Comments on: The Architecture of LetMeGo.com http://blog.letmego.com/2008/10/the-architecture-of-letmegocom/ Wed, 07 Dec 2011 16:45:04 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Alexander Torrenegra http://blog.letmego.com/2008/10/the-architecture-of-letmegocom/comment-page-1/#comment-17 Alexander Torrenegra Fri, 20 Mar 2009 15:55:54 +0000 http://alextorrenegra.wordpress.com/2008/10/20/the-architecture-of-letmegocom/#comment-17 Julian Amaya also posted an interesting analysis of our architecture: http://julianbot.wordpress.com/2009/02/10/merrcury-engine-architecture-analysis/ Thank you Julian! Julian Amaya also posted an interesting analysis of our architecture: http://julianbot.wordpress.com/2009/02/10/merrcury-engine-architecture-analysis/

Thank you Julian!

]]> By: Alexander Torrenegra http://blog.letmego.com/2008/10/the-architecture-of-letmegocom/comment-page-1/#comment-16 Alexander Torrenegra Fri, 21 Nov 2008 02:48:00 +0000 http://alextorrenegra.wordpress.com/2008/10/20/the-architecture-of-letmegocom/#comment-16 I guess this post was made by Cal.Thanks a lot Cal! We will keep all your comments in mind :) - As a matter of fact, we already started using some of them. I guess this post was made by Cal.Thanks a lot Cal! We will keep all your comments in mind :) – As a matter of fact, we already started using some of them.

]]> By: Anonymous http://blog.letmego.com/2008/10/the-architecture-of-letmegocom/comment-page-1/#comment-15 Anonymous Sat, 08 Nov 2008 16:48:00 +0000 http://alextorrenegra.wordpress.com/2008/10/20/the-architecture-of-letmegocom/#comment-15 Hi Alex, first I have to say that I hadn't seen your other posts, so I don't understand the complete purpose of the architecture that you're proposing. However, based on what you're posting, I've got a few questions.The first one is what kind of technologies are you planning to use?It seems to me that the purpose of separating the 'subsystems' is that you can make them grow independently based on the load that they receive. Is it true? If true, then how are you going to manage load balancing there?You're going to use web-services for a lot of the communications. Are you going to use SOAP over HTTP? Have you considered its impact on efficiency (response-time, throughput, memory load, etc ... )? XML and SOAP as means of communication are very heavy. That's why it is used mostly in B2B scenarios, and not that much for internal communications between subsystems. Take a look at SOA architectures and evaluate whether it is best to pick other faster and lighter protocols of communication. On the other hand, Web Services are meant to provide advantages for evolution of the interfaces, so maybe you really want to sacrifice efficiency for flexibility.The Business Model Subsystems are going to be directly available for the Presentation Subsystems, or are you going to have some kind of middleware, such as an ESB?I know the figure is very high-level, but have you considered if you can introduce easily some kind of cache schema in case you need it for performance reasons?Have you considered security? There's no physical deployment information on your figure, but I imagine you're going to put everything away to prevent unauthorized access. However, with web-services you've got to be very careful as the WSDL provides a lot of information. There are several strategies to deal with security on web services, but, as always, there's a tradeoff: add extra security (WS-Security, Ciphered messages, Https, etc) and decrease performance. The following are some questions to consider about security taken from an IBM's Redbook called "Understanding SOA Security":- Are there applications or business services that need to be secured (do they provide access to confidential information)?- Are these services accessible from outside the enterprise environment? Are ther different security requirements for different access paths?- Do service requests cross security domains of the enterprise? Do policies need to be managed across security domains?- Are business partners allowed to access services from business partners using identities defined in their organization?- Are there composite services where a service can access other services for completing its task?- Is the auditing of services required for meeting compliance goals?Last question (maybe it's a dumb question in this particular context):What kind of strategies are you going to put in place to guarantee consistency in your whole system? Transactions? Remember that these kind of stuff add up on the WS-* stack and they have an impact on performance.Hope these questions help you!Best regards! Hi Alex, first I have to say that I hadn’t seen your other posts, so I don’t understand the complete purpose of the architecture that you’re proposing. However, based on what you’re posting, I’ve got a few questions.The first one is what kind of technologies are you planning to use?It seems to me that the purpose of separating the ’subsystems’ is that you can make them grow independently based on the load that they receive. Is it true? If true, then how are you going to manage load balancing there?You’re going to use web-services for a lot of the communications. Are you going to use SOAP over HTTP? Have you considered its impact on efficiency (response-time, throughput, memory load, etc … )? XML and SOAP as means of communication are very heavy. That’s why it is used mostly in B2B scenarios, and not that much for internal communications between subsystems. Take a look at SOA architectures and evaluate whether it is best to pick other faster and lighter protocols of communication. On the other hand, Web Services are meant to provide advantages for evolution of the interfaces, so maybe you really want to sacrifice efficiency for flexibility.The Business Model Subsystems are going to be directly available for the Presentation Subsystems, or are you going to have some kind of middleware, such as an ESB?I know the figure is very high-level, but have you considered if you can introduce easily some kind of cache schema in case you need it for performance reasons?Have you considered security? There’s no physical deployment information on your figure, but I imagine you’re going to put everything away to prevent unauthorized access. However, with web-services you’ve got to be very careful as the WSDL provides a lot of information. There are several strategies to deal with security on web services, but, as always, there’s a tradeoff: add extra security (WS-Security, Ciphered messages, Https, etc) and decrease performance. The following are some questions to consider about security taken from an IBM’s Redbook called “Understanding SOA Security”:- Are there applications or business services that need to be secured (do they provide access to confidential information)?- Are these services accessible from outside the enterprise environment? Are ther different security requirements for different access paths?- Do service requests cross security domains of the enterprise? Do policies need to be managed across security domains?- Are business partners allowed to access services from business partners using identities defined in their organization?- Are there composite services where a service can access other services for completing its task?- Is the auditing of services required for meeting compliance goals?Last question (maybe it’s a dumb question in this particular context):What kind of strategies are you going to put in place to guarantee consistency in your whole system? Transactions? Remember that these kind of stuff add up on the WS-* stack and they have an impact on performance.Hope these questions help you!Best regards!

]]>