Delivering Dynamic Web Content via Three-Tier Architecture
Web Application Servers are nothing new in the tech world but many business managers, application developers and systems administrators still don’t understand what they are or why they’re needed. The Three-Tier Architecture allows architects and developers to create a dynamic and relatively secure method of delivery dynamic content to users. Web Application Servers are the key component in this three-tiered delivery model. A Web Application Server (WAS) not only delivers dynamic content but it also contains the business logic, the business rules, the data access and a modulated connectivity path between the data and the data consumer or user.
Three-Tier Architecture (3TA) is the design that results from splitting individual services onto multiple systems and into multiple layers—both physical and logical.
Logical vs. Physical Architecture
3TA consists of three distinct tiers or layers: Presentation, Application and Data. When speaking of 3TA, most discussions refer to the logical architectural layout. Logically, the Presentation Tier consists of client computers and web services that provide the user interface. The middle or Application Tier contains the business logic, the rules for information processing and the data access components. The Data Tier contains the data and data storage.
The Presentation Tier or layer deals with user interaction and user experience. This layer transmits requests from the user and presents the responses back to the user in a readable format. The Application or middle Tier receives requests and either responds directly back to the user or queries the datastore and configures a response for the user.
The third tier is the Data Tier and its purpose is to store data and to provide that data via requests from the Application Tier. The Data Tier never comes in direct contact with the Presentation Tier.
Three-Tier Design Advantages and Disadvantages
- Scalable Design – The addition of new servers and load balancing can grow an environment to accommodate large numbers of client connections.
- Parallel Development – Developers and DBAs can work simultaneously and independently on the different layers (tiers).
- Superior Performance – Separation of CPU-intensive, memory-intensive and I/O-intensive operations increases and extends performance of all components.
- Increased Security – Physical and logical separation of components can increase security.
- Improved Availability – Redundant server members decrease the severity of outages.
- Design Complexity – Multi-tier architecture is more difficult to implement than single tier.
- Increased Maintenance – Designated systems (Web, Application and Database) often have their own maintenance schedules and windows that might prove cumbersome to production.
Physically, the servers have separation from one another as well. Client systems are part of the Presentation Tier and remotely located (physically separated) from the other tiers. To further separate the Presentation Tier from the Application Tier, architects place web servers in a DMZ so they’re network connectivity faces the Internet on one side and the corporate LAN on the other. On the LAN side, a firewall limits the TCP/IP connectivity to a few destinations: The Application Servers. This limited connectivity reduces the attack surface for would-be intruders.
Connectivity constraints between physical tiers continue from the Application Tier to the Data Tier. Architects further isolate database systems and data storage by only allowing database access from the application servers in the Application Tier. And, only the database systems directly access data storage.
This isolation of tiers is not only a security measure but also one of performance and one of availability. By imposing limits on the number of connection origins, from the web servers to the application servers and from application servers to the database servers, the potential for capacity overload is very low. Additionally, by spreading the load over multiple web servers, multiple application servers and even multiple database instances via load balancing mitigates performance problems due to high traffic bursts.
For availability, multiple systems provide a resource pool that creates a cushion against service outage in case of a single system’s failure. Administrators will remove the failed system from load balancing until it’s replaced or repaired.
Application Server Role
The role of the application server or the WAS is to receive requests for dynamic data from web servers, to filter and to shuttle those requests to the database, to gather and to organize the requested data and to deliver it back to the user. The application server also performs security checks including verification, validation and authentication. Developers usually implement some sort of data “scrubbing” routines into the application server’s processing to eliminate the presentation of duplicate records, incomplete records or NULL results.
Application Server Software
There are two major contenders in the application server software market: Java (Oracle) and .NET (Microsoft). The Java application server is a cross-platform language and runtime environment, which means that it is platform independent and that it maintains compatibility with Windows, Linux, UNIX, Mac and other server platforms. Microsoft’s .NET only operates on the Windows operating system although there is a project currently underway whose purpose it is to port .NET applications to Linux.
The Advantages of Well-Designed Architecture
Although anyone can find numerous examples of Three-Tier designs and Web Application How-Tos on Internet sites, there’s no substitute for a professionally crafted data-backed web application. To maintain a web application infrastructure, requires a trained team of IT professionals including: System administrators, DBAs and application developers. But, no matter how good your support staff is, a poorly architected web application solution will never provide you with the service you expect from it. In a Three-Tier web application, make sure that you have an adequate number of web servers available to accommodate the amount of traffic you expect because your web servers will be very busy.
Some architects use a combination of physical web servers and virtual web servers that administrators spin up to adjust for high traffic times (during special promotions, for example).
Apply weighted load balancing to your web servers and to your application servers. Also enable session affinity (sticky sessions) in your load balancing setup. Using session affinity at this level greatly simplifies some of the session management in the application.
The Pre-Production To Do List
During the pre-production phase of your web application launch, a few things need to happen. The first is load testing. You need an experienced load tester to place stress on your system to make sure that it can handle many simultaneous users. On the user interface side, you should enlist a software tester to ensure that your interface is intuitive and not easily broken by erroneous input. Additionally, you need a representative group of users to provide feedback on the user interface. Finally, you should have a security audit performed on the environment to include penetration testing and vulnerability testing.
When the need arises for your application to go public or to reach a large audience, you need to move to a scalable and manageable architecture. Three-tier architecture is one very good answer to that problem. 3TA is true data center architecture that includes a security component, a performance component and an availability component. Put them together and you’ve built a near-unbreakable service for your intended user base. The best web application service begins with exceptional design and ends with happy customers.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet.