今日已更新 233 条资讯 | 累计 20205 条内容
关于我们

标签:#Design

找到 152 篇相关文章

AI 资讯

[System Design] Part 4 — Amazon CONDOR & Anticipatory Shipping

Amazon Fulfillment: The Three Tiers of Optimization Amazon processes billions of orders annually through a network of over 175 fulfillment centers globally. To maintain their 1-2 day (or same-day) delivery guarantees, they built a 3-tier optimization architecture: ┌─────────────────────────────────────────────────────────────┐ │ TIER 1: ANTICIPATORY SHIPPING (Long-term — weeks/months) │ │ → ML predicts demand → Moves inventory close to customers │ │ BEFORE they place an order │ ├─────────────────────────────────────────────────────────────┤ │ TIER 2: REGIONALIZATION (Medium-term — days/weeks) │ │ → Partitions the fulfillment network into autonomous zones│ │ → Ensures 70-80% of orders are fulfilled intra-region │ ├─────────────────────────────────────────────────────────────┤ │ TIER 3: CONDOR (Short-term — hours) │ │ → Continuously re-optimizes the fulfillment plan within │ │ a 5-6 hour window before pick-and-pack begins. │ └─────────────────────────────────────────────────────────────┘ Anticipatory Shipping — Shipping Before You Buy A Crazy but Effective Idea Amazon holds a patent (US Patent 8,615,473) describing a system that begins shipping items BEFORE a customer places an order . It sounds like science fiction, but it's a reality. Traditional Model: Customer orders → Warehouse processes → Ships → Delivered (2-5 days) Anticipatory Shipping: ML predicts: "Customers in Region X will buy 200 iPhone 16s in the next 3 days" → Amazon ships 200 iPhones from a central hub to local delivery hubs in Region X → Customer places order → The item is already locally staged → Delivered same-day! ML Model Input Features Input Feature Significance Purchase history What do they buy, and how often? Browsing behavior What are they looking at? Cart abandonment? Wishlists Explicitly desired items Seasonal patterns Winter coats in November, sunscreen in June Regional demographics High-income areas? Young families? College towns? Trending products Items going viral on social media Weathe

2026-06-18 原文 →
AI 资讯

Design Principles of Software: A Real-World Notification System in Go

By Sergio Colque Ponce — Software Engineering, Universidad Privada de Tacna. Full source code: github.com/srg-cp/design-principles-go When people say "this code is well designed" , they rarely mean it has clever tricks. They usually mean it is easy to change . New requirements arrive every week, and good design is what lets you absorb them without rewriting half the project. In this article I take a small, very common requirement — "send a reminder to the user" — and I show how four classic design principles turn a fragile module into one that is open to change and easy to test. Everything is written in Go , and you can run it yourself from the repository linked above. The requirement We are building the backend of a bank appointment system. When an appointment is created, the user should get a reminder. Today it goes by email . Next month, product wants SMS too. After that, WhatsApp . The pattern is obvious: the list of channels will keep growing. A first (bad) attempt The fastest thing to write is one function that does everything: func SendReminder ( channel , recipient , body string ) error { if channel == "email" { // ... open SMTP, format the email, send it } else if channel == "sms" { // ... call the SMS provider } else if channel == "whatsapp" { // ... call the WhatsApp API } return nil } It works on Monday. But look at what it costs us: Every new channel means editing this function and risking the ones that already work. The function knows about SMTP, SMS providers and HTTP clients all at once: it has many reasons to change . To test the email path you need a real (or faked) SMTP server, because the logic is glued to the transport. This is the design we want to avoid. Let's fix it one principle at a time. 1. Single Responsibility Principle (SRP) A piece of code should have one reason to change . Instead of one function that knows every channel, we give each channel its own type that only knows how to deliver through that channel. Here is the email one: // E

2026-06-18 原文 →
AI 资讯

42/60 Days System Design Questions

Your AI agent remembered the user's name. Then it forgot what it was doing. Here's the setup: User asks the agent: book the cheapest flight to NYC, search hotels under $150/night, then compare total trip cost. By step 3, the agent calls the LLM with 8,000 tokens of raw conversation history — and still answers as if it's turn 1. You need a memory architecture before this ships. Which one do you pick? A) In-context window only — full conversation stays in the system prompt. Simple. Breaks at ~15 turns or 8K tokens, whichever comes first. B) Vector memory store — embed past turns, retrieve the top-k by semantic similarity at query time. Works great until "NYC flight" pulls a memory about a past NYC trip instead of the current task. C) Episodic memory with summarization — compress old turns into structured event summaries, inject the relevant ones per request. More complex to build. Much harder to confuse. D) Redis session state — structured key-value store, explicit agent reads/writes. Deterministic. Requires the agent to know what to store and when. One of these collapses past 15 turns. One retrieves the wrong context at exactly the wrong moment. One is the right answer for task-oriented agents. Pick A, B, C, or D — and tell me where you've hit this in production. Full breakdown in the comments.

2026-06-18 原文 →
AI 资讯

Your Nouns Are Not Your Architecture

A common way to design an application is to begin with its nouns: User Product Order Payment Then each noun receives the standard architectural starter pack: UserController UserService UserRepository The controller receives users, the service services them, and the repository stores them somewhere responsible. This is noun-oriented architecture : treating every important thing in the domain as if it were automatically a useful software boundary. It works for simple CRUD systems. Unfortunately, most applications eventually do something. The noun becomes a drawer Consider a typical UserService : register() findByEmail() resetPassword() changeAddress() disableAccount() mergeAccounts() assignRole() calculateDiscount() These operations all involve a user. That is approximately where their similarity ends. They have different rules, dependencies, side effects, security concerns, owners, and reasons to change. They live together because User was the nearest available noun when the folders were created. As more behaviour accumulates, UserService becomes the official location for anything vaguely user-shaped. Other components depend on it. It gradually depends on authentication, email, permissions, billing, auditing, and several services added during incidents nobody wishes to revisit. The noun becomes both a dependency of everything and a consumer of everything. The folder remains impressively tidy. Name the capability, not the material A better starting question is not: What things exist in this system? It is: What must this system be capable of doing? That leads to components such as: UserRegistrar PasswordResetter AccountMerger OrderPlacer PaymentRefunder SubscriptionCanceller These are agentive names . They name the component responsible for performing a capability. Compare: UserService with: PasswordResetter UserService tells us which noun is nearby. PasswordResetter tells us what the component is for. That difference produces better architectural questions: What rules

2026-06-18 原文 →
AI 资讯

The Tips Behind API Artisan: Building Laravel APIs Developers Actually Want to Use

I have just finished writing API Artisan: A Guide to Building APIs with Laravel , and I am giving it away for free. Before you commit to 300-odd pages, let me give you the short version: the tips, patterns, and small decisions that separate an API that technically works from one that developers are genuinely happy to depend on. None of this needs more hardware, a different framework, or a bigger team. It needs you to point your attention at the right things. These are the ones I keep coming back to. Start by measuring the right thing Ask most teams how they know their API is good and you get a single question back: does it work? Can I hit this endpoint and get a response? That question is necessary, and it is nowhere near enough. The question I want you to ask instead is whether your API is liveable with. Can a developer read your docs, understand your auth model, make a successful request, and handle an error without contacting support, trawling a forum, or guessing what a status code is trying to tell them? The gap between "works" and "liveable with" never shows up in a sprint retro, but it shows up everywhere else: in support volume, in integration timelines that overrun, and in the quiet moment a developer decides to build around your API rather than with it. Everything else in the book hangs off one mindset shift: an API is a product. It has users. Treat it as an implementation detail and it will behave like one. It will change without warning when your internals change, and it will be inconsistent because different people wrote different parts on different days with different conventions. Write the contract before the code The natural way to build an endpoint is to write the handler, return some data, and document it afterwards if there is time. It feels efficient, and in the short term it is. The problem is what it produces: a contract that was never designed, only discovered. Let me show you the trap, because I have watched it catch good developers. You have

2026-06-17 原文 →
AI 资讯

Bannx — High-Volume Banner, Ad & PDF Automation for Developers and Designers

If you've ever had to generate hundreds of social media banners, OG images, or PDF certificates programmatically — you know how painful that workflow can get. Stitching together Canvas, Puppeteer, or headless Chrome just to render a templated image is a lot of overhead for what should be a straightforward task. That's exactly the problem Bannx is built to solve. What is Bannx? Bannx is a high-volume banner, ad, and PDF automation platform. It combines a visual template editor with a developer-friendly REST API, so designers can build beautiful templates and developers can render them at scale — no browser required. Think of it as the missing link between your design system and your backend. Key Features 🖼️ Visual Template Editor Bannx comes with a full-featured editor where you can create templates for: Social media graphics (Instagram, Twitter/X, LinkedIn) OG images for blogs and articles Ad banners E-commerce assets (product cards, order confirmations) Certificates and branded PDFs and more... Variables can be bound to any element in the template, making every design data-driven from the start. ⚡ REST API for Rendering Once your template is ready, rendering it is a single HTTP request: curl -X POST https://bannx.com/api/render \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "pageId": "PAGE_ID", "format": "png" }' You get back a hosted URL and metadata — ready to display, store, or pass downstream. You can also stream raw binary output with "output": "binary" . Supported export formats: PNG, JPEG, SVG, WebP, PDF 📦 Bulk Generation via CSV Need to generate 10,000 personalized certificates or product cards? Upload a CSV and Bannx handles the rest. Each row maps to a set of variable overrides — no scripting required. 🧩 Dynamic Links & Variables Templates support per-request variable overrides, so you can pass data directly in the API call without modifying the template. Combined with template expressions (functions and conditiona

2026-06-16 原文 →
AI 资讯

Same Prompt, Four AI Tools, One Cricket Banner: ChatGPT Won the Image, Grok Won the Video, and Claude Built a Website Again

TL;DR — A few weeks ago I tested four AI tools on a build job: a website for my son's cricket academy. This time the job had nothing to do with code. The coach just wanted a banner he could post. Same four tools, totally different result. ChatGPT made the best image, Grok made the best video, Gemini wouldn't make anything, and Claude tried to solve a graphics problem by writing HTML. If you read the last post , you've met my son's cricket coach. He runs MMCA — Maverick Master's Cricket Academy. Started in 2020, based in Bengaluru, genuinely good with the kids. The website is live now and parents have started messaging him on WhatsApp. So last weekend he came back with the next thing he needed, which is the thing every small academy actually runs on: "Can you make me a weekend batch banner? Something I can post in the parent groups." Now, this is a completely different job from the last one. That first experiment was design and development — agents writing real code, running tests, deploying to Cloudflare. This one is just graphics. No repo, no deploy, nobody reviewing a pull request. Just: here's my logo, here's a sample I like, make me something I'd be happy to send out. So I figured I'd run the same four tools again and see what happened. Same brief, same logo, everything on the default model with no special settings : ChatGPT, Claude, Gemini, Grok. Here's roughly what I typed, the way a normal client would brief you: Similar to this banner, make one for MMCA Academy (since 2020, logo attached). Weekend batch Sat 4:30—7, Sun 7—9:30pm. Add a small phrase like the sample. Be creative, keep it simple, but don't copy the sample exactly. The whole test really came down to one instruction: be creative, but don't copy. Whatever each tool did with that told me everything. Round 1: the static banner ChatGPT got it on the first go. "WEEKEND BATCH. TRAIN. PLAY. GROW." Logo top-left, the "Since 2020" bit kept, timings in clean little cards, an enrol number, three badges acros

2026-06-16 原文 →
AI 资讯

REST vs GraphQL vs gRPC — Which One Should You Actually Use?

Every engineering team hits this conversation at some point. Someone proposes GraphQL. Someone else says REST is fine. A third person mentions gRPC and half the room goes quiet. The debate usually ends with the most senior person in the room picking what they're most familiar with. That's not a strategy — that's habit. Here's an objective breakdown of all three, when each one wins, and how to actually make the decision for your specific use case. The Core Mental Model Before comparing them, understand what each one is optimizing for: REST optimizes for simplicity and broad compatibility GraphQL optimizes for flexibility and precise data fetching gRPC optimizes for performance and strongly-typed contracts None of them is universally better. Each one is a tradeoff. The right answer depends entirely on who is consuming your API and what they need from it. REST — The Default That Still Wins Most of the Time REST (Representational State Transfer) is not a protocol. It's an architectural style built on HTTP — verbs, URLs, and status codes most developers already understand. Where REST genuinely wins: Public APIs. If external developers are consuming your API, REST is the only reasonable default. The tooling, documentation patterns, and developer familiarity are unmatched. Stripe, Twilio, GitHub — all REST. Simple CRUD services. If your resource model is straightforward, REST maps cleanly to it. No overhead, no learning curve, no ceremony. Browser-native requests. REST over HTTP works directly in the browser without any special client. Fetch it, done. Where REST struggles: Over-fetching and under-fetching. A single REST endpoint returns a fixed shape. Mobile clients that need 3 fields get 40. Separate data needs often require multiple round trips. Versioning overhead. As covered in our previous post — every breaking change forces a versioning decision. This compounds quickly on complex APIs. GraphQL — Powerful, But You Need to Earn It GraphQL is a query language for your A

2026-06-16 原文 →
AI 资讯

Build an AI Pipeline FastAPI + Kafka + Workers

Most AI demos work perfectly on a laptop. But production AI systems can become fragile when everything is handled inside one synchronous API call. A user sends a request. The API extracts text. The API chunks the content. The API generates embeddings. The API stores data. The API waits for everything to finish. This may look simple in a demo, but it quickly becomes a problem in real systems. The problem with one giant API call In many AI applications, the API is expected to do too much. For example, in a document processing or RAG pipeline, one request may trigger multiple heavy steps: text extraction chunking embedding generation indexing summarization database updates If all of this happens inside one synchronous request, the API becomes slow and fragile. If one downstream step fails, the complete request may fail. If traffic increases suddenly, the API may become overloaded. This is why event-driven architecture becomes useful for AI workloads. A better approach: API + Kafka + workers Instead of making the API do everything, we can split the workflow into smaller services. The API accepts the request and publishes an event. Background workers consume events and continue the processing asynchronously. A simple flow looks like this: User Request ↓ FastAPI ↓ Kafka / Redpanda Topic ↓ Python Worker ↓ Next Processing Stage In my practical demo, I am using: FastAPI Redpanda Python workers Docker Compose Kafka-compatible messaging Why Redpanda? Redpanda is Kafka-compatible, which makes it useful for local demos and event-driven architecture experiments. It allows us to work with Kafka-style topics, producers, and consumers while keeping the setup simple for development. What this architecture gives us This approach helps with: decoupling services handling bursty workloads moving long-running tasks to background workers improving scalability isolating failures building production-style AI pipelines This pattern is especially useful for AI systems involving: document proce

2026-06-16 原文 →
AI 资讯

[System Design] Ride-Hailing Dispatch Algorithm: How Uber DISCO & Grab DispatchGym Match Drivers

Every time you tap "Book Ride," a system makes dozens of decisions in under two seconds: Which driver? What route? What's the real ETA? This article breaks down exactly how the dispatch algorithm works — from the greedy approach that fails at scale, to the bipartite graphs, batched matching, and surge pricing mechanics that power Uber, Lyft, Grab, and Gojek today. Why a Greedy Dispatch Algorithm Fails (Closest Driver Problem) The first instinct when designing a matching system is to pair every customer with their nearest driver. However, this Greedy approach causes massive losses at a system-wide scale: Example: 3 riders (R1, R2, R3) and 3 drivers (D1, D2, D3) Greedy Matching (closest driver): R1 ← D1 (ETA 2 mins) ✓ R2 ← D3 (ETA 8 mins) ← D2 was "taken" by R1, even though D2 is closer to R2 R3 ← D2 (ETA 10 mins) ← Terrible outcome Total ETA: 2 + 8 + 10 = 20 minutes Optimal Matching (global optimal): R1 ← D2 (ETA 3 mins) R2 ← D1 (ETA 3 mins) R3 ← D3 (ETA 4 mins) Total ETA: 3 + 3 + 4 = 10 minutes ← 50% better! Uber refers to this problem as Global Optimization — finding an assignment strategy that minimizes the total ETA of the entire system , rather than optimizing just for individual pairs. Bipartite Graph Matching: The Mathematical Foundation (Lyft) Before diving into the systems, it helps to understand the mathematical model that all ride-hailing matching engines share at their core. Lyft formalizes dispatch as a bipartite graph matching problem : Bipartite Graph: Set A (Riders): { R1, R2, R3, R4 } Set B (Drivers): { D1, D2, D3, D4, D5 } Edges: every possible Rider ↔ Driver pair Edge Weight: cost of that match (e.g., ETA, driver rating, distance) Goal: Find a set of edges (a "matching") where: - No rider is matched to more than one driver - No driver is matched to more than one rider - The total cost of all selected edges is minimized This is known as the Minimum Weight Bipartite Matching problem. The classical algorithm for solving it is the Hungarian Algorithm (

2026-06-15 原文 →
AI 资讯

How to Choose the Right Color Palette for UI/UX Design

A beautiful interface isn't created by random colors. The right color palette can increase usability, improve brand recognition, and guide users toward important actions. Here's a simple process I follow when designing products: ✅ 1. Start with Your Brand Personality Ask yourself: • Professional or playful? • Premium or affordable? • Modern or traditional? Examples: 🔵 Blue = Trust, security, professionalism 🟢 Green = Growth, health, sustainability 🟣 Purple = Creativity, innovation 🔴 Red = Energy, urgency, excitement Your primary color should reflect your brand's personality. ━━━━━━━━━━━━━━ ✅ 2. Use the 60-30-10 Rule A balanced interface often follows: • 60% Primary Background Color • 30% Secondary Color • 10% Accent Color This creates visual harmony and prevents color overload. ━━━━━━━━━━━━━━ ✅ 3. Limit Your Palette Many beginners use too many colors. A professional UI usually needs: • 1 Primary Color • 1 Secondary Color • 1 Accent Color • Neutral Colors (White, Gray, Black) Less is often more. ━━━━━━━━━━━━━━ ✅ 4. Think About Accessibility Your design should work for everyone. Check: ✔ Text contrast ✔ Button visibility ✔ Readability on mobile screens If users struggle to read content, even the most beautiful design fails. ━━━━━━━━━━━━━━ ✅ 5. Create a Consistent Color System Instead of random shades: Primary: • 50 • 100 • 200 • 300 • 400 • 500 Secondary: • 50 • 100 • 200 • 300 • 400 • 500 This makes scaling your product much easier. ━━━━━━━━━━━━━━ ✅ 6. Analyze Successful Products Study platforms like: • Airbnb • Spotify • Stripe • Notion Notice how they use color intentionally to guide user attention. ━━━━━━━━━━━━━━ 💡 Quick Formula Primary Color → Brand Identity Secondary Color → Support Content Accent Color → Call-To-Action Buttons Neutral Colors → Layout & Typography Good UI isn't about using more colors. It's about using the right colors in the right places. What's your favorite color palette for modern web applications? UIUX #UIDesign #UXDesign #WebDesign #Produc

2026-06-15 原文 →
AI 资讯

HLD Fundamentals #1: Network Protocols

Network Protocols Network protocols define how computers communicate over a network. Whether you're opening Instagram, sending a WhatsApp message, watching Netflix, or transferring money through a banking app, some protocol is working behind the scenes to make communication possible. Client-Server Model What is it? The Client-Server model is a communication architecture where: Client requests a service or data. Server processes the request and returns a response. Most modern applications follow this architecture. How Does It Work? Client ---------- Request ----------> Server Client <--------- Response ---------- Server The client always initiates communication, and the server listens for incoming requests. Real World Example Instagram When you open Instagram: Mobile app sends a request. Instagram servers process the request. Feed data is fetched from databases. Posts are returned to your phone. Instagram App | V Instagram Server | V Database Advantages Centralized control Easier security management Easy maintenance Easier data consistency Disadvantages Server can become a bottleneck Single point of failure if not replicated Interview One-Liner Client-Server architecture is a centralized model where clients request resources and servers provide them. Peer-to-Peer (P2P) Model What is it? In a Peer-to-Peer network, every machine can act as both: Client Server There is no central server controlling communication. How Does It Work? Peer A <------> Peer B ^ ^ | | V V Peer C <------> Peer D Each peer can directly share resources with others. Real World Example BitTorrent Instead of downloading a file from one server: User | +--> Peer 1 | +--> Peer 2 | +--> Peer 3 Different parts of the file are downloaded from multiple peers simultaneously. Blockchain Bitcoin and Ethereum networks operate using Peer-to-Peer communication. Advantages Highly scalable No central server cost Better fault tolerance Disadvantages Harder to manage Security challenges Data consistency issues Inter

2026-06-14 原文 →
AI 资讯

From Scaling Data to Transcribing Voices: Building Resilience Under Pressure

As my backend engineering internship wraps up, I’ve been reflecting on the tasks that pushed me the hardest. Building minimum viable products is one thing, but making them resilient, scalable, and fault-tolerant is an entirely different beast. Here are two of the most memorable tasks from my time here—one solo dive into system scaling, and one team effort tackling asynchronous voice processing. Task 1: Scaling the Insighta Labs+ Query Engine (Individual) What it was Insighta Labs+ is a demographic intelligence platform where analysts and engineers run structured queries on user profiles via a CLI and a Web Portal (backed by GitHub OAuth and RBAC). My task was to take a functional MVP and evolve it into a robust query engine capable of handling tens of millions of records and hundreds of concurrent queries per minute. The problem it was solving The initial architecture worked flawlessly for a few thousand records, but under scale, it started showing cracks. Latency : Without indexing, every filter query triggered a full-table scan. Redundancy : Identical queries from different users wasted CPU and DB cycles. Write-Pressure : Users needed to bulk-upload CSVs containing up to 500,000 rows. Processing these synchronously locked the database, bringing read operations to a halt. How I approached it Instead of blindly throwing more server power at the problem, I focused on doing less work. Targeted Indexing : I added indexes only to frequently filtered columns. Caching & Normalization : I introduced Redis for TTL-based caching. To maximize cache hits, I built a query normalization layer. Whether a user queried "young males" or "men under 30" , the parser normalized the filter object into a canonical form before hashing the cache key. Connection Pooling : I set up PgBouncer to manage database connections and prevent exhaustion under high concurrency. Chunked Ingestion : For the massive CSV uploads, I implemented chunked streaming. Rows were validated individually; valid row

2026-06-13 原文 →
AI 资讯

WebMCP Standard Proposal for Agentic Web Actuation Now Available in Chrome (Origin Trials)

Google recently announced that WebMCP is entering origin trials in Chrome 149. The new WebMCP standard proposal lets sites expose tools (e.g., JavaScript functions and HTML forms) to in-browser AI agents, which can thus reliably simulate user actions instead of resorting to possibly expensive (e.g., on-screen reading) and often unreliable guesswork (e.g., DOM scraping). By Bruno Couriol

2026-06-13 原文 →
AI 资讯

Building Taocarts’ Anti-Fraud Risk Control System: Eliminating Malicious Exploitation of Coupons, Points, and Promotions

Cross-border purchasing platforms commonly use marketing tactics such as coupons, registration points, order rebates, and spend-based discounts to acquire new users and boost engagement. However, public promotions are prime targets for “wool hunters” (fraudsters) who exploit batch account registration, fake orders, malicious order spamming, and combined discount abuse to drain platform benefits, causing direct financial losses. Most purchasing systems lack dedicated event risk controls, making them highly vulnerable to batch exploitation as soon as a promotion goes live. This not only leads to financial losses but also crowds out genuine user benefits and distorts campaign effectiveness. This article details Taocarts’ comprehensive anti-fraud risk control framework, which uses multi‑dimensional behavior detection, rule‑based blocking, and account risk assessment to accurately distinguish real users from malicious exploiters, ensuring fair and controllable marketing activities. First, we identify common malicious exploitation scenarios and system vulnerabilities in cross‑border platforms: Batch account registration – Using new‑user exclusive coupons and registration points to harvest benefits repeatedly. Fake order placement and cancellation – Repeatedly claiming limited‑time discounts or rebates by placing and then canceling orders. Multiple accounts from the same device/IP – Spamming orders to consume activity quotas. Illegal discount stacking – Violating platform rules by combining multiple coupons or point deductions. Activity volume manipulation – Generating fake orders to earn activity rewards or points, creating false engagement data. Traditional systems have no risk rules and cannot detect batch operations or abnormal behavior, leading to wasted marketing spend and campaigns that actually lose money. Taocarts builds a fine‑grained anti‑exploit rule engine based on four dimensions: user behavior, device information, network characteristics, and order data, ena

2026-06-11 原文 →
AI 资讯

I Built My Own API Gateway in Rust — Here's What I Learned

Every backend project I've worked on eventually hits the same wall. You start clean — one service, simple routes, everything works. Then slowly the requirements creep in. "We need rate limiting." "Can we add auth middleware?" "What happens when the user service goes down — does it take everything else with it?" You either bolt these things onto every service individually, copy-paste the same middleware across projects, or pay for a managed gateway like Kong or AWS API Gateway and hope it does what you need. I wanted to actually understand how these things work under the hood. So I'm building one — and this is what I've learned so far. What is Ferrox? Ferrox is a self-hosted, programmable API gateway written entirely in Rust. It sits in front of your backend services and handles everything a production system needs in one place: Dynamic routing — point any path prefix to any upstream service Authentication — JWT and API key validation on protected routes Rate limiting — Redis-backed per-IP and per-API-key limiting Circuit breaking — stops hammering a dead upstream service Response caching — Redis-backed TTL cache per route Real-time observability — WebSocket dashboard with live request stats Prometheus metrics — plug straight into Grafana The idea is simple. Instead of this: Client → Service A (has its own auth, rate limiting, logging) Client → Service B (has its own auth, rate limiting, logging) Client → Service C (has its own auth, rate limiting, logging) You get this: Client | v FERROX (auth, rate limiting, circuit breaking, logging — once) | +--------+--------+ | | | Svc A Svc B Svc C (clean) (clean) (clean) Your services stay clean. Ferrox handles the cross-cutting concerns. Why Rust? Honest answer — I already knew Rust from my backend work. But for a gateway specifically, it felt like the obvious choice. A gateway sits on the critical path of every single request. Every millisecond of latency it adds is latency your users feel. You need predictable performance

2026-06-10 原文 →