Eating your own dog food: Building a repository with API-driven development

Nick Jackson / / Dissemination

This is a proposal for a paper at the Open Repositories 2012 conference in July.

The JISC-funded Orbital project is building on earlier work at the University of Lincoln to develop a state-of-the-art research data management infrastructure, piloted with the first purpose-built School of Engineering in the UK in over 20 years.

Orbital (figure c) differs from traditional database applications in three significant ways:

  1. Orbital Core uses MongoDB, a document-oriented, schema-less, so-called ‘NoSQL’ database. MongoDB offers flexibility in that it is capable of accepting an object representing any kind of data (e.g. tabular data, survey results, images) without the need to develop a schema beforehand. MongoDB also includes useful features which can boost performance and resiliency, namely sharding – slicing data across multiple servers so a request may be processed by multiple servers in parallel – and replication — keeping multiple identical copies of data on different servers in case one of them fails. Orbital is also designed to be able to spread the ‘core’ – the application which does the heavy lifting – and the ‘manager’ – the front-end user interface – across multiple servers without causing stress. In our experience MongoDB, combined with the Sphinx search engine to perform full-text searching, is also extremely fast and allows us to develop simple, attractive APIs which we can expose to user applications.
  2. Orbital Core mediates access to the data via an open source OAuth 2 server we have developed and implemented at Lincoln.  The use of OAuth 2 allows access to the data from multiple authorised systems providing that the owner of the data has given permission, instantly opening the Orbital application to third-party extension. This method establishes the identity, authentication and authorisation of users, providing direct access to individual data sets or portions of data sets (e.g. specific rows/columns) through APIs on Orbital Core.
  3. The design and development of Orbital Core is API-driven, resulting in an application that offers 100% of its functionality through APIs, whether to our own Orbital Manager or a third-party application, each of which are treated equally by Orbital Core (figure c). As far as Orbital Core is concerned there is no functional difference between Orbital Manager (the front-end) and an application that a researcher has developed to meet a specific need; they are subject to the exact same access controls, restrictions, sanity checking and limitations. We have therefore eschewed some of the traditional approaches of building a database application, where access to the database is either provided via a stand-alone application (figure a) or via an API bolted on to the database (figure b). Orbital is also designed to be both stateless, i.e. all of the API functions are RESTful and thus represent a complete transaction with no requirement for session affinity, are not reliant on SQL features like transactions and joins, and have a reduced requirement for referential integrity.

Under this design, the API is the only way to interface with the data and functionality of the system. This API-driven approach offers several benefits:

  • Architecture is better: We are forced to think about data types and methods early on. Consistent behaviour across the application is easier to achieve.
  • Development is easier: Calling a well designed API is simple; error messages become cleanly captured by design; APIs encourage code reuse at both API and application end.
  • Updates become simpler:  We can run two or more API versions concurrently; tweak the API back-end and all front-end applications (‘official’ and 3rd party) benefit at once.
  • The APIs are better: The APIs must include everything we want our application to be able to do. Reliability of the API is now critical which encourages better design of resiliency and error handling; and usability of the API is essential which encourages better documentation.

The challenges of this approach are that every time we want to build user-facing functionality we have to assess our APIs and work out where the functionality belongs as well as ensuring that we have lightweight data transfer and reliable error handling designed into the application. We also have to double up on some areas of development, writing both the respective Core and Manager parts of the system.

Illustrations

Figure a: The only way to interact with this application is to either be a user, or pretend to be one (for example via screen-scraping).
Figure b: The most common form of API, consisting of a ‘second view’ on the data and functionality of an application. This style of API often exposes a limited subset of the application’s functionality.
Figure c: In an API-driven model the API is the only way to interface with the application.

Hello? Is it me you’re looking for?

Nick Jackson / / Development

Orbital loves APIs, to the extent that the entire project hangs off them working as expected. One thing that Orbital must also do is ensure that it keeps potentially sensitive or confidential data secure during the process of slinging it over the ether. Fortunately, the fact we’re using HTTP as our transport mechanism of choice means that we can leverage something which has proven to be pretty darned reliable thus far: HTTPS!

The pretty green HTTPS icon in Chrome means that your communication with Orbital is secured.

HTTPS is the secure version of the HTTP standard which drives browsing the web — the ‘green padlock’ which appears on secured websites when you’re browsing. Behind the scenes it’s full of plenty of technological awesomeness including various protocols (SSL and TLS if you’re curious) and complex encryption and certification policies which aim to ensure three things:

  1. Traffic between the client (in most cases your browser) and the server is encrypted, ie it’s useless to anybody who may be able to intercept it.
  2. The connection between the client and the server is secure, ie the only parties who can communicate over that channel are the client and server who initiated it.
  3. The server you’re talking to is verifiably the right one, and not simply pretending in order to intercept data.

Orbital makes use of HTTPS throughout, and offers no option at all for unsecured access. Simply put, this means that all your communication with Orbital is guaranteed to be secure whilst it’s in transit. In fact, we decided to find a tool which can quantifiably express just how secure it is, so we had a look at Qualys. You can view our SSL reports below:

Whilst we always made sure that both aspects of Orbital offered a standard level of security, our initial reports highlighted a few flaws. Our servers were vulnerable to the BEAST attack, and offered some low security ciphers in their list of supported ones. Based on these reports we were able to plug those holes, improving our overall security. We also decided to implement the HSTS draft specification, providing an explicit instruction to browsers that communication with Orbital must always take place over HTTPS with a valid certificate, and any attempts to do otherwise should be blocked as a security risk.

Just a few of the ways we’re making sure that Orbital can be trusted with your sensitive or commercial data.

Notes from team meeting 23 February

Joss Winn / / Meetings

Development

Work on authentication complete. Blog post to follow. User authentication working over OAuth. API framework in place. Recruited Harry Newton as Developer on Orbital, starts end of March. Jenkins Continuous Integration quality assurance environment set up. Staff profiles producing RDF dump. EPrints integration awaiting work from EPrints Services.

Work packages

WP3 complete
WP4 complete end of Feb
WP6 complete end of Feb
WP9 complete end of Feb
WP10 complete end of Feb

Events

Dev8D/CodeIgniter conferences (14-19/02). Helped organise both conferences. Nick presented on API-driven development, Lightning Talk on OAuth, part of data repositories panel, both presentations featured on Slideshare home page. Joss Chaired data.*.ac.uk panel.

Business case for open source (Lincoln, 07/03 am)

MRD Policy meeting (Leeds, 12-13/03)

RDM Policy drafting workshop (Lincoln, 02/04 am)

OR12 paper/workshop (05/03 deadline). API-driven development.

MRD HackDay (Manchester, 3-4/05)

MongoDB conference (London, 20/06). Lee/Harry.

Actions

Nick: Workshops on source control, testing, CI and deployment. 3rd week of March.

Nick: Documentation, write up tech review, data review.

Nick/Lee: Review choice of database.

Nick/Mark: Review security.

Nick/Bev: Meet to look at metadata requirements

Joss: Write Implementation Plan

Paul: Arrange meeting with Nottingham/ADMIRE project.

Paul: DAF survey

Paul: Lit Review by end of week.

Web scale data management

Joss Winn / / Research

Not research data as such (although it could be the subject of research), but a long and interesting blog post about how Tumblr manages huge amounts of user generated data. It’s interesting not just because of the scale of the task day-to-day, but also because it offers some lessons learned about how to scale up to managing an ingest of several terabytes a day. When we talk about ‘big data’ in the sciences, is it this big? Bigger? How is big science actually managing data on this scale? I really don’t know.

  • 500 million page views a day
  • 15B+ page views month
  • ~20 engineers
  • Peak rate of ~40k requests per second
  • 1+ TB/day into Hadoop cluster
  • Many TB/day into MySQL/HBase/Redis/Memcache
  • Growing at 30% a month
  • ~1000 hardware nodes in production
  • Billions of page visits per month per engineer
  • Posts are about 50GB a day. Follower list updates are about 2.7TB a day.
  • Dashboard runs at a million writes a second, 50K reads a second, and it is growing.

The Business Case for Open Source

Joss Winn / / Announcements, Events

Sander van der Waal from OSSWatch, JISC’s open source software advisory service will lead a meeting on March 7th.

The term ‘open source’ is increasingly being used to refer not only to the development of software, but also in other disciplines, such as design, education and even government.

This meeting is an opportunity for attendees to learn exactly what ‘open source’ means and its effect on our understanding of property and the production of knowledge, goods and services.

In the context of the Orbital project, we will also discuss the use and application of open source licenses by universities and consider how open source can contribute to innovation and the development of new business models.

The meeting will be held on March 7th, 9.30-12pm, MB1005. Refreshments will be provided. Staff and students wishing to attend should RSVP Joss Winn.