Source code branch naming conventions

Master branch — All production grade/released source code maintained in the branch. Tags marked for production releases.

Dev branch — Development branch, having source code available for QA testing. Tags marked for business user verification/testing.

Feature branch — Feature branch used by developer(s) for developing features or fixing non-blocker bugs…

Infra Stack for Cloud Agnostic Solution

Choice for PaaS against IaaS mainly depends on -

  • Capability DevSecOps of the team to address concerns like Availability/Reliability/Scalability/Observability/Security/etc.
  • Cost (Infra + PaaS offering) vs Cost (Infra)+DevSecOps professionals pay
  • Overall size of the Infrastructure.

Sharing cheatsheet with you for cloud agnostic platform/solution.

SERVER/MIDDLEWARE/CONTAINERS

Cloud- OpenShift AWS Azure GCP

Infrastructure as a…

Problem Statement :- Transaction management in online reservation system.

What is Saga?
- Saga is long story with multiple events. Here, a saga is a sequence of local transactions.

Design Patterns:- Orchestrator Saga, Choreographer Saga
Domains:- Reservation Details, Inventory Details, Payment Details
Commands:- Inventory Blocked, Reservation Captured, Customer Validated, Payment Processed.
Orchestrator Saga Class:- Reservation Saga
Services:- Reservation, Inventory, Customer, Payment

1.Microservices architecture
- Async communication between Microservices through Message Queue (Design Pattern — Event Sourcing).
- Sync communication between Microservices through API Gateway.
- Separate Write DB per domain/business functionality.

2.SaaS Design
- Separate DB for each tenant.

3.Improved read performance of system
- Design Pattern — Materialized View.

4.Security
-Web Firewall (WAF)
-DDoS attack prevention
-Encryption at rest (DB Layer)
-Virtual Private Network
-NAT Rules
-KeyVault (for securing secretes/credentials)

5.Cloud PaaS Offerings
-Message Queue
-API Gateway
-Kubernetes Cluster
-Database cluster
-Load Balancer
-CDN
-Cache
-Search database cluster
-Unified Logs Aggregator

6.Middleware
-Security checks like Token Validation/Access Control
-Target Resolvers
-Unique Http Request Id for Request Traceability
-Rate Limiting
-HTTP Traffic Analysis

If you like the article, please clap for it. Also, share the article with your friends.

1.Apicurio Studio — Key Features

  • Web Based

Design your OpenAPI APIs in a web (browser based) application — no installation necessary.

  • Code-optional Design

Don’t know the OpenAPI specification inside and out? Now you don’t have to!

  • Open Source

The Apicurio Studio is fully open source, hosted on GitHub and actively…

How API Middleware can help you?

1) acts as filter or interceptor for API request/response.
2) modify the HTTP request object — adding unique Request id/thread Id for
request identification, traceability.
3) security checks — Token validation/RBAC validation/etc.
4) protecting from web security vulnerabilities such as a OWASP vulnerabilities
— XSS/Cross Site Scripting Attacks/MIME Sniffing/etc.
5) encryption/PII Masking — Encrypt/Mask sensitive data in-flight mode.
6) apply API rate usage cap.
7) API traffic logging — auditing/analytics purpose.
8) Request/Response — validation as per defined generic schema/criteria’s.
9) error/exception handlings.
10) API Response augmentation.

e.g. ExpressJS in Node.js, Spring in Java

If you like the article, please clap for it. Also, share the article with your friends.

High Level Diagram — Blocking IO at DB level vs Reactive Database

1) What is R2DBC?
In contrast to the blocking nature of JDBC, R2DBC allows you to work with SQL databases using a reactive API.
Existing standards, based on blocking I/O, cut off reactive programming from relational database users. R2DBC specifies a new API to allow reactive code that works efficiently with relational…

Sujit Udhane

I am Chief Software Architect, working in Pune-India. I have 17+ years of experience in technology, and last 7+ years working as an Architect.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store