Comments by "Tony Zhou" (@ReflectionOcean) on "ByteByteGo" channel.

  1. HTTPS is HTTP + TLS (Transport Layer Security) TLS is a handshake process between the client and server with asymmetric encryption to exchange a session key used for Data Transmission with symmetric encryption.
    157
  2. OSI = open systems interconnection Application protocol (Application layer + Presentation layer + Session layer): HTTP Transport layer: TCP (Sequence and checksum), UDP Network layer: IP Data Link layer: MAC Physical layer: Bits
    71
  3. DNS translate domain names to IP addresses. It's hierarchical and de-centralized.
    69
  4. Video capture --(RTMP)--> PoP Server -> Transcoding / Segmentation -> Packaging -> CDN distribution / Caching
    48
  5. Key concepts: 1. Service Provider and Identify Provider 2. Federated Identity protocols: SAML (XML) vs OpenID (JWT)
    24
  6. - Understand JWT structure and usage (0:34) - Ensure sensitive payload data is encrypted (2:02) - Choose the right signing algorithm for your needs (2:17) - Implement best practices for JWT security (4:02)
    23
  7. 1. Obtain as much information as possible to reproduce the problem 2. Use Print statement to construct a timeline 3. Comb through all the logs for clues 4. Take a break
    13
  8. Step 1: capture features and NFR Step 2: propose APIs, high level diagram, data model Step 3: Dive into specific implementations. Articulate problems and propose solutions. Step 4: Wrap up
    8
  9. !. Skiplist (probabilistic data structure to implement a Sorted Set for efficient lookup, insertion and deletion) ~ B-Tree 2. Hash index: key - hash function -> bucket 3+4. SSTable + LSM Tree (NoSQL) 5. B-Tree (Balanced Tree): Internal nodes to store keys and leave nodes to store actual data (DBMS) 6. Inverted Index: word -> document (Elastic Search) 7. Suffix Tree (Trie): search box 8. R-tree
    5
  10. Rest: simple to implement and use, with inefficiency in specific occasions because of multiple API calls required GraphQL: flexible and efficient to use, but complex to implement and use and often relies on extra tools
    3
  11. Tokens: PAN = Primary Account Number DAN = Device Account Number PAN (from device) => BANK => DAN (to device)
    3
  12. Http/1/1.1/2 are built on TCP Http/1.1 introduces "keep-alive" which allows a connection to reuse and avoid the expensive 3 way handshake Http/2: Http streams and (server) push capability Http/3 introduces QUIC protocol based on UDP to make stream first class in transportation layer, replacing TCP usage for mobile devices
    3
  13. Parameter validation -> allow/deny listing -> authentication/authorization -> rate limiting -> dynamic routing -> service discovery -> Protocol conversion Error handling / logging / monitoring / Circuit breaking / analytics
    3
  14. ATMs and Twitter are 2 great examples to understand the trade off between consistency and availability in the presence of network partition.
    2
  15. Functional vs non-functional Functional: start with the user personas and what they can do with the app. This determines the API design. Non-functional: think in terms of latency, throughput, storage. This determines the architecture, the data storage and retrieval implementations.
    1
  16. API is a way for computers to talk to each other. REST is a common standard to build web based APIs. The API resources are identified by nouns rather than verbs. The HTTP methods are verbs for actions to the resource. GET/PUT/DELETE are idempotent methods. POST is not. Versioning allows API evolution.
    1
  17. 2 dimension to 1 dimension index Index: hash or tree based
    1
  18. 1. In memory 2. Single threaded (without locking) and multiplexiing I/O 3. Efficient (in-memory) data structures (without worrying efficient disk storage)
    1
  19. 2 personas and 2 sub-process: 1. Merchant to generate QR code 2. Consumer to scan QR code What is PsP gateway?
    1
  20. The core problem that consistent hashing trying to solve in the presence of frequent node addition and removal are: 1. even data distribution 2. minimum data movements 2 insights: 1. Distribute data to nodes on the hash ring rather than use modular function to minimize data movements because of changes of cluster memberships 2. Use virtual nodes to improve data distribution
    1
  21. 1. Sequential access - append only log 2. Zero copy
    1
  22. Content Delivery Network with PoP (Point of Presence) servers with optimizations to make HTTP serving faster and more reliable 1. Caching 2. JIT compaction 3. DoSS defection 4. High Availability 5. TLS (expensive) termination
    1
  23. Salt it, hash it, , store it, compare it
    1
  24. 4 URL components 1. scheme: http/https 2. domain 3. path 4. resource
    1
  25. No false negative but probably false positive
    1
  26. Proxy hides user IP and filter unwanted sites visits. Reverse proxy hides the servers, reduce HTTPs computation, load balance and defends against DDOS attack.
    1
  27. 1 ns = 10^-9 s 1 us = 10^-6 s 1 ms = 10^-3s Register < L1/L2/L3 caches < memory < SSD < Harddisk < intranet < internet < TLS
    1
  28. Grpc communicates on http/2 transport layer
    1
  29. Bare metal is physical hardware isolation. Virtual machine is virtual hardware isolation based on hypervisor. Container is virtual OS/process isolation based on container engine and host OS.
    1
  30. Mitigation before migration. Boring is good. Read "Limits" and "FAQ" in manual. Understand the trade-offs.
    1
  31. Implemented with buckets and fast hash function
    1
  32. A process is a program executing by a processor. A process doesn't share memory with another process. It has a collection of threads: the main thread and the other threads if any. A thread is an execution unit inside a process. It shares the same heap memory with the other threads in the same process. But it has its own stack memory.
    1