Broadleaf Microservices
  • v1.0.0-latest-prod

Production Considerations

Scalability

Broadleaf Commerce scales horizontally with microservices and is ideal for cloud-based environments, especially those leveraging Kubernetes. In addition, Broadleaf’s Flex Package technology has been proven to enable the deployment of a large microservice architecture that can fit into any budget. The Scalability section outlines general guidance around where to start with your particular implementation.

Camel Cluster Service

Several parts of the Broadleaf ecosystem utilizes a Cluster Singleton Pattern to ensure that certain functionality is performed in an exclusive manner. In order to do this, Broadleaf uses Apache’s CamelClusterService which includes many backing implementations out-of-box. Learn how to configure the appropriate backing implementation for Non-Local environments when deploying to a Kubernetes cluster in the cloud.

JWT Public & Private Keys

Broadleaf makes use of private and public keys in services when signing and verifying the JWT tokens that are issued. This allows us to be sure that the tokens were issued by one of our services and have not been manipulated by a third party. The Generating Private and Public Keys for JWTs article will be a reference on a simple way to generate keys that are compatible with our services.

Data Encryption Keys for 3rd Party IDPs

Broadleaf allows defining configuration properties for 3rd Party Identity Providers (IDPs) in the admin and persisting them in a database. One of the properties that should be stored is the client secret for interacting with the 3rd party’s APIs. This should be encrypted during persistence and decrypted during retrieval. Generating Database Column Encryption Keys covers a simple way to generate this key.

Configuring Server to Server Client Credentials

The following Updating Client Credentials guide will show you how to override the default credentials.

Enabling Caching

The Caching guide shows you how to enable the out-of-box Ignite caching mechanisms, how to identify & override each service’s relevant cache instances, & describes how enabling these caches will affect the memory footprint of your deployment. This guide also communicates how you would go about replacing the out-of-the-box Apache Ignite support with a different Spring Cache compatible cache implementation.

Disabling the Creation of Default AdminUsers & Customers

Broadleaf provides the ability to create default/demo AdminUsers and Customers. While these users can be helpful in non-production environments, they should not be present in production environments. To disable the creation of these users, the following AuthenticationServices properties must be declared:

broadleaf:
  auth:
    data:
      load:
        default-users: false
        default-master-global-admin-user: false