Solution architecture defines the details of how services are deployed on top of infrastructure architecture, interact with each other and also defines technical stack (tools and libraries to build and maintain solutions) which will work together to satisfy solution functional requirements.

The idea of having a set and proved technologies in solution architecture is to speed up solution development inception process when it is necessary to decide which tools, libraries, services, software design patterns and best practices development team will use to build solution.

Having working and proven solution architecture mitigates risk of building costly integrations which can not satisfy application performance and functional requirements.

Development, deployment and continuous integration tools:

This is a text with a footnote.

High level Athena DEV environment solution architecture

  • Automated deployment - Ansible is a tool of choice to streamline deployment of platform and solution specific tools and services
  • Release packaging and delivery - Docker provides a way to build and deliver versioned immutable release artifacts and move them as binary blobs in between of DEV, UAT and PROD environments
  • Continuous integration - Jenkins is a robust tool that provides pipelines to build, automatically test and publish release artifacts
  • Source code management - Gitlab provides source code repository, user public key management and fine grained source code access authorization
  • Docker registry - Docker private repository is used to store and publish environment specific docker images as well as to backup Athena built or 3rd party images
  • Maven repository - Nexus provides Java built artifact publishing repository as well as backup storage for 3rd party artifacts (such as installations and non-public libraries) necessary to build solution artifacts
  • Statical code analysis - Sonar is tightly integrated with Gitlab and provides automatic static code analysis code reviews for Gitlab pull requests
  • Code reviews and change quality - Gitlab provides workflow and tooling to facilitate easy and painless code reviews
  • Product Documentation - Jekyll is markdown based static site generator that is maintained in source code repository and allows easy way to have documentation as part of release process
  • API Documentation - Swagger is used to design, test, document and bootstrap OpenAPI standard based APIs

Technology stack, logical deployment and usage:

High level Athena technology stack solution architecture

  • Web journeys - Apache Wicket is server-side components based web application framework that allows to build responsive/AJAX rich web applications with easy fallback to non-AJAX behavior
  • Integrations and middle-ware - Spring Boot micro-services using Apache Camel (EIP) and Quartz scheduler allows to build software patterns and best practices enabled highly maintainable and robust middleware
  • Single page application framework - Angular 4 is very well documented and mature single page application framework backed by major vendor that allows to build highly maintainable (TypeScript provides “compile time” validation and good refactoring capabilities) modern web applications with highly interactive User experience
  • Application framework - Spring Framework has it all. No need to build your own framework or re-invent abstractions to avoid technology lock-ins.
  • Data access framework - Spring Data provides patterns and implementations for data access layer abstraction
  • MVC framework - Spring MVC is tool of choice if there is use case to build simple MVC application
  • Micro-services - Spring Boot using Apache Camel (EIP) allows to build software patterns and best practices enabled highly maintainable and robust micro services
  • Message Queue - Apache ActiveMQ is robust and easy to maintain classic message queue that enables use of (EIP) and provides resiliency and asynchronous processing
  • RDBMS - PostgreSQL and MySQL are reliable, highly performant and proven two most popular and best open source DBs.
  • NoSQL DB - MongoDB, Elasticsearch and Cassandra are stable and well supported three most popular NoSQL storage solutions that cover three different NoSQL use cases
  • Release process, dependency and source code management - Apache Maven, Git Flow and JGit Flow are battle tested, easy to use, well supported and well known tools/processes/frameworks known by most developers
  • ETL and data processing tools - Airflow is easy to use tool to create and maintain complicated automated Workflows to crunch through enormous quantities of data and apply complicated workflows to group, segregate and link data so that it can be used for decision making
  • Rules engine and business logic - Drools is free to use rule engine that, if used properly, can be used to build maintainable highly performant underwriting, pricing and rating models
  • API gateway - Apiman is enterprise level, easy to extend API Gateway which allows to organize micro-service deployment and accelerate API build by taking over and enabling out of the box common API aspects such as authentication, authorization, whitelisting, blacklisting, usage reporting and limiting, etc.
  • Single Sign-On - Keycloak is standards based single sign on/off identity provider with very rich and diverse integration capabilities. Provides single sign on/off capabilities for all deployed micro-services to facilitate seamless and easy end-user experience
  • File exchange - OpenSSH (SFTP) server is battle proven, secure and extremely performat file exchange server

Maintenance, Monitoring and Security tools

High level Athena technology stack solution architecture

  • Monitoring - Glances and Prometheus are used to collect, analyze and display server and service stats as well as to send alerts when certain thresholds of service or server resource availability are exceeded
  • Log aggregation - Fluentd, Elasticsearch and Kibana are used to collect all system and service logs in one place to provide easy and extremely insightful audit and troubleshooting capabilities
  • Identity management and LDAP provider - Free IPA provides platform user directory used to authenticate and authorize users before they can access certain platform services
  • Backup/Restore - AWS S3 provides highly reliable and cheap off-site backup capabilities
  • Public DNS - AWS Route53 is easy to use public DNS provider with rich automation API that allows easy and straightforward access to deployed services using DevOps automation
  • SMTP server - AWS SES is battle tested and cheap SMTP service with proper SPAM and Bounce handling procedures
  • Data loss protection - Squid and Apiman are used to whitelist which external services can be accessed by deployed Athena services
  • Service discovery and KV store - Consul provides deployed Athena service discovery and registry capabilities as well as Key/value storage for deployed environment state
  • Cluster and capacity management - Athena Dashboard is easy to use Web UI for DevOPs to view environment state (list of platform users, their state, service versions installed, resource usage and status), do capacity planning and perform common DevOPs functions such as starting/stopping of servers and services, redeployment or inception of services, adding/removing capacity, backing/recovery of service data, etc.
  • User self service portal - PWM is used for new platform user on-boarding and user self service, such as resetting forgotten password, etc.
  • Microservice management - Hawtio allows to debug and trace as well as to collects runtime information and stats from all micro-services built using Apache Camel
  • WAF (Web Application Firewall) - NAXSI, Apache httpd and Fail2Ban are simple yet powerful tools to prevent intrusion into publicly deployed services and allows to restrict features exposed by these services
  • VPN - OpenVPN server is used to give privileged access internal network of deployed environment
  • HID (Host Intrusion Detection) - OSSEC monitors all Host processes and critical files to detect any unauthorized changes to critical resources
  • DevOPs - Rundeck is used to give DevOPs members fine grained access to environment management features as well as to enable deployment automation solutions (for example: Jenkins installing new version of release in Development environment as part of build pipeline).