The Backend Engineering Show with Hussein Nasser

ARP Address Resolution Protocol is a protocol that maps IP address to a mac address so hosts can be addressed. I want to make a video explaining ARP because it is starting to surface a lot in different videos that I’m making such as man in the middle, load balancing, and security.  

In this video I want to go through what really happens under the hood when you type google.com and you hit enter in a browser. This is inspired by alex’s github page below, it is a great detailed description of what happens. I did however add more details to certain areas and I removed some stuff like keyboard events and low level operating system like that. So if you are interested stay tuned! https://github.com/alex/what-happens-when 5:30 HSTS https://youtu.be/kYhMnw4aJTw 19:30 tcp vs udp https://youtu.be/qqRYkcta6IE 24:42 tls https://youtu.be/AlE5X1NlHgg 40:56 mimesniffing https://youtu.be/eq6R6dxRuiU Initial typing - lookup for most visited sites or an actual search Google.com Enter - parse is it a url or search term? If search do a search if url visit website Which protocol? which port ? HSTS? HTTPS or HTTP? DNS cached? Hosts? DoH? Lookup ? TCP ip / port ? arp? NAT? proxy? HTTP 1.1 ? More than one connection TLS version? ciphers? Alpn? SNI ? H2 ? H3? Quic? GET / - ? Headers compress cookies? binary stream? HTML? H2 push? HTML Parse? Make multiple requests css? JS? Multiple streams? If H1 then pipeline?

Failover is the technique of switching to a redundant backup machine when a certain node goes down. This is a very common implementation for achieving high availability and it is often mixed with different load balancing techniques such as layer 4 and layer 7 balancing.  In this video i want to go through following  * What is Failover? 1:47
 * ARP - Address Resolution Protocol 3:00
 * VIP & VRRP 5:40
 * High-availability Example 12:12
  Cards 4:00 ARP 12:50 docker javascript 18:00 OSI Model

HAProxy is free, open source software written in C that provides a high availability  layer 4 and layer 7 load balancing and proxying . It has a reputation for being fast and efficient (in terms of processor and memory usage). In this video I want discuss the following Current & Desired Architecture 2:30 HAProxy Architecture  5:50 HAProxy as TCP Proxy & HTTP Proxy (Layer 4 vs Layer 7) 17:00 ACL (Access Control Lists) 19:20 TLS Termination vs TLS Pass Through 20:40 Example 24:23 Spin up the services 25:51 Install HAProxy - 28:00 HAProxy configuration 29:11 ACL Conditional 39:00 ACL Reject URL 48:00 Enable HTTPS HAProxy 53:00 Enable HTTP/2 on HAProxy 1:05:30 Summary Cards Docker Javascript node 4:00 Varnish 15:46 NAT 23:30 Docker Javascript node 26:00 Encryption 56:00 TLS 56:10 HTTP2 1:08:40 Source Code for Application HAProxy config https://github.com/hnasr/javascript_playground/tree/master/proxy Docker application https://github.com/hnasr/javascript_playground/tree/master/docker resources https://www.haproxy.com/blog/the-four-essential-sections-of-an-haproxy-configuration/ https://www.haproxy.com/documentation/aloha/10-0/traffic-management/lb-layer7/acls/#predefined-acls https://certbot.eff.org/lets-encrypt/osx-nginx

HSTS or HTTP Strict Transport Security is a mechanism to force clients to communicate in HTTPS with a web server if both support this protocol.   In this podcast, I talk through this tech.

Database engines or storage engines or sometimes even called embedded databases is software library that a database management software uses to store data on disk and do CRUD (create update delete) Embedded means move everything in one software no network client server. In this video I want to go through the few popular database engines, explain the differences between them and finally I want to spin up a database and change its engine and show the different features on each engine Timecodes What is a database Engine 3:00 myISAM 9:43 Aria 16:30 InnoDB 19:00 XtraDB 25:30 LevelDB 27:40 RocksDB 34:00 SQLite 38:11 BerkelyDB 42:00 Demo! 47:11 Cards ACID 4:30 mysql/javascript 56:17 Resources https://youtu.be/V_C-T5S-w8g https://mariadb.com/kb/en/library/changes-improvements-in-mariadb-102/ https://mariadb.com/kb/en/library/why-does-mariadb-102-use-innodb-instead-of-xtradb/ https://github.com/facebook/rocksdb/wiki/Features-Not-in-LevelDB https://mariadb.com/kb/en/library/aria-storage-engine/ Best of MyISAM and InnoDB What is the performance impact of using CHAR vs VARCHAR on a fixed-size field? MySQL :: MySQL 8.0 Reference Manual :: 15.6.2.1 Clustered and Secondary Indexes Why Uber Engineering Switched from Postgres to MySQL | Uber Engineering Blog

Database Sharding Crash Course (with Postgres examples) Database sharding is process of segmenting the data into partitions that are spread on multiple database instances to speed up queries and scale the system. What is sharding? sharing key / partition key Consistent Hashing Horizontal partitioning vs Sharding Example Pros and cons What is Sharding? 1:30 Consistent Hashing 4:50 Horizontal partitioning vs Sharding 7:36 Example 8:45 Spin up Docker Postgres Shards 10:02 Write to the shard 17:25 Read from the Shard 39:20 Pros & Cons 51:10 Cards Postgres pgadmin Docker 8:54 Postgres Javascript 18:18 URL vs Query param 22:30 CORS 29:30 sql injection 42:40 Source Code https://github.com/hnasr/javascript_playground/tree/master/sharding Docker commands (including pgadmin) https://github.com/hnasr/javascript_playground/blob/master/sharding/shards/commands.txt Dockerfile & init.sql https://github.com/hnasr/javascript_playground/tree/master/sharding/shards Horizontal partitioning vs Sharding HP same database instance so you can still join sharding across instances (different server) Pros Extreme scale rdbms Optimal and Smaller index size Cons Transactions across shards problem Rollbacks Schema changes Complex client (aware of the shard) Joins Has to be something you know in the query Example URL shortener create table CREATE TABLE public.test1 ( id serial NOT NULL primary key, url text, url_id character(5) ) Spin up 3 instances p1 P2 P3 post get

Varnish is a reverse proxy web accelerator  Written in C designed to improve HTTP performance by using server side caching. In this video I’m going to go through how Varnish works, we will spin up a Varnish docker container and finally talk about the pros and cons of this tech. Agenda Classic HTTP Architecture How Varnish Works? HTTP Setup - Varnish HTTPS Setup - Varnish with Caddy as TLS Terminator. Varnish Pros & Cons Summary Pros Cache & prefetching documents Resolve DNS hostnames in documents Rewrite scripts to optimize code Load Balancing Backend Connection Pooling Varnish Modules (VMODS, e.g. rewrite headers) Edge side includes (personalized dynamic page) Cons Cache Invalidation Only works on unencrypted HTTP For HTTPS frontend, terminate TLS For HTTPS backend, no solution in Varnish open source Can’t cache POST requests (e.g. GraphQL queries) HTTP/2 backends won’t benefit docker commands docker run --name varnish -p 8080:80 varnish docker cp default.vcl varnish:/etc/varnish default.vcl vcl 4.0; backend default { .host = "husseinmac"; .port = "2015"; } timecodes Classic HTTP Architecture : 1:53 How Varnish Works 3:50 Demo HTTP 7:50 Demo HTTPS 18:23 Varnish Pros 28:43 Varnish Cons 39:26 Cards: Connection Pooling 2:15 https://www.youtube.com/watch?v=GTeCtIoV2Tw Layer 4 vs Layer 7 Load balancing 6:25 https://www.youtube.com/watch?v=aKMLgFVxZYk GET vs POST 6:48 https://www.youtube.com/watch?v=K8HJ6DN23zI Postgres NodeJS Chrome 8:23 https://www.youtube.com/watch?v=0JNq46eFuOM Redis 46:13 https://www.youtube.com/watch?v=sVCZo5B8ghE TLS Termination 49:35 https://www.youtube.com/watch?v=H0bkLsUe3no tags: varnish http accelerator, varnish pros and cons, varnish with https, varnish disadvantages Resources edge side includes https://www.fastly.com/blog/using-esi-part-1-simple-edge-side-include Cache invalidation varnish https://www.smashingmagazine.com/2014/04/cache-invalidation-strategies-with-varnish-cache/ ——

short is a major revision of the hyper text transfer protocol that improves the performance of the web. It uses a binary protocol and multiplexing. In this video I want to go through how HTTP/2 works, its pros and cons and show the performance difference between HTTP 1.1 and HTTP/2 Http/1 request has to wait for a response And if you used up your connection response you can send anything else. Source Code: https://github.com/hnasr/javascript_playground/tree/master/staticpage So hack ! 6 tcp connections Pros One connection Multipex Push ( have to enable) Hpack (compress) Cons Abuse push Proxies that dont support it might slow down Load balancer layer 7 (a layer 7 load balancer that doesnt support h2 will slow down when your web server supports it) Cards 1:25 HTTP crash course 12:30 TLS Time codes HTTP 1.1 2:15 HTTP/2 5:50 HTTP/2 With Push 8:25 HTTP/2 Pros 9:48 HTTP/2 Cons 14:10 Demo 17:15 +----------+--------+---------+---------+ | Protocol | Online | Fast 3G | Slow 3G | +----------+--------+---------+---------+ | HTTP 1.1 | 94 ms | 10 s | 36 s | +----------+--------+---------+---------+ | HTTP/2  | 171 ms | 2.7 s  | 10 s | +----------+--------+---------+---------+

Sorry about the free form audio and low quality thought I post something here its been while