Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Qype API - Lessons learned

Matthias Käppler
August 04, 2012
Technology
2
150

Qype API - Lessons learned

For Hamburg OnRuby and Hamburg Mobile DevCamp. A retrospective on building the Qype service API and lessons learned.

Matthias Käppler

August 04, 2012
Tweet

More Decks by Matthias Käppler

See All by Matthias Käppler
Going Reactive - An Architectural Journey
mttkay
11
24k
Reactive SoundCloud - Tackling complexity in large applications
mttkay
35
4k
Conquering concurrency - bringing the Reactive Extensions to the Android platform
mttkay
40
5.9k
Calculon - A Java DSL for Android functional testing
mttkay
1
280
Hands on the Gradle
mttkay
1
180
Testing Android with Open Source
mttkay
0
71
Secure Web services with OAuth
mttkay
3
100

Other Decks in Technology

See All in Technology
ChatGPTがもたらす新しいチーム開発の現場
satoshirobatofujimoto
0
170
「Go Style Guide」から学んだ可読性の高いコードの書き方
andpad
5
2.1k
CyberAgent AI事業本部MLOps研修基礎編
hosimesi11
2
460
これから始める継続的インテグレーション - GitHub Actions編
devops_vtj
0
150
社内でChatGPTを利用するためのガイドラインを整備した話
yoshikieguchi
0
990
TrivyでAWSセキュリティをシフトレフトしよう
bitkey
PRO
1
560
無理なく始めるGoでのユニットテストの並行化戦略
shohata
1
170
ChatGPTを活用した 便利ツールの紹介
hankehly
0
380
フルComposeでTVアプリを作った話
sasakitomohiro
0
270
ChatGPTとこころを整理してみる
nagauta
0
360
ブロックテーマでどう変わる?新しいWordPressのWebサイト制作
tbshiki
0
140
net/http/httptest.Server のアプローチをテスト戦略に活用する / Go Conference 2023
k1low
4
200

Featured

See All Featured
Typedesign – Prime Four
hannesfritz
34
1.6k
Statistics for Hackers
jakevdp
787
210k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
3
540
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
130
8.9k
Music & Morning Musume
bryan
37
4.8k
Build your cross-platform service in a week with App Engine
jlugia
222
17k
How GitHub (no longer) Works
holman
299
140k
How To Stay Up To Date on Web Technology
chriscoyier
779
250k
YesSQL, Process and Tooling at Scale
rocio
158
13k
Automating Front-end Workflow
addyosmani
1352
200k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
3.7k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
13k

Transcript

  1. Qype  API:  Lessons  Learned  
    A  retrospec3ve  on  REST-­‐ful  API  design  
     
    July  2012  
    MaDhias  Käppler  
    Qype  GmbH  

    View Slide

  2. A  brief  history...  
    •  Qype’s  API  is  deployed  as  a  RoR  2.3  app  
    •  Online  since  end  of  2008  
    •  Primary  purpose  was  serving  the  iOS  app  
    •  Strictly  REST-­‐ful,  small  feature  set  
     
    GET http://api.qype.com/v1/places/1

    View Slide

  3. Architecture  
    DB  
    SOLR  
    API  app  
    Model  
    Mappings  
    Controllers  
    Website  app  
    AR  Models  
    Search  
    Logic  
    Search  
    Logic  
    SOLR  Ruby  bindings  
    Serializers  

    View Slide

  4. Today  
    •  Load  ~60M  req/month  
    •  ~2000  registered  consumers  
    •  99%  of  traffic  caused  by  0.01%  of  consumers  
    •  Consumers  vastly  differ  in  requirements  
    •  REST  paradigm  broken  up  in  many  places  

    View Slide

  5. Today  (cont.)  
    •  Over  the  years,  complexity  grew  with  the  
    requirements  
    – More  feature  rich  mobile  apps  
    – MORE  mobile  apps  
    – More  diverse  API  consumers  
    •  The  result?  

    View Slide

  6. Feature  creep  

    View Slide

  7. Prolifera3on  

    View Slide

  8. What  you  end  up  with  

    View Slide

  9. So  what’s  the  point?  

    View Slide

  10. API  design  is  hard.  

    View Slide

  11. Service  APIs  vs.  Websites  
    •  Mistakes  in  API  design  are  not  forgiven!  
    – Client  lock-­‐in  
    •  Clients  can  differ  vastly  
    – Mobile  app  vs.  Web  mash-­‐up  
    •  Authen3ca3on  and  access  control  
    – An  API  is  meant  to  access  your  core  data  by  design  
    •  Performance  maDers  (even  more)  

    View Slide

  12. How  can  we  fix  all  that?  

    View Slide

  13. Mistakes  in  API  design  are  not  
    forgiven.  
     
    No,  but...  

    View Slide

  14. Versioning.  

    View Slide

  15. Versioning  
    •  Granularity  
    – service  vs  endpoint  versioning  
    •  Architecture/deployment  
    – One  app  per  version?  
    •  E.g.  qype-­‐api-­‐v2  
    – One  engine  per  version?  
    •  E.g.  app/engines/v2  
    – One  class  per  version?  
    •  E.g.  app/controllers/resource_controller_v2.rb  

    View Slide

  16. Versioning  (cont.)  
    •  Tes3ng?  
    – i.e.  to  which  version  does  a  test  apply?  
    •  Code  sharing  vs.  code  duplica3on?  
    – i.e.  not  all  routes  may  change  with  an  increment  
    •  Also  affects  caching  etc.  
    •  Gems:  
    – hDps://github.com/bploetz/versionist  
    – hDps://github.com/filtersquad/rocket_pants  

    View Slide

  17. Clients  can  differ  vastly.  

    View Slide

  18. Build  abstrac3ons  for  things  that  
    change.  

    View Slide

  19. Modularity.  

    View Slide

  20. A  modular  architecture  
    Core  API  
    Apps  AAL   Partner  AAL  
    Standard  API  
    consumers  
    Partner  1   Partner  N  
    App  1   App  N  

    View Slide

  21. (Modularity.)  
     
    REST.  

    View Slide

  22. Seriously.  

    View Slide

  23. Why  REST?  
    •  Keeps  the  interface  lean  and  mean  
    •  Shared  understanding  of  ac3ons  
    •  Makes  a  system  connected  
    •  Makes  responses  cacheable  
    •  It’s  SIMPLE!  

    View Slide

  24. But:  simple  can  be  bad!  
    •  Our  apps  are  not  simple  
    •  Hence,  a  simple  API  is  not  always  suitable  
    •  REST  paradigm  can  be  sokened  on  an  AAL  
    – Batch  requests  
    – {  “requests”:  [  
       {  “method”:  “get”,  “uri”:  “hDp://...”  }  
       ...  
    ]  }  

    View Slide

  25. (Modularity.)  
     
    Resource  mapping.  

    View Slide

  26. Resource  mapping  
    •  Qype  API  employs  custom  resource  mapper  
    •  Goal:  
    – Map  AR  models  to  intermediate  format,  then  
    serialize  
    – Review.first.to_api(:hash)  
    •  Gems:  
    – hDps://github.com/rails/jbuilder/  
    – hDps://github.com/nesquena/rabl  

    View Slide

  27. (Modularity.)  
     
    Serializa3on.  

    View Slide

  28. json  >>  xml.  

    View Slide

  29. Authen3ca3on  &  access  control.  

    View Slide

  30. OAuth?  
     
     
     
    Leave  the  complexity  to  established  
    Web  technology.  

    View Slide

  31. Performance.  

    View Slide

  32. Caching,  caching,  caching.  

    View Slide

  33. Don’ts  and  Do’s.  

    View Slide

  34. Don’t:  
    GET  hDp://yourapi.com?consumer=x  
    if consumer == x

    ...

    end

    View Slide

  35. Don’t:  
    GET  hDp://yourapi.com/resource?a=1  
    “resource”: {

    “a+1”: 2
    }

    View Slide

  36. Don’t:  
    POST  hDp://yourapi.com/resource.json  
    field  missing  

    View Slide

  37. Do:  
     
     
     
    Be  consistent  with  API  status  codes.  

    View Slide

  38. Do:  
     
     
     
    Expect  bad  request  parameters.  

    View Slide

  39. Do:  
     
     
     
    Support  par3al  updates  (PATCH).  

    View Slide

  40. Do:  
     
     
     
    PREPARE  FOR  CHANGE!  

    View Slide

  41.  
     
     
    Outlook.  

    View Slide

  42. Acceptance  tes3ng  
    •  Crea3ng  an  acceptance  test  suite  for  a  service  
    API  is  not  simple  
    •  Recommended  for  deep  end-­‐2-­‐end  tests  
    •  Test  set-­‐up  /  tear-­‐down  
    •  RSpec  +  consumer  subjects  

    View Slide

  43. Documenta3on  
    •  Bad:  put  away  in  a  wiki  
    •  Good:  close  to  the  code  
    •  BeDer:  is  part  of  the  code  
    – Leverage  REST  representa3ons  
    – Self-­‐documen3ng  API  code  

    View Slide

  44.  
     
     
    Thanks!  

    View Slide