Everything You Need to Get Your GQL Server Production Ready

Rate this content
Bookmark

There are always a lot of questions and conference talks about bringing GraphQL servers into production, but there aren’t a lot of good concrete steps and actions to follow. In the workshop Uri (The founder of The Guild) will walk you through The Guild’s process of bringing GraphQL Server into production.

We will add:

- Powerful Caching
- Logging, Monitoring and tracing
- Security features like Auth, Error Masking, Persisted Operations, Depth and Rate limit


If you are planning to have your GraphQL server running in production, this is a must have workshop for you!

This workshop has been presented at GraphQL Galaxy 2021, check out the latest edition of this Tech Conference.

FAQ

GraphQL Mesh is a tool that allows you to transform and integrate data from various sources (like REST, SOAP, gRPC, SQL, and more) into a unified GraphQL API. It automates the process of generating a GraphQL schema from these sources, which can significantly simplify the development process, ensure type safety, and allow you to query multiple data sources with a single GraphQL query.

Envelope is a plugin system for GraphQL that enhances server capabilities by allowing for highly customizable extensions. It offers advanced features like caching, performance enhancements through GraphQL JIT (Just-In-Time compilation), and support for modern GraphQL features such as live queries and defer/stream directives. Envelope facilitates easier integration with various server environments and improves maintainability and security of GraphQL servers.

GraphQL offers several advantages over traditional REST APIs, including efficient data fetching by allowing clients to request exactly what they need, reducing over-fetching and under-fetching issues. It also simplifies the API by using a single endpoint and improves real-time capabilities with features like subscriptions. Additionally, GraphQL provides a strong type system and introspective capabilities that make APIs easier to develop and consume.

Yes, GraphQL Mesh can handle various types of APIs including REST, SOAP, gRPC, SQL, and more. It can integrate these different data sources into a unified GraphQL schema, providing a consistent API layer over disparate data sources. This capability allows developers to work with various backends using the GraphQL query language, simplifying frontend development and backend integration.

GraphQL JIT, or Just-In-Time compilation, is a performance optimization technique used in the execution of GraphQL queries. By compiling queries into highly optimized executable functions during runtime, GraphQL JIT reduces the execution time and improves the throughput of GraphQL servers. This results in faster response times and better scalability, especially for complex queries or high-load environments.

GraphQL Mesh supports schema federation by allowing multiple GraphQL services to be combined into a single schema. It can merge schemas from different sources seamlessly, handling schema stitching and federation transparently. This enables organizations to split their GraphQL APIs into multiple services while still presenting a unified API to the clients, facilitating better scalability and maintenance.

Uri Goldshtein
Uri Goldshtein
130 min
08 Dec, 2021

Comments

Sign in or register to post your comment.

Video Summary and Transcription

Uri from The Guild introduces GraphQL and its advantages over REST. Implementing GraphQL in production involves starting with a simple use case and using a product-driven schema approach. Code generation plugins and tools like GraphQL Mesh simplify the implementation of GraphQL. The workshop demonstrates how to install GraphQL Mesh, generate a schema, and configure sources. Envelope, a plugin system for GraphQL, provides customization and flexibility, simplifying server development and enhancing security.

1. Introduction to The Guild and GraphQL

Short description:

Uri, a member of The Guild, shares about the group's work and the open-source tools they build. The Guild focuses on sustainable open-source development and ensures their tools are used in production. The tools can be used separately and are designed to be flexible. Uri introduces GraphQL and its advantages over REST, such as reducing round trips and over-fetching. He mentions the project to improve graphql.org and invites others to contribute. The client can query the GraphQL Engine, which executes the query and returns the requested data.

So I'm Uri. I'm a member of a group called The Guild. How many of you heard about The Guild? No one? I've heard. Okay, cool. So I'll just share a bit. The Guild is a group of open source developers. I personally started this group a couple of years ago. I used to work at Apollo. I was actually in the team that started Apollo. We built another thing called Meteor. It was a JavaScript framework, and we thought what would be the next version of Meteor. Back in the day, it was just the days that Facebook opened source to GraphQL. So we thought that maybe the next version of Meteor will be based on GraphQL. And that's how we started Apollo Client, and Apollo Server, and GraphQL Tools Library, and many things that are still popular today.

So I started there at Apollo, and then after a while, I decided to build another group that is structured a bit differently to basically build a sustainable open-source. So the libraries will be well-maintained for the long run, for many, many years, and there wouldn't be pressure of, like, there would be less pressure of selling a product but more of just making sustainable open-source. So that's the yield, like, tools that we build today are GraphQL Code Generator that I'll talk a bit about today, GraphQL Mesh, Envelope, GraphQL Inspector, GraphQL Modules. Very new, we took over GraphQL Yoga, if some of you have heard in my talk, I'm doing also the keynote for GraphQL Galaxy, and in the keynote I'm gonna announce something about that, so you will know that even earlier than everyone. We basically today are the biggest open-source group in GraphQL, and we also do a lot of work that is outside of the GraphQL realm, like with OpenAPI and all kinds of other APIs, like JSON Schema, grpc, all kinds of other, so we do work there as well, so that's a bit about us, and how we work is that we work with actually clients, with companies. We build open-source tools, and then we consult, and also help them introduce the tools, and improve the tools, and things like that, so all of the tools are being built out of real necessity, like that we don't open-source a tool that none of our clients are actually using in production, everything open-source is something that we use in production, so you can know that you can rely on it, and you know there's an actual need for it, and it's not like something we're selling to you, or we do it for popularity reasons, or things like that, so that's a bit about the Guild, every member of the Guild is a member that actually contributed to open-source before they joined the Guild, and also sometimes maybe it's hard for you to find our libraries, because all of the libraries are under people's names, and not under the Guild name, we believe this is a better model for a more sustainable open-source, it's very rare, it's not something that is very common, but that's how we do it today.

I mentioned the Guild in the beginning, we build a lot of different tools, I won't talk too much about that, but just that all of our tools are built in a specific way, both in the open-source way that I mentioned at the beginning, and also they complete a full platform, so the idea is that it provides you with everything you need from the backend to the frontend to build an app, but you could use them completely separately, we're not pushing you to use them, it's not like a vendor locked platform, each tool could be used by itself, we try to break down these tools into the smallest pieces we can, so they will be the most flexible that's possible. And I'm mentioning it now because I think it's important and that's also part of the reasons of why we created some new tools that I would introduce today, because we think in that way actually we can solve things better. And so, I'll touch a bit about that and I'm also doing my introduction to the tools. I'll share maybe a tutorial with you that I think in my opinion, it's better structured compared to other GraphQL tutorials out there because it separates some things. So, I'll get to that soon. But let's go back to the basics of GraphQL. Again, everyone here knows probably a bit about what GraphQL is. It's a query language. You could describe the data that you want to query in a schema. That data could be any data. That's the interesting part about GraphQL. It's a query language, but unlike SQL, where you need to structure your data and your tables in a certain way, here, you could basically create a schema, query that schema, get predictable results. But that schema could describe any data. It could be something you layer on top of a REST API, which is very common. It could be just a file. It could be a database. It could be anything that you have, any data that you want to query, an Excel spreadsheet, anything. So that's interesting because you can now start building graphs of data, of whatever data you have. And you can also layer it in places that are, let's say, that maybe you didn't think about before. I hope I can touch upon it again. So I'm skipping this one. It's just an example of, with REST, you could like query any, if you want to get a list of chats and stuff like that, then you're gonna like query back and forth and maybe you need multiple requests and response. And you could build custom REST endpoints, right? So it's not always true. You could build the perfect REST GraphQL endpoint and you will still get exactly what you want. But that means that that work is being done on the backend. With GraphQL, the client could just describe what they want and get exactly what they want. So extra round trips is like something that a lot of people are talking about as a, I don't know, is something that GraphQL could solve and also over fetching, right? Like you might have an endpoint and in this case it's a certain endpoint for repos on GitHub and you're going to get tons of information that you might not need. So over the wire where that matters, you're going to get a lot of information. This is just something I copied from GraphQL.org. By the way, we are now kind of like we rebuilt the infrastructure for GraphQL.org and we were trying to make it the better resource. So, one thing if any of you are actually interested in documentation and helping your team on board and things like that, I hope to make graphql.org the best place to go and learn about GraphQL and to find all the resources and everything I'm saying now, hopefully you won't need to talk to me. You can just go to graphql.org. So, if any of you are interested in helping, this project didn't move so much for many years and now we to cover it and hopefully we can make graphql.org a better website. So yeah, so, you know, GraphQL what everyone is displaying is that like, I can query for just the data that I need and I can send one query and get back one result. Today we're going to talk about more advanced stuff as well. A bit about, you know, maybe an illustration of how it works. So we have a client and let's say some data sources and in the middle we put, let's call it the GraphQL Engine instead of a GraphQL server. And I hope you can, later on you'll understand why I'm calling it an engine and not a server. So, and we can describe the data of all these data sources using a schema. So you write that schema. There's many different ways of running that schema. We can talk today also about like different ways of writing a schema, that schema could, it could be written merely. And that manual schema could be written in what's called an SDL. So the actual language of GraphQL, what you can see here on the left, but it's gonna also be written with code. So you could write like classes that represents these data structures and there's plus and minus or objects that represents these data structures. And there's plus and minuses for both approaches. And there's also different libraries for all these approaches. If you're interested in that, let me know because I have a lot of opinions about that. So we describe the schema and then the client can basically query for a certain thing that they want, let's say in this case, the user with AB2 and a name, and then the graphical engine would get that query and will execute it in the most efficient way they can. So they would go and fetch maybe the user and then extract from the user object the name and send us back what we actually need.

2. GraphQL's Function and Benefits

Short description:

GraphQL automates a lot of the data work we do, awaits and orchestrates network calls, and shapes data as needed. It provides network performance, a schema of the data graph, orchestration, automation, and the ability to model data from different sources. These are the benefits of GraphQL.

And if we want more information about the user, let's say we send a bigger query, so maybe the servo will get us back the user object and then the graphical engine will actually fetch in parallel the name and the messages if they can see that it can. And then maybe the content can come from a completely different source, but the way we modeled it, we modeled it like the client sees the data, wants to see the data and we modeled it like messages and their content are basically look like the content is basically the same. It's part of the messages object so then the client gets back one single results and it doesn't matter how complicated the server is or how many data sources or how many services your backend has. For the client they get the representation of the data that they expect, which is an important point, I think when we'll get to talk a bit about GraphQL mesh, which I'll talk, I hopefully get to talk today.

You will see that there's two different philosophies of how do we describe the schema of the data? The schema that is basically all of our data sources together in a graph or the schema that the client actually needs. And I hope to show you today that those are, might be two different schemas. So, yeah, so that's like a basic illustration of how GraphQL works, very basic. Now let's dive a bit deeper into that just to understand, because for me, when I talk about GraphQL, I actually just see that there's a function. So I'll show what that function is actually and what that function is actually doing.

So when we describe the data, we also write resolvers. Resolvers are the way to tell GraphQL how to fetch each field. In this case, you know, we have a function. Let's say we want the user's name. So we basically create the function that we know what is the object that it's gonna get as inputs. We know what the inputs that were getting into the function. In our case, it's like a user object, let's say. The parent of, the parent resolver, the entry point for the graph. And then we can execute any code we want. It's basically a function. So we can do whatever we want in that function, including calling another server or anything, and we need to return a string because we defined a string. So that's what we need to do when we create a GraphQL server or a GraphQL engine.

Now, everything you're gonna see in this slide is basically a slide that I'm trying to explain to you like the basic work of what the GraphQL function is doing internally. So everything here, I always, when they show that slide, I ask people to think while they are seeing that slide, where do you write the code today? So the GraphQL function basically gets these resolver functions that were created in the schema. Then it creates, and the other argument that it gets is a query. Really, think about it as a function that's called GraphQL and gets two variables, two inputs. One is called executable schema is that definitions that we see on the left, and their functions. And the other argument is that query that might change between different calls. And then what the GraphQL function will do is that it will get that id 10 that we got on the top, on the query, and execute the first box, the first function. And it will get back an a result. That result would be a user object, let's say. Now it knows by the credit that we need a name and a message. So what GraphQL will do is it will take the boxes and will execute them in parallel because it can, because both of these boxes are actually requiring the same parent value. So it will execute them in parallel. One box, the name will give us the string, we're done. So it will put that in the right place. Then the messages, we actually get three different messages, objects. And for each one of them, we want the title and the date. So now the GraphQL engine will actually run all these different boxes for all the different results. And when the results will arrive, because all of this is async, every box here is an async function. So we can call a remote endpoint or something like that. When the results will get, it will put all the results in the right structure in the right place and will give us back the results. That's the GraphQL function.

Now I think, so what we saw here is GraphQL not only like just minimizes the data that we send over the wire or something like that, but actually GraphQL automates a lot of the data work that we do ourselves, maybe in code or in other means. So GraphQL awaits and orchestrates all the different network calls that we needed to make and all the different actions that we needed to take in order to get the data that we want. And then it also shaped the data in the way that we want. And I think that's the biggest benefit of GraphQL in most environments. In most environments, it's not about necessarily saving some bytes over the network, but actually automating a lot of the data work that we do anyway. And the data work is done in many different ways. It could be done on the client, it could be done on a server, it could be even done on like data analytics services and stuff like that, they query many different services from many different data sources, get the data that they want, and then do some analysis. So all of these could potentially benefit from GraphQL. So, that's kind of like what I just said, like we get network performance, we get like schema of the data graph, but also we get orchestration and automation and we get to have relationships and to model all of our data in a certain way, even if there's many different sources that might not necessarily be connected otherwise. So those are some of the benefits that I think GraphQL has. By the way, if it's very basic, let me know and if you have questions or you want to take me into other directions while I'm saying that, then also let me know.