问题描述
我有一个新的Web应用程序,在我们公司中,我们决定像下面这样,并且我是第一次创建该体系结构因此需要一些输入.
I have a new web application which in our company we have decided to be like below and i am creating the architecture for the first timeso would require some inputs.
1)前端-React.js
1) Front End - React.js
2)后端-Java(春季启动)
2) Backend - Java (Spring boot)
3)架构-微服务
4)下文-AWS
5)CI-詹金斯
我们将开发分为三个阶段
We have divided the development in three phases
阶段1-使用Spring Boot和Spring Cloud创建AWS基础设施,前端服务和少量后端服务.尽量减少使用AWS服务
Phase 1 - Create AWS infra, front end service and few backend services using Spring Boot and Spring Cloud. Keep the use of AWS services to as minimum as possible
第2阶段-创建更多后端服务并对所有内容进行Docker化
Phase 2 - Create more backend services and dockerize everything
第3阶段-使用Kubernetes协调上一阶段,并在需要时使用更多AWS服务
Phase 3 - Orchestrate previous phase using Kubernetes and use more AWS services if required
我处于第1阶段,经过大量资源和学习资料之后,在创建生产级架构和AWS环境方面需要帮助.有很多个人资源,但是对于实际系统在运行时的外观并没有太多了解.
I am at phase 1 and after going through lot of resources and study material, need help in creating production grade architecture and AWS environment.There are lot of individual resources but did not find much on how the real system should look like in when it is live.
1)如何隔离环境?
我的理解-创建将拥有5个帐户的组织-root,security,shared-services,prod和non-prod aws帐户.如果需要,非产品可以具有多个环境,例如test,stage.
My understanding - create organization which will have 5 accounts - root, security, shared-services ,prod and non-prod aws accounts. Non-prod can have multiple environments if required like test,stage.
Something like this
2)如何创建安全/网络层?
我的理解-创建私有和公共子网,并在共享服务和非产品环境之间创建vpc对等关系,并使用iam角色.
My understanding - create private and public subnets and create vpc peering between like shared-service and non-prod env and use iam roles.
3)设计微服务的最佳方法?
我的理解-在后端具有微前端和微服务.客户端将在浏览器中请求网页,该请求将进入UI服务.
my understanding - have a micro frontend and microservices in backend. Client will request webpage in browser the request will come to UI service.
-
我很困惑组件的顺序是什么.
I am confused what is the order of components.
应该先响应应用程序,然后再去api网关或ELB吗?
Either it should come to react app first and then it would go to api gateway or ELB?
我们需要ELB吗?
请求将到达ELB,然后到达API网关等等?
Request would come to ELB and then it will go to API gateway and further?
所有这些问题的答案将决定下一个问题的答案
Answer to all these questions will determine answer to next question
选项A或B?还是两者都不对?还是从客户到后端服务的箭头应该在哪里?
Option A or B? Or if both are wrong? Or where should be arrows heading from client to backend services?
选项A
选项B
4)在私有和公共子网中保留哪些资源?
我的理解-在阶段1中,每个服务模型遵循一个实例,因此每个服务将具有ec2实例.在以后的阶段中,我们将转向容器化.几乎没有什么事情可以清楚地知道,后端服务和持久性(如DB)将位于私有子网中,而仅像堡垒主机等,在公共场所保留的资源却很少.
my understanding - in phase 1, follow one instance per service model so each service will have ec2 instance. in later phases we will move to containerization. few things are clear that backend services and persistence like DB will be in private subnet and keep very less resources in public like only bastion hosts etc
- Question is depending on answer for question #3, what others should be public?
- ELB, api gateway, service discovery?
- do i need to keep NAT gateway always so as to allow private ones to access internet?
5)什么是完整的发行版部署工作流程?
我的理解-开发人员提交了代码,jenkins应该触发构建,存储工件并进行部署. -jenkins服务器应如何与其他计算机通信以部署服务?
my understanding - developer commits code, jenkins should trigger the build, store artifacts and deploy. - how should jenkins server communicate with other machines to deploy services?
- how credentials are managed for communication between jenkins and ec2 instances?
- what is the production grade structure for jenkins project? like does build, deploy and test should be separate items?
如果您在企业/组织中进行了配置,如果有经验的架构师可以为我提供帮助,我也将不胜感激,并且如果有任何网上参考资料可供我使用,我也可以告诉我,我没有找到用于构建这样的生产级系统的信息
I would really appreciate if some experienced architects can help me out if you have configured same in your enterprise/organisations and also let me know if there are any references available online which i could not find for building such production grade systems
注意-第1阶段的设计应尽可能平滑地过渡到第2阶段和第3阶段
Note - Phase 1 should be designed in a way to have as smooth transition as possible to phase 2 and 3
推荐答案
这是一个复杂的问题,在堆栈溢出时我们不能公道.
This is a complex question which we cannot do justice to on Stack Overflow.
我建议花一些时间阅读:
I would recommend spending some time reading:
- Implementing Microservices on AWS
- Delivering Excellence with Microservices on AWS
- Serverless Application Lens
您还可以研究 AWS无服务器英雄.
这篇关于AWS中的生产级微服务架构的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!