Guides

Infrastructure

Infrastructure documentation for Zenoo platform

Suggest Edits

Infrastructure Overview

Zenoo’s platform architecture is designed to support robust, scalable, and secure operations. As mentioned in System Architecture, our services are grouped into two primary categories based on their purpose and operational phase:

  1. Build Time Services:
    • Design Studio: This service manages the creation, modification, and deployment of onboarding application targets. It also supports the design and workflow updates for onboarding applications, ensuring a streamlined and efficient development process.
  2. Run Time Services:
    • Hub Instance (Backend): Orchestrates onboarding journeys and manages integrations with third-party providers.
    • Hub Client Target (Frontend): Delivers frontend capabilities for seamless user interactions during onboarding processes.

Service Architecture Diagram

Core Infrastructure Components

AWS Services

Zenoo’s infrastructure leverages Amazon Web Services (AWS) for high availability, scalability, and security:

  • Frontend:
    • Route53: DNS management for traffic routing.
    • CloudFront: Content delivery for fast and secure distribution of frontend assets.
    • S3: Storage for frontend files, including HTML, JavaScript, and other assets.
  • Backend:
    • ECS (Elastic Container Service): Orchestrates containerized services.
    • ECR (Elastic Container Registry): Hosts container images for ECS tasks.
    • MSK (Managed Service Kafka): Provides the event-streaming layer for backend services.
    • ElastiCache (Redis): Accelerates lookups, REST API responses, and execution-related records.
    • DynamoDB: Serves as the primary database for low-latency and high-availability data access.
  • Networking:
    • VPC (Virtual Private Cloud): Isolates Zenoo's resources for enhanced security.
    • ALB (Application Load Balancer): Manages traffic distribution across backend services.
  • Security:
    • WAF (Web Application Firewall): Protects against common web vulnerabilities.
    • ACM (AWS Certificate Manager): Manages SSL/TLS certificates for encrypted communication.
    • IAM (Identity and Access Management): Controls access and permissions for resources.
    • KMS (Key Management Service): Manages encryption keys.
    • Cognito: Provides user management and authentication.
    • Secret Manager & Parameter Store: Securely stores and retrieves sensitive information.
  • Monitoring and Observability:
    • CloudWatch: Tracks and monitors resource utilization, application metrics, and system logs.

Resource Diagram

Operational Summary

  • Unified Clustering: All studio, backend, and frontend resources are managed within a single cluster.
  • Containerized Deployment: Services are deployed as container tasks in ECS, ensuring portability and efficiency.
  • High Availability: Backend containers are distributed across three availability zones within a single region to minimize downtime and maximize reliability.
  • Frontend Architecture: Static files are stored in S3 and served through CloudFront, with DNS managed by Route53.
  • Backend Architecture:
    • Kafka (MSK) for event streaming.
    • Redis (ElastiCache) for caching and fast response delivery.
    • DynamoDB for scalable and low-latency database operations.
  • Authentication and Security:
    • Cognito for user management.
    • WAF to secure frontend and backend endpoints.
  • Infrastructure as Code: AWS resources are provisioned using Terraform for consistency and automation.

Network Diagram

Platform Observability

Zenoo employs standardized observability practices to monitor and ensure platform health:

  • Centralized Logging: All services log data consistently across environments, managed via Datadog.
  • Error Alerting: Alerts for critical errors are automatically sent to Slack for immediate action.
  • Metrics Aggregation: Prometheus aggregates system metrics for detailed analysis.
  • Metrics Visualization: Grafana provides dashboards for real-time monitoring and insights.
  • Support: 24/7 operational support ensures rapid issue resolution and system stability.

Scalability and Resilience

Zenoo’s infrastructure is built to handle dynamic workloads with minimal manual intervention:

  • Managed AWS services offer built-in scalability.
  • Terraform automates provisioning and configuration.
  • Container service (ECS) ensure workload distribution and service isolation.

Performance

Throughput

  • 200-300 milliseconds response time when there’s no external provider involved
  • 10-15 seconds response time if there’s an external provider involved depending on the provider’s processing time (i.e. Salesforce, QualID, Acuant etc)

Concurrency

  • 200/500/1000 user flows per second depending on the complexity of the DOB flow if there’s no provider involved
  • 15/25 user flows per second depending on the provider’s limitations time (i.e. Salesforce, QualID, Acuant etc)

Availability

  • Platform is hosted on highly available resources within primary and secondary regions to support any disaster recovery as part of the business continuity plan

By adopting a secure, modular, and highly available architecture, Zenoo delivers reliable and efficient services to its customers while maintaining flexibility to adapt to future growth and technological advancements.

Updated about 2 months ago