Module 03 Review & Cheat Sheet
Congratulations on completing Module 03! This module covered the fundamental ways systems talk to each other.
1. Key Takeaways
| Concept | The “One Liner” |
|---|---|
| REST | Resource-based, stateless, standard HTTP verbs. Level 2 is the standard. Use Problem+JSON for standardized errors. |
| GraphQL | Client asks for exactly what it needs. Solves Over-fetching. |
| gRPC | High-performance RPC using Protobuf. Great for internal microservices. |
| Polling | “Are we there yet?” Simple but high latency/overhead. |
| WebSockets | Full-duplex persistent connection. Lowest latency. Stateful. |
| WebRTC | Peer-to-Peer real-time communication. Low latency without server hops. |
| API Gateway | The “Front Door”. Handles Auth, Rate Limiting, and Routing. |
| BFF | Backend for Frontend. Tailored APIs for specific clients (Mobile vs Web). |
| Circuit Breaker | Fails fast when a downstream service is down to prevent cascading failure. |
2. Interactive Flashcards
Test your memory! Click to flip.
What is Idempotency?
Making the same request multiple times has the same effect as making it once.
What solves the N+1 Problem?
DataLoader (Batching & Caching).
REST Level 3 adds what?
Hypermedia Controls (HATEOAS).
HTTP/3 uses TCP or UDP?
UDP (QUIC protocol).
Service Mesh vs Gateway?
Gateway = External Traffic (North-South). Mesh = Internal Traffic (East-West).
Status Code 429?
Too Many Requests (Rate Limit Exceeded).
WebSocket vs SSE?
WS = Bi-directional. SSE = Server-to-Client only.
What is Backpressure?
When a system signals upstream to slow down because it's overwhelmed.
Why is POST not idempotent?
Because multiple POST requests create multiple resources.
What is a BFF?
Backend for Frontend: Separate gateways for different client types (Mobile/Web).
Token Bucket vs Leaky Bucket?
Token Bucket allows bursts. Leaky Bucket enforces a constant rate.
What is Head-of-Line Blocking?
When one slow packet blocks all subsequent packets (Fixed in HTTP/3).
What is GraphQL Federation?
Combining multiple GraphQL subgraphs into a single supergraph via a Gateway.
What is WebTransport?
A modern API built on HTTP/3 allowing reliable streams and unreliable datagrams.
What is the "Two Generals Problem"?
A paradox proving that two parties cannot perfectly coordinate over an unreliable link. This is why we need Idempotency Keys to handle retries.
Why terminate SSL at the API Gateway?
To offload the CPU-intensive RSA/ECC math from backend services. Gateways use hardware acceleration (AES-NI) for this.
What is Problem+JSON?
RFC 7807: A machine-readable standard for returning consistent error details in HTTP APIs.
What are E-Tags?
A hash of a resource used for Conditional Requests to save bandwidth (304 Not Modified).
3. System Architect Challenge
Test your ability to choose the right tool for the job.
1. You are building a Stock Trading platform where milliseconds matter. You need to stream price updates to a dashboard.
2. Your mobile app needs to display a user profile, their last 3 orders, and their wish list. You want to minimize battery usage and requests.
4. System Design Checklist: API Choice
When designing a new system, ask these questions:
- Who are the clients?
- Mobile? (Use BFF, minimize data).
- Internal Services? (Use gRPC).
- Public Developers? (Use REST/GraphQL).
- Is it Real-Time?
- Yes, high frequency (Game)? → WebTransport/UDP.
- Yes, chat? → WebSockets.
- Yes, news feed? → SSE.
- No? → REST.
- Do we need Caching?
- Yes, heavily? → REST (Leverage CDNs).
- No, data changes per user? → GraphQL.
- How do we handle failures?
- Retries? → Implement Idempotency Keys (Two Generals Problem).
- Circuit Breakers? → Use a Service Mesh or Gateway.
- Physical Constraints?
- CPU Bound? → Avoid complex GraphQL AST parsing or heavy JSON; use gRPC.
- Memory Bound? → Beware of thousands of idle WebSocket buffers.
5. Next Steps
You are now ready to handle data storage. Proceed to Module 04: Database Basics or explore the Load Balancing module.
6. Module 03 Mnemonic Recall
| Mnemonic | Stands For | Chapter |
|---|---|---|
| “Get PUT to DELETE POSTing” | GET, PUT, DELETE are idempotent; POST is neither | Ch 01: REST |
| Richardson 0→3 | POX → Resources → Verbs → HATEOAS. Level 2 is the standard | Ch 01: REST |
| “Never Dive into Complexity” | N+1 problem, Depth limits, Cost analysis — 3 GraphQL safety nets | Ch 02: GraphQL |
| “Some Long Snakes Wander West” | Short, Long polling, SSE, WebSockets, WebTransport | Ch 03: Polling |
| RED | Rate, Errors, Duration — 3 Gateway health signals | Ch 04: Gateway |
| North-South vs East-West | Gateway = external; Service Mesh = internal | Ch 04: Gateway |
7. Staff Engineer Challenge: API Stack Design
The Scenario: You’re the tech lead for a new social media platform. The mobile team wants GraphQL, web team wants REST, and the ML team uses gRPC internally.
The Questions:
- How do you serve all three teams without three separate backends? (Hint: think Gateway + BFF)
- You need to push live updates to 500k concurrent mobile users during sports events. Bursts of 50k updates/second. What protocol and why?
- Your recommendation API takes 800ms. Users see a spinner after the initial page load. How do you architect this to feel faster without changing the recommendation service?