Glossary Flashcards
DNS
Domain Name System (DNS) is the phone book of the internet.
Web browsers interact through IP address. DNS translate domain names to IP address for browsers can load internet resources. Recursive and authoritative.
Crisp:-
https://d1.awsstatic.com/Route53/how-route-53-routes-traffic.8d313c7da075c3c7303aaef32e89b5d0b7885e7c.png
Detailed:-
https://s905060.gitbooks.io/site-reliability-engineer-handbook/content/a_day_in_the_life_of_a_web_page_request.html
Firewall
What :- A firewall is a hardware / software that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
Why :- First line of defense. Protect network from outside malicious attacks or unnecessary traffic.
Where :- Between network and gateway.
A firewall works like a traffic guard at your computer’s entry point, or port. Only trusted sources, or IP addresses, are allowed in. IP addresses are important because they identify a computer or source, just like your postal address identifies where you live.
Proxy Firewall Packet-filtering firewall Stateful inspection Firewall Unified threat management Firewall Next generation firewall NAT firewall - only if solicited. Threat focused Virtual
API gateway
What:- an API gateway is a API management tool that sits between client and collection of backend services.
Where :- After firewall before Backend API
Why :-
- Protect API from overuse, abuse. Apply authentication, rate limiting.
- Analytics and API monitoring.
- Monetize APIs - connect to billing system.
- Microservices - reverse proxy.
- Add new APIs / retire other.
- Policies, alerts, security.
Load Balancer
What :- load balancing refers to the process of distributing a set of tasks over a set of resources, with the aim of making their overall processing more efficient
Why:- ptimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle
Where :- Before server farm where same functionality is present on multiple nodes.
How:- (Weighted)Round robin, (Weighted)Least connection, Resource based, IP / URL Hash,
Types:-
Hardware - fast, efficient, costly.
Software - slow, cheap, customizable.
L4 - Transport level, TCP / UDP ports, Do not open packet.
L7 - Application level, HTTP headers, sessions data,
API gateway vs Load balancer
API Gateway provides a single entry point for a client for a number of different underlying APIs (system interfaces/web services/Rest APIs etc.)
Load Balancer provides facilitates load distribution for your application servers (where you may have deployed your microserivces/Rest APIs)
Web server
A web server accepts and fulfills requests from clients for static content (i.e., HTML pages, files, images, and videos) from a website. Web servers handle HTTP requests and responses only.
Application server
An application server exposes business logic to the clients, which generates dynamic content. It is a software framework that transforms data to provide the specialized functionality offered by a business, service, or application. Application servers enhance the interactive parts of a website that can appear differently depending on the context of the request.
Web server vs Application server
Web Server:-
- Deliver static content.
Content is delivered using the HTTP protocol only. - Serves only web-based applications.
No support for multi-threading. - Facilitates web traffic that is not very resource intensive.
Application Server:-
- Delivers dynamic content.
- Provides business logic to application programs using several protocols (including HTTP).
- Can serve web and enterprise-based applications.
Uses multi-threading to support multiple requests in parallel. - Facilitates longer running processes that are very resource-intensive.
Proxy server
What :- Proxy means “to act on behalf of another”
If you’re using a proxy server, traffic flows through the proxy server on its way to the address you requested. The request then comes back through that same proxy server (there are exceptions to this rule), and then the proxy server forwards the data received from the website to you.
why :- act as firewall, traffic filter, provide shared network connections, cache data.
Forward proxy :- Positioned in front of clients. Organizations use it. Hide the client IP, eg., VPN
Reverse proxy :- Positioned in front of web servers, Hide the backend.
VPN or Proxy
If you need to constantly access the internet to send and receive data that should be encrypted or if your company has to reveal data you must hide from hackers and corporate spies, a VPN would be a better choice.
If an organization merely needs to allow its users to browse the internet anonymously, a proxy server may do the trick. This is the better solution if you simply want to know which websites team members are using or you want to make sure they have access to sites that block users from your country.
A VPN is better suited for business use because users usually need secure data transmission in both directions. Company information and personnel data can be very valuable in the wrong hands, and a VPN provides the encryption you need to keep it protected. For personal use where a breach would only affect you, a single user, a proxy server may be an adequate choice. You can also use both technologies simultaneously, particularly if you want to limit the websites that users within your network visit while also encrypting their communications.
WebLogic server
Oracle WebLogic Server is a scalable, enterprise Java platform application server for Java-based web applications. WebLogic allows users to develop and deploy an application that has business logic and allows the application to access other services like database, messaging, or other enterprise systems.
CDN
What :- A content delivery network (CDN) refers to a geographically distributed group of servers which work together to provide fast delivery of Internet content.
Why :-
Improve website load times, reducing bandwidth costs, increase availability and redundancy, improve security.
Where :- across globe closed to users.
Types:-
Pull zone CDN :- A pull CDN automatically gets assets and files from your platform. It’s a reliable solution for storing small and medium-sized files.
push zone CDN :- A more fitting solution for the storage of larger files and static content. The main difference – you have to upload the files manually.
DDoS Attack
What :-
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
why:- Malicious intent
How:-
When a victim’s server or network is targeted by the botnet, each bot sends requests to the target’s IP address, potentially causing the server or network to become overwhelmed, resulting in a denial-of-service to normal traffic.
Performance vs Scalability
Performance is an indicator of how well a software system or component meets its requirements for timeliness. Timeliness is measured in terms of response time or throughput.
Performance issue if the system is slow for a single user.
Scalability is the property of a system to handle a growing amount of work by adding resources to the system.
Scalability issue if system is fast for single user but slow under heavy load.
Latency and throughput
Latency is the delay incurred between a request and it being fulfilled by a responding party.
Throughput expresses the amount of requests a responding party can handle per unit of time. Latency and throughput have a similar relation to that of performance and scalability.
