Architecture

_images/Arch.png

Components walkthrough while Accessing an API

  1. CloudFront (Content Delivery Network - CDN) - Role: Acts as the first layer of interaction for API requests, caching responses to reduce latency and offload traffic from backend services. - Behavior:

    • If the requested API response is cached, CloudFront returns it directly.

    • If not cached, the request is forwarded to the ALB (Application Load Balancer).

  2. Application Load Balancer (ALB)

    • Role: Balances incoming traffic across multiple ECS services (internal) as well as outside services.

    • Behavior:

      • Distributing API requests based on routing rules.

      • Supports both HTTPS protocols, ensuring secure communication.

  3. Envoy Edge Proxy - Role: Serves as the primary ingress proxy for API requests after CloudFront and ALB. - Behavior:

    • Handles traffic routing, load balancing, and TLS termination if configured.

    • Applies rate limiting, authentication, and observability before forwarding requests to internal services.

  4. Service Container - Role: Executes the core business logic or microservice responsible for processing API requests. - Deployment:

    • Runs as a container on Amazon ECS (Elastic Container Service), ensuring scalability, high availability, and efficient resource utilization.

    • Auto-scales dynamically to handle varying workloads, ensuring optimal performance during peak hours.

  5. Envoy Sidecar Proxy (Attached to Service Container) - Role: Provides service-to-service communication, security, and observability as part of a service mesh architecture. - Behavior:

    • Routes outbound service requests and enforces security policies.

    • Collects telemetry data such as logs, metrics, and traces (Zipkin) for observability tools.

  6. Integration with Databases and Cache

    • Connects to Elasticache for fast, in-memory data caching, reducing latency and database load.

    • Uses MariaDB for secure and reliable user authentication processes.

    • Stores and retrieves daily statistics from MongoDB, ensuring efficient management of large, unstructured datasets.

  7. Response Flow

    • The service container processes the request and sends the response back through the Envoy sidecar.

    • The Envoy Edge proxy forwards the response to the ALB, which then returns it to CloudFront.

    • If caching is enabled and applicable, CloudFront caches the response for future requests.

Logging and Monitoring

  1. RabbitMQ (Message Broker):

    • Captures logs and event data from APIs and services, ensuring asynchronous and reliable communication.

    • Queues messages for further processing to avoid impacting API performance.

  2. Logstash (Data Processor):

    • Consumes logs from RabbitMQ and processes them for indexing.

    • Enriches, filters, and transforms logs as needed before forwarding them to Elasticsearch.

  3. Elasticsearch (Log Storage and Search):

    • Stores processed logs for quick search, real-time analysis, and visualization.

    • Supports dashboards and alerts to monitor system health, performance, and API usage.

CI/CD Pipeline (Automated Build and Deployment)

  1. Jenkins (CI/CD Tool):

    • Detects changes in the configured Git repository branch.

    • Triggers the build pipeline automatically on code commits.

  2. Docker (Containerization)

    • Builds Docker images of the application using Dockerfiles.

    • Tags the images with environment and pushes them to Amazon ECR (Elastic Container Registry).

  3. Amazon ECS (Deployment):

    • Deploys updated Docker images on ECS clusters.

    • Automatically updates ECS tasks and services without downtime.

Deployment Flow

  1. Release Managers release production code changes to the Git repository.

  2. Jenkins detects the commit and triggers the pipeline.

  3. Docker images are built, tagged, and pushed to ECR.

  4. ECS updates the service with the new image, ensuring zero downtime using rolling updates.

This architecture ensures API high performance, scalability, security, and reliability by combining CloudFront caching with Envoy’s robust traffic management capabilities, with automated CI/CD for seamless deployment and comprehensive logging for real-time observability.