Module 03 Review & Cheat Sheet
[!IMPORTANT] Senior Staff Note: Congratulations on completing Module 03! You now understand the fundamental ways systems communicate. Remember, choosing the right protocol isn’t just about latency—it’s about understanding the trade-offs between statefulness, resource consumption, and client capabilities. The decisions you make here will dictate the scalability of your entire architecture.
1. Key Takeaways
| Concept | The “One Liner” |
|---|---|
| REST | Resource-based, stateless, standard HTTP verbs. Level 2 is the standard. Use Problem+JSON for standardized errors. |
| GraphQL | Client asks for exactly what it needs. Solves Over-fetching. |
| gRPC | High-performance RPC using Protobuf. Great for internal microservices. |
| Polling | “Are we there yet?” Simple but high latency/overhead. |
| WebSockets | Full-duplex persistent connection. Lowest latency. Stateful. |
| WebRTC | Peer-to-Peer real-time communication. Low latency without server hops. |
| API Gateway | The “Front Door”. Handles Auth, Rate Limiting, and Routing. |
| BFF | Backend for Frontend. Tailored APIs for specific clients (Mobile vs Web). |
| Circuit Breaker | Fails fast when a downstream service is down to prevent cascading failure. |
2. Interactive Flashcards
Test your memory! Click to flip.
What is Idempotency?
(Click to reveal)
Making the same request multiple times has the same effect as making it once.
What solves the N+1 Problem?
(Click to reveal)
DataLoader (Batching & Caching).
REST Level 3 adds what?
(Click to reveal)
Hypermedia Controls (HATEOAS).
HTTP/3 uses TCP or UDP?
(Click to reveal)
UDP (QUIC protocol).
Service Mesh vs Gateway?
(Click to reveal)
Gateway = External Traffic (North-South). Mesh = Internal Traffic (East-West).
Status Code 429?
(Click to reveal)
Too Many Requests (Rate Limit Exceeded).
WebSocket vs SSE?
(Click to reveal)
WS = Bi-directional. SSE = Server-to-Client only.
What is Backpressure?
(Click to reveal)
When a system signals upstream to slow down because it's overwhelmed.
Why is POST not idempotent?
(Click to reveal)
Because multiple POST requests create multiple resources.
What is a BFF?
(Click to reveal)
Backend for Frontend: Separate gateways for different client types (Mobile/Web).
Token Bucket vs Leaky Bucket?
(Click to reveal)
Token Bucket allows bursts. Leaky Bucket enforces a constant rate.
What is Head-of-Line Blocking?
(Click to reveal)
When one slow packet blocks all subsequent packets (Fixed in HTTP/3).
What is GraphQL Federation?
(Click to reveal)
Combining multiple GraphQL subgraphs into a single supergraph via a Gateway.
What is WebTransport?
(Click to reveal)
A modern API built on HTTP/3 allowing reliable streams and unreliable datagrams.
What is the "Two Generals Problem"?
(Click to reveal)
A paradox proving that two parties cannot perfectly coordinate over an unreliable link. This is why we need Idempotency Keys to handle retries.
Why terminate SSL at the API Gateway?
(Click to reveal)
To offload the CPU-intensive RSA/ECC math from backend services. Gateways use hardware acceleration (AES-NI) for this.
What is Problem+JSON?
(Click to reveal)
RFC 7807: A machine-readable standard for returning consistent error details in HTTP APIs.
What are E-Tags?
(Click to reveal)
A hash of a resource used for Conditional Requests to save bandwidth (304 Not Modified).
3. System Architect Challenge
Test your ability to choose the right tool for the job.
1. You are building a Stock Trading platform where milliseconds matter. You need to stream price updates to a dashboard.
2. Your mobile app needs to display a user profile, their last 3 orders, and their wish list. You want to minimize battery usage and requests.
4. System Design Checklist: API Choice
When designing a new system, ask these questions:
- Who are the clients?
- Mobile? (Use BFF, minimize data).
- Internal Services? (Use gRPC).
- Public Developers? (Use REST/GraphQL).
- Is it Real-Time?
- Yes, high frequency (Game)? → WebTransport/UDP.
- Yes, chat? → WebSockets.
- Yes, news feed? → SSE.
- No? → REST.
- Do we need Caching?
- Yes, heavily? → REST (Leverage CDNs).
- No, data changes per user? → GraphQL.
- How do we handle failures?
- Retries? → Implement Idempotency Keys (Two Generals Problem).
- Circuit Breakers? → Use a Service Mesh or Gateway.
- Physical Constraints?
- CPU Bound? → Avoid complex GraphQL AST parsing or heavy JSON; use gRPC.
- Memory Bound? → Beware of thousands of idle WebSocket buffers.
5. Next Steps
You are now ready to handle data storage. Proceed to Module 04: Database Basics or explore the Load Balancing module.
6. Module 03 Mnemonic Recall
| Mnemonic | Stands For | Chapter |
|---|---|---|
| “Get PUT to DELETE POSTing” | GET, PUT, DELETE are idempotent; POST is neither | Ch 01: REST |
| Richardson 0→3 | POX → Resources → Verbs → HATEOAS. Level 2 is the standard | Ch 01: REST |
| “Never Dive into Complexity” | N+1 problem, Depth limits, Cost analysis — 3 GraphQL safety nets | Ch 02: GraphQL |
| “Some Long Snakes Wander West” | Short, Long polling, SSE, WebSockets, WebTransport | Ch 03: Polling |
| RED | Rate, Errors, Duration — 3 Gateway health signals | Ch 04: Gateway |
| North-South vs East-West | Gateway = external; Service Mesh = internal | Ch 04: Gateway |
7. Staff Engineer Challenge: API Stack Design
The Scenario: You’re the tech lead for a new social media platform. The mobile team wants GraphQL, web team wants REST, and the ML team uses gRPC internally.
The Questions:
- How do you serve all three teams without three separate backends? (Hint: think Gateway + BFF)
- You need to push live updates to 500k concurrent mobile users during sports events. Bursts of 50k updates/second. What protocol and why?
- Your recommendation API takes 800ms. Users see a spinner after the initial page load. How do you architect this to feel faster without changing the recommendation service?