Social media has been around for longer than you might think. While still at school and long before anyone had even heard the term “Facebook” (linked to a website), I used to run a Bulletin Board System (or BBS) . People would dial in to our house phone number, and they could access features in this system, which included such things as a “wall” – a term that is now familiar to anyone using Facebook and with a very similar idea. There was also a messaging network that allowed communication across other BBS, known as FidoNet (still running to this date).
While the BBS world was fun to be a part of, it was not a particularly scalable system, nor did it need to be; at my house, there was a single phone line, meaning that one person could access the board at a time (assuming no one was trying to use the phone to actually make a call – a limitation that frequently irked other members of my family). However, in recent years, social media has become much more popular.
At the time of writing, Facebook has almost 3 billion active users, Twitter around 350 million, and LinkedIn around 250 million.
In this chapter, we’re going to explore methods of dealing with this kind of extreme scalability, along with the cost of such architectures.
Background
We have been asked by an existing company, Get Moving, to create a social media platform. Get Moving is an international leisure company, with a series of gyms spanning the globe; they also have a successful suite of apps that allow people to follow exercise classes remotely. They would like a social media platform that allows users to interact with other members of the brand (whether that be members of the gym or just people that use the app).
Get Moving has 300 locations worldwide, with a total close to 3M members across the globe. They also have a further 2M people using their apps. Having spoken to the marketing director, he feels that the launch of this social media platform will double that figure, and he expects some users to use the service on a daily basis.
Requirements
Users should be able to post details of their workout along with a comment.
Other users should be able to reply or comment on these status updates.
There are no geographical restrictions on who can view the posts.
Should be massively scalable (initially, they expect around 20,000 users, but as they roll this out to the gym users, they quickly expect that to reach around 1M active users).
While they expect the updates to appear on the timeline of both the user that has posted the update and the user that has commented, this does not have to be instantaneous. Further, the order of comments is unimportant.
After further conversations, you come up with a wireframe example of what this might look like.
Those readers familiar with privacy laws may notice an issue with these requirements. Since this chapter is not concerned with those specific issues (as important as they may be), I’m going to ignore them, as doing so better serves the illustration; however, should you be faced with such a situation, you should ensure that your system does adhere to whatever rules are in place in the locale of your target audience.
Options
This set of requirements is, in fact, quite unique. When you typically speak to a client about their requirements for a system, they will not mention non-functional requirements , such as scalability. The reason is that they will assume that whatever functionality they ask for will be scalable, reliable, usable, extensible, secure, accessible, and all the other things that, as a software architect, you need to explicitly consider. The reason for this is that most modern systems are almost all of those things, out of the box. Taking ASP.NET as an example (since our example code is in .Net), you can create an ASP.NET website that will, with zero lines of code, be secure, usable, extensible, and accessible; depending on how you deal with the hosting, it can also be very scalable.
As the person designing the system, it then falls to you to identify if these requirements involve sacrifices elsewhere. The devil is in the details. What exactly do we mean by usable? What does reliable mean? Does it mean that the system should have zero downtime? Exactly what, about the system, would need to be extensible: Do the users of the system require the ability to extend the system, or do we just mean that a change to the functionality is quick and easy?
In truth, when we go to extremes with any of these nonfunctional requirements, we often sacrifice others. Let’s take making the system both usable and accessible as an example; should we need to make the system accessible to people with very poor eyesight, we may increase the size of controls and text, place fewer items on a screen, and perhaps incorporate some form of voice control; however, when you gave that system to a person with perfect eyesight, they may not describe the system as being usable.
In our case, the client has realized that their requirement of user numbers is not standard and therefore requires special mention. Our job at this stage is to highlight to them what, if anything, we would need to sacrifice in order to provide that scalability.
In previous chapters, we’ve approached the problem by first exploring what the system would look like without automation.
Manual Process
Admittedly, this scenario probably lends itself less to a manual process than any that we have discussed so far in this book; however, let’s complete the thought experiment and see where it leads.
Workout form
Here, we’re asking the user to populate the length of the workout, calories burned, comment, etc. We may then imagine that once this is posted, other users would add Post-it notes to the card. This seems to work well to an extent, but we have a problem with making this scalable: even within the same gym. For example, after a certain number of posts, the board would be full; further, the comments themselves would obstruct the posts.
Let’s imagine a slightly different scenario then: a printed sheet of the workouts for that week. After a member has completed their training, they would still fill out a card, but this time, they would hand the card to a member of staff in the gym. The cards would be piled up, and once every day, someone would type them up and print them out. We could follow a similar principle for comments: each time a member wished to comment, they would fill out a card and hand it to a member of staff, who would include the comments in the printout for the following day.
If we wanted to make this work for all the sites then we would, perhaps, have the member of staff post the comments to a central location, who would type out the posts and comments and send the sheets to every gym.
We did say initially that this would not lend itself to a manual process, but I suspect this mental picture will help when thinking about the design of the system.
CQRS
We’ve already discussed the concept of CQRS when we were looking at event sourcing in Chapter 2. However, in this case, we’re examining CQRS in its own right. Let’s first remind ourselves of what CQRS is, and then we can explore whether it will help us with our current problem.
CQRS stands for Command Query Responsibility Segregation . According to a 2011 post by Martin Fowler, this was something that was brought into the public domain by Greg Young.
The idea behind this pattern is, as the name suggests, that you segregate parts of your application that read data from those that write it. This provides some huge benefits, but it is far from without cost; we’ll explore both here.
Benefits
Typical DB access architecture
The data store in this case is very likely ACID compliant (see Chapter 3). What this means is that each time you write data to a table, the application (and the user) must wait while the data is written, indexes are updated, constraints are checked, etc. This process is lightning fast, and so it can manage a high throughput. At the same time, you’re reading information from those same tables and very possibly updating records too. Let’s have a look what our relational data structure might look like for our social media solution.
DB table structure
As posts are being written to the database, comments may be being added. As we’ve already said, modern databases are incredibly good at performing these types of tasks quickly, but when your user base gets to very big numbers, that might not be quickly enough. If that is the case, then we need to ask what we can do about that and what is important, and what is not.
DB structure using CQRS
You would then have an offline process that simply took the elements of the queue tables and wrote them to the Post and Comment tables. Although this does provide some benefit, more typically, the Command side writes to a different store.
I am very deliberately using the term “data store,” rather than database, the reason being that there are many viable places to store such data and they are not all in a typical database.
The principle here is simply that you read from a read-only location. The location that you write to is obviously not write-only, because you would never be able to extract that information, but effectively you write to a buffer location. It may be that you decide to combine this approach with event sourcing; however, you could simply have your write location as a message bus.
As with everything relating to software, this is a trade-off.
Drawbacks
Now that we’ve seen the benefits of using CQRS, let’s talk about the price that you pay. The first and most obvious drawback here is, in fact, the same as the benefit. That is, the benefit is that you have separated read and write functionality, and so you have decoupled perhaps the biggest constraint to scalability; the drawback is that you have separated read and write functionality, and so your data is no longer strongly consistent; that is, when you read data, you are not guaranteed that you have read the latest version of the data.
Consistency Models
Data consistency refers to the state of the data across the system. For example, if I make a change to the data, a system that is said to be strongly consistent would show the same data state to all the users of that system; additionally, the user that made that change initially should see that change reflected.
Strongly consistent
Not strongly consistent
Looking at Figure 4-6, it’s difficult (although not impossible – see the “Distributed Transactions” section in Chapter 3) to imagine a situation where that setup would be strongly consistent.
There are dozens of consistency models. In this section, I’m going to group them into three categories and cover a broad explanation of that category; however, in doing so, we will miss some of the nuance of the individual models.
Strong or Strict Consistency
As we’ve already alluded to, strongly consistent data is data that is reflected across an entire system in such a way that as the data is written, it is visible to all other parts of the system in the order in which it was written.
In this model, we pay a performance price in order the see the same view of the data across the system.
Sequential or Causal Consistency
In causal consistency, we no longer expect to see the data as it is written across the system; however, we do expect to see the data in the order in which it was written across the system. For example, if I write three pieces of data, [a, b, c], I would expect to see them written in that order.
In this model, we get better performance than with strong consistency, but we need to maintain the order; this means that an additional payload must travel with the data itself that gives a dependency graph of data. This, therefore, increases the amount of data being passed around and, in order to maintain the order, can result in blocking calls.
Weak or Eventual Consistency
The eventual consistency model allows a situation where I can write some data and that the data will be available for reading at some stage in the future, but in no guaranteed order.
Customer Record: Customer Id, Customer Address Id.
Customer Address Record: Address
In eventual consistency, we can have a situation where either the address exists without the customer or the customer exists without the address. In fact, the only guarantee that we have is that when we have finished processing (i.e., eventually), everything will be created correctly.
For our purposes, eventual consistency seems like an excellent option – if a post is made on the site, it doesn’t really matter if that post is not immediately visible, nor does it matter if the comments don’t appear at the instant they are posted.
Target Architecture
Target architecture
Looking at the diagram shown in Figure 4-7, we can see that we have a number of clients that both read and write from the data in the system; however, following a write (or a command in CQRS parlance), the data is unceremoniously dumped into a NoSQL database. As stated earlier in this chapter, it is not necessary to have a NoSQL database here per se, nor do you need a separate database: CQRS can work within a single database.
Once the data is written to the NoSQL store, a service is responsible for reading what’s in that store and writing that to a relational database.
It’s no accident that you’ll be feeling an overwhelming sense of déjà vu at this stage. Much of what we’re describing is very similar to the event sourcing that we discussed in Chapter 2. However, while the implementation details may be similar, the design principle is different; that is, in this chapter, we are separating the read and write access for the purpose of performance, whereas with event sourcing, we separate them out of necessity (i.e., you cannot – or at least should not - read from an event stream directly).
You may decide to add a message broker queue as a shock absorber for the service that picks up the data and converts it to relational data. This allows for adjustments to the flow if you find that it takes longer to write the data than to read it; however, in our case, the NoSQL database itself can act as a queue.
Finally, once we have the data in relational form, it can be queried by our client again.
Examples
In our example, we will use a local instance of MongoDB and a local instance of SQL Server. In fact, the architectural principle here requires neither of these specific databases, and so it should be cross applicable; however, while the SQL syntax would broadly work across most relational databases, the NoSQL syntax is specific to the Mongo API (or anything that emulates it, such as Cosmos).
I will continue on the assumption that an instance of SQL Server and an instance of MongoDB are installed locally on your machine. A full explanation of these databases falls beyond the scope of this chapter (and book); however, MongoDB can be found here: www.mongodb.com/, and SQL Server here: www.microsoft.com/en-gb/sql-server/sql-server-downloads.
While we do not need to create a schema for Mongo, we do need to create one for SQL Server.
Schema Creation
Schema Creation
The use of a Sequential GUID has some advantages over using a standard integer to index the table; however, as far as I’m aware, this is a SQL Server–only variable type. Should you decide to use a different RDBMS, just substitute this for an integer.
Looking at our target architecture, there are only two conceptual parts to it (excluding the databases); these are the Client and the Process Data Service.
Updating the Database
When deciding how we should update the database, there are some architectural decisions to consider.
Update a Local Version of the Database Directly
This approach uses the Mongo instance as a local cache – the instance of Mongo can be installed directly on the client machine, and the client can write to it directly.
As with any architectural decision, security should be considered. The security model here would be that that machine that hosts the website also hosts the MongoDB installation, meaning it would be protected via a firewall; however, at some stage, an application will need to transfer that information to the relational store that we are reading from. This can lead to decisions being made around servers and cloud providers that make this transition easier, cheaper, and safer.
This scenario works well in the case of the client being a website; the server side of the website may write directly to the MongoDB. The advantage here is that you get a much improved write speed; however, you couple your client directly to your database technology.
The archetypal example of why you should abstract access to a database is that you may wish to swap out your database provider. While this is a generally good practice (e.g., for testing), it’s very unlikely that you will ever really swap out the database provider.
The approach of having a local instance of Mongo breaks down where, for example, your client is a desktop client. Installing an instance of Mongo in this case would not be feasible in all the locations where your application is installed; this is also true for mobile applications – in which case, this would not only be impractical but also impossible.
While installing Mongo on every client is not feasible, there are other database and caching technologies that would make this possible. In Chapter 6, we discuss just such a scenario.
In our specific case, it seems to make more sense to call a web service to update the database.
Call a Web Service to Update the Database
Calling a web service is an excellent way to provide an abstraction layer on top of your data access, and it also means that you can deal with situations where your client and data are not co-located.
The term “client,” in this context, is used to refer to any process or set of processes that consume a service. In our case, the client may be a website; however, the term “client” is overloaded, in that the portion of a website that operates on the user’s machine is also “Client.”
Because you are securing your web service using some form of token-based authentication, you’re less likely to be faced with the same security issues as where you update the MongoDB directly.
Our use case requires that users be able to update this from mobile devices, and so we have little choice but to wrap our update in a web service.
Checking the Data
Check Posts and Comments
Listing 4-2 gives a SQL script that will display the posts, along with the count of comments next to them. This will be useful later on.
As with previous chapters, all the code can be found in the following GitHub repo:
Web Service
Since we need a web service, our first step is to create one to wrap the database update calls.
Update service
PostController.cs
CommentController.cs
Startup.cs
Let’s now discuss how we might access the MongoDB to update it – spoiler: this will essentially be filling in the methods that we’ve used before.
Accessing MongoDB
In order to access the MongoDB, we’re going to create a wrapper project.
A wrapper or proxy project or class is simply a way to insulate yourself from a third party. The idea is that your code calls the wrapper, and the wrapper, in turn, calls the third party. This gives you a number of advantages: should the third-party make a breaking change to some method, then you have only a single place to change that interaction; further, you can control the abstraction within your own project for the purpose of testing; and finally, you have a single place to log and debug issues with the third-party interaction.
MongoDBWrapper project
As you will see from Figure 4-9, we have a very simple project, consisting of an interface and implementation class.
As you’ll see from the code, the location of the MongoDB and the database name are hard-coded – this is done partly to simplify the example, but also for readability. Such values should not be stored in the code.
MongoDBWrapper.cs
I’ve listed these two methods together in Listing 4-6, as they, essentially, do the same thing – firstly, they instantiate an object (e.g., Comment or Post) with appropriate values. Following this, we get a typed collection from Mongo; that is, we ask the DB for a collection of Posts or Comments; and then, once we have one, we add to that collection and return the ID.
MongoDBWrapper.cs
In Listing 4-7, we can see that we first return the collection as before using the GetCollection method; then, instead of inserting, we call FindOneAndDeleteAsync; this takes the first record that it finds according to the criteria provided, returns the record, and then deletes it (so that we don’t re-read the record).
There are, essentially, two ways that you can process data in this way, and they both have advantages and disadvantages. The way that we’re using here reads and deletes the record and then writes that record to another location; the downside here is that if the system crashes between the two processes, the record may be lost. The alternative is to read the record, then write that to the destination system, and then delete it from the source; this has the advantage that no data is lost, but the downside is that it is slower – in some cases, much slower.
The next thing that we’ll need to do is to create our client application.
The Client
The client application, for this example, will simply be a console application. We’re basically going to call the web services – as we discussed earlier, given the required deployment model, we have little choice on this.
Program.cs
There’s quite a lot of code here, but it’s all very simple: we display the menu and then respond to the keypress. Options 1 and 2 create a single Post or Comment; option 3 creates a Post and then a Comment for that Post; options 4 and 5 are for the purpose of testing load, and they create many posts and comments.
Program.cs
The first thing we do here is use the HttpClientFactory to create an HttpClient object. The HttpClient object allows us to make HTTP calls outside of the application.
The HttpClientFactory provides several advantages over instantiating an HttpClient directly; however, the most important is that it prevents socket exhaustion: the issue here being that as an HttpClient is disposed of, it takes some additional time for the underlying socket to be released; using a factory pattern means that the same instance of the HttpClient can be reused.
Following this, we call PostAsync to invoke the HttpPost method of the controller.
You may notice a Debug.Assert( ) call. This is a mechanism to ensure that during development, certain things are true about your code; where they are not, the code will break (essentially, this functions as a conditional breakpoint).
Program.cs
From the code in Listing 4-10, we can see that the only real difference is that the CreateComment method accepts a parameter, which it passes to the /comment endpoint. Also, CreateComment does not return a value, whereas CreateSinglePost does; you’ll notice that we’re accepting this parameter as optional and, where it isn’t supplied, we pick a random Post.
The idea behind picking a random post is for testing purposes only. Clearly, if this were a real system, each comment would be attached to whichever post it was made about.
Program.cs
Listing 4-11 shows that when a post is created, we add that post to an in-memory list of posts.
The final piece of the puzzle is the offline process that reads from the MongoDB and writes that information to SQL Server.
Process Data Service
ProcessDataService
Program.cs
As we can see, all we’re doing here is establishing a SQL Server connection, an instance of the MongoDBWrapper, and passing both into a separate method: ReadPosts.
Program.cs
In Listing 4-13, we can see that the ReadPosts method is a loop that is exited only where GetNextPost returns null; that is, where there are no further posts available. Following this, a transaction is established (for more discussion on transactions, please see Chapter 3). We then insert the post into the SQL table and subsequently call ReadComments (see Listing 4-14). Following this, we commit the transaction.
It’s worth noting that, as we stated earlier, should the transaction fail and the code crash, the post that was read from the Mongo database would be lost; in our situation, we’ve made the decision that we can live with such data loss; however, many systems cannot live with data loss of any kind.
Program.cs
The ReadComments in Listing 4-14 method is very similar to the ReadPosts method that we saw earlier; we read the comments from the Mongo database and try to insert them into the relational database; we do this using the same transaction, meaning that the post and comments will either get written together or not at all.
As we’ve said, transactions are covered in more detail in Chapter 3; however, transactions, or at least transactions that span several operations, are not always an entirely good thing. It may be that if there were a system error, having the Post without the Comment may have value; it would certainly improve throughput to dispense of this transaction.
SQL Server data
Summary
We have focused heavily in this chapter on scalability, and we’ve paid a hefty price for it. The kind of scale that we’re talking about here is far beyond what an average system will need to deal with – in many cases, a CQRS system such as this would be overkill and simply add complexity. However, if used at the right time, it can help you to scale your system: especially when immediate consistency is not a restricting factor.
In this chapter, we’ve also covered using a NoSQL database as a kind of dump. This is another view on using CQRS, which is that you can allow the customer to leave the point of interaction (sale, purchase, or whatever) and just keep the raw transaction to process later. You can then do whatever you choose with that data at a later time. This particular facet is concerned more with performance (or at least perceived performance) than scalability – although it does relate to both.
If we return to our, by now familiar, trick of imagining a sale (for example) in a real-world scenario, writing a transaction to a SQL relational database would be akin to getting out a general ledger in front of the customer and entering their transaction in it, reconciling the VAT, and other accounts. Obviously, computers do these things quickly, so you may be able to do such things while they wait, but if you find that the checkout process is taking seconds, rather than milliseconds, then maybe it’s time to reconsider exactly what you’re asking the customer to wait for.