Building Cloud Services with Java Spring Framework Building Cloud Services with Java Spring Framework Communication Protocol: How to communicate to another entity over the internet(or to the cloud). Maintaining Syntax, Format, Sementics(name and meaning) and Timings of a request. HTTP: Language used by devices to talk to cloud. (Protocol) Communication of devices on a Network. Client-Server Application Protocol. It provides a common/uniform infrastructure, so a server need not care for the type of a client while sending the response back. (Client understanding Http protocol is enough). Its ubiquitous(used by everyone). Ut has Load Balancing Infrastructure and works great with sessions and Data marshelling Http Request: Parts-> **Request-Line : consist of Request-Methods(like Get,Post,Put,Delete) and a Resourse (path). **Headers : Meta-info i.e. Extra info. to help servers to complete the request. (like Response-language, character-set, content-type, cookies) *Request-Body : Core data sent by client to server to process and complete the request.(Optional) URL : Uniform resourse locator (helps locating resourses) protocol://host:port/path http://www.google.com/doodles/ Query Parameters: Extra info attached at the end of a URL to process a request. (like info. related to fetch particular responose) ---> URL/?id=1&key=20 (key-value pairs) URL-encoding : key-value pairs Mime Types: decides how to interpret data -->i.e. describing the body of request/response. ---> image/png, image/png, test/plain, test/html Provided as meta-info in Headers as : Content-type Body: can have--> url-encoded(for key-value pairs), multipart(for larger data in multiple parts like images, files etc) mime types. NAKUL-GOYAL : Email : LinkedIn : Github Building Cloud Services with Java Spring Framework Http Response: **Status Line-> Response code: tells what happenedon server 1XX : informational msg’s 2XX : Successful req. Codes (200 OK) 3XX : rediresction(resourse moved to somewhere else) 4XX : client error(404-bad req.) 5XX : server error(500) Phrase: (text) explaination related to response. **Headers-> like Content-type *Body-> can be the resourse or data Cookies: Some data saved by client for furthur requests. (Server send that data once and indicate other information related to it.) like authorization data, sessions via Headers. Layering Protocols over each other: We can layer our own protocols over Http for specific requests. Web-Services(WSDL/SOAP) -- Rest | HTTP | Tcp/Ip How to keep Clients Up to date: (When to get or update its data?) *Let User Decide (By Refresh) *HTTP Polling: Client will fetch data from server at regular interval(T) to be up-to-date. Q->What if nothing is updated? Why to send requests and waste resources? ----Adaptive Approach : i.e. if data requests are not getting any updated response from the server than the time increases to 2T. And so on to 4T ---8T--- if response is non-updated as per client’s interest. *Web-Socket: It’s not client driven now. Client send a request to server and esteblish a web-socket. Now each party can send data (Client<---->Server) It reduces communication overhead. (No more req’s with headers & other data are required) Efficiency increase. (-)If client loose the connection, and server tries to send some data it fails. So client need to send a request again to esteblish web-socket. (-)It may require error handelling and reconnection meachisms. (-)It can be more overhead if there need not be more updates required. REST: (what people mean by it) Rest-based-API URL-addressing-scheme Generic-format find list of all vdo’s ---> /video finding vdo with id 1 ---> /video/1 need its duration ---> /video/1/duration + using Get, Post, Put, Delete RequestMethods as requirement. NAKUL-GOYAL : Email : LinkedIn : Github Building Cloud Services with Java Spring Framework Push Notifictions: *So on Android devices client creates a XMPP(XML-massaging-protocol) connection with GCM(google clouud messaging service). *GCM sends back a unique registeration id back to clients. *If any server wants to send msg to the client, client provide that registeration id to that server. *Now that server will push the msg on GCM with reg-id, and GCM furthur sends it to the client. *Limit of msg is 4kb only. *If the msg is larger or of more security, than server push the event to GCM, to notify clients to make a pull request to the servers to fetch that msg. *As it’s client driven approach, client doesn’t have information of any such event directly from server side. So the upper approach is followed. Client<-----xmpp-------->GCM Servers<---reg-id----Client<-----reg-id---------GCM Servers-------------send msg-------------------->GCM Client<----msg------------GCM Now for larger or secure data --> Server--------------push event------------------->GCM Server<---pull msg--Client<------ask to pull---GCM Server---send msg-->Client Servlets: *Java technology that’s used to handle incoming requests on a server. *Browser sends HTTP request, it gets routed to web-container(contains one or more servlets). *Servlet is a java object(inherits HttpServlet) having special methods(like doGet, doPost etc) for handelling incoming requests. Routers(traditional way -> web.xml file) at the entry point of web-container decides, on which servlet the request should be routed, based on incoming request.(its path like /something) While maintaining requests with servlets we need to do a lot more then just writing our business logic, like data authorization, checking, extracting and validating params from requests and a whole lot. To overcome this we have one of the framework i.e Spring Framework. Spring framework uses Dispactcher-Servlet over http to maintain all that boilerplate code. DispatcherServlet: It can have a no. of controllers. Controllers are simple java-objects having multiple request handelling functions. DispatcherServlet route(via xml-files or java-annotations) requests to the appropriate contoller(to specific-fxn(arbitrary method) with its own name). *Routing Flexibiliy now we can simply use @Controller, @RestController, @RequestMapping, @RequestParam, @PathVariable, @RequestBody(HttpMessageConvertor used to convert data into an object) etc annotations with java classes to map them to servlet. NAKUL-GOYAL : Email : LinkedIn : Github Building Cloud Services with Java Spring Framework For multipart data like video’s: 1>MultipartFile class: fxn(@RequestParam(“data”) MultipartFile videoData) InputStream in = videoPart.getInputStream() and do whatever needed. 2>Configuration: @Bean public MultipartConfigElement getMultipartConfig(){ MultipartConfigFactory f = new ....; f.setMaxFileSize(2000); //bytes f.setMaxRequestSize(2000); //bytes return f.createMultiprtConfig(); } @ResponseBody : to specify the return type to map it. Jackson ObjectMapper: use to convert json to objects and vice-versa. Extra annotations can also be used like @JsonIgnore ... Spring-boot: automates setup ... like web-containers, web.xml, DispatcherServlet etc.(we can configure them manually) Application.java ---> main(){ SpringApplication.run(Application.class,args);} -->Define configs&controllers. 1>setup web container, 2>discover controllers, 3>setup Dispatcher, 4>other configs & components(such as connecting to db). Scaling: Vertical: making server bigger as the no. of requests increases. But you can’t make a large enough server if the traffic is huge. (i.e. on single machine) Horizontal: increase/decrease machines acc. to traffic.(create stateless apps) HttpLoadBalancing: decide which machine to route the requests. Sticky sessions: when our application is stateful, and we always need to route all the requests from a particular device on same machine.(** make apps stateless to avoid this) Auto-Scaling: (elasticity) feature provided by cloud. IaaS(Infrastructure as a Service) : just like buying a new vm. It gives flexibility to control type and configuration of vm. Control different things like security and provide custom env. Launching, monitoring, configuring, auto-scaling is all manual. PaaS(Platform as a Service) : User need to provide just an application. PaaS automatically configure web-container, vm, configs, auto-scaling, and runs it. Provide tools to see logs and monitor performance. Limit the services. NAKUL-GOYAL : Email : LinkedIn : Github Building Cloud Services with Java Spring Framework DependencyInjection: (via @Autowired) It finds configurations of those objects and inject it to the variables, to be used as dependencies. By @Configuration -->@Bean we can instantiate that object.(provide singleton instances) @ComponentScan({“package-name”}): scans all the implementations.(only while starting an app) @EnableAutoConfigurations : if there is @Autowired, it will fill them. @Service, @Component : to create bean. ORM(Object Relation Mapping): Process of converting java objects into db-understandable-format and then saving it into db. (and vice-versa) JPA(Java Persistence API): we add annonations to objects and JPA decides how to convert that in to db specific format. @Entity : Class with this annotation can automatically store its objects in db. i.e. in form of Tables. @id : unique value property. @GeneratedValue(strategy=GenerationType.AUTO) : To generate unique id’s explicitly. ..and many more annotations. We create a Repository to acheive this: eg: @Repository public InterfaceVideoRepo extends CrudRepository<Video,Long>{ //Video is type of @Entity, Long is type of unique @id attribute. //provide basic operations like Create, Read, Update, Delete data in db. //byDefault we get fxn’s : save(), find() etc implemented in crud-repo. //findByAttributeName (like findyByNameAndCategory) public List<Video> findByName(String name); //automatic implementation } SQL-InjectionAttack: ->Don’t add sql queries to your code.(Specially if you are not sure that you are checking the incoming data from client, before placing it in to the query) ->Using it directly in self made queries can cause security issues to your data like... -Eg- Suppose this is your sql query. String query = “select * from TABLE where name = ‘”+ name +”’ ” ; Now if client gives name parameter as: ---> NAKUL GOYAL’ or ‘a’ = ‘a So the query after substituting the value of name will look like : select * from TABLE where name = ‘NAKUL GOYAL’ or ‘a’ = ‘a’ ***This will return all the data from db irrespective of name. ***So this way client can attack your db queries and private data. ***JPA provides internal checks and avoid such kind of attacks. NAKUL-GOYAL : Email : LinkedIn : Github Building Cloud Services with Java Spring Framework Sessions: ->Maintain the state of conversation, across multiple Http requests. ->Server side maintains information of logged-in-device and its conversations for further requests. ->And if the session is not maintained or if it’s over, server can force device to re-login. -Q- How long to maintain session ? What information to be maitained in session ? Authenticate sessions ! -A- So we can use any of the well tested session libraries to implement this. *Session libraries normally send back a cookie to devices, that help remember session.(while login) *So device send cookie with session info while making furthur requests. *Sensitive session info is on server side mainly. *Cookies help server side to identify if the requests are coming form the same device which had logged in before.(Sessions are unique across multiple clients) Spring Data Rest: -->We can add @RepositoryRestResourse(collectionResourseRelation = “videos” , path = “video”) on our repository class. -->And this can now automatically handle Http Requests without Controller implementation. @Param() can be uses for different parameters for fxns. -->To use this we need to add @Import({RepositoryResourseMvcConfiguration}), @EnableJpaRepositories and @ComponentScan({...}) in coniguration class. NoSqlDb: (looks like java hash tables) can be: ->key/value store ->Big table ->Document oriented(may be pure json) ->Graph In NoSql we usually de-normalize(create duplicates) data to optimize the particular fetch operation. (-)So now if need to update some data, we have to update it at multiple places. (+)But we can get queries really quickly. Optimizing Read/Write : Read : If you want a really quick read operations, create hashmaps(like in noSql). But this will effect write operations as you have to update data at multiple places. It may cause data inconsistency. Write : For write operation we can probably use normalization approach.(in sql) But read operations will be slow comparatively as data may be fetched from multiple tables. **So you need to analyse what is your bussiness requirement. NAKUL-GOYAL : Email : LinkedIn : Github Building Cloud Services with Java Spring Framework Write Contention & Sharding: when we want to optimize both read and write operations. -> Database Sharding Document-Oriented-DB (MongoDB) : -> Structure documents.(But no strict schema) -> Views docoments as JSON or BSON objects. key-->value(Json like structure) -> Applicatoion ---> Spring-Data-Repository ---> H2-DB or HSQL-DB or MongoDB. -> Repo Interface will now extend from MongoRepository in place of Crud. -> No need of @Entity, but @Id is required as key. Packaging Applications in WAR(web application resourse) files : war(zip) : place application in directories WEB-INF/ (private) : specifies config files. web.xml calsses/ package-name/ .class-flies lib/ (various jar’s our app depends upon) /other-public-directories **This creation of war file can be done by various automated build tools like Maven or Gradle. -------------------------------------------------------X--------------------------------------------------------------- I have created this document while completing Coursera course. THANK - YOU NAKUL-GOYAL : Email : LinkedIn : Github
Enter the password to open this PDF file:
-
-
-
-
-
-
-
-
-
-
-
-