We have a python web app that clients interact with and that web app directly interacts with a database. We now have the need to develop an API that merchants will use to get and post data from/in our database in JSON. Should we build the API as part of the web app, meaning that each request will pass through our python web app and then interact with the database or should it be separated?
Further considerations include scalability and the fact that in the future we’ll probably want to develop a mobile app or other services that will also need to communicate with the database. As such, we considered the possibility to build an API as the only point of interaction with the database.
However, we are deeply in the development of the flask web app and change it would mean an huge delay in our schedule and we just wanted to weight in the advantages and disadvantages of both solutions.
These two schemes summarize the options we are considering:
Option 1:
Option2:
As you said both options have advantages and disadvantages.
Option 1 gives you Separation of Concerns. The logic for interacting with your database is abstracted behind a single service. Changes to the type of database you use or the schema you use only requires code changes to a single service. For example, say your platform has expanded and you now wish to cache calls to your database. If you have an API, Web App, and Mobile App all communicating directly with the database they must all be updated to take advantage of the cache. These changes would likely also have to be orchestrated to be deployed at the same time. In reality this is going to involve downtime: most often you see this referred to as 'scheduled maintenance'.
However, Option 1 breaks the Single Responsibility Principle. A service should do a single thing and do it well. In Option 1 the service is responsible for both being an interface to the database and rendering HTML for the web app. Changes to the Web App require you to redeploy the service for the API even though the two are not connected.
The advantages and disadvantages for Option 2 are mostly just the opposites of the advantages and disadvantages for Option 1. Multiple services sharing a database can lead to inconsistency in the data, tight coupling (especially in deployment), and debugging being more difficult.
A common design pattern (which I'd recommend) is a slight modification of Option 1. An API sits in front of the database. This is the only service that interacts with the database. This setup should improve your scalability. It's easy to deploy duplicate APIs and then load-balance requests between them. Furthermore, caching database lookups or changing database technology entirely is a (relatively) simple task. Your Web App, or any other services you develop in the future, interact with the API instead of the database. Here you can reap the benefits of Single Responsibility. It is worth noting that with this design every request for your Web App will have to go through two services. However, the benefits of the design arguably outweigh a few extra milliseconds of latency.
One last thing: kudos for thinking about scalability this early on. You may take a hit now if your schedule is delayed but I think you'll be better off in the long term.
I developed a REST API with go (golang), and now I want to design my web frontend. I don't know how can I separate frontend from backend.
I think that I have three choices:
1- Run REST API on one server and the frontend website on another server.
2- Run REST API and frontend website on the same server, but on different ports. For example run REST on port 8080 and frontend website on port 80.
3- Run Both on the same server and the same port, but use different URL paths (or subdomains) for each one.
As I don't know about this stuff, please tell me which one is true or best solution. Or is there any other solution? Does it matter how big my website is?
Either the first or second options will be mostly the same for you to set up and develop with. So you don't lose or gain anything from that perspective, the only deciding factor is your resources and how you expect your backend to be used in the future.
Currently, if you only have one application/frontend calling on the API, having them be on the same server will be the better option since it will have a marginally increased performance compared to the second option.
But, since you chose a RESTful design for your backend, you might want to reuse it for more applications in the future, and if you expect that the increase in calls to the API will start to use up the server resources, then your frontend might suffer from it and then you should consider relocating the backend to a different server.
The whole microservices, RESTful backend design "pattern" was created to decouple the front and back for better scaling, but that might not be necessary for everyone, you have to estimate the amount of use your application will realistically have and think if you might actually reuse the API elsewhere (or if you want to offer the API for others or not).
In the end, if the first and second option present a similar amount of investment for you at the moment, go for the first one, if not, just keep both front and back on the same server and if in the future you realize you need to scale out, you can just relocate the API to a different server/servers.
When handling autocompletion feature for a form field where every character typed by a user triggers an api call for suggestions, how do you proxy this call to scale?
Direct from java script is not possible due to cross domain restrictions, and not secure because that would expose the api keys.
Moving this to the controller or model, would incur a lot of queries to the server side that would put heavy burden on them when the active user base has reached a certain limit.
Whats the standard industry practice for such a feature?
You'll need to be very smart on the client and on the server.
Use a lot of caching everywhere to avoid extra work. Use CORS or JSONP. And frankly speaking this is a lot of work. Not speaking of Lucene/SOLR being not very autocomplete capable engine.
Btw: look at www.rockitsearch.com . It has implementation autocomple with all the basic features. All you'll need to do is: register and export your data there. And then integrate your widget on your website.
Not sure what you mean by "proxy this call", but in general:
You can use JSONP for cross domain queries. But you pay performance penalty on a client side.
It's OK to query same domain. There is no single answer since topic is very generic. How you scale depends on your infrastructure. If application is designed to scale horizontally you scale just by adding more servers to your servers pool. Which is pretty simple using Amazon or Azure cloud services. It is also important to optimize database queries and indexes so that database responds fast. If user base is big you can even have multiple copies of the same databases to help with performance.
Don't worry about optimizations prematurely since you may never get to that point. If you get it is good problem to have and in this case solution is trivial.
I'm looking for architectural patterns of server-side software, particularly web apps, that have been used for good reason in the real world. Here are some I can think of:
single-server: all parts of the app run on the same server (database, app, web server listening to port 80 etc.)
simple 2-tier: database runs on single server "DB", all other parts in an "appserver" tier, which may contain any number of servers. The tiers communicate via ODBC or such.
of this, variations (how many? can we enumerate them?) include single-master/multiple-slave DBs servers, and multi-master DB servers
3-tier: database runs on one tier, business objects and logic run on a second tier, presentation on a third tier, where 1 and 2 communicate via ODBC and 2 and 3 via some form of remote calls (e.g. RMI)
I seem to recall from some presentation that at one point, eBay had an architecture that had an app tier generate XML, which then was transformed into HTML in a separate tier. Is that common or an oddity?
a bunch of web apps use memcachedb or such to speed things up. A set of caching servers are arguably another tier perhaps?
Could you help me enumerate some of these patterns, or point to places where some have been described?
You might enjoy the decade-old but still relevant classic Building a Large-Scale E-commerce site with Apache and mod_perl. Their tiers were:
Load balancers
Reverse proxies
Web/app servers
Database servers
This is still the blueprint for large-scale sites. Even larger web-scale sites may need something more arcane, but this is the foundation for understanding even them.
Note that they used mod_perl, which means their web servers were their app servers. If you were using Java at that time, you would have run the app servers as a tier behind the web servers (and by 'web servers' i mean Apache, handling HTTP parsing, TLS, and static files; fetching and carrying, but no logic), and connected them with AJP. You might still do that today, but you would be more likely to just use the app servers as your web servers (ie no Apache at all, just JBoss or similar). App servers are now solid enough to do this, and you can rely on the reverse proxies and a content distribution network to do most of the fetching and carrying anyway.
As for a caching tier, the reverse proxies are a caching tier in front of the app servers, but they did app-level caching on the app server machines, with a federated cache (you'd use memcached or similar for this today). I think that's still a viable option today. I don't see a reason to partition your app-tier servers into dedicated app and cache servers; i'd be interested to hear of reasons to do that.
I don't think splitting the presentation and business logic in the app tier is an idea that ever really took off. Some projects probably do it, but i would imagine because of they have architecture astronauts in charge, rather than for any good reason. That said, it is common to have an app tier that makes heavy use of service tiers further back (this is SOA, i guess), and the ultimate extension of that is essentially a presentation/logic split, but with heterogenous logic servers, and the presentation server very much being in charge.
I have heard a lot of people talking recently about middleware, but what is the exact definition of middleware? When I look into middleware, I find a lot of information and some definitions, but while reading these information and definitions, it seems that mostly all 'wares' are in the middle of something. So, are all things middleware?
Or do you have an example of a ware that isn't middleware?
Lets say your company makes 4 different products, your client has another 3 different products from another 3 different companies.
Someday the client thought, why don't we integrate all our systems into one huge system. Ten minutes later their IT department said that will take 2 years.
You (the wise developer) said, why don't we just integrate all the different systems and make them work together? The client manager staring at you... You continued, we will use a Middleware, we will study the Inputs/Outputs of all different systems, the resources they use and then choose an appropriate Middleware framework.
Still explaining to the non tech manager
With Middleware framework in the middle, the first system will produce X stuff, the system Y and Z would consume those outputs and so on.
Middleware is a terribly nebulous term. What is "middleware" in one case won't be in another. In general, you can expect something classed as middleware to have the following characteristics:
Primarily (usually exclusively) software; usually doesn't need any specialized hardware.
If it weren't there, applications that depend on it would have to incorporate it as part of their application and would experience a lot of duplication.
Almost certainly connects two applications and passes data between them.
You'll notice that this is pretty much the same definition as an operating system. So, for instance, a TCP/IP stack or caching could be considered middleware. But your OS could provide the same features, too. Indeed, middleware can be thought of like a special extension to an operating system, specific to a set of applications that depend on it. It just provides a higher-level service.
Some examples of middleware:
distributed cache
message queue
transaction monitor
packet rewriter
automated backup system
Wikipedia has a quite good explanation: http://en.wikipedia.org/wiki/Middleware
It starts with
Middleware is computer software that connects software components or applications. The software consists of a set of services that allows multiple processes running on one or more machines to interact.
What is Middleware gives a few examples.
There are (at least) three different definitions I'm aware of
in business computing, middleware is messaging and integration software between applications and services
in gaming, middleware is pretty well anything that is provided by a third-party
in (some) embedded software systems, middleware provides services that applications use, which are composed out of the functions provided by the hardware abstraction layer - it sits between the application layer and the hardware abstraction layer.
Simply put Middleware is a software component which provides services to integrate disparate systems together.
In an complex enterprise environment, there are a number of challenges when you need to integrate two or more enterprise systems together to talk to each other. Normally these systems do not understand each others language as they are developed on different platforms using different languages (like C++, Java, Cobol, etc.).
So here comes middleware software in picture which provides services like
transformation of messages formats from one app to other,
routing and enriching messages besides taking care of security,
encryption,
validation and
applying different business rules to these messages.
A typical example of middleware is an ESB products like IBM message broker (WMB/IIB), WESB, Datapower XI50, Oracle Fusion, Mule and many others.
Therefore, middleware sits mostly in between the service consuming apps and services provider apps and help these apps to talk to each other.
Middleware is about how our application responds to incoming requests. Middlewares look into the incoming request, and make decisions based on this request. We can build entire applications only using middlewares. For e.g. ASP.NET is a web framework comprising of following chief HTTP middleware components.
Exception/error handling
Static file server
Authentication
MVC
As shown in the above diagram, there are various middleware components in ASP.NET which receive the incoming request, and redirect it to a C# class (in this case a controller class).
Middleware is a general term for software that serves to "glue together" separate, often complex and already existing, programs. Some software components that are frequently connected with middleware include enterprise applications and Web services.
There is a common definition in web application development which is (and I'm making this wording up but it seems to fit): A component which is designed to modify an HTTP request and/or response but does not (usually) serve the response in its entirety, designed to be chained together to form a pipeline of behavioral changes during request processing.
Examples of tasks that are commonly implemented by middleware:
Gzip response compression
HTTP authentication
Request logging
The key point here is that none of these is fully responsible for responding to the client. Instead each changes the behavior in some way as part of the pipeline, leaving the actual response to come from something later in the sequence (pipeline).
Usually, the middlewares are run before some sort of "router", which examines the request (often the path) and calls the appropriate code to generate the response.
Personally, I hate the term "middleware" for its genericity but it is in common use.
Here is an additional explanation specifically applicable to Ruby on Rails.
Middleware stands between web applications and web services that natively can't communicate and often are written in different languages/frameworks.
One such example is OWIN middleware for .NET environment, before owin people were forced to host web apps in a microsoft hosting software called IIS. After owin was developed, it has added capacity to host both in IIS and self host, in IIS was just added support for Owin which acted as an interface. Also it become possible to host .NET web apps on Linux via Mono, which again added support for Owin.
It also added capacity to create Single Page Applications, Owin handling Http request/response context, so on top of owin you can add authentication/authorization logic via OAuth2 for example, you can configure middleware to register a class which contains logic of user authentification (for ex. OAuth2 implementation) or class which contains logic of how to manage http request/response messages, that way you can make one application communicate with other applications/services via different data format (like json, xml, etc if you are targeting web).
Some examples of middleware: CORBA, Remote Method Invocation (RMI),...
The examples mentioned above are all pieces of software allowing you to take care of communication between different processes (either running on the same machine or distributed over e.g. the internet).
From my own experience with webwork, a middleware was stuff between users (the web browser) and the backend database. It was the software that took stuff that users put in (example: orders for iPads, did some magical business logic, i.e. check if there are enough iPads available to fill the order) and updated the backend database to reflect those changes.
It is just a piece of software or a tool on which your application executes and rapplication capabilities with respect to high availability,scalability,integrating with other softwares or systems without you bothering about your application level code changes .
For example : The operating system on which your application runs requires an I.P change , you do not have to worry about it in your code , it is the middleware stack on which you can simple update the configuration.
Example 2 : You experience problems with your runtime memory allocation and feel that the your application usage has increased , you do not have to much about it unless you have a bug or bottleneck in your code , it is easily achievable by tuning middleware software configuration on which your application runs.
Example 3 : You have multiple disparate software and you need them to talk to each other or send data in a common format which is understandable by all the systems then this is where middleware systems comes handy.
Hope the information provided helps.
it is a software layer between the operating system
and applications on each side of a distributed computing system in a network. In fact it connects heterogeneous network and software systems.
If I am not wrong, in software application framework, based on the context, you can consider middleware for the following roles that can be combined in order to perform certain activities in between the user request and the application response.
Adapter
Sanitizer
Validator
I always thought of it as the oldest software I have had to install. The total app used a web server, a database server, and an application server. The web server being the middleware between the data and the app.