有多少数据库支持电子商务?
我有一个带有两个数据库的系统,一个是面向客户的网站使用的,第二个是“后台”订单履行系统使用的。我被要求从网站到后台系统运行查询。我宁愿不这样做,允许基于网络的请求在内部系统上运行而不被注意似乎是有风险的。此外,这意味着在防火墙中打开路由以允许外部连接到内部服务器。
电子商务的最佳实践是什么?整个公司依靠一个数据库运行?或者每个系统都有单独的数据库以及连接它们的中间件?
有时,Web 应用程序可能需要从内部系统提取数据,但不是基于来自互联网的 HTTP 请求。
我确信最好的答案是“视情况而定!”因此,如果人们对于何时使用中间件和何时不使用中间件有一个经验法则,我想在这里提供。
I have a system with two databases, one that the customer-facing website uses, the second that is used by the "backroom" order-fulfillment system. I've been asked to run queries from the website to the backroom system. I'd rather not, it seems risky to allow web-based request to run unheeded on the internal system. Additionally, this means opening up routing in the firewall to allow external connections to the internal server.
What's the best practice for eCommerce? Run the entire company off of one database? Or individual databases for each system, and middleware to connect them?
Sometimes it might be necessary for the web application to pull date from the internal system, but not based on an HTTP request from the internet.
I'm sure the best answer is "it depends!" So, if people have a rule of thumb for when to use middleware and when not to, I'd like to here it.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
这里有很多选择。
1)数据传输。您可以将数据发送到 Web 数据库,以便它拥有自己的本地信息缓存,以便在需要时使用。
2)服务。您可以使用接受请求并发回数据的服务来保护您的内部数据库。这避免了对内部数据库的任何直接访问,但为您提供了非数据外的数据的好处,就像选项 1 中那样。3
) 服务总线。如果需要的话,您可以在两个系统之间插入一些中间件来处理诸如保证交付和 ETL 之类的事情。
本质上,有很多正确的答案 - 和一些错误的答案......
错误的答案包括将所有内容都放在一个数据库中,允许从互联网直接访问您的内部数据库以及在两个数据库之间设置链接服务器!
There are lots of options here.
1) Data shipping. You could send data up to the web database so it has it's own local cache of information to use when it needs to.
2) Services. You could protect your internal database using a service that accepts requests and sends data back. This avoids any direct access to your internal database but gives you the benefit of data that isn't out of data, as it would be in option 1.
3) Service Bus. You could stick some middleware in between the two systems that deals with things such as guaranteed delivery and ETL if you need those things.
Essentially, there are lots of right answers - and a few wrong answers...
Wrong answers include sticking everything in a single database, allowing direct access from the internet to your internal database and setting up a linked-server between the two databases!
更不安全的是使用客户端通过 HTTP 服务器连接到的单个数据库。跨不同安全区域拥有多个数据库是很常见的。
Even less secure would be using a single database which clients connect to through an HTTP server. It is quite common to have several databases across different security zones.
那么,您可以将数据从事务数据库复制到只读副本,以运行报告查询作为相对快速的修复解决方案。然而,对于电子商务,您需要了解 PCI 并确保遵循其要求来保护敏感的客户/信用卡数据。 PCI 合规性指南
下一步是构建一个专门用于报告目的的数据仓库 - 使其更容易编写查询并让它们更有效地运行来对数据进行切片和切块 - 从多个角度(维度)查看数据。 Ralph Kimball 数据仓库大师
Well you could replicate the data from your transactional databases to read-only copies to run reporting queries against as a relatively quick fix solution. With eCommerce however you need to be aware of PCI and ensure you're following their requirements to safeguard sensitive customer / credit card data. PCI Compliance Guide
The next step is to build a data warehouse that's organized specifically for reporting purposes - making it easier to write queries as well as have them run much more efficiently to slice and dice your data - seeing it from multiple points of view (dimensions). Ralph Kimball Data warehouse Guru