Post #07
if you are new to coding then i would first let you understand what exactly is Micro-service and how they differ with API - Application programming Interface.
Micro-services and APIs are almost same but only difference is, you develop everything from scratch(Micro-service) for API, we use some existing architecture that's the main difference.
Micro-service architecture ensures that whole web-page/app are consuming data returned via endpoints only. advantage of micro-service architecture is, you don't need to hire another team to carve out APIs for mobile app development phase. they can simply consume whats already built.
Thing is, you can develop micro-services/api in few lines of code which fullfils your requirement but there are some rules which should be considered.
✍ so here are top ten points based on my experience which you can keep in mind while building a "Robust & Effective" micro-service:
1️⃣ Modularized co-debase(just use some MVC framework. That's fine) for the PHP guys, i would suggest Symfony which is the backbone of most used frameworks like Laravel etc. Golang if you are dealing with terrabytes of data, flask is cool. i deploy all my ML projects(models and APIs) on flask
2️⃣ Authentication(never forget this step. You can try opensource packages if you wish). as much as you keep this phase complicated, its robust. from complexity here i mean "Advanced and Secured"
3️⃣ Token based ACL(resource access based on user roles). sending user information like email, pass or even roles are total insecure. just hash them properly and and send it back as the response. i will prefer using private/public key based data exchange at this stage(for advanced level)
4️⃣ Light SQL queries(should be optimized and reduced unnecessary table joins) data will grow up for sure and hence you should also take care of optimizing it like using clusters when you think its too much data, indexing regularly etc as well as auto backup of tables.
5️⃣ Clustered DB(lots of data ? cluster it) based on the server stack, you should choose a better option for clustering database.
6️⃣ Easy response(it should be easy for UI team to extract required information) yeah! i have seen many developer who got stucked parsing the response because json/xml was so much complicated however they could have kept it simple(KISS).
7️⃣ Testing of endpoints(you can write a script which will report if any kind of failure occurred on some endpoints) unit testing is important because its not just the bad code which throws error, there are several factors like memory leak on big response(faulty response), long queries, time outs etc. keeping log of all these are important via automated testing
8️⃣ Identify & block malicious source(this will prevent dDos attacks). logic is very simple. any request coming in more than 4–8 times per second is Bot. if same kind of request coming from different IP so fast, its Bot over VPN etc
9️⃣ Authorized domains(setup separate CORS entries and allow only those domains) this is the phase you can simply call it prevention against "Intellectual property" theft
🔟 Auto backup(database is the only asset client will be paying for)
I got 6 cats at my home-town lol…
thanks for reading this. i hope you enjoyed and learnt some but i would appreciate your feedback and question on this post. you can also find this article on Medium.com : https://medium.com/p/fd92dbfef229/
-Mukul
Top comments (0)