Lessons learned using Firebase in Production
Download as PPTX, PDF1 like98 views
The document outlines lessons learned from using Firebase in production, as presented by Maik Buchmeyer. Key points include Firebase's strengths in mobile application development, performance, and user engagement, alongside challenges like data security and integration limitations, particularly in regions such as China. The insights emphasize the importance of understanding the benefits and trade-offs of Firebase for scalable and reliable product development.
Lessons learned using Firebase in Production
- 1. 1 Lessons learned from using Firebase in Production Maik Buchmeyer @mediavrog CTO @ AIR at en-japan https://air.en-japan.io
- 2. 2 Intro Innovation arm of en-japan since 2014 Digitalise en-japans service portfolio Innovate in HR using modern technology CTO at AIR Creator, love side projects Suica and IC Card reader
- 3. 3 Agenda 1. What is Firebase? 2. About Video Interview 3. Service Architecture 4. Lessons learned 5. Q&A
- 5. 5 Mobile Application Development Platform What is Firebase?
- 6. 6 GrowAnalytics Develop Quality In 2018 What is Firebase?
- 7. 7 Gets a lot of love as well as critique* and everything in between. * recently less so Firebase
- 8. 8 Why chose Firebase? “Focus on providing value” ● Start low cost but able to scale ● Performance and Availability ● Infrastructure, Auth, API, common app features out of the box
- 10. 10 Video Interviewing Platform About Video Interview
- 11. 11 Released Aug. 2017 > 500 company accounts ~ 100 interviews / month About Video Interview
- 13. 13 Integration C (Optional) Hosting Integration B Service Architecture media storage transcoding pipeline iOSWebWeb Recruiter Candidate raw video HLS video Realtime Database Main app database Light file storage (profile images, logos) Main (d/s/p) “Backend” (Mails, HTTP API.) Candidate (d/s/p) Hosting CDN Dashboard Hosting CDN d/s/p: development / staging / production environments Integration A (Optional) Hosting HTTP API 3rd Parties A B C Admin (read only) Web auth Hosting CDN web socket connections via Firebase Web & iOS SDKs ... url Media upload request Media upload
- 14. 14 Integration C (Optional) Hosting Integration B Service Architecture media storage transcoding pipeline iOSWebWeb Recruiter Candidate raw video HLS video Realtime Database Main app database Light file storage (profile images, logos) Main (d/s/p) “Backend” (Mails, HTTP API.) Candidate (d/s/p) Hosting CDN Dashboard Hosting CDN d/s/p: development / staging / production environments Integration A (Optional) Hosting HTTP API 3rd Parties A B C Admin (read only) Web auth Hosting CDN web socket connections via Firebase Web & iOS SDKs ... url Media upload request Media upload
- 15. 15 Integration C (Optional) Hosting Integration B Service Architecture media storage transcoding pipeline iOSWebWeb Recruiter Candidate raw video HLS video Realtime Database Main app database Light file storage (profile images, logos) Main (d/s/p) “Backend” (Mails, HTTP API.) Candidate (d/s/p) Hosting CDN Dashboard Hosting CDN d/s/p: development / staging / production environments Integration A (Optional) Hosting HTTP API 3rd Parties A B C Admin (read only) Web auth Hosting CDN ... url Integration B C
- 16. 16 Integration C (Optional) Hosting Integration B Service Architecture media storage transcoding pipeline iOSWebWeb Recruiter Candidate raw video HLS video Realtime Database Main app database Light file storage (profile images, logos) Main (d/s/p) “Backend” (Mails, HTTP API.) Candidate (d/s/p) Hosting CDN Dashboard Hosting CDN d/s/p: development / staging / production environments Integration A (Optional) Hosting HTTP API 3rd Parties A B C Admin (read only) Web auth Hosting CDN ... url Integration C (Optional) Hosting Integration B Integration A (Optional) Hosting HTTP API 3rd Parties A B C
- 17. 17 Integration C (Optional) Hosting Integration B Service Architecture media storage transcoding pipeline iOSWebWeb Recruiter Candidate raw video HLS video Realtime Database Main app database Light file storage (profile images, logos) Main (d/s/p) “Backend” (Mails, HTTP API.) Candidate (d/s/p) Hosting CDN Dashboard Hosting CDN d/s/p: development / staging / production environments Integration A (Optional) Hosting HTTP API 3rd Parties A B C Admin (read only) Web auth Hosting CDN ... url
- 19. 19 Event-driven database Lessons learned “Realtime” as default great design choice for UX. + Reactive, delightful UI/UX - Denormalized data in RTDB, needs to be kept in sync - “Big JSON” - No shallow queries - One region us-west-1 - 100.000 concurrent users New projects should default to Firestore! - Collections/Documents - Complex queries - Multi-region - 1.000.000 concurrent users
- 20. 20 Security Rules Lessons learned 3,000+ mobile apps leaking data from unsecured Firebase databases + Single location for authorization close to data - huge, brittle JSON with inline Javascript. Need tooling like bolt & testing! - generic PERMISSION_DENIED if rule fails: need duplicate validation logic on clients
- 21. 21 Reliability Lessons learned Backed by Google Cloud Platform and very reliable. SLA has 99.95% uptime, but in reality it’s better. Downtime + Google will fix it - still hurts; no control - partial downtime (e.g. functions) might lead to temporary data inconsistencies → use db triggers carefully! Strategy: Switch app to maintenance mode in sync with Firebase outages Backups - No auto-backup for auth data
- 22. 22 Customization Lessons learned A lot you get out of the box is very basic but takes you a long way. - Emails like “Reset password” provided multi-language, but basic, no customization → Eventually replace vs
- 23. 23 Build integrations Lessons learned Setting up support for API keys for 3rd party access fast and simple. Build an integration with greenhouse ATS in one week. - Add API key related rules - Separate Firebase project - HTTP Functions (express) Authenticate as API key user admin.initializeApp({ credential: admin.credential.cert(serviceAccount), databaseURL: "https://databaseName.firebaseio.com", databaseAuthVariableOverride: { uid: "API-KEY" } });
- 24. 24 Access from China & some corporate networks Lessons learned - Great Firewall actively blocks requests to Google API - SDK communicates with Google APIs for Authentication and Websocket negotiation (cannot customize endpoints using SDK) - Currently, candidates from China cannot access our solution
- 25. 25 Know your tools’ benefits & trade-offs. SimplicityControl
- 26. 26 Works for us at our current stage! 1. Small team can deliver scalable, reliable product across multiple platforms. 2. No infrastructure headaches 3. Cheap *Less than 100円/mo
- 27. 27 Closing thought “Empowerment of creators” ML & Blockchain & X will eventually see similar tools. Web2.0 / Wordpress Bloggers Youtube / Vimeo VJays AWS / Azure / Google Cloud Accessible Infrastructure Firebase / AWS Amplify Accessible development
- 28. 28 Create!
- 29. 29
Editor's Notes
- #15: JavaScript for both Frontend (React) & Backend (Node)