Mobile Back-end using AWS Elastic Beanstalk and Mobile Hub/AWS Amplify

A manageable, secure, scalable, high performance, highly available, fault tolerant and recoverable architecture for mobile application back-end.

AC1

Solution Flow:

  1. Consumers and Service Providers will access (sign-in) their mobile app to interact real time through Cognito. Cognito will also enable sync user specific data across multiple devices.
  2. Mobile App will communicate to mobile backend application through Amazon Route 53 and Elastic load balancer configured in Elastic Beanstalk, authorized through AWS Identity and Access Management (IAM).
  3. ELB will send the request to the healthy and available EC2 instances in Elastic Beanstalk – specific environment (Dev/Test or Production).
  4. The mobile-backend application residing on Beanstalk will process the request, send push notification to consumer/service provider (using Amazon Simple Notification Service) and store the data on Amazon RDS.
  5. User data will be uploaded to Amazon S3 directly with the help of AWS mobile SDK.
  6. Data Pipeline will move data from RDS to S3 on configured interval of time.
  7. Inactive objects and data, stored on Amazon S3, greater than 6 months will be archived to Glacier as per S3 lifecycle management rules.
  8. Static data (such as images and scripts) to Mobile app will be delivered by CloudFront with low latency and high transfer speed for better user experience.
  9. Mobile analytics (or Pinpoint) will collect information about the users of your applications and show visualizations on dashboard.
  10. All the logs and metrics from various AWS resources will be stored to AWS CloudWatch for monitoring.
  11. Delivery team will access the AWS resources as per permissions defined in IAM and can commit, build and deploy code with the help of code pipeline.
  12. Amazon S3 and RDS data will sync automatically in multiple availability zones and regions for availability and DR.

Key Requirements/Concerns

  • Scalability to meet the demand, but with uncertainty around when and how much this demand will be.
    • AWS Elastic Beanstalk leverages Elastic Load Balancing and AWS Auto Scaling to automatically scale your application in and out based on load.
    • RDS instances can be easily scaled horizontally or vertically depending upon the load.
    • S3 and Glacier provides indefinite scalability and high availability automatically.
    • Initially, the beanstalk and RDS can be setup with t2.micro instances to be eligible for free tier and autoscaling rule can be defined for future readiness.
  • Disaster Recovery Planning
    • Strategy used:
      • Pilot Light Strategy
    • Steps for preparation:
      • Create and maintain AMIs of backend servers, on elastic beanstalk, in 2 regions.
      • On Region-2 – Create application and save configurations for environments (using the AMIs) in Elastic Beanstalk so that infrastructure can be setup immediately on launching the saved configuration.
      • Create 1 RDS Read Replica each in Region 2 and AZ2 of Region 1.
      • Enable cross-region replication in S3.
    • Steps for recovery:
      • Launch environments in Beanstalk application from saved configurations (saved AMIs).
      • Resize existing RDS instance(s) to process the increased traffic
      • Turn on Multi-AZ for RDS to give the DR site resilience in the data tier.
  • Manage user identities & sync user specific data across multiple devices
    • Amazon Cognito provides highly scalable user directory for millions of users. Cognito will create and authenticate unique identities for consumers and service providers with identity providers as well as sync user specific data across multiple devices. Amazon Cognito also supports public identity providers—Amazon, Facebook, Google, and SAML identity provider, if required.
  • Ability for Service Providers to send notifications to consumer.
    • Amazon Simple Notification Service (SNS) can be used to send push notifications.
  • Ability to run analytics on top of collected data, with analytics they should be able to visualize & understand app data usage.
    • Mobile Analytics / Pinpoint will help in running analytics and visualize the app data usage. It provides some readily available out of box reports.
    • This data can further be exported automatically to Redshift (optional) and AWS QuickSight can be used to perform advanced analytics and create interactive dashboards.
  • Their ability to configure their database and data access layer for high performance and throughput.
    • With the help of Read replica in multi-AZ , high throughput of the system can be achieved. Moreover, with the help of RDS performance insight the performance of database can be monitored and improved.
  • Effective distribution of load
    • Elastic Load Balancer (ELB) inside Elastic beanstalk helps in the effective distribution of load on the different healthy EC2 instances.
  • A self-healing infrastructure that recovers from failed service instances
    • Beanstalk allows to select deployment of instances in one, more or all the availability zones (Multi-AZ) for availability.
    • With the help of cloud watch, Beanstalk monitors the health of the instances and immediately replaces the unhealthy instances with healthy instances.
    • RDS and S3 both provides the Multi-AZ replication of objects and data.
  • Security of data at rest and in transit
    • Security at rest is implemented through enabling encryption with keys in KMS for RDS, S3. For Glacier, encryption at rest is enabled by default and supports secure data transit with SSL.
    • Access to the AWS resources is managed through IAM and Security groups are defined for the EC2 instances for controlled access.
    • ACM can be used to store and access certificates for various AWS resources.
  • Securing access to the environment as the delivery team expands
    • Delivery team and other stake holders will get access to the AWS environment through AWS Identity and Access Management (IAM) as per given permissions.
    • Code Build and Code pipeline helps in build and deployment of code in multiple environments on Elastic Beanstalk, easily and securely, by defining approval flow.
  • An archival strategy for inactive objects greater than 6 months
    • Objects with infrequent access in S3 (with either standard or reduced redundancy type of storage) will be automatically archived by lifecycle management rules to Glacier.
  • Ability to easily manage and replicate multiple environments based on their blueprint architecture.
    • Beanstalk provides option to create multiple environment with RDS, Elastic load balancer, Autoscaling etc. for dev, test and production.
    • Beanstalk with the help of code pipeline supports multiple deployment policies for minimal downtime– all at once, rolling, rolling with an additional batch, immutable.
    • Amazon Mobile hub / Amplify helps in setting up the environments for mobile app easily and quickly in few minutes.

Advertisements
%d bloggers like this: