Problem Statement :- Transaction management in online reservation system.

What is Saga?
- Saga is long story with multiple events. Here, a saga is a sequence of local transactions.

Design Patterns:- Orchestrator Saga, Choreographer Saga
Domains:- Reservation Details, Inventory Details, Payment Details
Commands:- Inventory Blocked, Reservation Captured, Customer Validated, Payment Processed.
Orchestrator Saga Class:- Reservation Saga
Services:- Reservation, Inventory, Customer, Payment

--

--

1.Microservices architecture
- Async communication between Microservices through Message Queue (Design Pattern — Event Sourcing).
- Sync communication between Microservices through API Gateway.
- Separate Write DB per domain/business functionality.

2.SaaS Design
- Separate DB for each tenant.

3.Improved read performance of system
- Design Pattern — Materialized View.

4.Security
-Web Firewall (WAF)
-DDoS attack prevention
-Encryption at rest (DB Layer)
-Virtual Private Network
-NAT Rules
-KeyVault (for securing secretes/credentials)

5.Cloud PaaS Offerings
-Message Queue
-API Gateway
-Kubernetes Cluster
-Database cluster
-Load Balancer
-CDN
-Cache
-Search database cluster
-Unified Logs Aggregator

6.Middleware
-Security checks like Token Validation/Access Control
-Target Resolvers
-Unique Http Request Id for Request Traceability
-Rate Limiting
-HTTP Traffic Analysis

If you like the article, please clap for it. Also, share the article with your friends.

--

--

How API Middleware can help you?

1) acts as filter or interceptor for API request/response.
2) modify the HTTP request object — adding unique Request id/thread Id for
request identification, traceability.
3) security checks — Token validation/RBAC validation/etc.
4) protecting from web security vulnerabilities such as a OWASP vulnerabilities
— XSS/Cross Site Scripting Attacks/MIME Sniffing/etc.
5) encryption/PII Masking — Encrypt/Mask sensitive data in-flight mode.
6) apply API rate usage cap.
7) API traffic logging — auditing/analytics purpose.
8) Request/Response — validation as per defined generic schema/criteria’s.
9) error/exception handlings.
10) API Response augmentation.

e.g. ExpressJS in Node.js, Spring in Java

If you like the article, please clap for it. Also, share the article with your friends.

--

--

Sujit Udhane

I am Chief Software Architect, working in Pune-India. I have 17+ years of experience in technology, and last 7+ years working as an Architect.