aws-deployment-view.md

AWS Deployment View

This view shows how the server-side components of the Farmacy Food system can be deployed on the AWS platform. Useful links:

• This web page has instructions on how to configure a K8S cluster on EKS using docker images in ECR.
• This AWS doc page describes restrictions and guidelines for EKS topology.

Element Catalog

K8S node (EC2 instance)

• The Elastic Kubernetes Service (EKS) allows you to easily configure a Kubernetes (K8S) cluster in the AWS cloud.
• A K8S cluster has worker nodes that run your application as docker containers that are deployed in pods. In EKS, these nodes are EC2 instances declared as part of a node group that is configured inside your VPC.
• The nodes in an EKS cluster should be in 2+ availability zones (AZs). The diagram illustrates two AZs.
• We'll use the EKS cluster to run the following types of components seen in the microservice and EDA views:
  • microservices that contain REST services
  • microservices that contain reactive services (topic subscribers)
  • batch programs

EKS control plane

• This element represents K8S control plane nodes that oversee the execution of pods in the worker nodes. More information here.
• The EKS control plane executes under an AWS-managed account. That's why it's represented outside the Farmacy Food VPC.

Amazon ECR

• The Amazon Elastic Container Registry (ECR) is a docker container registry that Farmacy Food will use within AWS to store the several docker images comprising the Farmacy Food system.
• ECR is an alternative to docker-hub.
• It's a fully managed service provided by AWS.

RDS primary instance, RDS standby replica

• RDS is a relational database managed service by AWS. (There are other options for the database server to be used, such as Oracle, PostgreSql, Aurora, but MySQL is eligible for AWS free tier and should reduce the upfront investment to set up and explore an AWS dev environment.)
• Should be configured as a RDS cluster with the multi-AZ deployment option for increased availability. In this case there's a primary instance, and a standby replica that is kept in sync automatically after a write operation on the primary.
• The Farmacy Food System will use RDS with MySQL as the primary read-write data store to persist different types of data. For example, the Inventory database seen below will be configured as a set of tables in RDS.

ElasticSearch

• The Elasticsearch service on AWS (ES) is a fully managed text-based NoSQL database service that the Farmacy Food system will use for query views in different microservices.
• There will be an ES domain for Farmacy Food. This ES domain should use the Farmacy Food VPC to enable automatic secure communication between application components (microservices and batch programs) and the ES nodes.
• The ES domain should use multi-AZ deployment for increased availability.
• The Farmacy Food System will use ES as the query view to be accessed by microservices that need to only read data. For example, the Inventory Query View database seen below will be configured using ES.

Kafka (AWS MSK)

• The Amazon managed Kafka service (MSK) is a fully-managed Kafka broker cluster that supports publish-subscribe channels (called topics).
• Components that send messages (producers aka publishers) and receive messages (consumers aka subscribers) can be implemented using various languages and frameworks. For example, we can use the spring cloud AWS framework.
• The various topics seen in the EDA architecture views shall be configured in the MSK cluster with minimum replication factor of 3.
• The MSK service automatically provides multi AZ deployment of the Kafka cluster for enhanced availability and throughput.

Availability zone 1, Availability zone 2

• An availability zone (AZ) is a data center with its own power supply and network connectivity.
• AZs are located within regions. Deploying cloud services/resources in 2+ AZs in the same region is the basic mechanism for improved availability due to automatic failover.

Public subnet 1 and 2, private subnet 1 and 2

• A subnet is a range of IP addresses within a virtual private cloud (VPC).
• Public subnets 1 and 2 are visible to the Internet via an AWS internet gateway.
• Private subnets 1 and 2 are not visible to the Internet. They can be connected to the Farmacy Food corporate LAN (not shown in the diagram).
• Although RDS and ES are configured within private subnets as a measure to protect them from unauthorized access.

Internet gateway

• The Internet gateway is attached to your VPC. Via route tables it allows inbound and outbound traffic from/to the Internet to reach the elements in the public subnets. (Also has routes for private subnets for internal access.)
• A more sophisticated alternative would be to use an API gateway, which has special features such as authentication, authorization, request throttling, and caching.

Behavior

N/A

Related ADRs

• AWS as the cloud provider
• CQRS pattern

Related Views

• User Account Management - microservice view
• Catalog - microservice view
• Order - microservice and EDA view
• Catalog - microservice view
• Replenisher - microservice and EDA view
• Hexagonal reference architecture view