# Introduction to Software Architecture ## The 2 AM Wake-Up Call That Changed Everything It was 2:47 AM when my phone rang. Our POS system had crashed during peak dinner service at a busy restaurant. Orders were piling up, customers were getting frustrated, and the manager was losing money every minute the system was down. The culprit? I had tightly coupled the payment processing logic directly into the order creation endpoint. When the payment gateway experienced a hiccup, it brought down the entire application. No one could place orders, check inventory, or even access the menu. One small integration failure cascaded into complete system failure. That night, as I frantically deployed a hotfix at 3 AM, I realized something fundamental: **code that works isn't enough. The way you structure that code—your architecture—determines whether your system survives in production or falls apart under real-world conditions.** This incident taught me that software architecture isn't academic theory—it's the difference between sleeping peacefully and debugging production disasters at ungodly hours. ## Architecture vs. Design: Understanding the Pyramid When I started building the POS system, I confused architecture with design patterns. I thought using the right design pattern made my architecture good. I was wrong. Here's how they actually relate: {% @mermaid/diagram content="graph TB subgraph "The Software Structure Pyramid" A\[Architecture
System-wide decisions
Microservices, databases, communication] B\[Design Patterns
Component-level solutions
Repository, Factory, Strategy] C\[Code
Implementation
Classes, functions, variables] end ``` A --> B B --> C style A fill:#ff6b6b style B fill:#4ecdc4 style C fill:#95e1d3" %} ``` **Architecture** answers questions like: * Should we build a monolith or microservices? * How do services communicate? * Where does data live? * How do we handle failures? **Design patterns** answer questions like: * How do we access the database? * How do we create objects? * How do we handle different payment types? **Code** is the actual implementation. Here's the critical insight: **good design patterns can't save bad architecture, but good architecture makes design patterns work better.** ## The Evolution: From Simple to Complex (The Hard Way) Let me show you how my POS system evolved—and the painful lessons at each stage. ### Phase 1: The Naive Monolith (Month 1) "I'll just build everything in one application. It's simpler!" ```python # main.py - Everything in one file (Mistake #1) from fastapi import FastAPI, HTTPException from sqlalchemy import create_engine, Column, Integer, String, Float from sqlalchemy.ext.declarative import declarative_base from sqlalchemy.orm import sessionmaker app = FastAPI() engine = create_engine("postgresql://localhost/pos") SessionLocal = sessionmaker(bind=engine) Base = declarative_base() # All models in one place class User(Base): __tablename__ = "users" id = Column(Integer, primary_key=True) username = Column(String) password = Column(String) # Storing plain text! (Mistake #2) class Product(Base): __tablename__ = "products" id = Column(Integer, primary_key=True) name = Column(String) price = Column(Float) class Order(Base): __tablename__ = "orders" id = Column(Integer, primary_key=True) user_id = Column(Integer) total = Column(Float) # All logic in route handlers (Mistake #3) @app.post("/orders") async def create_order(items: list): db = SessionLocal() try: # Calculate total total = 0 for item in items: product = db.query(Product).get(item["product_id"]) total += product.price * item["quantity"] # Process payment (blocking, coupled!) (Mistake #4) payment_response = process_payment(total) # Create order order = Order(total=total) db.add(order) db.commit() return {"order_id": order.id} finally: db.close() def process_payment(amount: float): # Call external payment API (this blocks everything!) import requests response = requests.post("https://payment-gateway.com/charge", json={"amount": amount}, timeout=30) # 30 seconds of blocking! return response.json() ``` **What went wrong:** * Payment API timeout blocked order creation * No separation of concerns * Impossible to scale individual components * One crash brought everything down * No tenant isolation (all data mixed together) ### Phase 2: The Modular Monolith (Month 3) After the first production incident, I refactored into modules: ```python # project structure pos_system/ ├── main.py ├── auth/ │ ├── service.py │ ├── models.py │ └── router.py ├── orders/ │ ├── service.py │ ├── models.py │ └── router.py ├── payments/ │ ├── service.py │ └── router.py ├── inventory/ │ ├── service.py │ ├── models.py │ └── router.py └── database.py # orders/service.py - Better separation from typing import List from .models import Order from ..payments.service import PaymentService from ..inventory.service import InventoryService class OrderService: def __init__(self, payment_service: PaymentService, inventory_service: InventoryService): self.payment_service = payment_service self.inventory_service = inventory_service async def create_order(self, tenant_id: str, items: List[dict]) -> Order: # Check inventory first for item in items: available = await self.inventory_service.check_stock( tenant_id, item["product_id"], item["quantity"] ) if not available: raise HTTPException(400, f"Insufficient stock for {item['product_id']}") # Calculate total total = await self._calculate_total(tenant_id, items) # Process payment (still problematic but isolated) try: payment_result = await self.payment_service.process_payment( tenant_id, total ) except PaymentException as e: # Now we can handle payment failures gracefully raise HTTPException(503, "Payment service unavailable. Please try again.") # Create order order = Order(tenant_id=tenant_id, total=total, items=items) # Save to database... return order ``` **Better, but still problems:** * Still a single deployment unit * Payment service failure still affected everything * Couldn't scale inventory logic independently * One team couldn't work on payments without affecting orders ### Phase 3: Microservices (Month 6) The breaking point came when we added a second tenant. Different restaurants had different needs: * Fine dining needed table management * Fast food needed quick order processing * Retail stores needed different inventory tracking We split into six microservices: ```python # Auth Service (Port 4001) # auth_service/main.py from fastapi import FastAPI, Depends, HTTPException from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials import jwt from datetime import datetime, timedelta from typing import Optional app = FastAPI(title="Auth Service") security = HTTPBearer() class AuthService: SECRET_KEY = "your-secret-key-here" # Use env vars in production! @staticmethod def create_token(user_id: str, tenant_id: str, role: str) -> str: payload = { "user_id": user_id, "tenant_id": tenant_id, "role": role, "exp": datetime.utcnow() + timedelta(hours=24) } return jwt.encode(payload, AuthService.SECRET_KEY, algorithm="HS256") @staticmethod def verify_token(token: str) -> dict: try: payload = jwt.decode(token, AuthService.SECRET_KEY, algorithms=["HS256"]) return payload except jwt.ExpiredSignatureError: raise HTTPException(401, "Token expired") except jwt.InvalidTokenError: raise HTTPException(401, "Invalid token") @app.post("/auth/login") async def login(username: str, password: str): # Validate credentials (simplified) user = authenticate_user(username, password) if not user: raise HTTPException(401, "Invalid credentials") token = AuthService.create_token(user.id, user.tenant_id, user.role) return {"access_token": token, "token_type": "bearer"} @app.get("/auth/validate") async def validate_token(credentials: HTTPAuthorizationCredentials = Depends(security)): payload = AuthService.verify_token(credentials.credentials) return payload ``` ```python # POS Core Service (Port 4002) # pos_core_service/main.py from fastapi import FastAPI, Depends, Header import httpx from typing import Optional app = FastAPI(title="POS Core Service") async def verify_tenant(x_tenant_id: str = Header(...), authorization: str = Header(...)) -> dict: """Verify token with Auth Service""" async with httpx.AsyncClient() as client: response = await client.get( "http://localhost:4001/auth/validate", headers={"Authorization": authorization} ) if response.status_code != 200: raise HTTPException(401, "Invalid token") payload = response.json() if payload["tenant_id"] != x_tenant_id: raise HTTPException(403, "Tenant mismatch") return payload @app.post("/orders") async def create_order( items: list, tenant_info: dict = Depends(verify_tenant) ): tenant_id = tenant_info["tenant_id"] # Call Inventory Service to check stock async with httpx.AsyncClient() as client: inventory_response = await client.post( "http://localhost:4003/inventory/check", headers={"x-tenant-id": tenant_id}, json={"items": items} ) if inventory_response.status_code != 200: raise HTTPException(400, "Insufficient inventory") # Call Payment Service async with httpx.AsyncClient() as client: payment_response = await client.post( "http://localhost:4004/payments/process", headers={"x-tenant-id": tenant_id}, json={"amount": calculate_total(items)} ) if payment_response.status_code != 200: raise HTTPException(503, "Payment failed") # Create order in database order_id = save_order(tenant_id, items) return {"order_id": order_id, "status": "completed"} ``` **Now we have:** * Independent scaling (scale Payment service separately) * Fault isolation (Inventory down doesn't kill Orders) * Team autonomy (different teams own different services) * Technology flexibility (MongoDB for Inventory, PostgreSQL for others) ## Quality Attributes: What Actually Matters in Production The 2 AM incident taught me that architecture must optimize for quality attributes. Here are the ones that matter most: ### 1. Performance **Definition:** How fast the system responds **POS Example:** ```python # Bad: Synchronous calls block everything @app.get("/dashboard") async def get_dashboard(tenant_id: str): orders = fetch_orders(tenant_id) # 500ms inventory = fetch_inventory(tenant_id) # 300ms payments = fetch_payments(tenant_id) # 400ms # Total: 1200ms! return {"orders": orders, "inventory": inventory, "payments": payments} # Good: Parallel async calls @app.get("/dashboard") async def get_dashboard(tenant_id: str): async with httpx.AsyncClient() as client: results = await asyncio.gather( client.get(f"http://localhost:4002/orders?tenant_id={tenant_id}"), client.get(f"http://localhost:4003/inventory?tenant_id={tenant_id}"), client.get(f"http://localhost:4004/payments?tenant_id={tenant_id}") ) # Total: 500ms (slowest service) return { "orders": results[0].json(), "inventory": results[1].json(), "payments": results[2].json() } ``` ### 2. Scalability **Definition:** How well the system handles growth **Architectural decision:** ```python # Each service can scale independently # docker-compose.yml services: payment_service: image: pos/payment:latest deploy: replicas: 5 # High load on payments inventory_service: image: pos/inventory:latest deploy: replicas: 2 # Lower load on inventory ``` ### 3. Availability **Definition:** System uptime and resilience **Circuit breaker pattern:** ```python from circuitbreaker import circuit @circuit(failure_threshold=5, recovery_timeout=60) async def call_payment_service(amount: float): async with httpx.AsyncClient() as client: response = await client.post( "http://localhost:4004/payments/process", json={"amount": amount}, timeout=5.0 ) return response.json() # If payment service fails 5 times, circuit opens # Orders can continue with "payment pending" status ``` ### 4. Security **Definition:** Protection against threats **Multi-tenant isolation:** ```python # Database-level isolation class TenantQuerySet: def __init__(self, tenant_id: str): self.tenant_id = tenant_id def filter_by_tenant(self, query): return query.filter(tenant_id=self.tenant_id) # Every query automatically filtered by tenant @app.get("/orders") async def get_orders(tenant_info: dict = Depends(verify_tenant)): tenant_id = tenant_info["tenant_id"] query = db.query(Order) tenant_query = TenantQuerySet(tenant_id).filter_by_tenant(query) return tenant_query.all() ``` ## When Architecture Matters (And When It Doesn't) Here's the truth bomb: **not every project needs microservices**. I learned this the expensive way. ### You DON'T Need Complex Architecture When: 1. **You're validating an idea** * Build a monolith * Ship fast * Learn from users 2. **Your team is small (< 5 developers)** * Coordination overhead kills productivity * Monolith lets you move faster 3. **Your load is predictable and low** * Vertical scaling (bigger server) is fine * Simple architecture = fewer things to break ### You DO Need Architecture When: 1. **Multiple teams need to work independently** ``` Team A: Frontend + Auth Service Team B: Payment Service Team C: Inventory + Restaurant Services ``` 2. **Different components have different scaling needs** ``` Payment: 1000 requests/min Inventory: 100 requests/min ``` 3. **You need fault isolation** ``` If inventory fails, orders should still work ``` 4. **You have multi-tenancy requirements** ``` Each restaurant needs data isolation ``` ## The Cost of Architectural Decisions Every architectural decision is a trade-off. Here's what microservices cost us: ```python # Monolith: Simple transaction def create_order(items): with db.transaction(): order = db.create_order(items) db.update_inventory(items) db.process_payment(order.total) # All or nothing - database guarantees consistency # Microservices: Distributed saga pattern async def create_order(items): order_id = None payment_id = None try: # Step 1: Create order order_id = await pos_core_service.create_order(items) # Step 2: Update inventory await inventory_service.reduce_stock(items) # Step 3: Process payment payment_id = await payment_service.charge(order.total) return order_id except Exception as e: # Compensating transactions (complex!) if order_id: await pos_core_service.cancel_order(order_id) if payment_id: await payment_service.refund(payment_id) raise ``` **Trade-offs:** * ✅ Gain: Independent scaling, fault isolation * ❌ Cost: Complexity, distributed transactions, eventual consistency ## The Real Production Incident That Changed My Architecture Philosophy Six months after launching with microservices, we had another incident. This time, the Chatbot service (which aggregates data from all other services) was making sequential calls: ```python # Chatbot Service - The problem @app.get("/chat/summary") async def get_summary(tenant_id: str): # Sequential calls - each waits for previous auth_data = await call_auth_service(tenant_id) # 200ms orders = await call_pos_core_service(tenant_id) # 500ms inventory = await call_inventory_service(tenant_id) # 300ms payments = await call_payment_service(tenant_id) # 400ms restaurant = await call_restaurant_service(tenant_id) # 250ms # Total latency: 1650ms! return aggregate_data(auth_data, orders, inventory, payments, restaurant) ``` During peak hours, latency spiked to 3+ seconds. Chatbot became unusable. The fix: parallel async calls ```python # Chatbot Service - The solution @app.get("/chat/summary") async def get_summary(tenant_id: str): # Parallel calls - all execute simultaneously results = await asyncio.gather( call_auth_service(tenant_id), call_pos_core_service(tenant_id), call_inventory_service(tenant_id), call_payment_service(tenant_id), call_restaurant_service(tenant_id), return_exceptions=True # Don't fail if one service is down ) # Total latency: 500ms (slowest service) # Handle partial failures gracefully return aggregate_data(*results) ``` **Lesson:** Architecture isn't just about structure—it's about understanding how components interact under real-world conditions. ## Key Learnings 1. **Architecture is about trade-offs, not best practices** * Every decision has costs and benefits * Choose based on your specific constraints 2. **Start simple, evolve based on real pain points** * Don't build microservices because they're trendy * Refactor when monolith becomes painful 3. **Quality attributes drive architectural decisions** * Define what matters: performance? scalability? availability? * Optimize for those, not theoretical "best architecture" 4. **Production teaches more than books** * That 2 AM incident taught me more than months of reading * Build, ship, learn, iterate 5. **Complexity is a cost, not a feature** * Every service, every layer, every abstraction adds overhead * Justify complexity with real benefits ## Common Mistakes I Made (So You Don't Have To) 1. **Building microservices too early** * Started with 6 services for 2 developers * Should have built modular monolith first 2. **Ignoring operations cost** * Monitoring 6 services vs. 1 is 6x harder * Deployment complexity increased dramatically 3. **Not defining service boundaries clearly** * POS Core and Restaurant Service had overlapping logic * Led to duplicated code and inconsistent behavior 4. **Underestimating network failures** * Assumed services could always talk to each other * Didn't implement retry logic, circuit breakers initially 5. **Over-engineering for scale we didn't have** * Built for 10,000 requests/sec * Actually got 100 requests/sec * Wasted months on premature optimization ## When to Use These Patterns **Use Monolith When:** * Small team (< 5 devs) * Low/medium traffic * Rapid iteration needed * Simple deployment preferred **Use Modular Monolith When:** * Medium team (5-15 devs) * Clear module boundaries * Want simpler ops than microservices * Might need microservices later **Use Microservices When:** * Multiple teams * Different scaling requirements * Need independent deployments * Can handle operational complexity ## Next Steps Now that you understand why architecture matters and the journey from monolith to microservices, we'll dive deeper into the modular monolith pattern in the next article. We'll explore: * How to structure a modular monolith for the POS system * Internal APIs and boundaries between modules * When it's the right choice (spoiler: more often than you think) * Migration patterns to microservices when needed **Next Article:** [02-modular-monolith-architecture.md](https://blog.htunnthuthu.com/architecture-and-design/architecture-and-patterns/software-architecture-101/02-modular-monolith-architecture) - Learn how to build a well-structured monolith that can evolve into microservices when needed, without the operational overhead of distributed systems from day one. *** *Remember: The best architecture is the one that solves your actual problems, not the one that looks best on a whiteboard. Start simple, measure real pain points, and evolve deliberately.*