General development Flashcards
What is docker?
- Containerization Platform: allows developers to create, deploy, and run applications in containers.
- Containers: are lightweight, standalone, and executable software packages that include everything needed to run a piece of software, including the code, runtime, system tools, libraries, and settings.
- Isolation: Containers run in isolation from each other, ensuring each application has its own dependencies and configuration.
- Portability: Docker containers run consistently across different environmentse.g. development, testing, and production.
- Microservices: Docker is commonly used to implement microservices architectures, where each service runs in its own container.
Why use docker?
- Consistency: ensures applications run consistently across different environments by packaging all dependencies in containers.
- Isolation: Containers run in isolation, preventing conflicts between applications and allowing for better resource utilization.
- Microservices: facilitates microservice architectures, making it easier to develop, deploy, and scale individual services independently.
- DevOps: Docker supports DevOps practices by enabling continuous integration, continuous delivery, and infrastructure as code.
- Ecosystem: has a vibrant ecosystem with a wide range of tools, images, and community support.
What are kuberntes?
- an open-source platform for automating the deployment, scaling, and management of containerized applications (container orchestration)
- organizes containers into clusters, which are groups of nodes (machines) that work together to run applications.
- containers are grouped into pods, which are the smallest deployable units. Pods can contain one or more containers.
- Kubernetes can automatically scale applications based on demand, adding or removing pods as needed.
- provides service discovery and load balancing, allowing applications to communicate with each other and distribute traffic
What is CI/CD?
- Continuous Integration (CI): the practice of automatically integrating code changes from multiple contributors into a shared repository, followed by automated testing.
- Continuous Delivery (CD): the practice of automatically deploying code changes to production or staging environments after passing CI tests
- Automation: CI/CD relies on automation to build, test, and deploy code changes quickly and consistently.
- Pipeline: CI/CD processes are organized into pipelines, which are sequences of automated steps that take code from development to production.
- Feedback Loop: CI/CD provides a fast feedback loop, allowing developers to identify and fix issues early in the development process.
Why use CI/CD?
- enables faster and more frequent releases
- Automated testing helps ensure code quality and reduces the risk of defects reaching production.
- provides immediate feedback on code changes, allowing developers to identify and fix issues early.
What Is Load Balancing?
A simple technique for distributing workloads across multiple machines or clusters. The most common load balancing algorithm is Round Robin where requests are divided in circular order ensuring all machines get equal number of requests and no single machine is overloaded or underloaded.
The Purpose of load balancing is to
- Optimize resource usage (avoid overload and under-load of any machines)
- Achieve Maximum Throughput
- Minimize response time
What are we sockets and why use them over Http?
A WebSocket is a continuous connection between client and server. That continuous connection allows the following:
- Data can be sent from server to client at any time, without the client even requesting it. This is often called server-push and is very valuable for applications where the client needs to know fairly quickly when something happens on the server (like a new chat messages has been received or a new price has been udpated). A client cannot be pushed data over http. The client would have to regularly poll by making an http request every few seconds in order to get timely new data. Client polling is not efficient.
- Data can be sent either way very efficiently. Because the connection is already established and a webSocket data frame is very efficiently organized, one can send data a lot more efficiently that via an HTTP request that necessarily contains headers, cookies, etc…
What do you mean by lower latency interaction?
Low latency means that there is very little delay between the time you request something and the time you get a response
What Is Scalability?
The ability of a system or process to handle a growing amount of load by adding more resources. The adding of resource can be done in two ways:
- Scaling Up: adding more resources to the existing nodes
- Scaling Out: adding more nodes to support more users.
Any of the approaches can be used for scaling up/out a application, however the cost of adding resources (per user) may change as the volume increases. If we add resources to the system It should increase the ability of application to take more load in a proportional manner of added resources.
Why Do You Need Clustering?
Clustering is needed for achieving high availability for a server software. The main purpose of clustering is to achieve 100% availability or a zero down time in service. A typical server software can be running on one computer machine and it can serve as long as there is no hardware failure or some other failure. By creating a cluster of more than one machine, we can reduce the chances of our service going un-available in case one of the machine fails.
Doing clustering does not always guarantee that service will be 100% available since there can still be a chance that all the machine in a cluster fail at the same time. However it in not very likely in case you have many machines and they are located at different location or supported by their own resources.
What is Elasticity (in contrast to Scalability)?
Elasticity means that the throughput of a system scales up or down automatically to meet varying demand as resource is proportionally added or removed. The system needs to be scalable to allow it to benefit from the dynamic addition, or removal, of resources at runtime. Elasticity therefore builds upon scalability and expands on it by adding the notion of automatic resource management.
What is an API?
- Interface for Interaction: API stands for Application Programming Interface, and it serves as a set of rules and protocols for building and interacting with software applications.
- Data Exchange: APIs allow different software entities to communicate with each other by exchanging data and functionality without requiring the user to intervene.
- Abstraction: APIs provide an abstract interface to a system, allowing for secure and controlled access to its features.
- Interoperability: APIs enable different systems, regardless of their internal architectures, to work together and share data and processes.
- Types: APIs can be categorized into various types, such as web APIs, operating system APIs, and library APIs, among others.
What is a RESTful API?
- HTTP Methods: RESTful (Representational State Transfer) APIs use standard HTTP methods like GET, POST, PUT, and DELETE for interactions.
- Stateless: Each request from a client to a server must contain all the information needed to understand and process the request, making the API stateless.
- Resource-Based: In RESTful APIs, the focus is on resources, which are represented as URLs. Operations are performed on these resources using HTTP methods.
- JSON or XML: RESTful APIs commonly use JSON (JavaScript Object Notation) or XML (eXtensible Markup Language) for structuring data in the message body.
- Scalability and Performance: RESTful APIs are designed to be stateless and cacheable, which helps in scaling the application and improving performance.
What is Object-Oriented Programming (OOP)?
Object-Oriented Programming (OOP) is a programming paradigm that organizes software design around data, or objects, rather than functions and logic. It focuses on encapsulating both data and the functions that operate on that data within the same unit, known as an object. OOP allows for code reusability through inheritance, where new classes can be created based on existing ones. It also enables polymorphism, where objects of different types can be treated as objects of a common type, and abstraction, which simplifies complex systems by exposing only essential features. This approach makes it easier to manage and maintain code, promoting modularity and a clear structure
- Encapsulation: OOP allows for the bundling of data and methods that operate on that data within a single unit called an “object.”
- Inheritance: OOP enables the creation of new classes based on existing classes, inheriting attributes and behaviors, and allowing for code reuse.
- Polymorphism: OOP allows objects of different types to be treated as objects of a common type, enabling a single interface to represent different implementations.
- Abstraction: OOP provides a way to hide the complex reality while exposing only the essential features of an object, making it easier to understand and work with.
- Classes and Objects: In OOP, a class defines the blueprint for creating objects, and objects are instances of classes.
- Method Overriding: OOP allows derived classes to provide specific implementations of methods that are already defined in their base classes.
- Constructors and Destructors: OOP languages often include special methods for initializing and cleaning up objects.
- Access Control: OOP provides mechanisms to control access to object attributes, typically through public, private, and protected access modifiers.
- Modularity: OOP promotes modularity and code organization, making it easier to manage and maintain large software projects.
- Design Patterns: OOP provides a foundation for various design patterns, which are solutions to common software design problems.
How can you ensure the security of an API?
Authentication and Authorization:
- Authentication: Verifying the identity of the caller using mechanisms like OAuth, JWT, or API keys.
- Authorization: Ensuring the authenticated user has the right permissions to perform an action.
Data Protection:
- Input Validation: Checking and sanitizing input data to prevent injections or malicious data.
- HTTPS: Encrypting data in transit using SSL/TLS to prevent eavesdropping and man-in-the-middle attacks.
Rate Limiting and Throttling:
- Implementing controls to prevent abuse by limiting the number of API calls from a user or IP, ensuring fair usage and preventing DoS attacks.
