This document provides an overview of Elangovan Shanmugam's experience and expertise in software architecture. Some key points:
- Elangovan has over 25 years of experience in software development and has designed resilient systems that can handle millions of customers and transactions per second.
- He discusses his work on Tax products that can import documents in under 2 seconds for 45 million filers, and his role as Chief Architect for Mint which serves 35 million customers processing billions of transactions daily.
- The document outlines Elangovan's approach to software architecture including strategies for microservices, scalability, high availability, and application architecture for multiple platforms and millions of users.
This document discusses cybersecurity considerations for industrial Internet of Things (IIoT) systems. It describes how IIoT systems are distributed across sensors, actuators and other devices with streaming data, analytics/control, and connectivity to IT systems and clouds. This distributed nature introduces potential vulnerabilities from threats. The document then introduces the Data Distribution Service (DDS) standard as a connectivity platform that can address challenges like security while supporting real-time and reliable data distribution. Key features of DDS like decentralization and publish/subscribe capabilities are described. Finally, the document outlines DDS security capabilities like authentication, access control, encryption and logging to secure IIoT systems from unauthorized access and tampering.
Integrating DDS into AXCIOMA, the component approachRemedy IT
This document discusses integrating the Data Distribution Service (DDS) into AXCIOMA, a software suite that combines 11 open standards. It describes how DDSX11 abstracts the DDS vendor API to simplify programming and testing. Components use interaction patterns like request/reply and publish/subscribe to interact over DDS. The document provides an example of generating types from IDL and implementing a publisher component that writes DDS samples.
Mesos Meetup - Building an enterprise-ready analytics and operational ecosyst...Stratio
On November 6th, we got together at Google Campus to talk about Mesos and DC/OS.
Ignacio Mulas, Sparta & Spark Product Owner at Stratio, explained how to build an environment that can secure and govern its data for operational and analytical applications on top of DC/OS platform. He showed that analytical and machine learning pipelines can be combined with operational processes maintaining the security and providing governing tools to manage our data. He focused on the architecture and tools needed to achieve an ecosystem like this and we will show a demo of it. He also explained how we can develop our pipelines interactively with auto-discovered data catalogs and explore our results.
Find out more: https://www.stratio.com/events/discover-how-to-deploy-a-secure-big-data-pipeline-with-dcos/
The document compares OPC UA and DDS, two key protocols for industrial IoT. OPC UA is object-oriented and client-server, targeting simpler systems with device interchangeability needs. DDS is data-centric and peer-to-peer, more suitable for systems with primary software integration challenges. Both communities are working to ensure their technologies can work together, preserving investments as architectures evolve.
The document discusses autonomous vehicle design and RTI's expertise in autonomy. It begins by outlining the challenges of autonomous vehicle technical including rapid evolution, complex system integration, on/off vehicle communications, perception and sensing, decision making, safety certification, and software dominance in a mechanical world. It then describes RTI's experience in various industries and standards efforts. RTI is said to have deep expertise in autonomy from its founders' background and use of its middleware to power unmanned systems. The document discusses how RTI can help with autonomous vehicle development through ensuring data availability, guaranteeing real-time response, managing complex data flows and states, easing system integration, building in security, making deployments flexible, and easing safety
1) The document discusses using the Data Distribution Service (DDS) standard and Connext DDS middleware to develop mission-critical systems with Ada. DDS handles connectivity and allows applications to communicate in a loosely coupled publish-subscribe manner.
2) Developing applications directly with traditional inter-process communication approaches is expensive and ties applications to specific communication mechanisms. DDS simplifies application logic and reduces development and integration costs.
3) DDS supports real-time and safety-critical systems and has been used for systems like avionics and defense applications. It interfaces with Ada through code generation from IDL definitions.
What Is Solution Architecture? The Black Art Of I/T Solution ArchitectureNick Noecker
A point of view of "smart meter." From the front lines of the fire fight...through the lens of actual global engagements reconfigured into a composite. You can never predict the outcome of a Big Burn.
The document discusses fog computing and its role in industrial IoT (IIoT) systems. Fog computing refers to flexible, distributed computing resources and services located between end devices and centralized cloud computing infrastructure. It helps enable real-time response, reliable availability, and complex data management required for IIoT applications. The Industrial Internet Consortium is working to develop common architectures to connect sensors to cloud across industries using fog computing technologies like the Data Distribution Service standard.
Cloud computing is a model for enabling network access to configurable computing resources that can be rapidly provisioned with minimal management effort. There are differing definitions from NIST, Wikipedia, and others. Cloud computing provides utility computing, service-oriented architecture, and service level agreements. Key characteristics include scalability, availability, manageability, accessibility, performance, and enabling techniques like virtualization. The three main cloud models are Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Cloud deployment models include public, private, hybrid, and community clouds. Cloud computing provides advantages like cost savings and scalability but also risks like reliance on internet and potential security issues.
This document provides information on database security. It discusses how database security protects confidentiality, integrity and availability of databases. It also discusses the importance of database security to prevent data loss or compromise. Some of the largest data breaches in 2018 are summarized, including breaches of Aadhaar and Facebook that exposed over 1 billion and 87 million records respectively. Common attack vectors and frameworks for implementing database security are referenced. Finally, the document outlines a methodology for implementing proven database security practices around inventory, testing, compliance, eliminating vulnerabilities, enforcing least privileges, monitoring for anomalies, data protection, backup plans, and responding to incidents.
Network Function Virtualization and Programmable Networks: Challenges, Research Opportunities and Innovation.
Questions driving the discussion:
* Would NFV and SDN still provide opportunities for high impact research?
* What are the 3 main open research problems which could be investigated in the 2-4 next years?
* What are the main barriers and what would be necessary to go from an idea to the market in these areas?
This white paper introduces OMA Lightweight M2M (LWM2M), an open industry standard for remotely managing and providing services to a wide range of connected devices. LWM2M provides a client-server protocol that allows remote configuration, control and management of devices, and supports applications and services. It is designed to meet the needs of low-cost and resource-constrained devices that are an important part of the growing Internet of Things. The availability of LWM2M standard is expected to reduce fragmentation, lower costs, accelerate innovation and benefit various players in the M2M industry.
This document discusses how Thales can help organizations securely adopt cloud applications and manage access. It notes that single sign-on alone in a hybrid IT environment poses security risks if credentials are compromised. Thales' SafeNet Trusted Access allows validating identities, determining trust levels, and applying access controls for cloud services. It can leverage Windows authentication and PKI to enhance convenience without additional authentication. The document also outlines Thales' key management and encryption solutions for data at rest, applications, big data, and the cloud.
The Industrial Internet is an emerging communication infrastructure that connects people, data, and machines to enable access and control of mechanical devices in unprecedented ways. It connects machines embedded with sensors and sophisticated software to other machines (and end users) to extract data, make sense of it, and find meaning where it did not exist before. Machines--from jet engines to gas turbines to medical scanners--connected via the Industrial Internet have the analytical intelligence to self-diagnose and self-correct, so they can deliver the right information to the right people at the right time (and in real-time).
Despite the promise of the Industrial Internet, however, supporting the end-to-end quality-of-service (QoS) requirements is hard. This talk will discuss a number of technical issues emerging in this context, including:
Precise auto-scaling of resources with a system-wide focus.
Flexible optimization algorithms to balance real-time constraints with cost and other goals.
Improved fault-tolerance fail-over to support real-time requirements.
Data provisioning and load balancing algorithms that rely on physical properties of computations.
It will also explore how the OMG Data Distribution Service (DDS) provides key building blocks needed to create a dependable and elastic software infrastructure for the Industrial Internet.
View On-Demand: http://ecast.opensystemsmedia.com/369
To dramatically reduce defense costs, Open Architecture (OA) offers a vision of complex systems of systems built from composable, replaceable modules.
From its origins with the Navy's OA program for ship systems nearly 10 years ago, this design philosophy is spreading to military programs worldwide, including the the Future Architecture Computing Environment (FACE) for avionics, the Unmanned Air Segment Control Segment (UCS) for ground stations, the Army's Common Operating Environment (COE) and the UK's Generic Vehicle Architecture (GVA). These programs are defining technology and acquisition policy for the next generation of defense systems.
The consumerization of IT is under way. Workers want tablet access to business applications, often from personal devices. Learn why VPNs are not ideal for mobile connectivity and why remote desktop is a more secure, less expensive approach to tablet access that is easier to deploy, manage and use.
AG Series secure access gateways provide scalable and
controlled remote and mobile access to corporate networks,
enterprise applications and cloud services for any user,
anywhere on any device.
The document discusses software defined networking (SDN) and provides an overview of key concepts:
- SDN decouples network control and forwarding functions to allow for direct programmability of the network, enabling greater automation, flexibility, and cost reduction.
- Project OpenDaylight is an open source SDN framework supported by many industry players to further SDN adoption and innovation.
- Dell takes an unbiased approach to SDN, providing solutions that support legacy networks, virtualized environments, and open standards like OpenFlow to simplify network management across hybrid infrastructures.
A New Way of Thinking | NATS 2.0 & ConnectivityNATS
NATS 2.0 is the largest feature release since the original code base for the server was released. NATS 2.0 was created to allow a new way of thinking about NATS as a shared utility, solving problems at scale through distributed security, multi-tenancy, larger networks, and secure sharing of data. In this presentation, Derek discusses the motives behind the newest features of NATS and how to leverage them to reduce total cost of ownership, decrease time to value, support extremely large scale deployments, and decentralize security to create secure and easy to manage modern distributed systems.
Red hat's updates on the cloud & infrastructure strategyOrgad Kimchi
Red Hat presented its cloud and infrastructure strategy, focusing on Red Hat Cloud Suite which includes OpenStack for the software platform, OpenShift for DevOps and containers, and CloudForms for cloud management. OpenStack provides massive scalability for infrastructure and removes vendor lock-in. OpenShift enables developers and operations to build, deploy, and manage containerized applications from development to production on any infrastructure including physical, virtual, private and public clouds. CloudForms allows for managing containers and OpenShift deployments across hybrid cloud environments.
This document discusses microservices architecture. It describes microservices as loosely coupled services that communicate through well-defined APIs. Each service has a separate and focused business logic. The document outlines advantages like scalability, fault tolerance, and easier development. It also notes potential cons around increased complexity, testing challenges, and performance impacts from network latency.
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...NetworkCollaborators
Patomphon Vimolket introduces Cisco's vision for enabling next-generation data center transformations through software-defined technologies. The document discusses challenges like evolving threats, manual operations, and digital disruption. It presents Cisco's data center reference architecture and portfolio including Cisco CloudCenter, Nexus, UCS, HyperFlex, ACI, Intersight, and security solutions like Tetration and AppDynamics. These provide application visibility, infrastructure optimization, and security to help businesses adapt to challenges like multicloud, microservices, and more dynamic environments.
Accelerating a Path to Digital with a Cloud Data StrategyMongoDB
1) The document discusses accelerating a path to digital transformation with a cloud data strategy. It covers topics like the seismic shifts in organizations and application architectures, and the need to rethink underlying data layers.
2) The presentation discusses building an enterprise data fabric at Royal Bank of Scotland using MongoDB to provide data storage, query, and distribution as a service. This simplified development, reduced costs, and improved velocity.
3) MongoDB was presented as the foundation for cloud data strategies, providing the freedom to run applications anywhere while leveraging the benefits of multiple clouds.
Implement a Universal Data Distribution Architecture to Manage All Streaming ...Timothy Spann
Implement a Universal Data Distribution Architecture to Manage All Streaming Data
Cloudera Partner SkillUp
Tim Spann
Principal Developer Advocate in Data In Motion for Cloudera
tspann@cloudera.com
using apache nifi, apache kafka and apache flink in a hybrid environment
cloudera dataflow
cloudera streams messaging manager
cloudera sql streams builder
A New Approach to Continuous Monitoring in the CloudNETSCOUT
In this #CLUS 2019 session, you will learn how NETSCOUT’s smart data platform enables continuous monitoring in hybrid cloud environments to minimize risk and accelerate customer migration to the Cloud. You will review real-life examples of how businesses optimized their Cloud migration gaining visibility and deep insights, in both physical and virtual worlds, to maintain continuity and security of the services throughout the migration process.
Enterprise Integration in Cloud Native Microservices ArchitecturesCrishantha Nanayakkara
The document discusses enterprise integration in cloud native microservices architectures. It covers topics like cloud native architectures, container orchestration with Kubernetes, the evolution of enterprise systems from monolithic to microservices, key features of microservices including isolation and autonomy, service compositions, transactions, and microservice communication patterns. The document provides an overview of these topics at a high level to understand challenges and approaches in building applications in cloud native microservices environments.
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...WSO2
Stefano discusses how to augment service mesh functionality with API management capabilities, so you can create an end-to-end solution for your entire business functionality — from microservices, to APIs, to end-user applications.
Manu Zacharia presents on security and forensics discovery in the cloud. He discusses cloud architecture including the NIST cloud characteristics of on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. The three cloud service models - SaaS, PaaS, and IaaS - are explained. Potential security issues with cloud computing are identified, including lock-in, lack of standardization, shared service consequences, sudden acquisitions, run-on-the-cloud scenarios, and maintaining certifications and compliance.
[OpenStack Day in Korea 2015] Keynote 2 - Leveraging OpenStack to Realize the...OpenStack Korea Community
OpenStack Day in Korea 2015 - Keynote 2
Leveraging OpenStack to Realize the SKT Software-Defined Data Center
Jinsung Choi, Ph.D - CTO, Corporate R&D Center, SK Telecom
Deep-dive into Microservices Patterns with Replication and Stream Analytics
Target Audience: Microservices and Data Architects
This is an informational presentation about microservices event patterns, GoldenGate event replication, and event stream processing with Oracle Stream Analytics. This session will discuss some of the challenges of working with data in a microservices architecture (MA), and how the emerging concept of a “Data Mesh” can go hand-in-hand to improve microservices-based data management patterns. You may have already heard about common microservices patterns like CQRS, Saga, Event Sourcing and Transaction Outbox; we’ll share how GoldenGate can simplify these patterns while also bringing stronger data consistency to your microservice integrations. We will also discuss how complex event processing (CEP) and stream processing can be used with event-driven MA for operational and analytical use cases.
Business pressures for modernization and digital transformation drive demand for rapid, flexible DevOps, which microservices address, but also for data-driven Analytics, Machine Learning and Data Lakes which is where data management tech really shines. Join us for this presentation where we take a deep look at the intersection of microservice design patterns and modern data integration tech.
[WSO2 API Day Dallas 2019] Extending Service Mesh with API ManagementWSO2
In this deck, we discuss how to augment service mesh functionality with API management capabilities, so you can create an end-to-end solution for your entire business functionality — from microservices to APIs, to end-user applications.
Partnership to Capture Indonesia ERP Cloud Trend OpportunitiesSutedjo Tjahjadi
Datacomm, Acumatica & Partners Community gathered to discuss how to foster the adoption of Acumatica ERP Cloud applications in Indonesia Market. The market primary concern is security & datacenter location. Datacomm Cloud Business - (cloud.datacomm.co.id) Enterprise - Secure - Local philosophy was shared to address the issue.
Do more clouds = better scalability, availability, flexibility NuoDB
Do More Clouds = Better Scalability, Availability, Flexibility?
Whether you are moving mission critical applications to the cloud or building new applications directly in the cloud, you must think ahead. Regulations, inter-cloud operations, fault tolerance, and disaster recovery are all critical components to your success. How can you ensure that you build for future flexibility and high availability? How do you keep infrastructure and operations cost reasonable and predictable? Join Ariff Kassam, CTO from NuoDB and Martin Bailey, Director of Innovation at Temenos for this educational webinar as they explore multi-cloud deployment models in-depth.
You will learn:
How you can benefit from multi-cloud deployments
Why cloud-native is key to success
How cloud-agnostic solutions impact deployment options
What’s driving cloud priorities for financial organizations
How to maintain high availability in a cloud-first environment
Unlocking the Power of IoT: A comprehensive approach to real-time insightsconfluent
In today's data-driven world, the Internet of Things (IoT) is revolutionizing industries and unlocking new possibilities. Join Data Reply, Confluent, and Imply as we unveil a comprehensive solution for IoT that harnesses the power of real-time insights.
This document provides a high-level overview of a cloud architecture design. It discusses considerations for the design including service assurance, high availability, secure tenant segregation, and data center scalability. It then describes the proposed design which includes pods, availability zones, and regions to provide modular scalability, redundancy, and tenant isolation. Management servers and databases are separated for control and data planes.
Similar to Horizontal Scaling for Millions of Customers! (20)
Cultural Shifts: Embracing DevOps for Organizational TransformationMindfire Solution
Mindfire Solutions specializes in DevOps services, facilitating digital transformation through streamlined software development and operational efficiency. Their expertise enhances collaboration, accelerates delivery cycles, and ensures scalability using cloud-native technologies. Mindfire Solutions empowers businesses to innovate rapidly and maintain competitive advantage in dynamic market landscapes.
What is OCR Technology and How to Extract Text from Any Image for FreeTwisterTools
Discover the fascinating world of Optical Character Recognition (OCR) technology with our comprehensive presentation. Learn how OCR converts various types of documents, such as scanned paper documents, PDFs, or images captured by a digital camera, into editable and searchable data. Dive into the history, modern applications, and future trends of OCR technology. Get step-by-step instructions on how to extract text from any image online for free using a simple tool, along with best practices for OCR image preparation. Ideal for professionals, students, and tech enthusiasts looking to harness the power of OCR.
NBFC Software: Optimize Your Non-Banking Financial CompanyNBFC Softwares
NBFC Software: Optimize Your Non-Banking Financial Company
Enhance Your Financial Services with Comprehensive NBFC Software
NBFC software provides a complete solution for non-banking financial companies, streamlining banking and accounting functions to reduce operational costs. Our software is designed to meet the diverse needs of NBFCs, including investment banks, insurance companies, and hedge funds.
Key Features of NBFC Software:
Centralized Database: Facilitates inter-branch collaboration and smooth operations with a unified platform.
Automation: Simplifies loan lifecycle management and account maintenance, ensuring efficient delivery of financial services.
Customization: Highly customizable to fit specific business needs, offering flexibility in managing various loan types such as home loans, mortgage loans, personal loans, and more.
Security: Ensures safe and secure handling of financial transactions and sensitive data.
User-Friendly Interface: Designed to be intuitive and easy to use, reducing the learning curve for employees.
Cost-Effective: Reduces the need for additional manpower by automating tasks, making it a budget-friendly solution. Benefits of NBFC Software:
Go Paperless: Transition to a fully digital operation, eliminating offline work.
Transparency: Enables managers and executives to monitor various points of the banking process easily.
Defaulter Tracking: Helps track loan defaulters, maintaining a healthy loan management system.
Increased Accessibility: Cutting-edge technology increases the accessibility and usability of NBFC operations. Request a Demo Now!
A Comparative Analysis of Functional and Non-Functional Testing.pdfkalichargn70th171
A robust software testing strategy encompassing functional and non-functional testing is fundamental for development teams. These twin pillars are essential for ensuring the success of your applications. But why are they so critical?
Functional testing rigorously examines the application's processes against predefined requirements, ensuring they align seamlessly. Conversely, non-functional testing evaluates performance and reliability under load, enhancing the end-user experience.
React and Next.js are complementary tools in web development. React, a JavaScript library, specializes in building user interfaces with its component-based architecture and efficient state management. Next.js extends React by providing server-side rendering, routing, and other utilities, making it ideal for building SEO-friendly, high-performance web applications.
Discover the Power of ONEMONITAR: The Ultimate Mobile Spy App for Android Dev...onemonitarsoftware
Unlock the full potential of mobile monitoring with ONEMONITAR. Our advanced and discreet app offers a comprehensive suite of features, including hidden call recording, real-time GPS tracking, message monitoring, and much more.
Perfect for parents, employers, and anyone needing a reliable solution, ONEMONITAR ensures you stay informed and in control. Explore the key features of ONEMONITAR and see why it’s the trusted choice for Android device monitoring.
Share this infographic to spread the word about the ultimate mobile spy app!
Responsibilities of Fleet Managers and How TrackoBit Can Assist.pdfTrackobit
What do fleet managers do? What are their duties, responsibilities, and challenges? And what makes a fleet manager effective and successful? This blog answers all these questions.
Lots of bloggers are using Google AdSense now. It’s getting really popular. With AdSense, bloggers can make money by showing ads on their websites. Read this important article written by the experienced designers of the best website designing company in Delhi –
introduction of Ansys software and basic and advance knowledge of modelling s...sachin chaurasia
Ansys Mechanical enables you to solve complex structural engineering problems and make better, faster design decisions. With the finite element analysis (FEA) solvers available in the suite, you can customize and automate solutions for your structural mechanics problems and parameterize them to analyze multiple design scenarios. Ansys Mechanical is a dynamic tool that has a complete range of analysis tools.
2. Intuit Confidential and Proprietary
1
Name: Elangovan Shanmugam
Title: Distinguished Engineer @ Intuit Inc. EcoSystem Integration.
Experience: 25+ Years in Software Development
Work Highlights:
- Designed Resilient systems to help importing Tax documents in
(TP50) less than 2 seconds to our 45M tax filers.
- Mint, Chief Architect. Designed & Deployed First ever Intuit Offering
to Public Cloud. Serving for 35M customers and processing billions
of bank transactions.
- Event based notification systems processing millions of events and
delivering 10+ millions notifications per day.
- 11 Software Patents, 30 pending.
- Scott Cook Innovation award winner.
ABOUT ME …
Twitter @elangovans
LinkedIn https://www.linkedin.com/in/elangovans
Blogs https://medium.com/@elangovan_shanmugam
Patents https://patents.justia.com/inventor/elangovan-shanmugam
3. Intuit Confidential and Proprietary
2
We understand …
- What is considered in the software architecture
- Strategies for delivering Microservices that can scale
- How Mint scales for millions of customers
THIS MEETING WILL BE GOOD IF …
6. Intuit Confidential and Proprietary
5
HOW DO WE STRUCTURE OURSELVES TO SOLVE THIS PROBLEM
PEOPLE TECHNOLOGY PROCESS COST (TCO)P T Pr C
Engineers (Dev, DevOps, QE)
Analyst / Data Science
Other actors
Application / Services / Database
AI/ML & Warehouse
Cloud & Hosting technologies
Agile, Kanban … Development
Build / Deploy Process
Development Cost
Maintenance Cost
Hosting Cost
7. Intuit Confidential and Proprietary
6
ARCHITECTURE PRINCIPLES
Keep compute tier stateless1 Resilient to failures and work
in a dynamic environment and
No Single point of failures
(reduce number of FCI)
2 Low latency and high
performing systems
3
Security is number one
concern
4 Fault Isolation by decreasing
the blast radius
5 Zero downtime deployment -
using Canary, Blue/Green
Deployment
6
8. Intuit Confidential and Proprietary
7
SLA’S THAT WE ARE SOLVING FOR …
AVAILABILITY 4 9’s
~ 52 mins
downtime per year.
LATENCY TP50: 1 Sec.
TP90: 2 Secs.
TP99: 5 Secs.
SITE RECYCLE
FREQUENCY
15 days
FAULT
TOLERANCE
FCI: 0.02%
RPO: 5 mins
RTO: 20 mins
SECURITY SLA ZERO SECURITY
DEFECTS
P1 DEFECTS
MUST BE FIXED
& DEPLOYED
IN 48 HOURS
TEST COVERAGE 100%
AUTOMATION
DEPLOYMENT
TIME
45 Mins after code
is committed
Blast Radius No more than 10%
user
- Understand Traffic Patterns (daily, weekly, monthly, …)
- Measure Daily, Weekly, Monthly, and Yearly Active users
- Identify most used features, How much time the users are spending in a feature, Hotspots in
the system
- Build Operational rigour to support the users and system behaviours
- Be Cost aware. How much each request costs
10. Intuit Confidential and Proprietary
9
API & MicroServices
Data Lake
Applications
Hosting
Logging
Instrumentation
Monitoring
Alerting
Content
Source Control
Analyzer
Build
Artifact &
Packaging
Deploy
ABSTRACT TECHNOLOGY STACK
Technology Stack
● Typical stack contains many micro services, many databases,
many applications along with several utility functions, hosting
and monitoring.
● In Mint,
○ AWS is the hosting platform
○ Java and Restful services for the middle layer
○ Single page application for the browser app
○ Native applications for the mobile devices (iOS and
Android).
DEVELOPMENT RUNTIME
11. Intuit Confidential and Proprietary
10
API & MicroServices
Data Lake
Applications
Hosting
Logging
Instrumentation
Monitoring
Alerting
Content
Source Control
Analyzer
Build
Artifact &
Packaging
Deploy
ABSTRACT TECHNOLOGY STACK
Application Stack
● User facing features
● Typically running in the internet
● Built for multiple platforms (Web Browser,
Desktop, Mobile devices, and so on)
12. Intuit Confidential and Proprietary
11
API & MicroServices
Data Lake
Applications
Hosting
Logging
Instrumentation
Monitoring
Alerting
Content
Source Control
Analyzer
Build
Artifact &
Packaging
Deploy
ABSTRACT TECHNOLOGY STACK
Services Stack
● Capabilities built and deployed in the server side
● Typically runs in the data center behind Firewall
● Should be horizontally scalable
● Solves for lots compliance requirements
13. Intuit Confidential and Proprietary
12
API & MicroServices
Data Lake
Applications
Hosting
Logging
Instrumentation
Monitoring
Alerting
Content
Source Control
Analyzer
Build
Artifact &
Packaging
Deploy
ABSTRACT TECHNOLOGY STACK
Data Lake
● Ingest click-stream data to understand user behaviors
● Ingest all data and analyse to gain business insights
● Develop & Train ML models
15. Intuit Confidential and Proprietary
14
MicroService - 1
Gateway
authentication
Microservices Strategy
Modern systems cannot be built as a single monolithic service. Split the
concerns into functional areas. In Mint, the splits are as follows,
Budgets, Credit Reports, Investments, Goals, Notifications, Insights and
so on.
Common Capabilities:
- Within the services there are horizontal concerns like how to
communicate between Databases, API’s, Brokers, etc.
Scale per functionality:
- This allows us to design them independent of each other, based
on their scale. For example, Users will have 1000’s of
transactions, but there will be only one credit report per month.
Separation of concerns:
- Delivery of services per their own schedule. Credit report team’s
cadence can be different from Budget service cadence.
- In case of any issues in Budget service must not impact Credit
service or other services. This is also known as control the blast
radius.
ORIENTATION
SCALING FUNCTIONALITIES
MicroService - 2 MicroService - 3 MicroService - 4 MicroService - 5
16. Intuit Confidential and Proprietary
15
Business Logic
Proxy Layer
(Routing & Stack Picking)
API
Broker
Database Layer
Offline Process
Gateway
authentication
Authenticate any requests to microservices.
This is critical security layer.
Restful API layer exposes various CRUD
resources operations to it clients. This
defines endpoints and resource models.
Service layer where all the business logic is
implemented. There are two different
aspects, online and offline process.
Databases, Caches and Data Access Layer.
Platform Developer Role Technologies
API Backend Developer JaxRS, Jersey
Broker ActiveMQ, Kafka
Cache Redis, MemCache
Business Logic Java
Database MySQL, C*, DynamoDB
Service Template
A representation of a Microservice. Though each service can customize
per its needs a typical template would be like this so that there is
uniform approach and easy to understand, move talents between
services, and easy to troubleshoot, etc.
MICROSERVICES ARCHITECTURE
Cache
ORIENTATION
17. Intuit Confidential and Proprietary
16
RUN TIME & NETWORK COMMUNICATIONS
ELB Proxy API Broker Business Database
Sharded RDS MySQL::
Each DB contains set of
users data.
Business logic, Caching and
Data access logic.
REST API, Data Transform
to Resource model,
Distributed Caching for
sessions
EC2 Instance
RDS MySQL
18. Intuit Confidential and Proprietary
17
RUN TIME & NETWORK COMMUNICATIONS
ELB Proxy API Broker Business Database
Sharded RDS MySQL::
Each DB contains set of
users data.
Typically compute, I/O
intensive and scale this
layer based on the load.
REST API instances can be
scaled horizontally. Add new
EC2 nodes to support load.
ActiveMQ Brokers are typically will work as
single Master instance and Slave instance.
This layer is used as RMI over JMS.
Alternate would be
- using Kafka Cluster.
- using Vert.x infrastructure.
Can be a separate topics!!
19. Intuit Confidential and Proprietary
18
Availability Zone 1
Proxy Layer
(Routing & Stack picking)
Web, Broker, and
Business logic Layer
Database Layer
Availability Zone 1
Proxy Layer
(Routing & Stack picking)
S1 S2 S3 S4
WHAT IS SL?
Availability Zone 1
Proxy Layer
(Routing & Stack picking)
S1 S2 S3 S4
WHAT IS INSIDE A SL?
EC2
RDS for
MySQL
HORIZONTAL SCALING & DEPLOYMENT ARCHITECTURE
Strategies for Service deployment
Pick a strategy for partitioning the data. For example,
one DB shard could hold data for n users. For a given
service, all the data will be available in that shard.
Another service could use very different partitioning
strategy.
Alternate: Cassandra or DynamoDB could be an
alternate, but choose proper persistence strategy for
the problem.
Stacks (or Swimlanes) where the services are
deployed can communicate to within the boundary.
Avoid Cross Stack Communication.
Central Stack (not shown in the diagram) contains the
configuration of which user data belongs to which
shard and which shard belongs to which stack.
AWS RegionElastic Load Balancer
20. Intuit Confidential and Proprietary
19
Data Center 2
Availability Zone 1
Proxy Layer
(Routing & Stack picking)
S1 S2 S3 S4
Data Center 1
HIGH AVAILABILITY
AWS RegionElastic Load Balancer
HA Strategies
Services are deployed in Multiple Availability Zones
(AZ) so that they are highly available.
Each Stack is distributed in multiple AZs. Primary
database is one AZ. Slaves (real-time replication) of
the data is distributed in the 2nd and 3rd AZ.
Compute tier will reach out to the Primary database.
Benefits of this model:
- If there is an outage on an AZ other two AZs will
still serve the requests for our customers.
- Reduce the blast radius. If there is an issues in
the system it could only affect smallest scope of
the users.
Operations procedures:
Stack rebalancing, Data model rollouts, Blue/Green
Deployments, Canary deployments.
Availability Zone 2
Proxy Layer
(Routing & Stack picking)
S1 S2 S3 S4
Availability Zone 3
Proxy Layer
(Routing & Stack picking)
S1 S2 S3 S4
Data Center 3
22. Intuit Confidential and Proprietary
21
Plugins
Utilities (Logging,
Instrumentation …)
Sandbox API
App Shell
Shell Service
Plugin Reg +
Personalization
Plugin - 1
Plugin - 3
Platform Developer Role Technologies
Web Application Web app developer Java Script, ReactJS,
HTML5, CSS3.
iOS (phone, tablet,
wearables)
iOS Developer Swift, XCode
Android (phone,
tablet, wearables)
Android Developer Kotlin, Android Studio
Experience Designers, Customer research, Product Managers
Accessibility experts.
Plugin - 2
Plugin - 4
A Software infrastructure that helps
register and render Plugins, packages the
common libraries avoid loading them
multiple times, etc.
Plugins are set of customer facing
capabilities that can be reused in multiple
apps. Think of Login, Shopping cart,
Payment, etc. as plugins.
APPLICATION ARCHITECTURE
Common utilities can be used across all
the plugins. Uniform method of logging and
collecting metrics and more.
Scalability in App Architecture
What are the strategies for multiple platforms, Web, iOS, Android,
Tablets, Wearables, IoT devices?
What are the customer base? Do they expect native experience?
Does your product demand native experience? For example, does your
product need any of the device capabilities, like activating camera?
ORIENTATION