GitHub Issues
- Hipchat
- GitHub
- Slack
- Salesforce
- LDAP
- DB Updates
Helm Custom Deployment Actions
Helm can be called to replace the DeployHub default processing engine for performing container deployments. When DeployHub executes the release process, it will call the Helm Chart you have defined as your Custom Action at the Component level. Our microservice catalog includes the version of the Helm chart as part of its overall configuration data. In addition, DeployHub’s microservice catalog can track Key Value pairs and generate override files for each environment to which you are deploying.
Integrating with Your CI/CD Pipeline
In order to continuously gather pipeline intelligence, DeployHub must become part of your pipeline. DeployHub integrates into your CI/CD process using the Ortelius Open-Source Command Line (CLI). The Ortelius CLI gathers supply chain data based on a single pipeline workflow at the build and deploy steps. The build step gathers Swagger, SBOM, Readme, licenses, Git data, Docker image, and other build output. The deploy step records when a release occurs, what was sent and where the objects were sent to.
The Ortelius Open Source Community maintains the Ortelius CLI under the governance of the Linux Foundation’s Continuous Delivery Foundation.
If you are not already generating an SBOM as part of your DevOps Pipeline, DeployHub’s microservice catalog tool integrates with Syft to get the job done.
DeployHub’s microservice catalog tool can consume CycloneDX formatted SBOMs. If you are already generating SBOMs, you will pass the name of the SBOM results to DeployHub.
DeployHub’s microservice catalog tool can consume any SPDX formatted SBOM. If you are already generating SBOMs, you will pass the name of the SBOM results to DeployHub.
Configuration Management for Testing
DeployHub integrates with CircleCI to support microservices continuous configuration management, and continuous deployments built into your CircleCI pipeline. In particular, DeployHub integrates with CircleCI to enrich the CI/CD pipeline around microservices, tracking which applications need to be retested due to a common microservice update.
Critical to the process is the ability to perform versioning and tracking microservices across clusters and teams and map them to ‘logical’ Applications. DeployHub’s CircleCI Orb includes the ability to perform automated version and dependency management of microservices tracking application and microservice relationships, their versions, and their deployment metadata.
Tracking Change Request and Issues
DeployHub integrates with Jira, Bugzilla, and GitHub issues to track your change request at three levels: Component (microservice), Application, and Release (collection of Applications). You define Jira, Bugzilla, or GitHub through an object called a ‘data source.’ Once defined, you can pull change request from your issue system and assign them at any level for tracking. When change requests are managed this way, you have a continuous feedback loop showing when the issue was opened and when the customer received the fix.
HipChat as a Notifier
DeployHub’s microservice catalog tool allows you to send notifications using Notifiers via HipChat Groups, Topics, or Room features. Notifications are defined to Components and Applications and inform the recipient(s) of the Component or Applications deployment’s success or failure.
GitHub as a Binary Repository
You can configure DeployHub to call out to a Git Repo to pull deployable artifacts (binaries, scripts, etc.) as part of your deployment. The process will check out your deployable artifacts based on commit, branch or tag specified.
Slack as a Notifier
Slack can be integrated with DeployHub using Notifiers. Notifiers can be called to report on success or fail status of deployments.
Tracking and Deploying Salesforce APEX Classes
If you are developing your Applications using SaleForce, this integration will allow you to support SalesForce deployments. By creating this Custom Action you can replace the DeployHub standard deployment processing engine and instead use a process designed specific to Salesforce including the mapping of DeployHub Environments to different SalesForce regions such as testing, pre-production, production, where the class and package files can be deployed.
LDAP or Active Directory to manage Logins
DeployHub allows you to use LDAP or Active Directory to manage your User logins. The integration creates an LDAP Data Source to access an LDAP database and use the information stored to gain access to DeployHub. It also populates the Users General tab with Real Name and Email, which it gets from the LDAP database. When you define a User, you associate the LDAP authentication method. At login, DeployHub checks the User’s authentication method to determine if LDAP or Active Directory should be used.
A microservice catalog tool would be incomplete without managing the important database parts, particularly for poly databases. You can publish your database updates to the microservice catalog, tracking and versioning your data changes. DeployHub has a unique type of Component for database updates allowing you to manage your database with roll-forward and rollback processing. Check out the ‘version jumping’ DB Demo.