5 elements of architectural design

 

 

Architecture in five important core indicators: namely, performance, availability, flexibility, scalability and security.

 

First, the performance

Performance is one of the core elements, or I Why architecture? Casually lowlow a line on the system just fine. Performance optimization is so many small companies do not sell have been to Canton. Well, of course, means to optimize site performance is also very much:

(1) web front-end performance optimization:

1. Browser access optimization (browser cache, the page compression and transmission, rational distribution page, Cookie reduce transmission)

• Reduce http requests. Avoid creating too many communication links. The js, css, image files merge as much as possible. Avoid too many requests. At the same time, a request for a back-end system is also possible rational design, to avoid too much interaction.
•  
• Use your browser's cache. http header set Cache-Control and Expires.js file name such as can be time-stamped. Once an update is updated timestamp, or cache; at the same time try to avoid the same time updating a large number of static resources.
• To compress static resources.
• placed at the top of the page css, js down the bottom. For css rendered in advance. While avoiding blocking page js brings. But it requires case by case. For example dom nodes rely js page generation, optionally change the file location.
• Reducing cookie transmission. Static resources while allowing an independent domain name, send a request to a static resource when not send cookie. Thereby reducing transport costs. cookie can be obtained by document.cookie.

2.CDN accelerate

• Cache images, files, CSS and script script. However, the acceleration effect on the pc CDN better than moving end. After research found that the higher the last-mile of delay, the worse the relative effectiveness of the CDN (see specific article Why CDN to accelerate mobile client "no" effect).

3. Reverse Proxy

• Seven can provide load balancing (http request balancing strategy), and can provide caching static resources, request forwarding, prevent network attacks. There are more popular nginx.
• 

(2) application server performance optimization:

If the request is not a static interface card, but the card data or dynamic, indicating that the request MySQL deal with too much, you can use local caching and distributed cache server, you can also speed up the response to an asynchronous mode of operation, the case of high concurrent requests in , multiple application servers can be clustered to form a common external services, improve the overall handling capacity, improve performance, as follows:

1. Distributed Cache (first law of web performance optimization: priority use caching to optimize performance)

1. In general, read and write data stored in the cache ratio 2: 1 or more; and the data should be hot.
2. If inconsistencies need to be considered in the data cache may bring short-term, or if the cache is updated in real time may bring performance and resource overhead.
3. Once the cache needs to be considered invalid, a large number of requests directly hit DB may bring an avalanche of service performance. It is possible to cache the use of cluster deployment, in order to avoid loss of data caused by excessive pressure increased sharply services.
4. Preheating load the cache for hot data to consider. For example, before the peak of the season, ahead of first hot data stored in the cache. In order to improve service performance peak.
5. To prevent malicious attacks, has been non-existent data query, leading to cache frequently accessed but can not hit the DB, can not exist in the cache and data can also be cleaned regularly. While mechanisms to identify and ban malicious requests.
6. Distributed cache should be decentralized and centralized management. By mutually and the communication between different instances isomorphic to ensure scalability and reducing system complexity.

2. Asynchronized (everything should be done late late do, I feel like lazy loading)

Clipping object is achieved by a distributed message queue. To solve the problem through business with technology. For example, the 12306 line up.

3. Cluster

Using cluster service virtualization is a manifestation. To avoid single-point problem, while providing more highly available, high-performance service.

4. code optimization

1. Multi-thread, if it is intensive computing, the number of threads should not exceed the number of CPU cores. If the IO is processed, the number of threads = [task execution time / (task execution time -IO waiting time)] * CPU core number. In addition, we should object designed to be stateless objects, use more local objects, lock properly refined.
2. Resource reuse. For example a single embodiment mode, such as the use connection pool.
3. Reasonable set JVM parameters to maximize avoid unreasonable full gc.

5. Storage Performance Optimization

Index relational database implemented using B + tree. Many of nosql database is used to store the LSM tree. LSM retain the most new excision check data in memory until the memory can not be put down, proceed merge with a tree under LSM disk. More so for a write operation, read operation is to query the scene more recently written data, the performance is much higher than b + tree; HDFS using map reduce binding for mass data storage and analysis. It can automatically perform concurrent access and redundancy, high reliability. It is tantamount to implement a RAID functionality.

(3) optimization of the database layer:

1. The database layer is the most vulnerable layer, application design in general when it is necessary to request the upstream interception off, the database layer bear only access requests "within the capacity", so we introduce queues and buffers through the service layer, so that lowest-level database peace of mind. However, if the request surge, there are still a large number of queries to MySQL pressure, this time to find a way to solve the bottleneck of MySQL, this time available to use the index, cache, SQL performance optimization tools, NoSQL database can also be used to optimize the data model, storage structure. For details see my post may be concerned about [the topic] mysql optimization, a total of 12, has ended.

(4) to measure site performance metrics (response time are important, TPS, system performance counters, by these indicators to determine whether the system design to achieve the target)

1. Response time.
2. Concurrent. If there is no corresponding temporary accurately monitor, for different business models, may have different estimates of the number of concurrent. Our system estimates the peak number of concurrent words, there is a relatively rough calculation, that is, the day average number of concurrent requests per second * 3. But it also needs case by case.
3. Throughput. More common are QPS (queries per second), HPS (http requests per second) and TPS (transactions per second processing).
4. Performance counters. Including system load, the number of threads, cpu, memory usage. Can top, free, cat / proc / cpuinfo commands to view. System load is defined as the number of threads that are currently being executed on the CPU / total number of threads waiting to be executed by CPU. And when its value is the same as the number of logical cpu best condition, which represents all of the resources are maximally utilized. But others believe that the best when the load is 0.7 times the number of logical CPU.

(5) availability: Includes high-availability applications, high availability of service, high availability of data and services to monitor high-availability, etc., with regard to availability, I decided to open a single chapter explains

 

Second, security

The Internet is open, anyone can access the site from anywhere. Site security architecture is to protect the site from malicious access and attacks, protecting important data site is not stolen.

The five elements of security: confidentiality, integrity, availability, controllability and auditability.

1, system security architecture

1) security service is a computer security measures provided by the network, including authentication services, access control, data confidentiality service, data integrity and non-repudiation services.

2) a specific security mechanism is used to implement security mechanisms and services, including encryption, data signature scheme, access control mechanisms, data integrity mechanisms, authentication exchange mechanism, filling the flow mechanism, the routing control mechanism and a mechanism for notarization.

3) universal security not for any particular service and ad hoc, belonging to security management, divided into trusted functionality, security tags, event detection, security, audit trails and security restored.

2, the degree of protection

1) user self-protection level

2) protection systems audit level

3) security token protection level

4) Structured Protection Level

5) access validation protection level

Measuring a site's security architecture is the standard for existing and potential attacks and theft means,

 

Is there a reliable coping strategies.

 

Third, the availability of

A measure of whether the system architecture designed to meet the goal of high availability, is the assumption that the system in any one or more than one server is down, and when all kinds of unexpected problems arise, whether the system as a whole is still available.

Generally it means three, redundancy, clustering, distributed.

The main method is redundant high availability, application deployment while providing services on multiple servers, data storage backup each other on multiple servers, any one server will not affect the overall applicable, the usual means of achieving that is multiple servers for a cluster via load balancing device.

 

Fourth, scalability

Scalability (Extensibility) refers to the impact with minimal ability to expand or enhance the sustainable system functionality to existing systems. Stable performance in the system infrastructure need not change frequently, and less dependent on the coupling between the applications, when the system to add new features, structures and code does not require modification of existing systems. This nothing to say. Scalability depends on good pre-architecture design. Reasonable abstract service logic, horizontal / vertical cutting of distributed like.

The main method scalable architecture is event-driven architecture and distributed services.

Typically utilize event-driven message queues implemented in this way produce the message processing logic and spaced apart.

Server service sucked and reusable business services separated, invoked by a distributed service framework. Add a new product can be used to achieve their own business logic by calling reusable services without any impact on existing products.

In this regard, "scalable Art," a book put forward a more scalable system models - AKF scalable cubic (Scalability Cube). Cube along three coordinate axes are set: X, Y, Z.

• X axis expansion - the level of attention and service data cloning, that is, the previously mentioned "plus machine to solve the problem."
• Y axis expansion - division of responsibilities concern in applications, such as data type, the type of trade execution division
• Z axis expansion - attention and service data prioritization, such as the geographical division points

The entire extended model, represented by the following diagrams, wherein the origin without being completely extended state.

 

Fifth, scalability

Services homogeneous as possible. DB, cache as much as possible when considering the distributed design a good expansion plan in advance. It can also be used for horizontal scaling of mainstream support for better nosql, memcached, hbase and so on.

(1) laterally separated: the separation of different service modules deployed, for scalability of the system;

 

(2) longitudinal separations: the deployment of various portions of the business processes, for system scalability;

 

Source: java Advanced Architecture