[Course] System Archietect - Performance

 Performance

# Performance Problem

==> Network socket queue, DB IO queue, OS run queue

Reasons for queue build-up

# Inefficient slow processing

# Serial resource access

# Limited resource capacity

Performance Principles 

# Efficiency ? { resource, logic , data storage, caching }

# Concurrency ?

# Capacity

Performance Objective

# Minimize request response latency

# Maximize throughput

# Network Latency (handshaking), => SSL Session Cache, Static Data Cache (Reverse Proxy), Connection Pool, Token , Data format & Compression

# Disk Latency => logging { asynchronize logging , memory disk , web contenet file =reverse proxy}

# CPU Latency => inefficient Alorithm , Context Switching => large thread pool size *

Main Thread 

Other working thread

Queue, thread number

Locks (minimize lock contention)

# Reduce the duration of lock, concurrent hashmap (review)

[Course] System Archietect- Security

Network Security

# Symmetric Key

# Pulic Key Encryption

# Secure Network Protocol (SSL/TLS)

# Hashing

# Digital Signature

# Digital Certificates

# Chain of Trust

# TLS/SSH Handshake

# Security Network Channel

# Firewall

# Network Security { multiple subnet)

Identify Management

# Authentication (stateful and stateless)

# Authorization

# Credential Transfer

==> Certficate Based

# Credential Storage

# Stateful authentication

==> session cache

# Stateless authentication

==> Signed and encrypted Token

==> Decentralization Authentication leads to better scalability

Access Management 

# Role Based Access Control (RBAC)

# JSON Web Tokens

# Securing Data At Rest

==> main public key

==> Client Data Encryption

SEcuring a software system 

Common Vulnerabilities

==> Security 

Public key authentication 

Mutual authentication（Two way authentication)

SSL Server Authentication Vs Client Authentication

X509 certificate

Cipher Suites for TLS 1.2

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

Digital signning 

SSL server authentication is an SSL certificate issued to the server to validate their identity to the client

while client authentication is an SSL certificate to validate the client’s identity to the server. 

spring cloud

Spring Cloud Config

https://spring.io/projects/spring-cloud-config

Set up all instance Cloud Config into Git

Spring Cloud Config provides server and client-side support for externalized configuration in a distributed system. With the Config Server you have a central place to manage external properties for applications across all environments. 

=================================

# Install Git and Create Git Repository

#Connect Spring Cloud server to Local Git Repsoity 

==> Spring.clould .config.server.git.url = file://git path

@ EnableConfigServer

# Connect Limits Service to Spring Cloud Config

=> Choose Config Client dependency 

=> spring.config.import=optional:configserver:http://localhost:8888

===============================

there are multiple environments for the limits-services; a dev environment, production environment, 

# Configuring Profiles for Limit SErvice

============================

Features

Spring Cloud Config Server features:

• HTTP, resource-based API for external configuration (name-value pairs, or equivalent YAML content)

• Encrypt and decrypt property values (symmetric or asymmetric)

• Embeddable easily in a Spring Boot application using @EnableConfigServer

Config Client features (for Spring applications):

• Bind to the Config Server and initialize Spring Environment with remote property sources

• Encrypt and decrypt property values (symmetric or asymmetric)

====================

# Setup up dynamic Port in the Response

=================

# Configure JPA and initailized data=

spring.jpa.show-sql=true

spring.datasource.url=jdbc

=====================

# Create JPA Repository 

=================

# Creating Feign Rest Client for Service invocation

https://spring.io/projects/spring-cloud-openfeign

#CurrencyExchangeProxy (interface)

@FeignClient(name="currency-exchange", url="locahost:8000")

https://spring.io/projects/spring-cloud-openfeign

https://spring.io/projects/spring-cloud-netflix

proxy.retrieveExchangeValue

• Declarative REST Client: Feign creates a dynamic implementation of an interface decorated with JAX-RS or Spring MVC annotations

================

Eureka Naming Server (Spring Cloud Discovery)

https://spring.io/projects/spring-cloud-netflix

All the instances of all the micros services would register with a service registry

it would ask the service registry, what are the addresses of the currency exchange?

all the instance would register with the naming server or the service registry

@spring-cloud-starter-netflix-eureka-server

@EnableEurekaServer

https://spring.io/projects/spring-cloud-netflix

Features

Spring Cloud Netflix features:

• Service Discovery: Eureka instances can be registered and clients can discover the instances using Spring-managed beans

• Service Discovery: an embedded Eureka server can be created with declarative Java configuration

@EnableEurekaClient will try to contact a Eureka server on http://localhost:8761 (the default value of eureka.client.serviceUrl.defaultZone):

#spring-cloud-starter-netflix-eureka-client

#eureka.client.serviceurl.defaultzone=http://localhost:8761/eureka

=============

Spring Cloud Loadbalancer

#Load Balancing with Eureka, Feign, Spring cloud loadbalancer 

https://spring.io/blog/2020/03/25/spring-tips-spring-cloud-loadbalancer

https://spring.io/projects/spring-cloud-commons

Spring Cloud Load Balancer并不是一个独立的项目，而是spring-cloud-commons其中的一个模块。 项目中用了Eureka以及相关的 starter，想完全剔除Ribbon的相关依赖基本是不可能的，Spring 社区的人也是看到了这一点，通过配置去关闭Ribbon启用Spring-Cloud-LoadBalancer。

@FeignClient(name="currency-exchange"

eureka-client with spring-cloud-starter-loadbalancer (jar)

===================

Spring Cloud Gateway

Features

Spring Cloud Gateway features:

Built on Spring Framework 5, Project Reactor and Spring Boot 2.0

Able to match routes on any request attribute.

Predicates and filters are specific to routes.

Circuit Breaker integration.

Spring Cloud DiscoveryClient integration

Easy to write Predicates and Filters

Request Rate Limiting

Path Rewriting

https://spring.io/projects/spring-cloud-gateway

This project provides a library for building an API Gateway on top of Spring WebFlux. Spring Cloud Gateway aims to provide a simple, yet effective way to route to APIs and provide cross cutting concerns to them such as: security, monitoring/metrics, and resiliency.

# spring.cloud.gateway.discovery.locator.enabled=true

#Implement Spring CloudGateway Logging Filter

#LoggingFilter implements GlobalFilter

slf4j.logger

private Logger logger

@Override

public Mono<Void> filter (ServerWebExchange exchange, GatewayFilterChain chain)

logger.info("Path of the request receexchange.getRequest()

return chain.filter(exchange)

==========

Spring Cloud Circuit Breaker

https://spring.io/projects/spring-cloud-circuitbreaker

Introduction

Spring Cloud Circuit breaker provides an abstraction across different circuit breaker implementations. It provides a consistent API to use in your applications allowing you the developer to choose the circuit breaker implementation that best fits your needs for your app.

Supported Implementations

Resilience4J

Spring Retry

#Getting Started with Circuit Breaker - Resillence 4j

#Playing with Resillence4j - Retry and Fallback Method

# Playing with Circuit Breaker Features of Resillience4j

===================

Distribute tracing server (Zipkin) 

https://spring.io/projects/spring-cloud-sleuth

Spring Cloud Sleuth provides Spring Boot auto-configuration for distributed tracing.

Specifically, Spring Cloud Sleuth…​

Adds trace and span ids to the Slf4J MDC, so you can extract all the logs from a given trace or span in a log aggregator.

Instruments common ingress and egress points from Spring applications (servlet filter, rest template, scheduled actions, message channels, feign client).

If spring-cloud-sleuth-zipkin is available then the app will generate and report Zipkin-compatible traces via HTTP. By default it sends them to a Zipkin collector service on localhost (port 9411). Configure the location of the service using spring.zipkin.baseUrl.

https://spring.io/guides

=======================

https://spring.io/projects/spring-cloud-zookeeper

https://spring.io/projects/spring-cloud-security

https://spring.io/projects/spring-cloud-pipelines

https://spring.io/projects/spring-cloud-commons

https://spring.io/projects/spring-cloud-aws

https://spring.io/projects/spring-cloud-connectors

https://spring.io/projects/spring-cloud-kubernetes

https://spring.io/projects/spring-cloud-bus

https://spring.io/projects/spring-cloud

=====

Dependency

@spring-boot -starter -acctuator

@spring-boot-starter-web

@spring-boot-starter-data-jpa

@spring-boot-cloud-starter-config

@com.h2database

@spring-cloud-openfeign

Spring Family

 #Spring Boot

Spring Boot makes it easy to create stand-alone, production-grade Spring based Applications that you can "just run".

We take an opinionated view of the Spring platform and third-party libraries so you can get started with minimum fuss. Most Spring Boot applications need minimal Spring configuration.

If you’re looking for information about a specific version, or instructions about how to upgrade from an earlier release, check out the project release notes section on our wiki.

Features

Create stand-alone Spring applications

Embed Tomcat, Jetty or Undertow directly (no need to deploy WAR files)

Provide opinionated 'starter' dependencies to simplify your build configuration

Automatically configure Spring and 3rd party libraries whenever possible

Provide production-ready features such as metrics, health checks, and externalized configuration

Absolutely no code generation and no requirement for XML configuration

===

# Spring Framework

The Spring Framework provides a comprehensive programming and configuration model for modern Java-based enterprise applications - on any kind of deployment platform.

https://docs.spring.io/spring-framework/docs/current/reference/html/core.html

Core technologies: dependency injection, events, resources, i18n, validation, data binding, type conversion, SpEL, AOP.

https://docs.spring.io/spring-framework/docs/current/reference/html/data-access.html

Data Access: transactions, DAO support, JDBC, ORM, Marshalling XML

Spring MVC and Spring WebFlux web frameworks.

https://docs.spring.io/spring-framework/docs/current/reference/html/testing.html

==========

# Spring Security

# Spring REST Docs

#Spring HATEOAS

# Spring Session

# Spring Vault

Spring Boot

 SOAP (XML) vs Restful (JSON)

Static Filtering vs Dynamic Filtering

H2 Console

Swagger

Versioning

===

Spring boot

Spring Boot makes it easy to create stand-alone, production-grade Spring based Applications that you can "just run"

=============

Dispatcher Servlet

====

RestController -> UserService (DAO) -> UserBean

=====

HATEOAS

在 REST 的 Level 3 模型中，客戶端可以從某個資源，知道還有哪些其他相關的資源

======

HttpMessageConverterAutoConfiguration

# Jackson to Object Mapping

# conversion from JSON to beans and beans to JSON

=====

# Spring boot initiator 

===

UserBean , UserDAOService (@Component)

===

#package

-> org.springframework.web.bind.annotation

=============

#Properties

=> application.properties

=========

# Class

=> ServletUriComponentBuilder ( UriComponentsBuilder with additional static factory methods to create links based on the current HttpServletRequest.)

=> MessageSource (Strategy interface for resolving messages, with support for the parameterization and internationalization of such messages.)

MappingJacksonValue

=========

#Dependency

<artifactId>spring-boot-starter-validation</artifactId>

<artifactId>spring-boot-starter-hateoas</artifactId>

<artifactId>jackson-dataformat-xml</artifactId>

<artifactId>springfox-swagger2</artifactId>

<groupId>io.springfox</groupId>

<artifactId>springfox-swagger-ui</artifactId>

<artifactId>spring-boot-starter-actuator</artifactId>

<artifactId>spring-boot-starter-security</artifactId>

====

Advanced Restful 

# Internationalization

# Content Negotiation

# Auto Generation Swagger Documentation

# Swagger Documentation Format

=> https://springdoc.org/

=> swagger-ui.html

# Swagger Documentation with Custom Annotations

# Monitoring API with Spring boot Actuator

# Static Filtering 

# Dynamic Filtering

# Versioning RESTful Services - Basic Approach with URIs

#

======

# Annotation

@RestController

@GetMapping

@RequestHeader(name="Accept-Language", required=false)

@RequestParam(value = "name", defaultValue = "World") 

@RequestBody (Annotation indicating a method parameter should be bound to the body of the web request.)

@PostMapping

@RequestMapping(method=GET)

@Controller

@ResponseBody

@ ResponseStatus (Marks a method or exception class with the status ResponseStatus.code() and ResponseStatus.reason() that should be returned.)

@PathVariable (Annotation which indicates that a method parameter should be bound to a URI template variable)

==

@SpringBootApplication

====

@Component for @Autowired

@ComponentScan

=====

@ControllerAdvice

@ExceptionHandler (Annotation for handling exceptions in specific handler classes and/or handler methods.)

====

@Entity

@Id

@GeneratedValue

@Repository

public interface UserRepository extends JpaRepository<User, Integer>{

@ManyToOne(fetch=FetchType.LAZY)

@JsonIgnore

@OneToMany(mappedBy="user")

[Tech Topic] UML

 https://www.udemy.com/course/introduction-to-object-oriented-modelling-design/

OpenAPI 3.0 & Swagger

 https://www.youtube.com/playlist?list=PLb__S-rkKhez_GMouvjCTGodib-zj_Vcl

https://ithelp.ithome.com.tw/articles/10242295

https://www.openapis.org/

https://www.manning.com/books/designing-apis-with-swagger-and-openapi

https://howtodoinjava.com/swagger2/code-generation-for-rest-api/

https://github.com/swagger-api

https://editor.leonh.space/2022/openapi/#

OpenAPI

OpenAPI 是用於描述 API 資訊的文件，包括 API 的端點、參數、輸出入格式、說明、認證等，本質上它是一個 JSON 或 YAML 文件，而文件內的 schema 則是由 OpenAPI 定義。

下面是一份 OpenAPI JSON 文件的範例：

{
  "openapi": "3.0.0",
  "info": {
    "title": "TestAPI",
    "description": "Bare en liten test",
    "version": "1.0"
  },
  "servers": [
    {
      "url": "https://api.example.com/v1"
    }
  ],
  "paths": {
    "/users/{userId}": {
      "get": {
        "summary": "Returns a user by ID",
        "parameters": [
          {
            "name": "userId",
            "in": "path",
            "description": "The ID of the user to return",
            "required": true,
            "style": "simple",
            "explode": false,
            "schema": {
              "type": "integer"
            }
          }
        ],
        "responses": {
          "200": {
            "description": "Successful response",
            "content": {
              "application/json": {
                "schema": {
                  "$ref": "#/components/schemas/inline_response_200"
                }
              }
            }
          },
          "400": {
            "description": "The specified user ID is invalid (e.g. not a number)"
          },
          "404": {
            "description": "A user with the specified ID was not found"
          }
        }
      }
    }
  },
  "components": {
    "schemas": {
      "inline_response_200": {
        "type": "object",
        "properties": {
          "id": {
            "type": "integer"
          },
          "name": {
            "type": "string"
          }
        }
      }
    }
  }
}

[Tech Topic] Maven

 https://docs.google.com/spreadsheets/d/1w_ew1ry2PiU_hbQ5yImTxdmL0kK3kDK9/edit#gid=1322069122

https://www.udemy.com/course/maven-quick-start/

https://www.runoob.com/maven/maven-tutorial.html

https://mvnrepository.com/