Tornado Async Client for CouchDB
tor-async-couchdb is an opinionated Tornado async client for CouchDB. tor-async-couchdb is intended to operate as part of a service’s application tier and interact with the service’s data tier implemented using CouchDB.
tor-async-couchdb documentation isn’t as strong as it could be. sample services are best way to gain an understanding of how to use tor-async-couchdb.
tor-async-couchdb was created as a way to capture a very opinionated set of best practices and learnings after operating and scaling a number of services that used CouchDB and Tornado. The bullets below summarize the opinions.
- services should embrace eventual consistency
- thoughts on data models:
- every document should have a versioned type property (ex type=v9.99)
- documents are chunky aka retrieval of a single document should typically be all that’s necessary to implement a RESTful service’s endpoint ala standard NoSQL data model thinking
- assume conflicts happen as part of regular operation
- sensitive data at rest is an information security concern that
must be addressed
- each property should be evaluated against a data and information classification policy
- this is a good example of data classification policy
- if a property is deemed sensitive it should ideally be hashed using bcrypt if possible and otherwise SHA3-512
- if a sensitive proprerty can’t be hashed it should be encrypted using Keyczar
- direct tampering of data in the database is undesirable and therefore tamper resistance is both valued and a necessity
- to prevent unncessary fragmentation, CouchDB, not the service tier, should generate document IDs
- document retrieval should be done through views against document properties not document IDs
- one design document per view
- horizontally scaling CouchDB should be done using infrastructure (CouchDB 2.0 or Cloudant) not application level sharding
>pip install tor_async_couchdb
Configure tor-async-couchdb in your service’s mainline. Typically the configuration options are expected to come from a configuration file and/or the service’s command line.
from tor_async_couchdb import async_model_actions async_model_actions.database = "http://127.0.0.1:5984/database" async_model_actions.tampering_signer = None async_model_actions.username = None async_model_actions.password = None async_model_actions.validate_cert = True