SlideShare a Scribd company logo

Bringing a public GraphQL API from beta to production ready

yann_s
yann_s

GraphQL Meetup 5 Nov. Bringing a public GraphQL API from beta to production ready
 at scale https://www.youtube.com/watch?v=Y4aP-ryulgQ

Engineering
1 of 34
Download to read offline
Bringing a public GraphQL API from beta to production ready at scale Yann Simon
What is commercetools commercetools API /products /carts … merchant center Single page app Mobile app cloud functions cloud queues Server Web / app
GraphQL @ commercetools from 2015 to 2020
2015 • July 2015: Facebook published the first draft of the GraphQL specification • October 2015: first experimental GraphQL support at commercetools
2015 - 2020 • from 2018, more & more GraphQL traffic
2020
What happened? • Scaling up • operation • development of GraphQL API (speed, quality) • performances
Scaling up operations
Protection against complex queries { products { results { id version } } } needs more resources to run { products { results { id version productType { name } } } } fetch the productType
Protection against malicious queries • Query complexity analysis based on schema and resolution strategies • Too complex queries are blocked • more info: • https://www.apollographql.com/blog/securing-your-graphql-api-from- malicious-queries-16130a324a6b/ • https://sangria-graphql.github.io/learn/#protection-against-malicious- queries
Add info to HTTP log entries method path status code GET /products 200 POST /carts 201 GET /reviews/79323 404 DELETE /product-discounts/47393 500
Add info to HTTP log entries method path status code POST /graphql 200 POST /graphql 200 POST /graphql 200 POST /graphql 200 operation type top level fields complexity number of errors Query products, category 650 0 Mutation cart 140 0 Query review 340 0 Mutation productDiscount 500 1
Metrics
Slow logs • log slow queries
 
 • ‼ do not log sensitive data ‼
Scaling up operations • protection against malicious queries • more info to http logs • metrics • slow logs • confidence in operating a GraphQL API at scale
Scaling up GraphQL API development
Internal usage • Internal applications are using the GraphQL API
 (merchant center, demo shop) • shorter feedback loops • improve API design • Frontend and Backend working together
API consistency - schema validations • General conventions for API consistency • Internal validations based on the schema [ERROR] Caused by: sangria.schema.SchemaValidationException: Schema does not pass validation. Violations: [ERROR] Output object 'Category' contains a localized string field named 'name' which does not follow the 'xxx' !-> String + 'xxxAllLocales' !-> List(LocalizedString) naming convention. [ERROR] at sangria.schema.SchemaValidationRule$.validateWithException(SchemaValidationRule.scala:42) [ERROR] at sangria.schema.Schema.<init>(Schema.scala:939)
Automation of GraphQL Schema • Our REST API is following a CQRS architecture • different models for queries and mutations • Based on this model, generate GraphQL schema • Use schema introspection to test what is exposed
Automation of API release notes • Production schema !== in development schema • Based on the differences, generate markdown file for public release notes
schema deprecations
Scaling up API development • Faster feedback loops • internal usage • Faster development • generating GraphQL types from REST API models • schema validations for API consistency • public release notes • Using deprecations to evolve • Graphql coverage is almost complete
Scaling up performances
more tools for external developers • Expose query complexity as HTTP header
 https://docs.commercetools.com/api/graphql#query-complexity • Profiling
query optimization Client Server Database Optimize payload Servers to servers Migrating our Apple WatchOS Commerce App to GraphQL
query optimization Client Server Database Optimize query
 Do not select all fields Performance optimization (GraphQL meetup in Berlin)
Inspect live servers
Scaling up performances • Give tools for users of the API • Optimize database queries based on GraphQL query • Inspect live servers • Continuous process
Evolving a public Graph API from experimental to production ready needs investments in different areas
Invest in automation
Invest in operations
Continuous improvement
Involve everyone
Being production ready for more GraphQL traffic

Recommended

Bringing a public GraphQL API from the whiteboard to production
Bringing a public GraphQL API from the whiteboard to productionBringing a public GraphQL API from the whiteboard to production
Bringing a public GraphQL API from the whiteboard to production
yann_s
 
Create GraphQL server with apolloJS
Create GraphQL server with apolloJSCreate GraphQL server with apolloJS
Create GraphQL server with apolloJS
Jonathan Jalouzot
 
GraphQL Advanced
GraphQL AdvancedGraphQL Advanced
GraphQL Advanced
LeanIX GmbH
 
Continuous mobile automation in build pipeline
Continuous mobile automation in build pipelineContinuous mobile automation in build pipeline
Continuous mobile automation in build pipeline
dm l
 
GraphQL Search
GraphQL SearchGraphQL Search
GraphQL Search
Artem Shtatnov
 
Create flexible react applications using GraphQL API's
Create flexible react applications using GraphQL API'sCreate flexible react applications using GraphQL API's
Create flexible react applications using GraphQL API's
Maurice De Beijer [MVP]
 
React and GraphQL at Stripe
React and GraphQL at StripeReact and GraphQL at Stripe
React and GraphQL at Stripe
Sashko Stubailo
 
Create flexible React applications using GraphQL apis
Create flexible React applications using GraphQL apisCreate flexible React applications using GraphQL apis
Create flexible React applications using GraphQL apis
Maurice De Beijer [MVP]
 

Recommended

Bringing a public GraphQL API from the whiteboard to production
Bringing a public GraphQL API from the whiteboard to productionBringing a public GraphQL API from the whiteboard to production
Bringing a public GraphQL API from the whiteboard to production
yann_s
 
Create GraphQL server with apolloJS
Create GraphQL server with apolloJSCreate GraphQL server with apolloJS
Create GraphQL server with apolloJS
Jonathan Jalouzot
 
GraphQL Advanced
GraphQL AdvancedGraphQL Advanced
GraphQL Advanced
LeanIX GmbH
 
Continuous mobile automation in build pipeline
Continuous mobile automation in build pipelineContinuous mobile automation in build pipeline
Continuous mobile automation in build pipeline
dm l
 
GraphQL Search
GraphQL SearchGraphQL Search
GraphQL Search
Artem Shtatnov
 
Create flexible react applications using GraphQL API's
Create flexible react applications using GraphQL API'sCreate flexible react applications using GraphQL API's
Create flexible react applications using GraphQL API's
Maurice De Beijer [MVP]
 
React and GraphQL at Stripe
React and GraphQL at StripeReact and GraphQL at Stripe
React and GraphQL at Stripe
Sashko Stubailo
 
Create flexible React applications using GraphQL apis
Create flexible React applications using GraphQL apisCreate flexible React applications using GraphQL apis
Create flexible React applications using GraphQL apis
Maurice De Beijer [MVP]
 
Data-driven development with GraphQL and Flow
Data-driven development with GraphQL and FlowData-driven development with GraphQL and Flow
Data-driven development with GraphQL and Flow
Kang Jin Chia
 
CONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQLCONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQL
Matthew Groves
 
Building Real-Time Search at MailChimp
Building Real-Time Search at MailChimpBuilding Real-Time Search at MailChimp
Building Real-Time Search at MailChimp
All Things Open
 
LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GraphQL Lessons Learned - CodeTalks 2017LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GmbH
 
GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018
Sashko Stubailo
 
Introduction to graphQL
Introduction to graphQLIntroduction to graphQL
Introduction to graphQL
Muhilvarnan V
 
Serverless GraphQL for Product Developers
Serverless GraphQL for Product DevelopersServerless GraphQL for Product Developers
Serverless GraphQL for Product Developers
Sashko Stubailo
 
GraphQL: The Missing Link Between Frontend and Backend Devs
GraphQL: The Missing Link Between Frontend and Backend DevsGraphQL: The Missing Link Between Frontend and Backend Devs
GraphQL: The Missing Link Between Frontend and Backend Devs
Sashko Stubailo
 
Graphql
GraphqlGraphql
Graphql
Arnar Þór Sveinsson
 
Graphql
GraphqlGraphql
Graphql
Girish Talekar
 
Real Time Serverless Polling App
Real Time Serverless Polling AppReal Time Serverless Polling App
Real Time Serverless Polling App
Srushith Repakula
 
REST vs GraphQL
REST vs GraphQLREST vs GraphQL
REST vs GraphQL
Squareboat
 
Building Push Triggers for Logic Apps
Building Push Triggers for Logic AppsBuilding Push Triggers for Logic Apps
Building Push Triggers for Logic Apps
BizTalk360
 
The Apollo and GraphQL Stack
The Apollo and GraphQL StackThe Apollo and GraphQL Stack
The Apollo and GraphQL Stack
Sashko Stubailo
 
Automated Testing with Selenium
Automated Testing with SeleniumAutomated Testing with Selenium
Automated Testing with Selenium
Robert Kaiser
 
GraphQL Introduction
GraphQL IntroductionGraphQL Introduction
GraphQL Introduction
bobo52310
 
GraphConnect 2014 SF: How eBay and Shutl Deliver Even Faster Using Neo4j
GraphConnect 2014 SF: How eBay and Shutl Deliver Even Faster Using Neo4jGraphConnect 2014 SF: How eBay and Shutl Deliver Even Faster Using Neo4j
GraphConnect 2014 SF: How eBay and Shutl Deliver Even Faster Using Neo4j
Neo4j
 
Fifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshopFifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshop
Ketan Khairnar
 
Eclipsecon2010
Eclipsecon2010Eclipsecon2010
Eclipsecon2010
mariobernhart
 
GraphQL Fundamentals
GraphQL FundamentalsGraphQL Fundamentals
GraphQL Fundamentals
Virbhadra Ankalkote
 
Graphql usage
Graphql usageGraphql usage
Graphql usage
Valentin Buryakov
 
angular-concepts-introduction-slides.pptx
angular-concepts-introduction-slides.pptxangular-concepts-introduction-slides.pptx
angular-concepts-introduction-slides.pptx
shekharmpatil1309
 

More Related Content

What's hot

GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018
Sashko Stubailo
 
GraphQL: The Missing Link Between Frontend and Backend Devs
GraphQL: The Missing Link Between Frontend and Backend DevsGraphQL: The Missing Link Between Frontend and Backend Devs
GraphQL: The Missing Link Between Frontend and Backend Devs
Sashko Stubailo
 
The Apollo and GraphQL Stack
The Apollo and GraphQL StackThe Apollo and GraphQL Stack
The Apollo and GraphQL Stack
Sashko Stubailo
 

What's hot (20)

Data-driven development with GraphQL and Flow
Data-driven development with GraphQL and FlowData-driven development with GraphQL and Flow
Data-driven development with GraphQL and Flow
 
CONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQLCONDG April 23 2020 - Baskar Rao - GraphQL
CONDG April 23 2020 - Baskar Rao - GraphQL
 
Building Real-Time Search at MailChimp
Building Real-Time Search at MailChimpBuilding Real-Time Search at MailChimp
Building Real-Time Search at MailChimp
 
LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GraphQL Lessons Learned - CodeTalks 2017LeanIX GraphQL Lessons Learned - CodeTalks 2017
LeanIX GraphQL Lessons Learned - CodeTalks 2017
 
GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018GraphQL over REST at Reactathon 2018
GraphQL over REST at Reactathon 2018
 
Introduction to graphQL
Introduction to graphQLIntroduction to graphQL
Introduction to graphQL
 
Serverless GraphQL for Product Developers
Serverless GraphQL for Product DevelopersServerless GraphQL for Product Developers
Serverless GraphQL for Product Developers
 
GraphQL: The Missing Link Between Frontend and Backend Devs
GraphQL: The Missing Link Between Frontend and Backend DevsGraphQL: The Missing Link Between Frontend and Backend Devs
GraphQL: The Missing Link Between Frontend and Backend Devs
 
Graphql
GraphqlGraphql
Graphql
 
Graphql
GraphqlGraphql
Graphql
 
Real Time Serverless Polling App
Real Time Serverless Polling AppReal Time Serverless Polling App
Real Time Serverless Polling App
 
REST vs GraphQL
REST vs GraphQLREST vs GraphQL
REST vs GraphQL
 
Building Push Triggers for Logic Apps
Building Push Triggers for Logic AppsBuilding Push Triggers for Logic Apps
Building Push Triggers for Logic Apps
 
The Apollo and GraphQL Stack
The Apollo and GraphQL StackThe Apollo and GraphQL Stack
The Apollo and GraphQL Stack
 
Automated Testing with Selenium
Automated Testing with SeleniumAutomated Testing with Selenium
Automated Testing with Selenium
 
GraphQL Introduction
GraphQL IntroductionGraphQL Introduction
GraphQL Introduction
 
GraphConnect 2014 SF: How eBay and Shutl Deliver Even Faster Using Neo4j
GraphConnect 2014 SF: How eBay and Shutl Deliver Even Faster Using Neo4jGraphConnect 2014 SF: How eBay and Shutl Deliver Even Faster Using Neo4j
GraphConnect 2014 SF: How eBay and Shutl Deliver Even Faster Using Neo4j
 
Fifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshopFifth elephant 2017 Data Pipeline workshop
Fifth elephant 2017 Data Pipeline workshop
 
Eclipsecon2010
Eclipsecon2010Eclipsecon2010
Eclipsecon2010
 
GraphQL Fundamentals
GraphQL FundamentalsGraphQL Fundamentals
GraphQL Fundamentals
 

Similar to Bringing a public GraphQL API from beta to production ready

AWS re:Invent 2016: Enabling DevOps for an Enterprise with AWS Service Catalo...
AWS re:Invent 2016: Enabling DevOps for an Enterprise with AWS Service Catalo...AWS re:Invent 2016: Enabling DevOps for an Enterprise with AWS Service Catalo...
AWS re:Invent 2016: Enabling DevOps for an Enterprise with AWS Service Catalo...
Amazon Web Services
 
Your API on Steroids - Retrofitting GraphQL by Code, Cloud Native or Serverless
Your API on Steroids - Retrofitting GraphQL by Code, Cloud Native or ServerlessYour API on Steroids - Retrofitting GraphQL by Code, Cloud Native or Serverless
Your API on Steroids - Retrofitting GraphQL by Code, Cloud Native or Serverless
QAware GmbH
 
Your API on Steroids
Your API on Steroids Your API on Steroids
Your API on Steroids
QAware GmbH
 
Serverless Angular, Material, Firebase and Google Cloud applications
Serverless Angular, Material, Firebase and Google Cloud applicationsServerless Angular, Material, Firebase and Google Cloud applications
Serverless Angular, Material, Firebase and Google Cloud applications
Loiane Groner
 
Managing the Continuous Delivery of Code to AWS Lambda
Managing the Continuous Delivery of Code to AWS LambdaManaging the Continuous Delivery of Code to AWS Lambda
Managing the Continuous Delivery of Code to AWS Lambda
Amazon Web Services
 
Deploying GraphQL Services as Managed APIs
Deploying GraphQL Services as Managed APIsDeploying GraphQL Services as Managed APIs
Deploying GraphQL Services as Managed APIs
WSO2
 

Similar to Bringing a public GraphQL API from beta to production ready (20)

Graphql usage
Graphql usageGraphql usage
Graphql usage
 
angular-concepts-introduction-slides.pptx
angular-concepts-introduction-slides.pptxangular-concepts-introduction-slides.pptx
angular-concepts-introduction-slides.pptx
 
Webinar June 2017 l Apica LoadTest to compliment HP Loadrunner
Webinar June 2017 l Apica LoadTest to compliment HP LoadrunnerWebinar June 2017 l Apica LoadTest to compliment HP Loadrunner
Webinar June 2017 l Apica LoadTest to compliment HP Loadrunner
 
AWS re:Invent 2016: Enabling DevOps for an Enterprise with AWS Service Catalo...
AWS re:Invent 2016: Enabling DevOps for an Enterprise with AWS Service Catalo...AWS re:Invent 2016: Enabling DevOps for an Enterprise with AWS Service Catalo...
AWS re:Invent 2016: Enabling DevOps for an Enterprise with AWS Service Catalo...
 
Your API on Steroids - Retrofitting GraphQL by Code, Cloud Native or Serverless
Your API on Steroids - Retrofitting GraphQL by Code, Cloud Native or ServerlessYour API on Steroids - Retrofitting GraphQL by Code, Cloud Native or Serverless
Your API on Steroids - Retrofitting GraphQL by Code, Cloud Native or Serverless
 
Angular 4 for Java Developers
Angular 4 for Java DevelopersAngular 4 for Java Developers
Angular 4 for Java Developers
 
How to provide a GraphQL API - I want it that way
How to provide a GraphQL API - I want it that wayHow to provide a GraphQL API - I want it that way
How to provide a GraphQL API - I want it that way
 
Hackazon realistic e-commerce Hack platform
Hackazon realistic e-commerce Hack platformHackazon realistic e-commerce Hack platform
Hackazon realistic e-commerce Hack platform
 
Angular for Java Enterprise Developers: Oracle Code One 2018
Angular for Java Enterprise Developers: Oracle Code One 2018Angular for Java Enterprise Developers: Oracle Code One 2018
Angular for Java Enterprise Developers: Oracle Code One 2018
 
Apica Company Summary 2016
Apica Company Summary 2016Apica Company Summary 2016
Apica Company Summary 2016
 
Your API on Steroids
Your API on Steroids Your API on Steroids
Your API on Steroids
 
Serverless Angular, Material, Firebase and Google Cloud applications
Serverless Angular, Material, Firebase and Google Cloud applicationsServerless Angular, Material, Firebase and Google Cloud applications
Serverless Angular, Material, Firebase and Google Cloud applications
 
Asp.Net MVC 5 in Arabic
Asp.Net MVC 5 in ArabicAsp.Net MVC 5 in Arabic
Asp.Net MVC 5 in Arabic
 
Microservice Automated Testing on Kubernetes
Microservice Automated Testing on KubernetesMicroservice Automated Testing on Kubernetes
Microservice Automated Testing on Kubernetes
 
Managing the Continuous Delivery of Code to AWS Lambda
Managing the Continuous Delivery of Code to AWS LambdaManaging the Continuous Delivery of Code to AWS Lambda
Managing the Continuous Delivery of Code to AWS Lambda
 
Deploying GraphQL Services as Managed APIs
Deploying GraphQL Services as Managed APIsDeploying GraphQL Services as Managed APIs
Deploying GraphQL Services as Managed APIs
 
React inter3
React inter3React inter3
React inter3
 
Alberto Paro - Hands on Scala.js
Alberto Paro - Hands on Scala.jsAlberto Paro - Hands on Scala.js
Alberto Paro - Hands on Scala.js
 
Scala Italy 2015 - Hands On ScalaJS
Scala Italy 2015 - Hands On ScalaJSScala Italy 2015 - Hands On ScalaJS
Scala Italy 2015 - Hands On ScalaJS
 
AWS Community Day - Piyali Kamra - Conversational AI Ecosystem on AWS
AWS Community Day - Piyali Kamra - Conversational AI Ecosystem on AWSAWS Community Day - Piyali Kamra - Conversational AI Ecosystem on AWS
AWS Community Day - Piyali Kamra - Conversational AI Ecosystem on AWS
 

More from yann_s

Structure your Play application with the cake pattern (and test it)
Structure your Play application with the cake pattern (and test it)Structure your Play application with the cake pattern (and test it)
Structure your Play application with the cake pattern (and test it)
yann_s
 

More from yann_s (7)

FS2 mongo reactivestreams
FS2 mongo reactivestreamsFS2 mongo reactivestreams
FS2 mongo reactivestreams
 
Introduction to rust: a low-level language with high-level abstractions
Introduction to rust: a low-level language with high-level abstractionsIntroduction to rust: a low-level language with high-level abstractions
Introduction to rust: a low-level language with high-level abstractions
 
Performance optimisation with GraphQL
Performance optimisation with GraphQLPerformance optimisation with GraphQL
Performance optimisation with GraphQL
 
Introduction to GraphQL at API days
Introduction to GraphQL at API daysIntroduction to GraphQL at API days
Introduction to GraphQL at API days
 
Introduction to type classes in Scala
Introduction to type classes in ScalaIntroduction to type classes in Scala
Introduction to type classes in Scala
 
Compile time dependency injection in Play 2.4 with macwire
Compile time dependency injection in Play 2.4 with macwireCompile time dependency injection in Play 2.4 with macwire
Compile time dependency injection in Play 2.4 with macwire
 
Structure your Play application with the cake pattern (and test it)
Structure your Play application with the cake pattern (and test it)Structure your Play application with the cake pattern (and test it)
Structure your Play application with the cake pattern (and test it)
 

Recently uploaded

Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
Epec Engineered Technologies
 
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
mphochane1998
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
Kamal Acharya
 
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
Health
 

Recently uploaded (20)

AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network Devices
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptxCOST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
School management system project Report.pdf
School management system project Report.pdfSchool management system project Report.pdf
School management system project Report.pdf
 
Air Compressor reciprocating single stage
Air Compressor reciprocating single stageAir Compressor reciprocating single stage
Air Compressor reciprocating single stage
 
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
+97470301568>> buy weed in qatar,buy thc oil qatar,buy weed and vape oil in d...
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 

Bringing a public GraphQL API from beta to production ready

  • 1. Bringing a public GraphQL API from beta to production ready at scale Yann Simon
  • 2. What is commercetools commercetools API /products /carts … merchant center Single page app Mobile app cloud functions cloud queues Server Web / app
  • 4. 2015 • July 2015: Facebook published the first draft of the GraphQL specification • October 2015: first experimental GraphQL support at commercetools
  • 5. 2015 - 2020 • from 2018, more & more GraphQL traffic
  • 7. What happened? • Scaling up • operation • development of GraphQL API (speed, quality) • performances
  • 9. Protection against complex queries { products { results { id version } } } needs more resources to run { products { results { id version productType { name } } } } fetch the productType
  • 10. Protection against malicious queries • Query complexity analysis based on schema and resolution strategies • Too complex queries are blocked • more info: • https://www.apollographql.com/blog/securing-your-graphql-api-from- malicious-queries-16130a324a6b/ • https://sangria-graphql.github.io/learn/#protection-against-malicious- queries
  • 11. Add info to HTTP log entries method path status code GET /products 200 POST /carts 201 GET /reviews/79323 404 DELETE /product-discounts/47393 500
  • 12. Add info to HTTP log entries method path status code POST /graphql 200 POST /graphql 200 POST /graphql 200 POST /graphql 200 operation type top level fields complexity number of errors Query products, category 650 0 Mutation cart 140 0 Query review 340 0 Mutation productDiscount 500 1
  • 14. Slow logs • log slow queries
 
 • ‼ do not log sensitive data ‼
  • 15. Scaling up operations • protection against malicious queries • more info to http logs • metrics • slow logs • confidence in operating a GraphQL API at scale
  • 16. Scaling up GraphQL API development
  • 17. Internal usage • Internal applications are using the GraphQL API
 (merchant center, demo shop) • shorter feedback loops • improve API design • Frontend and Backend working together
  • 18. API consistency - schema validations • General conventions for API consistency • Internal validations based on the schema [ERROR] Caused by: sangria.schema.SchemaValidationException: Schema does not pass validation. Violations: [ERROR] Output object 'Category' contains a localized string field named 'name' which does not follow the 'xxx' !-> String + 'xxxAllLocales' !-> List(LocalizedString) naming convention. [ERROR] at sangria.schema.SchemaValidationRule$.validateWithException(SchemaValidationRule.scala:42) [ERROR] at sangria.schema.Schema.<init>(Schema.scala:939)
  • 19. Automation of GraphQL Schema • Our REST API is following a CQRS architecture • different models for queries and mutations • Based on this model, generate GraphQL schema • Use schema introspection to test what is exposed
  • 20. Automation of API release notes • Production schema !== in development schema • Based on the differences, generate markdown file for public release notes
  • 22. Scaling up API development • Faster feedback loops • internal usage • Faster development • generating GraphQL types from REST API models • schema validations for API consistency • public release notes • Using deprecations to evolve • Graphql coverage is almost complete
  • 24. more tools for external developers • Expose query complexity as HTTP header
 https://docs.commercetools.com/api/graphql#query-complexity • Profiling
  • 25. query optimization Client Server Database Optimize payload Servers to servers Migrating our Apple WatchOS Commerce App to GraphQL
  • 26. query optimization Client Server Database Optimize query
 Do not select all fields Performance optimization (GraphQL meetup in Berlin)
  • 28. Scaling up performances • Give tools for users of the API • Optimize database queries based on GraphQL query • Inspect live servers • Continuous process
  • 29. Evolving a public Graph API from experimental to production ready needs investments in different areas
  • 34. Being production ready for more GraphQL traffic