A 2 layer architecture for a public service is useful for a bunch of reasons- load balancing, service availability during upgrades, security, separation of concerns (e.g. segregate apps by workload, offload gzip encoding, ssl endpoint, local static asset caching).
Now, I haven't tried this with restlet yet, but it looks to me like restlet could be used on both layers. That said, there is a point at which *running* a public service requires its own expertise to manage the endpoint, and typically people focused on that use those tools- HAProxy, nginx, apache, etc. And they tend to think of a jvm as opaque and hard to manage. Try telling an ops person that they have to tune GC on their load balancer and they'll probably quit. But I definitely see the appeal of having a restlet uberjar, packaging jetty and spring and a bunch of other connectors, to serve as a kind of universal REST server that could do load balancing, reverse proxy, template rendering, or whatever- expose a REST interface to a database or to other proprietary back end services- all by just swapping in and out spring bean configuration. There are still some areas of weakness- I think e.g. the slowloris DoS attack is not defensible from a JVM. But as a devops tool, it seems like it has potential. On Fri, Sep 24, 2010 at 10:56 AM, Tim Peierls <[email protected]> wrote: > I share David's frustration. One of the things that attracted me to Restlet > in the first place was the hope that I could throw away all the other > processes and do everything in the JVM. Why couldn't I put whatever > throttling/defensive logic (that I would otherwise have to put in a separate > process) right into the Restlet Component? Is a Restlet Component inherently > "vulnerable" as Tal puts it, or is it just that no one has provided the > right defensive Restlet Filter so far? > --tim > > On Fri, Sep 24, 2010 at 2:24 AM, David Fogel <[email protected]> wrote: >> >> Hi Tal, William- >> >> Thanks for your feedback! >> >> Regarding putting the JVM behind Apache or some other proxy: well, >> we're likely to have to use a load-balancer soon, but aside from that, >> I find it frustrating to put something in front of the JVM- shouldn't >> java web servers be considered just as robust and fast as ones written >> in C or something else? It's not like java web servers are >> inefficient CGI scripts or something, yet everyone is always saying to >> stick things in front of them. I'm not suggesting this is wrong, just >> that it's frustrating :-) >> >> Wouldn't it be nice if products like Jetty, Simple, etc had >> appropriate built-in features to combat various misuse? It seems like >> if they're serious about being web servers, they should consider these >> features to be important. >> >> Anyhow, I'll probably try to block a few things at the Simple or >> Restlet Filter level, just to make myself feel better... >> >> thanks, >> Dave Fogel >> >> ------------------------------------------------------ >> >> http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2663951 > > ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2664279
