This week’s system design refresher:

• Top 9 Most Popular API Protocols (Youtube video)

• What is a deadlock?

• What’s the difference between Session-based authentication and JWTs?

• Top 6 ElasticSearch Use Cases

• Top 9 Cases Behind 100% CPU Usage

• SPONSOR US

[Complimentary Download] Gartner Market Guide: Software Engineering Intelligence (SEI) Platforms (Sponsored)

Engineering teams are rapidly adopting Software Engineering Intelligence (SEI) Platforms to improve productivity and value delivery. According to Gartner’s recent Market Guide, use of SEI platforms by engineering organizations will rise to 50% by 2027, compared to 5% in 2024. LinearB was recognized by Gartner as a representative vendor, so we’re offering ByteByteGo readers a complimentary copy. 

Learn how you can unlock the transformative potential of SEI platforms by leveraging key features like:

• Extensive data from DevOps tools for critical metrics and insights.

• Customizable dashboards that highlight pivotal trends and inform strategic decisions.

• Insights into KPIs that showcase your team's achievements.

  Download your guide now

Top 9 Most Popular API Protocols

What is a deadlock?

A deadlock occurs when two or more transactions are waiting for each other to release locks on resources they need to continue processing. This results in a situation where neither transaction can proceed, and they end up waiting indefinitely.

• Coffman Conditions
  The Coffman conditions, named after Edward G. Coffman, Jr., who first outlined them in 1971, describe four necessary conditions that must be present simultaneously for a deadlock to occur:
  
  - Mutual Exclusion
  - Hold and Wait
  - No Preemption
  - Circular Wait
  

• Deadlock Prevention
  - Resource ordering: impose a total ordering of all resource types, and require that each process requests resources in a strictly increasing order.
  
  - Timeouts: A process that holds resources for too long can be rolled back.
  
  - Banker’s Algorithm: A deadlock avoidance algorithm that simulates the allocation of resources to processes and helps in deciding whether it is safe to grant a resource request based on the future availability of resources, thus avoiding unsafe states.
  

• Deadlock Recovery
  - Selecting a victim: Most modern Database Management Systems (DBMS) and Operating Systems implement sophisticated algorithms for detecting deadlocks and selecting victims, often allowing customization of the victim selection criteria via configuration settings. The selection can be based on resource utilization, transaction priority, cost of rollback etc.
  
  - Rollback: The database may roll back the entire transaction or just enough of it to break the deadlock. Rolled-back transactions can be restarted automatically by the database management system.

Over to you: have you solved any tricky deadlock issues?

Latest articles

If you’re not a paid subscriber, here’s what you missed.

1. A Crash Course in GraphQL

2. HTTP1 vs HTTP2 vs HTTP3 - A Deep Dive

3. Unlocking the Power of SQL Queries for Improved Performance

4. What Happens When a SQL is Executed?

5. A Crash Course in API Versioning Strategies

To receive all the full articles and support ByteByteGo, consider subscribing:

What’s the difference between Session-based authentication and JWTs?

Here’s a simple breakdown for both approaches:

Session-Based Authentication

In this approach, you store the session information in a database or session store and hand over a session ID to the user.

Think of it like a passenger getting just the Ticket ID of their flight while all other details are stored in the airline’s database.

Here’s how it works:

1. The user makes a login request and the frontend app sends the request to the backend server.

2. The backend creates a session using a secret key and stores the data in session storage.

3. The server sends a cookie back to the client with the unique session ID.

4. The user makes a new request and the browser sends the session ID along with the request.

5. The server authenticates the user using the session ID.

JWT-Based Authentication

In the JWT-based approach, you don’t store the session information in the session store.

The entire information is available within the token.

Think of it like getting the flight ticket along with all the details available on the ticket but encoded.

Here’s how it works:

1. The user makes a login request and it goes to the backend server.

2. The server verifies the credentials and issues a JWT. The JWT is signed using a private key and no session storage is involved.

3. The JWT is passed to the client, either as a cookie or in the response body. Both approaches have their pros and cons but we’ve gone with the cookie approach.

4. For every subsequent request, the browser sends the cookie with the JWT.

5. The server verifies the JWT using the secret private key and extracts the user info.

Top 6 ElasticSearch Use Cases

Elasticsearch is widely used for its powerful and versatile search capabilities. The diagram below shows the top 6 use cases:

• Full-Text Search
  Elasticsearch excels in full-text search scenarios due to its robust, scalable, and fast search capabilities. It allows users to perform complex queries with near real-time responses.
  

• Real-Time Analytics
  Elasticsearch's ability to perform analytics in real-time makes it suitable for dashboards that track live data, such as user activity, transactions, or sensor outputs.
  

• Machine Learning
  With the addition of the machine learning feature in X-Pack, Elasticsearch can automatically detect anomalies, patterns, and trends in the data.
  

• Geo-Data Applications
  Elasticsearch supports geo-data through geospatial indexing and searching capabilities. This is useful for applications that need to manage and visualize geographical information, such as mapping and location-based services.
  

• Log and Event Data Analysis
  Organizations use Elasticsearch to aggregate, monitor, and analyze logs and event data from various sources. It's a key component of the ELK stack (Elasticsearch, Logstash, Kibana), which is popular for managing system and application logs to identify issues and monitor system health.

• Security Information and Event Management (SIEM)
  Elasticsearch can be used as a tool for SIEM, helping organizations to analyze security events in real time.
  

Over to you: What did we miss?

Top 9 Cases Behind 100% CPU Usage

The diagram below shows common culprits that can lead to 100% CPU usage. Understanding these can help in diagnosing problems and improving system efficiency.

1. Infinite Loops

2. Background Processes

3. High Traffic Volume

4. Resource-Intensive Applications

5. Insufficient Memory

6. Concurrent Processes

7. Busy Waiting

8. Regular Expression Matching

9. Malware and Viruses

Over to you: Did we miss anything important?

SPONSOR US

Get your product in front of more than 500,000 tech professionals.

Our newsletter puts your products and services directly in front of an audience that matters - hundreds of thousands of engineering leaders and senior engineers - who have influence over significant tech decisions and big purchases.

Space Fills Up Fast - Reserve Today

Ad spots typically sell out about 4 weeks in advance. To ensure your ad reaches this influential audience, reserve your space now by emailing hi@bytebytego.com