Documentation Index
Fetch the complete documentation index at: https://platform.docs.zenoo.com/llms.txt
Use this file to discover all available pages before exploring further.
Infrastructure Overview
Zenoo’s platform architecture is designed to support robust, scalable, and secure operations. As mentioned in System Architecture, our services are grouped into two primary categories based on their purpose and operational phase:- Build Time Services:
- Design Studio: This service manages the creation, modification, and deployment of onboarding application targets. It also supports the design and workflow updates for onboarding applications, ensuring a streamlined and efficient development process.
- Run Time Services:
- Hub Instance (Backend): Orchestrates onboarding journeys and manages integrations with third-party providers.
- Hub Client Target (Frontend): Delivers frontend capabilities for seamless user interactions during onboarding processes.
Service Architecture Diagram
Core Infrastructure Components
AWS Services
Zenoo’s infrastructure leverages Amazon Web Services (AWS) for high availability, scalability, and security:- Frontend:
- Route53: DNS management for traffic routing.
- CloudFront: Content delivery for fast and secure distribution of frontend assets.
- S3: Storage for frontend files, including HTML, JavaScript, and other assets.
- Backend:
- ECS (Elastic Container Service): Orchestrates containerized services.
- ECR (Elastic Container Registry): Hosts container images for ECS tasks.
- MSK (Managed Service Kafka): Provides the event-streaming layer for backend services.
- ElastiCache (Redis): Accelerates lookups, REST API responses, and execution-related records.
- DynamoDB: Serves as the primary database for low-latency and high-availability data access.
- Networking:
- VPC (Virtual Private Cloud): Isolates Zenoo’s resources for enhanced security.
- ALB (Application Load Balancer): Manages traffic distribution across backend services.
- Security:
- WAF (Web Application Firewall): Protects against common web vulnerabilities.
- ACM (AWS Certificate Manager): Manages SSL/TLS certificates for encrypted communication.
- IAM (Identity and Access Management): Controls access and permissions for resources.
- KMS (Key Management Service): Manages encryption keys.
- Cognito: Provides user management and authentication.
- Secret Manager & Parameter Store: Securely stores and retrieves sensitive information.
- Monitoring and Observability:
- CloudWatch: Tracks and monitors resource utilization, application metrics, and system logs.
Resource Diagram
Operational Summary
- Unified Clustering: All studio, backend, and frontend resources are managed within a single cluster.
- Containerized Deployment: Services are deployed as container tasks in ECS, ensuring portability and efficiency.
- High Availability: Backend containers are distributed across three availability zones within a single region to minimize downtime and maximize reliability.
- Frontend Architecture: Static files are stored in S3 and served through CloudFront, with DNS managed by Route53.
- Backend Architecture:
- Kafka (MSK) for event streaming.
- Redis (ElastiCache) for caching and fast response delivery.
- DynamoDB for scalable and low-latency database operations.
- Authentication and Security:
- Cognito for user management.
- WAF to secure frontend and backend endpoints.
- Infrastructure as Code: AWS resources are provisioned using Terraform for consistency and automation.
Network Diagram
Platform Observability
Zenoo employs standardized observability practices to monitor and ensure platform health:- Centralized Logging: All services log data consistently across environments, managed via Datadog.
- Error Alerting: Alerts for critical errors are automatically sent to Slack for immediate action.
- Metrics Aggregation: Prometheus aggregates system metrics for detailed analysis.
- Metrics Visualization: Grafana provides dashboards for real-time monitoring and insights.
- Support: 24/7 operational support ensures rapid issue resolution and system stability.
Scalability and Resilience
Zenoo’s infrastructure is built to handle dynamic workloads with minimal manual intervention:- Managed AWS services offer built-in scalability.
- Terraform automates provisioning and configuration.
- Container service (ECS) ensure workload distribution and service isolation.
Minimum Requirements
Minimum AWS resource tiers and units to run the Zenoo Platform are listed below:| Service | Configuration summary |
|---|---|
| Amazon Managed Streaming for Apache Kafka (MSK) | Storage per Broker (100 GB), DT Inbound: Not selected (0 TB per month), DT Outbound: Not selected (0 TB per month), DT Intra-Region: (0 TB per month), Do you want to setup any Kafka Connect connectors? (No), Number of Kafka broker nodes (3), Compute Family (m7g.large) |
| Amazon ElastiCache | Nodes (0), Instance type (cache.r6gd.12xlarge), Utilization (On-Demand only) (100 %Utilized/Month), Cache Engine (Redis), Cache Node Type (Memory optimized), Pricing strategy (OnDemand), Instance type (cache.m5.large), Cache Engine (Redis), Nodes (3), Utilization (On-Demand only) (100 %Utilized/Month), Cache Node Type (Standard), Pricing strategy (OnDemand) |
| DynamoDB on-demand capacity | Table class (Standard), Average item size (all attributes) (30 KB), Data storage size (10 GB) |
| AWS Fargate | Operating system (Linux), CPU Architecture (x86), Average duration (30 days), Number of tasks or pods (4 per month), Amount of memory allocated (4 GB), Amount of ephemeral storage allocated for Amazon ECS (20 GB) |
| Amazon CloudFront | Data transfer out to internet (5 GB per month), Data transfer out to origin (5 GB per month), Number of requests (HTTPS) (10 million per month), Data transfer out to internet (5 GB per month), Data transfer out to origin (5 GB per month), Number of requests (HTTPS) (10 million per month) |
| S3 Standard | S3 Standard storage (100 GB per month) |
| Data Transfer | DT Inbound: Not selected (0 TB per month), DT Outbound: Not selected (0 TB per month) |
| Amazon Route 53 | Hosted Zones (1), Basic Checks Within AWS (10) |
| Amazon Cognito | Optimization Rate for Token Requests (0), Optimization Rate for App Clients (0), Advanced security features (Enabled), Number of monthly active users (MAU) (10), Number of app clients (0) |
| AWS Fargate | Operating system (Linux), CPU Architecture (x86), Average duration (30 days), Number of tasks or pods (2 per month), Amount of memory allocated (4 GB), Amount of ephemeral storage allocated for Amazon ECS (20 GB) |
| Amazon CloudWatch | Number of Metrics (includes detailed and custom metrics) (50), Number of Dashboards (1), Logs Delivered to CloudWatch Logs: Data Ingested (50 GB), Standard Logs: Data Ingested (50 GB) |
| Application Load Balancer | Number of Application Load Balancers (1) |
| AWS Web Application Firewall (WAF) | Number of Web Access Control Lists (Web ACLs) utilized (2 per month), Number of Rules added per Web ACL (10 per month), Number of Rule Groups per Web ACL (1 per month), Number of Rules inside each Rule Group (10 per month) |
| Amazon Elastic File System (EFS) | Desired Storage Capacity (1 TB per month) |
| Amazon Elastic Container Registry | DT Inbound: Not selected (0 TB per month), DT Outbound: Not selected (0 TB per month), Amount of data stored (100 GB per month) |
| Network Address Translation (NAT) Gateway | Number of NAT Gateways (1) |
| Public IPv4 Address | Number of In-use public IPv4 addresses (1) |
| Data Transfer | DT Inbound: Internet (1 GB per month), DT Outbound: All other regions (1 TB per month), DT Intra-Region: (1 TB per month) |