Designing A Simple Url Shortening Service A TinyURL Approach - System Design

Requirements

Functional Requirements:

Create a short URL for a given long URL.
Return the long URL associated with a given short URL.
Must prevent circular redirects
Use stop words to prevent improper short urls from being create

Non-Functional Requirements:

Must have high availability (99.999% uptime)
Must be able to support 1000 requests per second
Redirect responses must return within 10ms

API Design

/create - Takes in a URL, a shortcode, and creates a mapping
/lookup - Takes in shortcode from URL and does a lookup for full URL, returns redirect

High-Level Design

We will create a simple API that allows users to both create and lookup shortened URLS. The create endpoint must enforce the following rules: 1. A redirect cannot be circular and 2. Swear words and other bad terms are not allowed as shortcodes. The lookup endpoint should utilize a caching mechanism to return values for frequently searched for shortcodes. We will do this to help satisfy our requirement of 10ms redirect return times.

Rate limiting - If certain shortcodes are being accessed too frequently, deploy a rate limiter that drops lookups if over a certain frequency to avoid overwhelming cache.

Use edge locations to better server clients based on geolocation.

Use RDBMS (Postgres) to house data.

Can use load balancers / API gateway to route traffic to a collection of servers. This allows for horizontal scaling and recoverability in the event that a server goes down.

Read replicas can be created on the database side for better performance / /reliability.

Detailed Component Design

Shortcode lookup - Needs to have a fast response time. Popular URLs will tax the system with repetitive URL lookups. We can utilize a caching layer to help reduce this. We should look into something like redis that can have a TTL on each lookup, and clear the cache when items become stale. If a shortcode is looked up the time to live can reset, thereby keeping the most used shortcodes hot. We will also have to plan for both DDOS attacks where shortcodes are hit abnormally high and another potential issue where all of our shortcodes are being accessed within short time intervals and filling up our available cache.

Shortcode creation - Create a one way hash of the URL. Use an algorithm that provides many options to avoid name collision. Can check in database to verify no collision, and recreate if there is.