Design Considerations - yibinericxia/documents GitHub Wiki
Design Considerations
Security-first Event-driven Design
The design trend has already be shifted from service-centered monolith to data-centered microservices and data security is becoming the most challenging task, we suggest the security first and event driven design methodology for the most designs. APIs consist of Async and REST ones depending on requirements.
The Twelve Factor App Methodology
The Twelve Factor App is a set of well-known practices for companies to design and build SaaS apps with considerations of portability, scalability and resilience
3-tier Architecture & Technology Stacks
The 3-tier architecture is a popular client-server architecture which consists of the following 3 tiers:
- presentation: build with HTML, CSS and JS/TS, it is deployed as a client through a web browser or web-based applications via web frameworks.
- application: hosted on distributed servers in cloud or on-premises, it takes the user inputs from the presentation tier, process and save data into the data tier, and delivers the business services back to the presentation tier.
- data: also referred as storage tier, it provides the database services via relational or NoSQL databases.
Each tier runs on its own system platform and forms the technology stacks depending on its technology options, such as
- PERN: Postgres db, Express, React and NodeJS
- MERN: Mongo db, Express, React and NodeJS
- MEAN: Mongo db, Express, Angular and NodeJS
NodeJS and Java/Spring are two main options in the application tier. To use which one mostly depends the team/individual experience and may also be affected by the nature of business services, such as performance, I/O, etc
- NodeJS: I/O intensive application services (no multi-threading)
- Java/Spring: CPU intensive application services
Cloud Infrastructure
Ingress Controller for Kubernetes
Ingress controller, such as Kong Ingress based on Nginx, provides external facing interface for services, a API gateway routing API endpoints.
Service Mesh
Load balancer service directs traffic to pods and with service mesh, for example Kuma based on Envoy, all the service to service communication can be handled smoothly for all pods in a cluster or cross multiple clusters.
Cluster, Pod, Container
A cluster contains multiple pods and a pods may have multiple containers. A container is a process or application unit.
In-memory Caching & Clustering
Redis
Redis is an open source IMDB (In-Memory Database) focuses on data storage.
Memcached
Hazelcast
Hazelcast IMDG (In-Memory Data Grid) is an OSS which store data in RAM, spread/partition and replicate it across the cluster for sharing, and perform computations in parallel with high speed. It supports auto discovery of cluster nodes (members) and can be deployed in two ways: Embedded or Client/Server. Embedded Hazelcast is for async or high performance computing as it has low-letency data access, however it Hazelcast member libraries are only available in Java and scale along with the application. Client/Server Hazelcast has better scalability as client and server scalability can be address independently, and clients can be written in many other languages. Its CP (Consistency & Partition resistance) Subsystem build a strongly consistent layer using Raft consensus algorithm and FencedLock for distributed data.
Example applications includes simulations, payment processing, e-commerce engines, event notifications, etc.
The file hazelcast.yaml in application may look like something below:
hazelcast:
cluster-name: yourHazelcastClusterName
network:
join:
multicast:
enabled: false
kubernetes:
enabled: true
# comment out the following if DNS lookup mode is using for auto discovery
# service-dns: yourHeadlessServiceDNSName
# partition for data loss prevention
partition-group:
enabled: true
group-type: NODE_AWARE/ZONE_AWARE/HOST_AWARE/CUSTOM
# define members below if HOST_AWARE or CUSTOM is used
# member-group:
# - - 10.10.0.*
# - 10.10.3.*
If your Kubernetes cluster uses RBAC (Rule Based Access Control) and you do not use DNS for member discovery, you can apply RBAC configuration in a file rbac.yaml. The feature of Graceful Shutdown with JVM parameters can also be used to prevent the data loss when scaling down.
Session Persistance
High traffic websites requires multiple instances of the application running in parallel which can pose an out-of-sync issue if each instance keeps an isolated copy of its session data. Sharing session cache can be used to avoid this issue by JCache API with Hazelcast implementation