AWS – 3-Tier Web Application Architecture

Wikipedia says – Three-tier architecture is a client–server software architecture pattern in which the user interface (presentation), functional process logic (business rules), computer data storage and data access are developed and maintained as independent modules, most often on separate platforms/server.

AWS provides reference architecture for “Web Application Hosting” with description as Amazon Web Services, provides the reliable scalable, secure, and high performance infrastructure required for web applications while enabling an elastic, scale out and scale down infrastructure to match IT costs in real time as customer traffic fluctuates.

However, the provided reference architecture is little high level in nature and probably people need more details considering AWS five pillars perspectives. Hence, I’m attempting a shot.

Proposed Reference Architecture is –

When architecting technology solutions, if we neglect the five pillars of Security, Reliability, Performance Efficiency, Cost Optimization, and Operational Excellence it can become challenging to build a system that delivers on your expectations and requirements. When you incorporate these pillars into your architecture, it will help you produce stable and efficient systems. This will allow you to focus on the other aspects of design, such as functional requirements. Considering these, proposed architecture is depicted in diagram below –

Description for Key components – with 5 pillar perspective

Security

Security of data in rest/transit is taken with the utmost priority. All the servers are completely isolated by design. One of the most important networking features AWS provides is resource isolation using Virtual Private Cloud (VPC). Where Security group acts as a virtual firewall for Instances in to control inbound and outbound VPC traffic and Network Access Lists (NACL) is another, optional layer of security for VPC that controls traffic between one or more subnets. Also, using secure protocols listeners and enabling SSL termination on the ELB to release load on the backend instances.

Reliability

Amazon Web Services brings lot of built-in features to address business continuity. Elastic Load Balancing (ELB) and multiple Availability Zones for Servers/Instances. ELB will effectively distribute load among EC2 servers, but also ensures that services will be unaffected if one data center becomes unavailable for some reason. Per RTO/RPO requirements, the solution could be deployed in two/more AWS regions from disaster/recovery standpoint (Active/Passive). Route 53 for traffic distribution/routing across regions

Performance Efficiency

The Performance Efficiency focuses on the efficient use of computing resources and maintaining that efficiency as demand changes and technologies evolve. AWS provides multiple types of EC2 instances – on demand, reserved (for a specific period) and spot instances (bid on unused instances) and allow for flexibility in choice of size also. Solution should start with smaller on-demand instances and once we understand the level of workload, choose the right size and combine on demand and reserved instances. The options are endless. In certain scenarios, such as when flash traffic is expected, the auto scaling with cloud watch should be utilized for effective utilization of resources and same should be monitored.

Cost Optimization

The Cost Optimization is a continual process of refinement and improvement of a system over its entire lifecycle. From the initial design of very first POC to the ongoing operation of production workloads. Solution should monitor the usage and accordingly auto adjust by using AWS “CloudWatch” and “Auto Scaling” features. Also, usage of PaaS services remove the operational burden of maintaining servers for tasks like sending email or managing NoSQL DBs. As PaaS services operate at cloud scale, they can offer a lower cost per transaction or service. Replicating the environments using CloudFormation templates.

Operational Excellence

The Operational Excellence includes operational practices used to manage production. How planned changes are executed, responses to unexpected operational events. Change execution and responses should be automated, documented, tested, and regularly reviewed. In AWS, we can set up source control, a (CI/CD) pipeline and release management. Aggregate logs for centralized monitoring and alerts. Make sure alerts trigger automated responses, including notification and escalations.