Summary
Notes
Transcript
But what is the deployment mechanism? Like for example, in Azure, So There seems to be a tiny little bit of a cloud. In cloud there are Three things that you can do, right? The one is Software as a Service And the other one is Platform as a service. And the third one is... Infrastructure. So give me an example of software as a service in cloud. Netflix. Yeah, I think that is a good example. I was thinking more on the thing, but that's a good example.
Uh, Office 365Oh. Black phone. Yeah. That is software as you said. Because you don't go and provision anything. You just pay per user $10. The infrastructure to run Office 365 is completely abstracted away from it. Right. Now,Jimmy, he's also a software as a service, right? If you're going to Jimmy Redford, you pay per user fee, and then you really don't care. They'll provide. They may give you limits to charge you more, say, 25 terabytes, I mean, gigabytes or something.
So if you look at Berthel, It's a pass. It's a pass. Why is-It's a hosting platform. Yeah. But-AWS has both pass. Which one? AWS. No, AWS has both. In AWS, you can put it in there-Infrastructure as well as-Yeah.
They are pure pass play. Netlify. Netlify. They're not pass plays. Because in that, what you're saying is that, hey, I want a web server, but you don't go and install anything. Like they install it for you and then if your thing increases they'll scale it for you. But you pay for it of course. But you don't go and administer anything. Same thing in AWS, what is the code in AWS service thatElastic, yeah, elastic piece.
That's also something. You just say, "Okay, I want to deploy the web server," and they'll tell you what capacity, and they'll also tell you how if you want to scale it, they'll increase the number. And you don't go and install anything. You don't install the operating system, you don't do anything, you don't do the patching. That is Black Partners of Service. But the application you have to write, right?
In the SAS, they wrote the application for you, which is the email. You're just using both the application as well as Your infrastructure is abstract and which is SaaS. But whereas your infrastructure is abstracted, but you write the application and deploy it, that is, That's fun. When they give you their data center and you deploy a virtual machine, you do the patching, you install everything, and you put the application that is called?
Interesting. So that you can think of as I'm renting the cloud. but they put the machine. So I said, "Hey, I need a Linux VM with four core." 16 RAM and one GPU, whatever. And then they'll provision it for you and charge you for it. They don't patch it. They don't install any kernel. The basic thing, Linux, you can say Linux, whatever version you want. But you write the application, you manage it, you put it in packs, you do everything.
You just, you're renting that and they charge you on a hourly basis. Yeah, and like, when it's an on-premise, right, you buy for $5,000 a server, nobody charges you by hour. In cloud, You'll pay. Ten cents. An hour, but whether it's running or sleeping, but now they have certain things where they'll reduce it if you shut it down. All kinds of things, but it's still something The good. So there are pros and cons to everything.
If you want total control on what you want on your hardware, you go for infrastructure as a service. But if you don't, like let them patch it. Let them do the Linux patching. I will just deploy the thing, then you go for platform and service. But you just want to buy a solution, you don't want to build anything, but use it and pay? That's software as a service. In our case, You have two options. Right, and I don't mind either of them, but I would advise platform as a service because it's less complex.
Since we are not working on the infrastructure here, pick a platform as a service and deploy your application. In Azure's case, it's Azure App Service. and elastic bean stack from AWS. God knows what's in the Oracle. I don't know. That's why I was curious. what they have. Four. Okay, so we did We didn't go very far, we were just talking so many times. so we get some good things This is, I think here, IAT you get some cool stuff So the video that you sawYou can tell it's age-generating.
I think we covered this. Yeah, so that's what we mean by, and this is what we're going to be focusing more and more. Unfortunately, you're going to need a friend end to demonstrate this, but in our first thing, what we're going to do is use things like postman to say. So what you'll do is you'll build a backend that handles the processing and the logic connect to the database and So... There are many other So tell me, like a See, there are content publishing applications.
What press? Good. WordPress is used by 43% of the people.
Controller gets the data. And the view, you bind the model to the view. Here it's done literally, but you will say here's the view, bind it with this name and then it automatically binds. And this one is the client-side component. Because what happens, nothing goes to the server. When you click on the button, It The state is stored in the dorm and it just gets Included. Incremental, right? Nothing goes to those things.
So what is the difference between this And the previous one I showed you with theWith a PHB. In the PHP also I said $products and then say get products, right? And then I was binding it to the HTML on the client side. difference here This whole thing is being executed on the server side. So what is the difference that you see here? The product ID is No, yeah, that's just it really, the key. But Structurally, what is different?
HTML. But that's the difference under server-side compliance. Whereas on the thing where data is returned and then you do the binding on the client side. But here, the entire thing is done on the server. And you just simply return the HTML. And all that the client has to do is display the HTML. And if you look at the description, it tells you where it used Because when you have a DOM, you have access to the DOM element.
When this whole thing is returned by the server, you don't have access. object model, right? So, if all you're doing is displaying a grid and you do not want a JavaScript interactivity, this is much more efficient. And there is another reason where you don't want people to see what you're returning. You just want the HTML. Because you don't want to look at the document object model, what happens to the binding and all.
Right branded And then you enter yourUser ID. And fast food. So what happened? So that is the server side, the server side will take this And then Call the Okta. With, uh... Afterhand is all your application does. And then what it does is it returns AOkay. And the token says that It is. The person, the password is right, right? So first thing is he takes the password and then Okta will say that, okay, ask him for secret questions if it's a multi-factor communication.
So like I mentioned, there could be reasons where you may There will be an option, can I run it on the browser or can I run it on the server? The one I showed you, the results, there are two options, right? I could have just sent the JSON and did the client to do the binding or I could have returned the entire system. So when I do the server, it will be much faster, but then you lose interactivity.
So if you think that I want to get all the others. Right? Without any interactivity, a service aid would be better. But on the other hand, If you want to kind of iterate through each this thing with a button that says get details of the order, then it's better to get that and use the Rent and handle them. Because in the front end, for each row, you'll have a button that says click on details. And then you can either make another JavaScript call to get the details, or take the whole thing and filter the details So if the grid is completely, doesn't require interactivity, and you want it very fast, then the server side rendering makes sense with the full HD.
When? Like for example, I have a webpage where there is the orders grid. Can I make a call directly to the database. from the web page to get the list of orders and display. No.
Because all I can do is make a single connection, put the password, everything. The reason I'm telling you this is so that you understand the importance of the bag. So what you do is you just simply send the request to get the data. Now the back end now looks at authentication, roles, and all other things, business logic, and only it has access to the database. As a matter of fact, you lock down your database server to say only the business logic back end server can access.
When I said API, it should talk to an endpoint, right? And what do we call that? That's the back end server. Yes. And what does backing server talk to? Data base. Data base. So how many servers do we have now?
Data, static content, everything. And where does that thing get it from? Thanks, Jim. No, that's the delivery. It's different uses, but where does it get it from? From the server. And what server is that? That's a back end server. And what does back end server need to get the data that the front end-Thank you. So those three things or the crucial. It could be other intermediate things. But as a minimum in your application, You'll have aInvention server.
So we need to understand this because this is one of the most important things so that you understand the design, right? So what we're saying is I have a good server, right? Front end, one, two. Time to end. Two. I have some kind of a gateway I have backhand one. Two, three. And then Then what do I have? David? Yes. Because when it processes the business logic, it needs to get the data and then it gets it and then it sends it back to whoever called.
That's why we cannot do it. But cache is not relational database. Cache is a bunch of things that you write for quick access. If cash changes want to help to re-infresh the cash, the whole cash, So, Redis is always distributed cache. A great example is product catalog, right? We'll have 10,000 products. You put it in a distributed cache. Whenever I want product information, I just will get it from the cache.
Whenever a product information change, which is very rare, I go and flush the cash If it is an append, I can append only cache, but if it's a product, I have to flush the cache. Right? So, I can... Create caches consistent across all. Unlike database, the database is, okay, I put an entry, I have to make sure that entry is available. But cache, wherever cache, that same cache, when the cache changes, I flush the cache anyway from that.
How can we avoid that? And that's only that you're going to do that. In your existing, in order to avoid that, What typically can be done Is schema based in the world? So what do I mean by that? You first define the schema. In the schema you say, here is what the D sign is going to look like, right? And that schema is bound by both the front end and the back end. So the front end guy, irrespective of how it is built, will assume they're going to get this schema.
And they can build it. And it's the responsibility of the backend guy when they really build it, Two. deliver an output that is in compliance with the SCIS. So what the front end guy can do is they can create some sample data that complies with the JSON and build a front end, right? Because as soon as they plug into the API, they're going to get exactly the same JSON. So schema-based development is the best Wait.
So You can generate it. So what this is, again, this is not required, but you can do this for anything, right? If you specify a schema What this tool generates it will generate the client for you. In any language. What do I mean by that? So here is the schema, but that schema has to be in the open API specification. There's a specification which is universally accepted. Yeah, so What it does is, you can, there are some tutorials, right?
This is what we call OpenAPI description. So I would like you to do this. Either using QLO or anything else where you come up with open EBS specifications. But if you use a tool like this, if you come up with this, You can do a command line and create a Java line. and then we'll create Yeah. In Iran, It'll be in the client. In the folder What do we mean by "Create the Plan"?
Otherwise you can write the code with Java, creating objects and things. But if you define the specification, you can use this thing to create the client. I'm not suggesting you should use this. You can very well go create a Java backend API by traditional way, creating objects and creating A method goes to get and-But this one will do it for you, but you put more effort where?
It's unbelievable what happens. If you ever get a chance, go read what all happens. First thing it comes and it hops to multiple places to find out a DNS server to resolve where it came from and then finds the closest thing and then goes to the internet service provider and who then... It's amazing with all that you still get the web pages. Internet is an amazing thing. Think about, you're typing a URL, And based on the URL, Somewhere in Arizona there is a web server that you have to find A whole bunch of routing happens, hopping, hopping, oh, where is the closest server?
So you'll be, this is very important, we are going to try all this in your API because that's what you will have to get Like post Right.
type of pizza content content.
So the type of data is like a, is it a text or a G sign? Image. So that's one. And what is that authorization barrier? So when you do, in your case you won't be doing it, but when you want to test a well protected API, right, which requires authentication, the trick is you just dedicate somewhere and then Go to the header and get, if you go to the F12, it'll show you the token, right? You copy the token.
Yeah, that's, even if you put it in HDD base, it may say that. Why? Because what happens is there are very few trusted security key providers. Name one of them to me. Very signed, like the example. There are reliable, trusted certificate providers. And what you do is you get a key from them. is private key. And a public key pair, right? and then in your web server You encrypt Using your private key.
And because you've gotten the certificate from a trusted provider, That's what I'm saying. The HTTP journey is a very amazing journey. So it goes and finds the DNS. and looks for your certificate publicly, Decrypted and rendered. Here you go. So what it does is it prevents people-if we send a plain text, they'll know where it's coming from, and then they can hack. So what it does is When you send a data through HTTP.
You can make your own key, public key, private key. That's when you see this red sign. This key cannot be trusted. It's because it doesn't know it comes from DigiSign or this. So even though you did it, Because people can just create bogus keys and do things, right? So they want you to come from a reliable certificate provider. And so what you're doing is you're taking your web traffic, you're encrypting it using a private key, which only you have.
You cannot have an object that doesn't have class that's not in the same, I'll get to things in Jolla that The framework tells you how to build. And then if you want to build a component, this is what we're doing. So those are all the framework guidance. So Each framework has its own strength. And preferences. And primarily it's references. Some people like it, you know, I don't like some frameworks.
Some of them based on logic, but some of them is based on personal, hey, I like the way these thingsYeah. Do you guys use dependency injection in Java? I like that. That's why I like C#. This object-oriented. You can do separation of concern, dependency injection, interfaces, those kinds of stuff.
None of those things in Python.
Yeah, and the hard code type of JavaScript people don't like that either. So I think it's that you look at what you're doing and what you're building and what's out of the box. Like sometimes even the domain that you work, Like, you know, there's a lot of banking application in Java, right? So you can get a lot of artifacts from that if you're working in the-so the kind of industry that your input may-The community can make a difference.
You'll find it a lot easier to do it. Seesaw. My .NET is a framework. You cannot do Java. You can do it. C sharp. You can do TypeScript also. So, that means C# is clear. Yeah, so, you know, Caleb Liddy ecosystem and Java I find it hard to get started. Set. Once you get it, you get it, but you don't spend time. The easiest one is Baitan. And that was good.
But JavaScript, you can get it. You may get it wrong, but you can get it. Bastard. But because of the lot of constraints on the Java objects and embedded ends, you need to learn a lot of those things to become a good Java programmer. That's why people just jump to TypeScript and JavaScript because you can write anything. Just click the variable, write functions, and it'll Good at not getting work. And then tooling, right?
You don't have to buy more servers. You don't have to buy more servers. Because in the first place, that server was a huge server, had eight cores and 32 gig RAM. And you put an application, and it only needed two core and six-So maximize it So... Instead of buying another server for another application, I split it. So I can use the same hardware The run. So that I don't have to buy another suit. So primarily Utilization of the server's resources is the driver behind optimizing the server.
Okay. So you have two options-buy a small server, buy 10 at that,It just shouldn't be a wine sale. And only that. Some of them may need eight core, another one need four. So are you going to buy one with eight core, another one? No. So you buy a 32 core with-256Wrap and then slice it. and say, "Hey, here's a virtual machine in its own operating system And with its own dedicated thing. And then if one thing crashes, the other one will still work.
Yeah, you can distribute that one reason but the bigger reason is Just as we made Flaubert more efficient by You're using the resources. Now people want to go with one more level of pieces. Sober? One hardware, right? One. Virtual machine splitting the resources. but on a different operating system. Container. Same operating system, but isolate your application. So now I can run multiple nodes, multiple containers within an operating system.
So I run multiple virtual machines. I ran a multiple applications containerized on a single operating system. So I'm further leveraging my virtual machine to run multiple applications. But without the operating system, has its own, right? The moment I virtualize, not because it's cheap, now I have to create everything for the operating system, I have to replicate it. But in a container, I use the same operating system, but I use the same resources, As long as all the containers run on the same operating system.
I cannot run a Linux in this and Windows on the same VM, right? So that is to further optimize the virtual machines to make effective use of the resources without the overhead of operating system. And of course, the disadvantage is that you're using the same operating system kernel, right? faster and multiple things running, but of course, In the operating system crashes, all your containers crash, right?
So they're dependent on the operating system. Whereas if the VM, one operating system on the other VM crashes, the next one will still run. But so there are pros and cons. Container installation is another way of optimizing your hardware resources by running on the same operating system on a virtual machine in an isolated environment. for that application. That's what contained it. containers And then what happens is that in a Kubernetes cluster type of thing, you have three or four, five machines.
And multiple containers running And then I can say, hey, this node requires five of them. Then I can run two containers in one machine, another two. And then as soon as one container dies, I can automatically restore it on another one. It gives you... Tremendous amount of flexibility because they are packaged as a container. I can spin up a container like this on a machine anytime without having to deploy anything because it's all fully deployed and ready, the image.
Right, you guys go and pull an image, it comes from Docker, you have to do nothing. There are overheads to it, but it makes scaling very easy. And then distributing in a cluster, I can say this business logic I run on five containers and these two virtual machines with three nodes here, two nodes here. So I can mix and match and optimize my resources where I make full use of my hardware. I can do fancy things.
So that's what this is. Yeah. So. ExpressLike if you do not want any opinion framework and you primarily want to work with JavaScript, Express is very good. And by the same token, it is probably one of the most difficult things. Everything has to be written in JavaScript. I like the front end. Yeah, they have some libraries. It's not something that... I'm a big fan of it. But then there are people who love JavaScript to death.
They want to do front and back and everything in JavaScript, and this is the-the best Yeah, so Thank you. The thing about Java and other things is that, like C#, right? Man. We did it one line. You can load it with things that-which you would write underlines in JavaScript code. They're packaged with libraries where you install the library and make a call to it. Authentication library. Just install it and then call the library to send a request.
So you don't see any packages because it's the NPM Express and Node.js. So if you're doing pure JavaScript, You can get away with this, but you may still add like a node mon or something package to monitor like you do want live monitoring let's say you make a change in your code you save you immediately want the UI to reflect the change right like let's say you run an NPM application and it runs and you go make a change, you save it, If you want Without having to stop the server and restart the server, there are certain libraries.
So in each one of those, Like, uh... There are The domains that If you look at it, what it's trying to do is it's doing a drone delivery. So the centerpiece of this is the drone management, right?
And now in each of these, Now, when you do a drone management delivery, Now there isThese, like you need to have accounts, so that's a domain. Now why is it separate domain from drone management? The drone management is the ultimate functionality that you want to deliver, right? But now, how do you create different domains? And why do you create different domains? Because what you want to do is you want it to be a loosely coupled system.
With most of the time when we do microservices, so what is the purpose of even creating a microservice is to kind of decouple things. And then what we call Um... like loosely coupled services that I can independently develop and then compose. That's how we want to do the architecture. Why do we want to do this? The reason we want to do that is Good day. If I make a change to one of the things, I don't want to redeploy the entire application.
Right. So if I decouple it, Then I can make one of the changes as long as the service that's calling the interface doesn't change. Nothing will break. I can just make the changes independently. But what happens if I just break it down into very, very, very, very small So at this rate I can keep on just splitting and splitting it so they're really loosely coupled. Why would I not do that? Where would I know when to?
Right. So trying to come up with the domain-driven design is that what are all the bounded contexts? This is what they call as-So that you can then actually create the microservicesTo build. So This is... After you say that, again, a scheduler service is a microservice, Now If you look at it A scheduled service in the drone is they want to schedule a drone for delivering a product. Now it calls multiple microservices.
And then packaging for the warehousing and the delivery service. to kind of track the delivery. And all of them are This is one way to design an application architecture using domain design. You may still come up with the microservices without a domain domain design. What the domain domain design says, it identifies all the domains, what is the boundary, how do they communicate between. So it's a kind of a methodology that you use when you're architecting an application.
Give me all the things, I have to select something. So without API, What knowledge do you need to have?
You need to know where the database is. And what the credentials are, what is the structure of the table, And what query do I have to write?
So every time you write a what they call "point solution" in order to get the data. And then in this process you are exposing Everything about your database. Which is also a risk. So what does APA do to avoid this?
You make a request and say, "Get." And then say, "Products." Right? That's all I do. So with APA, what have we abstracted? Exactly. So everything that what the AP has to do is done by your server, backend server. The client, all they need to do is to make a call. And what does the API server need to do? To legitimize that call, to say, "Hey, is this client authorized to make a call?" But the client, they don't have to know what database I'm calling.
What tables I'm calling, I write all the logic in my API. So that's the point of an API is to abstract that, that anybody can call And all they need to do is make the right call, say, OK, get products with ID equal to. Make a query. So where the product ID, or where the product is-whatever. Whatever the thing you allow. And then you take that and then you use that as an input and you write your APA logic, say okay, And the calling people do not have a clue what database you're connecting, what credentials you're using.
So yeah, since you're taking the back end. So most of the time, The, you know, like SAP, when they go and implement SAP or Oracle, SAP or... sales for anything SAP does not require you You have to have overcome.
What they do is they abstract the table definition and everything and create the tables depending on what the database is. So they'll abstract it. And same thing, if I want to interact with SAP, I don't need to know the tables and things. I'll say, okay, hey, SAP, give me all the order information where the order ID is equal to. this or where give me the customer ID for this customer give me all the orders Behind the scene, SAP takes that, converts that into a query, goes into whatever database you're using, pulls all the information and delivers it to you.
Let's say, hey, Raj called this API. And then what's wrong with Roger's role?
Oh, he's an administrator. Okay, if you're an administrator, then I will allow you to update certain things. But if you're a user, like a great example is an HR, right? Whenever You as an individual user, when you make an APA call for salary, What would be the safest thing to do? If you're a manager You should be able to see the salary of all the people that you report to, but not the people who reported the other person.
So somebody asked you, hey, I want you to build an API.
Given a person's Um... Employee ID. Right. But here are the conditions. Thank you.
Where would you put in an API? Business logic.
Business logic. So what you do is an APA call will simply give you the salary of the person that you asked for. But what you need to do in your logic is to say, first thing is, Let me get this person. Let me look up. There's a rule, right? and then what department, then you need to write a query That filter is out. this department, this role, and then write another query. If it's you, the idea equals your own idea, you can get your own self.
And so you'll have an F small letter I think they may have a decision, their person. Yeah, so it's the same here. Given name, right? So this will be one of the things that you would say.
Family name Now, so you can use schema.arg to find out what is the standard thing, family name. And if you do this consistently, then People will understand your schema. Instead of just simply saying name, you can say family name. And so follow this best practice of using schema.to define your person schema. And then what do you have to do? You have to translate the schema to your database. Right? So, okay, what I call family name is in a table where I call the F name or last name, whatever.
Right, where they put everything in the next amount, they put the header, the bearer token, everything. But now we are primarily using JSON as the The farm data So implementing the API, See, there are multiple ways to do this. So one thing I want one of you at least to try it. One where So... The OpenAPI specification is the most widely adopted standard. It tells you how should you be delivering when I make a call to API, how should you be delivering the results.
You still have to write the business logic, but it'll give you the skeleton. Okay, C#, use this class, you do this, and then do. And then, irrespective of whether you use C# Java, the output will always be in the OpenAPI specification. So that's the standardization for API, which is the OpenABS specification. So you should all be writing Delivery. In accordance with open-ended, what is the difference between that and an HTTP output.
What is the purpose of the graph database? Connect nodes. Nodes and edges, right? And where does it, what example did they give you where it really works? LinkedIn. LinkedIn. Sales navigator, I told you, right? When you pay the $40 a month, LinkedIn will tell you how to get to this guy through your connections. And they're storing it. using Neo4j, graph database, all the nodes and relationships, right?
Because in a relational database, you don't tell nodes and edges. You just simply insert rows. But in a graph database, you say that, hey, Raj, What is the connection? Like, in relational database, here is Raj, here is John. In a graph database, Raj has friends As a friend Who is Jacob? And Raj has Children I'm These are the two children. You can define the relationship. in the graph data base. So that, like let's say, if I want to find out what is, Hey.
So let's say, let's talk about not cloud here. So I'm running IAT. There's suddenly a fire in the data center. What do you think that they get the data back? Backup, right. And have you heard of the term RTO, RPO? R.P.O. R.P.O. Recovery point Objective, recovery time objective. Hi. So one is How much data can I afford to lose? That's the recovery point. Hey. Which means... What does that mean? So every time I backup, I have to backup the log and the recent time.
That's OK. It's better than saying, oh, I'm going to make sure everything. So it depends on-in a stock trade, that's unacceptable. Right? In the stock-They want recovery point to be 0, 0, millisecond, whatever. But in an order entry, it's OK if you lost the order. So the recovery point objective tells you Up to what point can I recover the day? That's the recovery point. What is an RTO, Recovery Time Objective?
Yeah, I mean, how long does it take to-let's say I am-like, my application is pointing to a database in Chicago, right? So when the thin fire fails, What I have to do is I have to have a logic that redirects My data to wherever the recovered databases. And then I have to redirect it, make sure it works, and then my application will work as if nothing happened, except the loss that I had between them, right?