SlideShare una empresa de Scribd logo

Choisir entre une API RPC, SOAP, REST, GraphQL? 
Et si le problème était ailleurs ?

François-Guillaume Ribreau
François-Guillaume Ribreau

Posons-nous et profitons de ce talk pour prendre un peu de hauteur sur l’état de l’industrie tech autour de la création d’API de persistence (CRUD). D’où venons-nous, ou allons-nous ? Pourquoi le choix entre RPC, SOAP, REST et GraphQL n’est peut-être qu’un sujet de surface qui cache un problème bien plus profond… Youtube: https://www.youtube.com/watch?v=IskE3m3VjRY

Software
1 de 57
Descargar para leer sin conexión
Choisir entre une API RPC, SOAP, REST, GraphQL? 
 Et si le problème était ailleurs ?
François-Guillaume Ribreau — Architect & Head of development @Ouest-France 🌟 SaaS founder of _______ ____ MotionDynamic, Mailpopin 🚀 Trainer @EPSI_Nantes @UnivNantes 📢 Twitter/Github: @FGRibreau
<quick> <history>
- pattern: procedure(arguments...): [result] - ~1980 - principle: simplest form of API interaction - goal: run a task on another address space - often requires an IDL (Interface Definition Language) - well-known implementations: - XML-RPC (XML to encode calls & HTTP as transport) - JSON-RPC (JSON to encode calls & HTTP as transport) - Thrift, gRPC, Avro... and *lots* of other implementation RPC - Remote Procedure Call client api procedure(arguments...) result
- ~successor of XML-RPC - XML-based messaging framework - can work with any transport protocol (just need XML) - XML everywhere - IDL: WSDL, a schema of every available operations - 1998 (+18 yrs after RPC principle) - Spec WG closed on 10 July 2009 (+11 yrs) SOAP - Simple Object Access Protocol client api envelope(message(call)) envelope(message(response))
- Roy Fielding, 2000 (20 yrs after RPC) - based on the uniform and predefined set of stateless operations from HTTP protocol - request/response - server-side data are made available through representations of data in simple formats (e.g. JSON, XML) - IDL: no schema required (state-of-the-art: OpenAPI) REST - Representational State Transfer client api HTTP request HTTP response
More power on the client-side at request time GET /ressources/?fields=property1,property2 GET /ressources/:ressource_id?fields=property1,property2 (e.g. Google APIs, Facebook APIs) REST - Representational State Transfer client api HTTP request HTTP response
GET /fql? q=SELECT+uid2+FROM+friend+WHERE+uid1=me()&a ccess_token=… FQL @ Facebook (2007) https://query.yahooapis.com/v1/public/yql? q=select title, link from rss where url='https://engt.co/2JyTaQP' &format=json &env=store://datatables.org/alltableswithkeys YQL @ Yahoo (2008)
- Another RPC protocol (not a Graph db) - 3 verbs (in the REST sense): - fetch (implicit, read requests) - subscription (explicit, read streams) - mutation (writes requests) - introduce inversion of control between client & server - client only request needed data GraphQL client api HTTP request HTTP response
</history> </quick>
Wow much work so specifications client api
Current State of the art
3-tier Database API Client
3-tier Database (Tables / Views) API (Models) Client
Validation Database (Schema (constraint)) API (Models (validation)) Client (validation)
Authorization Database (Users/roles, policies) API (Authorization middleware) Client
Etc… 🕰 Database … API … Client
Only for data persistence Without data persistence Mostly for data persistence (+ some MQueing) What kind of API do you write the most? ~90% of the time it's. just. CRUD.
effort => data api client user
data api client user effort =>
Let's build a persistence API
api.motiondynamic.tech Fast highly dynamic video generation at scale 🚀
api SQLHTTP data (PostgreSQL) • HTTP request handling • Authentication • Authorization • Request Parsing • Request Validation • Database Communication • Database Response Handling (deserialization) • Output format serialization • HTTP Response Building Persistence API our job
api SQLHTTP Persistence API TL;DR: HTTP <-> SQL mapping … with a lot of space for potential mistakes. our job data (PostgreSQL)
Database Modelling 101 v1_0 schema authentication schema theme schema video schema …. view schemastored fn generations signIn signUp themes
api (PostgREST) data (PostgreSQL) Persistence API <= our job #SSoT #DRY v1_0 schema client HTTP / REST / (JSON,CSV)
Are we serious?
Schema modelling public private v1_0 schema authentication schema theme schema video schema …. view schemastored fn projects signIn signUp Postgrest videos generations startVideoGeneration
Read / Write requests (read, view) GET /themes (read, view) GET /videos (read, view) GET /generations (write, stored function) POST /rpc/signUp (write, stored function) POST /rpc/signIn (write, stored function) POST /rpc/startVideoGeneration DBv1_0 schema api (PostgREST)
GET /themes?downloads=gte.1000&isMine=is.true GET /themes?select=downloads::text,name,description GET /stuff?metadata->a->>b=eq.2 GET /themes?select=id,name,generations{createdAt} &order=name.asc&generations.order=createdAt.desc How do you manage projection, filtering, ordering?
Read / Write requests (read, view) GET /themes (read, view) GET /videos (read, view) GET /generations (write, stored function) POST /rpc/signUp (write, stored function) POST /rpc/signIn (write, stored function) POST /rpc/startVideoGeneration (write) POST /generations
INSTEAD OF create trigger generations_mutation INSTEAD OF INSERT OR UPDATE OR DELETE ON v1_0.generations for each row execute procedure video.mutation_generations_trigger()
Trigger create or replace function video.mutation_generations_trigger() returns trigger as $$ declare begin if (tg_op = 'DELETE') then -- delete generation return new; elsif (tg_op = 'UPDATE') then -- update generation return new; elsif (tg_op = 'INSERT') then -- create generation return new; end if; end; $$ security definer language plpgsql; pl/pgsql ? It's 2018: pl/v8 (javascript) - pl/python - pl/java - pl/tcl
State-of-the-art API performance api data (PostgreSQL) client HTTP / REST / JSON deserialize db response serialize http JSON response serialize to internal representation
API performance 🚀 api (PostgREST) data (PostgreSQL) client HTTP / REST / JSON serialize result to JSON “PostgreSQL JSON encoder is fast, it’s C fast. For a large JSON object graph PostgreSQL JSON generation can offer well over 12x the throughput. It can be 2x/10x faster than ActiveRecord or even 160x for large responses” https://hashrocket.com/blog/posts/faster-json-generation-with-postgresql
Versioning public private v1_0 schema v2_0 schema authentication schema theme schema video schema …. view schemastored fn videos signIn signUp generations logIn signUp
How do you manage authentication?
How do you manage authorization? CREATE ROLE authenticator NOINHERIT LOGIN; CREATE ROLE anonymous; CREATE ROLE authenticated_user; GRANT anonymous, authenticated_user TO authenticator;
How do you manage authorization? Row Level Security (PG 9.5+) ALTER TABLE video.generation ENABLE ROW LEVEL SECURITY; create policy generation_access_policy on video.generation to api -- a user can only see its own generations, admin can see everything using ( (request.user_role() = 'videoRequester' and user_id = request.user_id()) or request.user_role() = 'admin') -- only admin can change anyone generation data with check (request.user_role() = 'admin'); 3 lines of SQL Reliable security model (closed by default) Declarative Expressive
Imperative Programming "how to do" %📺' Declarative Programming "what to do" (🚀)
How do you manage emails/3rd parties? pg_notify (PG 9.2+) http://bit.ly/2oNbaKy
How do you manage emails/3rd parties? pg_notify (PG 9.2+) http://bit.ly/2JDCsQu
Rate-limiting? Headers? Monitoring? Tracing? Custom-logic ? Respect the separation of concerns (that's what Service Mesh is all about btw) data api client user proxy (nginx/openresty | istio proxy | ...)
How to manage documentation? OpenAPI (Swagger) format automatically extracted from schema
How to manage code-reviews, tests? It’s just SQL. SQL unit test: pgTAP Functional tests: Supertest / Jest
How to manage migrations? Full migration management sqitch/apgdiff
How to build & deploy? local env. + docker 🐳 (watch + SQL auto-reload) Cloud (PostgreSQL + PostgREST + OpenResty) apply migrations rolling deploy PostgREST/OpenResty run unit & functional tests test migrations
One more thing
REST & GraphQL api (PostgREST + SubZero) data (PostgreSQL) <= our job #SSoT #DRY v1_0 schema client GraphQL ?
subZero ❤ GraphQL & REST (PostgREST) API for your database
This philosophy is gaining traction
PostgraphQL - A GraphQL API created by reflection over a PostgreSQL schema: NodeJS + PostgreSQL Prisma - Prisma turns your database into a realtime GraphQL API: Scala + MySQL/Postgres (upcoming: MongoDB, ElasticSearch) Graphql-engine - Instant GraphQL APIs on Postgres with fine grained access control: NodeJS + PostgreSQL
Et si le problème était ailleurs ? API data (BDD) v1_0 schema client REST GraphQL Tomorrow?
Free plans for Redis administration & monitoring at redsmin.com We are looking for Front-end Developers twitter.com/iadvizetech Questions? @FGRibreau No more server-side rendering pain, 1 url = 1 chart image-charts.com
https://apple.github.io/foundationdb/transaction-manifesto.html Performance and scalability? We know of no practical limits to the scalability or performance of systems supporting transactions. When the movement toward NoSQL databases began, early systems, such as Google Bigtable, adopted minimal designs tightly focused on the scalability and performance. Features familiar from relational databases had been aggressively shed and the supposition was that the abandoned features were unnecessary or even harmful for scalability and performance goals. Those suppositions were wrong. It is becoming clear that supporting transactions is a matter of engineering effort, not a fundamental tradeoff in the design space. Algorithms for maintaining transactional integrity can be distributed and scale out like many other problems. Transactional integrity does come at a CPU cost, but in our experience that cost is less than 10% of total system CPU. This is a small price to pay for transactional integrity and can easily be made up elsewhere.
I am quite convinced that in fact computing will become a very important science. (🐶💩) But at the moment we are in a very primitive state of development; we don't know the basic principles yet and we must learn them first. 
 If universities spend their time teaching the state of the art, they will not discover these principles and that, surely, is what academics should be doing. — Christopher Strachey, 1969 (49 yrs ago) (quote by Edsger W. Dijkstra) https://bit.ly/2pMI7aJ “ ”

Recomendados

TypeScript - An Introduction
TypeScript - An IntroductionTypeScript - An Introduction
TypeScript - An Introduction
NexThoughts Technologies
 
TypeScript VS JavaScript.pptx
TypeScript VS JavaScript.pptxTypeScript VS JavaScript.pptx
TypeScript VS JavaScript.pptx
Albiorix Technology
 
Practical non blocking microservices in java 8
Practical non blocking microservices in java 8Practical non blocking microservices in java 8
Practical non blocking microservices in java 8
Michal Balinski
 
TypeScript Presentation
TypeScript PresentationTypeScript Presentation
TypeScript Presentation
Patrick John Pacaña
 
Introduction to Kotlin coroutines
Introduction to Kotlin coroutinesIntroduction to Kotlin coroutines
Introduction to Kotlin coroutines
Roman Elizarov
 
Top 10 RxJs Operators in Angular
Top 10 RxJs Operators in Angular Top 10 RxJs Operators in Angular
Top 10 RxJs Operators in Angular
Jalpesh Vadgama
 
Spring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise PlatformSpring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise Platform
VMware Tanzu
 
Rxjs ngvikings
Rxjs ngvikingsRxjs ngvikings
Rxjs ngvikings
Christoffer Noring
 

Recomendados

TypeScript - An Introduction
TypeScript - An IntroductionTypeScript - An Introduction
TypeScript - An Introduction
NexThoughts Technologies
 
TypeScript VS JavaScript.pptx
TypeScript VS JavaScript.pptxTypeScript VS JavaScript.pptx
TypeScript VS JavaScript.pptx
Albiorix Technology
 
Practical non blocking microservices in java 8
Practical non blocking microservices in java 8Practical non blocking microservices in java 8
Practical non blocking microservices in java 8
Michal Balinski
 
TypeScript Presentation
TypeScript PresentationTypeScript Presentation
TypeScript Presentation
Patrick John Pacaña
 
Introduction to Kotlin coroutines
Introduction to Kotlin coroutinesIntroduction to Kotlin coroutines
Introduction to Kotlin coroutines
Roman Elizarov
 
Top 10 RxJs Operators in Angular
Top 10 RxJs Operators in Angular Top 10 RxJs Operators in Angular
Top 10 RxJs Operators in Angular
Jalpesh Vadgama
 
Spring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise PlatformSpring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise Platform
VMware Tanzu
 
Rxjs ngvikings
Rxjs ngvikingsRxjs ngvikings
Rxjs ngvikings
Christoffer Noring
 
Angular and The Case for RxJS
Angular and The Case for RxJSAngular and The Case for RxJS
Angular and The Case for RxJS
Sandi Barr
 
TypeScript: Basic Features and Compilation Guide
TypeScript: Basic Features and Compilation GuideTypeScript: Basic Features and Compilation Guide
TypeScript: Basic Features and Compilation Guide
Nascenia IT
 
TypeScript Best Practices
TypeScript Best PracticesTypeScript Best Practices
TypeScript Best Practices
felixbillon
 
gRPC Overview
gRPC OverviewgRPC Overview
gRPC Overview
Varun Talwar
 
An Actor Model in Go
An Actor Model in GoAn Actor Model in Go
An Actor Model in Go
Weaveworks
 
Concurrency in Golang
Concurrency in GolangConcurrency in Golang
Concurrency in Golang
Oliver N
 
JS Event Loop
JS Event LoopJS Event Loop
JS Event Loop
Saai Vignesh P
 
Memory in go
Memory in goMemory in go
Memory in go
Iman Tunggono
 
인프콘 2022 - Rust 크로스 플랫폼 프로그래밍
인프콘 2022 - Rust 크로스 플랫폼 프로그래밍인프콘 2022 - Rust 크로스 플랫폼 프로그래밍
인프콘 2022 - Rust 크로스 플랫폼 프로그래밍
Chris Ohk
 
Spring Boot
Spring BootSpring Boot
Spring Boot
Jiayun Zhou
 
Easy, scalable, fault tolerant stream processing with structured streaming - ...
Easy, scalable, fault tolerant stream processing with structured streaming - ...Easy, scalable, fault tolerant stream processing with structured streaming - ...
Easy, scalable, fault tolerant stream processing with structured streaming - ...
Databricks
 
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
NHN FORWARD
 
Being Functional on Reactive Streams with Spring Reactor
Being Functional on Reactive Streams with Spring ReactorBeing Functional on Reactive Streams with Spring Reactor
Being Functional on Reactive Streams with Spring Reactor
Max Huang
 
gRPC: The Story of Microservices at Square
gRPC: The Story of Microservices at SquaregRPC: The Story of Microservices at Square
gRPC: The Story of Microservices at Square
Apigee | Google Cloud
 
Getting started with typescript
Getting started with typescriptGetting started with typescript
Getting started with typescript
C...L, NESPRESSO, WAFAASSURANCE, SOFRECOM ORANGE
 
Tips on High Performance Server Programming
Tips on High Performance Server ProgrammingTips on High Performance Server Programming
Tips on High Performance Server Programming
Joshua Zhu
 
Nestjs MasterClass Slides
Nestjs MasterClass SlidesNestjs MasterClass Slides
Nestjs MasterClass Slides
Nir Kaufman
 
Understanding and Improving Code Generation
Understanding and Improving Code GenerationUnderstanding and Improving Code Generation
Understanding and Improving Code Generation
Databricks
 
OO Design and Design Patterns in C++
OO Design and Design Patterns in C++ OO Design and Design Patterns in C++
OO Design and Design Patterns in C++
Ganesh Samarthyam
 
Spring Batch 2.0
Spring Batch 2.0Spring Batch 2.0
Spring Batch 2.0
Guido Schmutz
 
Switch to Backend 2023
Switch to Backend 2023Switch to Backend 2023
Switch to Backend 2023
Google Developer Students Club NIT Silchar
 
StrongLoop Overview
StrongLoop OverviewStrongLoop Overview
StrongLoop Overview
Shubhra Kar
 

Más contenido relacionado

La actualidad más candente

Easy, scalable, fault tolerant stream processing with structured streaming - ...
Easy, scalable, fault tolerant stream processing with structured streaming - ...Easy, scalable, fault tolerant stream processing with structured streaming - ...
Easy, scalable, fault tolerant stream processing with structured streaming - ...
Databricks
 
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
NHN FORWARD
 

La actualidad más candente (20)

Angular and The Case for RxJS
Angular and The Case for RxJSAngular and The Case for RxJS
Angular and The Case for RxJS
 
TypeScript: Basic Features and Compilation Guide
TypeScript: Basic Features and Compilation GuideTypeScript: Basic Features and Compilation Guide
TypeScript: Basic Features and Compilation Guide
 
TypeScript Best Practices
TypeScript Best PracticesTypeScript Best Practices
TypeScript Best Practices
 
gRPC Overview
gRPC OverviewgRPC Overview
gRPC Overview
 
An Actor Model in Go
An Actor Model in GoAn Actor Model in Go
An Actor Model in Go
 
Concurrency in Golang
Concurrency in GolangConcurrency in Golang
Concurrency in Golang
 
JS Event Loop
JS Event LoopJS Event Loop
JS Event Loop
 
Memory in go
Memory in goMemory in go
Memory in go
 
인프콘 2022 - Rust 크로스 플랫폼 프로그래밍
인프콘 2022 - Rust 크로스 플랫폼 프로그래밍인프콘 2022 - Rust 크로스 플랫폼 프로그래밍
인프콘 2022 - Rust 크로스 플랫폼 프로그래밍
 
Spring Boot
Spring BootSpring Boot
Spring Boot
 
Easy, scalable, fault tolerant stream processing with structured streaming - ...
Easy, scalable, fault tolerant stream processing with structured streaming - ...Easy, scalable, fault tolerant stream processing with structured streaming - ...
Easy, scalable, fault tolerant stream processing with structured streaming - ...
 
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
[2019] 바르게, 빠르게! Reactive를 품은 Spring Kafka
 
Being Functional on Reactive Streams with Spring Reactor
Being Functional on Reactive Streams with Spring ReactorBeing Functional on Reactive Streams with Spring Reactor
Being Functional on Reactive Streams with Spring Reactor
 
gRPC: The Story of Microservices at Square
gRPC: The Story of Microservices at SquaregRPC: The Story of Microservices at Square
gRPC: The Story of Microservices at Square
 
Getting started with typescript
Getting started with typescriptGetting started with typescript
Getting started with typescript
 
Tips on High Performance Server Programming
Tips on High Performance Server ProgrammingTips on High Performance Server Programming
Tips on High Performance Server Programming
 
Nestjs MasterClass Slides
Nestjs MasterClass SlidesNestjs MasterClass Slides
Nestjs MasterClass Slides
 
Understanding and Improving Code Generation
Understanding and Improving Code GenerationUnderstanding and Improving Code Generation
Understanding and Improving Code Generation
 
OO Design and Design Patterns in C++
OO Design and Design Patterns in C++ OO Design and Design Patterns in C++
OO Design and Design Patterns in C++
 
Spring Batch 2.0
Spring Batch 2.0Spring Batch 2.0
Spring Batch 2.0
 

Similar a Choisir entre une API RPC, SOAP, REST, GraphQL? 
Et si le problème était ailleurs ?

Implementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPCImplementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPC
Tim Burks
 
web2py:Web development like a boss
web2py:Web development like a bossweb2py:Web development like a boss
web2py:Web development like a boss
Francisco Ribeiro
 
Webinar september 2013
Webinar september 2013Webinar september 2013
Webinar september 2013
Marc Gille
 
REST - What's It All About? (SAP TechEd 2012, CD110)
REST - What's It All About? (SAP TechEd 2012, CD110)REST - What's It All About? (SAP TechEd 2012, CD110)
REST - What's It All About? (SAP TechEd 2012, CD110)
Sascha Wenninger
 

Similar a Choisir entre une API RPC, SOAP, REST, GraphQL? 
Et si le problème était ailleurs ? (20)

Switch to Backend 2023
Switch to Backend 2023Switch to Backend 2023
Switch to Backend 2023
 
StrongLoop Overview
StrongLoop OverviewStrongLoop Overview
StrongLoop Overview
 
Seattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js WorkshopSeattle StrongLoop Node.js Workshop
Seattle StrongLoop Node.js Workshop
 
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
apidays LIVE Hong Kong 2021 - GraphQL : Beyond APIs, graph your enterprise by...
 
apidays LIVE Australia 2020 - Have your cake and eat it too: GraphQL? REST? W...
apidays LIVE Australia 2020 - Have your cake and eat it too: GraphQL? REST? W...apidays LIVE Australia 2020 - Have your cake and eat it too: GraphQL? REST? W...
apidays LIVE Australia 2020 - Have your cake and eat it too: GraphQL? REST? W...
 
apidays LIVE Paris - GraphQL meshes by Jens Neuse
apidays LIVE Paris - GraphQL meshes by Jens Neuseapidays LIVE Paris - GraphQL meshes by Jens Neuse
apidays LIVE Paris - GraphQL meshes by Jens Neuse
 
Implementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPCImplementing OpenAPI and GraphQL services with gRPC
Implementing OpenAPI and GraphQL services with gRPC
 
apidays LIVE Helsinki - Implementing OpenAPI and GraphQL Services with gRPC b...
apidays LIVE Helsinki - Implementing OpenAPI and GraphQL Services with gRPC b...apidays LIVE Helsinki - Implementing OpenAPI and GraphQL Services with gRPC b...
apidays LIVE Helsinki - Implementing OpenAPI and GraphQL Services with gRPC b...
 
Serverless GraphQL for Product Developers
Serverless GraphQL for Product DevelopersServerless GraphQL for Product Developers
Serverless GraphQL for Product Developers
 
Up and Running with gRPC & Cloud Career [GDG-Cloud-Dhaka-IO/2022}
Up and Running with gRPC & Cloud Career [GDG-Cloud-Dhaka-IO/2022}Up and Running with gRPC & Cloud Career [GDG-Cloud-Dhaka-IO/2022}
Up and Running with gRPC & Cloud Career [GDG-Cloud-Dhaka-IO/2022}
 
web2py:Web development like a boss
web2py:Web development like a bossweb2py:Web development like a boss
web2py:Web development like a boss
 
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
 
Databasecentricapisonthecloudusingplsqlandnodejscon3153oow2016 160922021655
Databasecentricapisonthecloudusingplsqlandnodejscon3153oow2016 160922021655Databasecentricapisonthecloudusingplsqlandnodejscon3153oow2016 160922021655
Databasecentricapisonthecloudusingplsqlandnodejscon3153oow2016 160922021655
 
RESTful API-centric Universe
RESTful API-centric UniverseRESTful API-centric Universe
RESTful API-centric Universe
 
PostgreSQL 10; Long Awaited Enterprise Solutions
PostgreSQL 10; Long Awaited Enterprise SolutionsPostgreSQL 10; Long Awaited Enterprise Solutions
PostgreSQL 10; Long Awaited Enterprise Solutions
 
Webinar september 2013
Webinar september 2013Webinar september 2013
Webinar september 2013
 
High quality ap is with api platform
High quality ap is with api platformHigh quality ap is with api platform
High quality ap is with api platform
 
GraphQL across the stack: How everything fits together
GraphQL across the stack: How everything fits togetherGraphQL across the stack: How everything fits together
GraphQL across the stack: How everything fits together
 
Adding Rules on Existing Hypermedia APIs
Adding Rules on Existing Hypermedia APIsAdding Rules on Existing Hypermedia APIs
Adding Rules on Existing Hypermedia APIs
 
REST - What's It All About? (SAP TechEd 2012, CD110)
REST - What's It All About? (SAP TechEd 2012, CD110)REST - What's It All About? (SAP TechEd 2012, CD110)
REST - What's It All About? (SAP TechEd 2012, CD110)
 

Más de François-Guillaume Ribreau

REX LEAN- Créer un SaaS et être rentable après 6 mois
REX LEAN- Créer un SaaS et être rentable après 6 moisREX LEAN- Créer un SaaS et être rentable après 6 mois
REX LEAN- Créer un SaaS et être rentable après 6 mois
François-Guillaume Ribreau
 
⛳️ Votre API passe-t-elle le contrôle technique ?
⛳️ Votre API passe-t-elle le contrôle technique ?⛳️ Votre API passe-t-elle le contrôle technique ?
⛳️ Votre API passe-t-elle le contrôle technique ?
François-Guillaume Ribreau
 
He stopped using for/while loops, you won't believe what happened next!
He stopped using for/while loops, you won't believe what happened next!He stopped using for/while loops, you won't believe what happened next!
He stopped using for/while loops, you won't believe what happened next!
François-Guillaume Ribreau
 

Más de François-Guillaume Ribreau (17)

REX LEAN- Créer un SaaS et être rentable après 6 mois
REX LEAN- Créer un SaaS et être rentable après 6 moisREX LEAN- Créer un SaaS et être rentable après 6 mois
REX LEAN- Créer un SaaS et être rentable après 6 mois
 
⛳️ Votre API passe-t-elle le contrôle technique ?
⛳️ Votre API passe-t-elle le contrôle technique ?⛳️ Votre API passe-t-elle le contrôle technique ?
⛳️ Votre API passe-t-elle le contrôle technique ?
 
He stopped using for/while loops, you won't believe what happened next!
He stopped using for/while loops, you won't believe what happened next!He stopped using for/while loops, you won't believe what happened next!
He stopped using for/while loops, you won't believe what happened next!
 
Une plateforme moderne pour le groupe SIPA/Ouest-France 
Une plateforme moderne pour le groupe SIPA/Ouest-France Une plateforme moderne pour le groupe SIPA/Ouest-France 
Une plateforme moderne pour le groupe SIPA/Ouest-France 
 
[BreizhCamp, format 15min] Construire et automatiser l'ecosystème de son Saa...
[BreizhCamp, format 15min] Construire et automatiser l'ecosystème de son Saa...[BreizhCamp, format 15min] Construire et automatiser l'ecosystème de son Saa...
[BreizhCamp, format 15min] Construire et automatiser l'ecosystème de son Saa...
 
[BreizhCamp, format 15min] Une api rest et GraphQL sans code grâce à PostgR...
[BreizhCamp, format 15min] Une api rest et GraphQL sans code grâce à PostgR...[BreizhCamp, format 15min] Une api rest et GraphQL sans code grâce à PostgR...
[BreizhCamp, format 15min] Une api rest et GraphQL sans code grâce à PostgR...
 
RedisConf 2016 - Redis usage and ecosystem
RedisConf 2016 - Redis usage and ecosystemRedisConf 2016 - Redis usage and ecosystem
RedisConf 2016 - Redis usage and ecosystem
 
Implementing pattern-matching in JavaScript (full version)
Implementing pattern-matching in JavaScript (full version)Implementing pattern-matching in JavaScript (full version)
Implementing pattern-matching in JavaScript (full version)
 
Implementing pattern-matching in JavaScript (short version)
Implementing pattern-matching in JavaScript (short version)Implementing pattern-matching in JavaScript (short version)
Implementing pattern-matching in JavaScript (short version)
 
Automatic constraints as a team maturity accelerator for startups
Automatic constraints as a team maturity accelerator for startupsAutomatic constraints as a team maturity accelerator for startups
Automatic constraints as a team maturity accelerator for startups
 
Development Principles & Philosophy
Development Principles & PhilosophyDevelopment Principles & Philosophy
Development Principles & Philosophy
 
Les enjeux de l'information et de l'algorithmique dans notre société
Les enjeux de l'information et de l'algorithmique dans notre sociétéLes enjeux de l'information et de l'algorithmique dans notre société
Les enjeux de l'information et de l'algorithmique dans notre société
 
How I monitor SaaS products
How I monitor SaaS productsHow I monitor SaaS products
How I monitor SaaS products
 
Continous Integration of (JS) projects & check-build philosophy
Continous Integration of (JS) projects & check-build philosophyContinous Integration of (JS) projects & check-build philosophy
Continous Integration of (JS) projects & check-build philosophy
 
Introduction to Redis
Introduction to RedisIntroduction to Redis
Introduction to Redis
 
Approfondissement CSS3
Approfondissement CSS3Approfondissement CSS3
Approfondissement CSS3
 
Découverte HTML5/CSS3
Découverte HTML5/CSS3Découverte HTML5/CSS3
Découverte HTML5/CSS3
 

Último

call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
ayushiqss
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 

Último (20)

How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
ManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide Deck
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 

Choisir entre une API RPC, SOAP, REST, GraphQL? 
Et si le problème était ailleurs ?

  • 1. Choisir entre une API RPC, SOAP, REST, GraphQL? 
 Et si le problème était ailleurs ?
  • 2. François-Guillaume Ribreau — Architect & Head of development @Ouest-France 🌟 SaaS founder of _______ ____ MotionDynamic, Mailpopin 🚀 Trainer @EPSI_Nantes @UnivNantes 📢 Twitter/Github: @FGRibreau
  • 4. - pattern: procedure(arguments...): [result] - ~1980 - principle: simplest form of API interaction - goal: run a task on another address space - often requires an IDL (Interface Definition Language) - well-known implementations: - XML-RPC (XML to encode calls & HTTP as transport) - JSON-RPC (JSON to encode calls & HTTP as transport) - Thrift, gRPC, Avro... and *lots* of other implementation RPC - Remote Procedure Call client api procedure(arguments...) result
  • 5. - ~successor of XML-RPC - XML-based messaging framework - can work with any transport protocol (just need XML) - XML everywhere - IDL: WSDL, a schema of every available operations - 1998 (+18 yrs after RPC principle) - Spec WG closed on 10 July 2009 (+11 yrs) SOAP - Simple Object Access Protocol client api envelope(message(call)) envelope(message(response))
  • 6. - Roy Fielding, 2000 (20 yrs after RPC) - based on the uniform and predefined set of stateless operations from HTTP protocol - request/response - server-side data are made available through representations of data in simple formats (e.g. JSON, XML) - IDL: no schema required (state-of-the-art: OpenAPI) REST - Representational State Transfer client api HTTP request HTTP response
  • 7. More power on the client-side at request time GET /ressources/?fields=property1,property2 GET /ressources/:ressource_id?fields=property1,property2 (e.g. Google APIs, Facebook APIs) REST - Representational State Transfer client api HTTP request HTTP response
  • 8. GET /fql? q=SELECT+uid2+FROM+friend+WHERE+uid1=me()&a ccess_token=… FQL @ Facebook (2007) https://query.yahooapis.com/v1/public/yql? q=select title, link from rss where url='https://engt.co/2JyTaQP' &format=json &env=store://datatables.org/alltableswithkeys YQL @ Yahoo (2008)
  • 9. - Another RPC protocol (not a Graph db) - 3 verbs (in the REST sense): - fetch (implicit, read requests) - subscription (explicit, read streams) - mutation (writes requests) - introduce inversion of control between client & server - client only request needed data GraphQL client api HTTP request HTTP response
  • 18. Only for data persistence Without data persistence Mostly for data persistence (+ some MQueing) What kind of API do you write the most? ~90% of the time it's. just. CRUD.
  • 22. api.motiondynamic.tech Fast highly dynamic video generation at scale 🚀
  • 23. api SQLHTTP data (PostgreSQL) • HTTP request handling • Authentication • Authorization • Request Parsing • Request Validation • Database Communication • Database Response Handling (deserialization) • Output format serialization • HTTP Response Building Persistence API our job
  • 24. api SQLHTTP Persistence API TL;DR: HTTP <-> SQL mapping … with a lot of space for potential mistakes. our job data (PostgreSQL)
  • 25. Database Modelling 101 v1_0 schema authentication schema theme schema video schema …. view schemastored fn generations signIn signUp themes
  • 26. api (PostgREST) data (PostgreSQL) Persistence API <= our job #SSoT #DRY v1_0 schema client HTTP / REST / (JSON,CSV)
  • 28. Schema modelling public private v1_0 schema authentication schema theme schema video schema …. view schemastored fn projects signIn signUp Postgrest videos generations startVideoGeneration
  • 29. Read / Write requests (read, view) GET /themes (read, view) GET /videos (read, view) GET /generations (write, stored function) POST /rpc/signUp (write, stored function) POST /rpc/signIn (write, stored function) POST /rpc/startVideoGeneration DBv1_0 schema api (PostgREST)
  • 30. GET /themes?downloads=gte.1000&isMine=is.true GET /themes?select=downloads::text,name,description GET /stuff?metadata->a->>b=eq.2 GET /themes?select=id,name,generations{createdAt} &order=name.asc&generations.order=createdAt.desc How do you manage projection, filtering, ordering?
  • 31. Read / Write requests (read, view) GET /themes (read, view) GET /videos (read, view) GET /generations (write, stored function) POST /rpc/signUp (write, stored function) POST /rpc/signIn (write, stored function) POST /rpc/startVideoGeneration (write) POST /generations
  • 32. INSTEAD OF create trigger generations_mutation INSTEAD OF INSERT OR UPDATE OR DELETE ON v1_0.generations for each row execute procedure video.mutation_generations_trigger()
  • 33. Trigger create or replace function video.mutation_generations_trigger() returns trigger as $$ declare begin if (tg_op = 'DELETE') then -- delete generation return new; elsif (tg_op = 'UPDATE') then -- update generation return new; elsif (tg_op = 'INSERT') then -- create generation return new; end if; end; $$ security definer language plpgsql; pl/pgsql ? It's 2018: pl/v8 (javascript) - pl/python - pl/java - pl/tcl
  • 34. State-of-the-art API performance api data (PostgreSQL) client HTTP / REST / JSON deserialize db response serialize http JSON response serialize to internal representation
  • 35. API performance 🚀 api (PostgREST) data (PostgreSQL) client HTTP / REST / JSON serialize result to JSON “PostgreSQL JSON encoder is fast, it’s C fast. For a large JSON object graph PostgreSQL JSON generation can offer well over 12x the throughput. It can be 2x/10x faster than ActiveRecord or even 160x for large responses” https://hashrocket.com/blog/posts/faster-json-generation-with-postgresql
  • 36. Versioning public private v1_0 schema v2_0 schema authentication schema theme schema video schema …. view schemastored fn videos signIn signUp generations logIn signUp
  • 37. How do you manage authentication?
  • 38. How do you manage authorization? CREATE ROLE authenticator NOINHERIT LOGIN; CREATE ROLE anonymous; CREATE ROLE authenticated_user; GRANT anonymous, authenticated_user TO authenticator;
  • 39. How do you manage authorization? Row Level Security (PG 9.5+) ALTER TABLE video.generation ENABLE ROW LEVEL SECURITY; create policy generation_access_policy on video.generation to api -- a user can only see its own generations, admin can see everything using ( (request.user_role() = 'videoRequester' and user_id = request.user_id()) or request.user_role() = 'admin') -- only admin can change anyone generation data with check (request.user_role() = 'admin'); 3 lines of SQL Reliable security model (closed by default) Declarative Expressive
  • 41. How do you manage emails/3rd parties? pg_notify (PG 9.2+) http://bit.ly/2oNbaKy
  • 42. How do you manage emails/3rd parties? pg_notify (PG 9.2+) http://bit.ly/2JDCsQu
  • 43. Rate-limiting? Headers? Monitoring? Tracing? Custom-logic ? Respect the separation of concerns (that's what Service Mesh is all about btw) data api client user proxy (nginx/openresty | istio proxy | ...)
  • 44.
  • 45. How to manage documentation? OpenAPI (Swagger) format automatically extracted from schema
  • 46. How to manage code-reviews, tests? It’s just SQL. SQL unit test: pgTAP Functional tests: Supertest / Jest
  • 47. How to manage migrations? Full migration management sqitch/apgdiff
  • 48. How to build & deploy? local env. + docker 🐳 (watch + SQL auto-reload) Cloud (PostgreSQL + PostgREST + OpenResty) apply migrations rolling deploy PostgREST/OpenResty run unit & functional tests test migrations
  • 50. REST & GraphQL api (PostgREST + SubZero) data (PostgreSQL) <= our job #SSoT #DRY v1_0 schema client GraphQL ?
  • 51. subZero ❤ GraphQL & REST (PostgREST) API for your database
  • 53. PostgraphQL - A GraphQL API created by reflection over a PostgreSQL schema: NodeJS + PostgreSQL Prisma - Prisma turns your database into a realtime GraphQL API: Scala + MySQL/Postgres (upcoming: MongoDB, ElasticSearch) Graphql-engine - Instant GraphQL APIs on Postgres with fine grained access control: NodeJS + PostgreSQL
  • 54. Et si le problème était ailleurs ? API data (BDD) v1_0 schema client REST GraphQL Tomorrow?
  • 55. Free plans for Redis administration & monitoring at redsmin.com We are looking for Front-end Developers twitter.com/iadvizetech Questions? @FGRibreau No more server-side rendering pain, 1 url = 1 chart image-charts.com
  • 56. https://apple.github.io/foundationdb/transaction-manifesto.html Performance and scalability? We know of no practical limits to the scalability or performance of systems supporting transactions. When the movement toward NoSQL databases began, early systems, such as Google Bigtable, adopted minimal designs tightly focused on the scalability and performance. Features familiar from relational databases had been aggressively shed and the supposition was that the abandoned features were unnecessary or even harmful for scalability and performance goals. Those suppositions were wrong. It is becoming clear that supporting transactions is a matter of engineering effort, not a fundamental tradeoff in the design space. Algorithms for maintaining transactional integrity can be distributed and scale out like many other problems. Transactional integrity does come at a CPU cost, but in our experience that cost is less than 10% of total system CPU. This is a small price to pay for transactional integrity and can easily be made up elsewhere.
  • 57. I am quite convinced that in fact computing will become a very important science. (🐶💩) But at the moment we are in a very primitive state of development; we don't know the basic principles yet and we must learn them first. 
 If universities spend their time teaching the state of the art, they will not discover these principles and that, surely, is what academics should be doing. — Christopher Strachey, 1969 (49 yrs ago) (quote by Edsger W. Dijkstra) https://bit.ly/2pMI7aJ “ ”