Scribd
Upload
140 views330 pages

Rocking+System+Design+Course+Slides v2

Uploaded by

Jignesh Chauhan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
140 views330 pages

Rocking+System+Design+Course+Slides v2

Uploaded by

Jignesh Chauhan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 330

Raj Saha

cloudwithraj.com
Cloud With Raj
cloudwithraj
linkedin.com/in/rajdeep-sa-at-aws/

Instructor Bio:
Sr. Solutions Architect @
Bestselling Udemy/Pluralsight author
Tech Advisor of crypto startup
Public speaker and guest lecturer
Author of multiple official AWS blogs
YouTuber with 30K subscribers
Previously - Distinguished Cloud Architect @Verizon
Opinions are my own
SECTION1: SYSTEM DESIGN
BASICS

Copyright © Rajdeep Saha - All Rights Reserved


Microservices

Copyright © Rajdeep Saha - All Rights Reserved


The monolith
“…a single-tiered software application in which the user interface
and data access code are combined into a single program from a
single platform.”

- Wikipedia

Copyright © Rajdeep Saha - All Rights Reserved


Monolith is not the bad guy!
Pros: Cons:
• At first… • Modularity is hard to enforce
• Simple as app grows
• No over-engineering • Scaling is a challenge
• Single code base • All or nothing deployment
• Resource efficient at small • Long release cycles
scale • Slow to react to customer
demand

Copyright © Rajdeep Saha - All Rights Reserved


Can you use API with
Monolith?

Copyright © Rajdeep Saha - All Rights Reserved


Absolutely

APIs does NOT equal microservices

Copyright © Rajdeep Saha - All Rights Reserved


APIs in Monolith

store/get
Monolith
API
store/post Gateway/Load Entry function check the Database
balancer url/path and executes logic
store/delete accordingly

Copyright © Rajdeep Saha - All Rights Reserved


Issue of Scaling
store/get

API Monolith
store/post Gateway/Load Database
balancer (Running on VM)
store/delete

CPU

Amazon EC2
(M5.12xlarge)

Copyright © Rajdeep Saha - All Rights Reserved


Issue of Scaling
store/get

API Monolith
store/post Gateway/Load Database
balancer (Running on VM)
store/delete

CPU

Amazon EC2
(M5.12xlarge)

Copyright © Rajdeep Saha - All Rights Reserved


Entire Monolith Need to Scale

store/get
Monolith

Monolith
(Running on VM)
API
store/post Gateway/Load (Running on VM)
Database
balancer
store/delete

CPU CPU

Amazon EC2 Amazon EC2


(M5.12xlarge) (M5.12xlarge)

Copyright © Rajdeep Saha - All Rights Reserved


APIs in Microservice

store/get backend
store/get (smaller VM1) (t3.large)

API
store/post store/post backend
Gateway/Load Database
(smaller VM2)
balancer
store/delete
(t3.medium)
store/delete backend
(smaller VM3)

(t3.micro)

Copyright © Rajdeep Saha - All Rights Reserved


APIs in Microservice

store/get backend Datab


store/get (smaller VM1) (t3.large) ase

API
store/post store/post backend Datab
Gateway/Load
(smaller VM2) ase
balancer
store/delete
(t3.medium)
store/delete backend Datab
(smaller VM3) ase

(t3.micro)

Copyright © Rajdeep Saha - All Rights Reserved


APIs in Microservice

store/get backend
store/get (smaller VM1) (t3.large)

API
store/post store/post backend
Gateway/Load Database
(smaller VM2)
balancer
store/delete
(t3.medium)
store/delete backend
(smaller VM3)

(t3.micro)

Copyright © Rajdeep Saha - All Rights Reserved


Scaling APIs in Microservice
store/get backend
(smaller VM1) (t3.large)
store/get
store/get backend
(smaller VM1)
(t3.large)
API
store/post store/post backend
Gateway/Load Database
(smaller VM2)
balancer
store/delete
(t3.medium)
store/delete backend
(smaller VM3)

(t3.micro)

Copyright © Rajdeep Saha - All Rights Reserved


Scaling APIs in Microservice
store/get backend
(smaller VM1) (t3.large)
store/get
store/get backend
(smaller VM1)
(t3.large)
API
store/post store/post backend
Gateway/Load Database
(smaller VM2)
balancer
store/delete
(t3.medium)
store/delete backend
(smaller VM3)

Polyglot
(t3.micro)

Copyright © Rajdeep Saha - All Rights Reserved


Characteristics of microservice architectures
• Independent
• Scaling
• Governance
• Deployment
• Testing
• Functionality

Important - Not required to follow every characteristic

Copyright © Rajdeep Saha - All Rights Reserved


Deploying microservices
in AWS

Copyright © Rajdeep Saha - All Rights Reserved


The answer to everything!

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Auto Scaling group
store/get

Amazon EC2

Auto Scaling group


store/post

Amazon EC2

Auto Scaling group


store/delete

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Auto Scaling group
store/get

Amazon EC2 (m5.large)

Auto Scaling group

store/post
Elastic Load Balancing

Amazon EC2 (t3.micro)

Auto Scaling group


Amazon API Gateway
store/delete

Amazon EC2 (m4.2xlarge)

Copyright © Rajdeep Saha - All Rights Reserved


Serverless
store/get

AWS Lambda
Elastic Load Balancing
store/post

AWS Lambda
store/delete
Amazon API Gateway

AWS Lambda

Lambda scales automatically

Copyright © Rajdeep Saha - All Rights Reserved


Container
store/get

Amazon Elastic Kubernetes


Elastic Load Balancing Service
store/post

store/delete
Amazon API Gateway Amazon Elastic Container
Service

Copyright © Rajdeep Saha - All Rights Reserved


Kubernetes Amazon Elastic Kubernetes
Service

store/get
ServiceA

store/post
ServiceB

Ingress ALB
store/delete
ServiceC

Copyright © Rajdeep Saha - All Rights Reserved


Mix and Match!
store/get

store/post

Amazon EC2
ALB
store/delete

AWS Lambda

Copyright © Rajdeep Saha - All Rights Reserved


Load Balancer

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

Amazon EC2
10.10.100.200

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

??!! Amazon EC2


10.10.150.200

Amazon EC2
10.10.110.200

Amazon EC2
10.10.120.200

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

Amazon EC2
10.10.150.200

Elastic Load Balancing Amazon EC2


10.10.110.200
123xyz.com

Amazon EC2
10.10.120.200

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

Amazon EC2
10.10.150.200

Elastic Load Balancing Amazon EC2


123xyz.com 10.10.110.200

Amazon EC2
10.10.120.200

Amazon EC2
10.10.130.200

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

X
Amazon EC2
10.10.150.200

Elastic Load Balancing Amazon EC2


123xyz.com 10.10.110.200

Amazon EC2
10.10.120.200

Amazon EC2
10.10.130.200

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

X
Amazon EC2
10.10.150.200

Elastic Load Balancing Amazon EC2


123xyz.com 10.10.110.200

Amazon EC2
10.10.120.200

Amazon EC2
10.10.130.200

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

Elastic Load Balancing


123xyz.com
(Ingress/Service)

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

AWS Lambda

AWS Lambda
Elastic Load Balancing
123xyz.com

AWS Lambda

Copyright © Rajdeep Saha - All Rights Reserved


Your Application

AWS Lambda

AWS Lambda
Elastic Load Balancing
123xyz.com

www.store.com AWS Lambda

Amazon Route 53

Copyright © Rajdeep Saha - All Rights Reserved


Load Balancer
• Automatically distributes incoming traffic across multiple
targets

• Monitors health of targets

• Integrates with SSL

• “Elastic”

Copyright © Rajdeep Saha - All Rights Reserved


Types of Load Balancer

• Application Load Balancer

• Network Load Balancer

Copyright © Rajdeep Saha - All Rights Reserved


Application Load Balancer

Amazon EC2
10.10.150.200

Elastic Load Balancing Amazon EC2


123xyz.com 10.10.110.200

Amazon EC2
10.10.120.200

Copyright © Rajdeep Saha - All Rights Reserved


Application Load Balancer

Amazon EC2

Elastic Load Balancing Amazon EC2


123xyz.com

www.store.com
www.store.com/get
www.store.com/post
www.store.com/delete Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Application Load Balancer Target Groups

www.store.com/get
Amazon EC2 Amazon EC2

www.store.com/post

Elastic Load Balancing Amazon EC2 Amazon EC2


123xyz.com

www.store.com
www.store.com/delete

Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Application Load Balancer

• Operates on OSI Layer 7

• Routes traffic based on url path

• Validates and terminates SSL

• Sticky session

Copyright © Rajdeep Saha - All Rights Reserved


Application Load Balancer Target Groups

www.store.com/get
Amazon EC2 Amazon EC2

www.store.com www.store.com/post

Elastic Load Balancing

www.store.com/delete

AWS Lambda

Copyright © Rajdeep Saha - All Rights Reserved


Network Load Balancer

• Operates on OSI Layer 4

• Routes traffic based on protocol and port of incoming


traffic

• SSL passthrough

Copyright © Rajdeep Saha - All Rights Reserved


ALB or NLB?
• NLB handles spiky traffic better
• ALB handles consistent high traffic better

• NLB exposes static IP address


• ALB needs Global Accelerator

• Influenced by choices
• API Gateway REST API Private integration with NLB
with Private Link
• NLB supports EC2 instance and IP address as backend
target group
• ALB supports EC2, IP address, and Lambda

Copyright © Rajdeep Saha - All Rights Reserved


API – What and Why?

Copyright © Rajdeep Saha - All Rights Reserved


Wiki Definition

Copyright © Rajdeep Saha - All Rights Reserved


Real World Example

Waiter

Kitchen

Copyright © Rajdeep Saha - All Rights Reserved


Real World Example

Waiter

Kitchen

Copyright © Rajdeep Saha - All Rights Reserved


Real World Example

Kitchen

Copyright © Rajdeep Saha - All Rights Reserved


Back to IT

API

Amazon EC2

Bank/Airline Booking
Pre-defined input fields

Copyright © Rajdeep Saha - All Rights Reserved


But Why?

Amazon EC2

Bank/Airline Booking

Copyright © Rajdeep Saha - All Rights Reserved


But Why?

• Traffic management

• Load balancing

Amazon EC2 • Specific input/output needs

Bank/Airline Booking • AuthN/Z

Copyright © Rajdeep Saha - All Rights Reserved


But Why?

Amazon EC2

API Gateway Bank/Airline Booking

Copyright © Rajdeep Saha - All Rights Reserved


AWS Implementation

API

Amazon EC2

API Gateway Bank/Airline Booking

Amazon API Gateway

Copyright © Rajdeep Saha - All Rights Reserved


ALB vs. API Gateway

Copyright © Rajdeep Saha - All Rights Reserved


Application Load Balancer (ALB)

• Automatically distributes incoming traffic across backend targets

• Layer 7 load balancer

• Infrastructure managed by AWS, highly available, elastic


ALB Integration
/browse

AWS Lambda

/insert

website AWS Lambda


Application
Load Balancer
/delete

AWS EC2
API Gateway

• Fully managed and serverless API service from AWS


• Automatically scales up and down
• Infrastructure managed by AWS, highly available, elastic
API Gateway Integration
/GET

AWS Lambda

/POST

website AWS Lambda


Amazon API Gateway

/DELETE

AWS EC2
API Gateway ALB
Can implement rate limiting, bursting for No rate limiting, bursting capability
APIs
Integrate with AWS WAF for protection Integrate with AWS WAF for protection

Not possible to get a static IP address for Possible to get a static IP address for load
endpoint balancer endpoint
Accepts HTTPS traffic Accepts HTTP, HTTPS traffic
Able to do request validation, Not able to do request validation,
request/response mapping request/response mapping

Able to handle spiky traffic (default rate – Delay during spiky traffic, pre-allocate LCUs to
10k rps, 5k burst rate) avoid delay (charged extra)
Able to integrate with Lambda from different ALB is a regional service
region, even different AWS account
API Gateway ALB

Able to export/import APIs cross API No direct method to import/export rules for
platforms using swagger, Open API Spec cross platforms
3.0
Have extensive AuthN/Z integration – API Integration with any OIDC compliant IdP
Key, IAM, Cognito User Pool, Cognito (Cognito, LDAP etc.)
Identity Pool, external IdP
Able to cache responses Not able to cache responses

Timeout limit 30 seconds Timeout limit 4000 seconds


Integrates with almost all AWS services Use EC2, Lambda, IP addresses as
backend
No health check available Health check available
Pay per use Pay for idle
Scaling – Vertical vs
Horizontal

Copyright © Rajdeep Saha - All Rights Reserved


Regular Application

CPU
Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Regular Application

CPU
Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Regular Application

CPU
Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling

CPU
Your App in the
BIGGER server

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling

CPU
Your App in the
BIGGER server

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling Deep Dive

CPU
Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling Deep Dive

CPU
Your App in the
server
Application load balancer

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling Deep Dive

CPU
Your App in the
server
Application load balancer

Your App in the


BIGGER server

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling Deep Dive

CPU
Your App in the
server

Your App in the


Application load balancer
BIGGER server

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling Deep Dive

Your App in the


Application load balancer
BIGGER server

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling Deep Dive

Your App in the


Application load balancer
BIGGER server

Copyright © Rajdeep Saha - All Rights Reserved


Vertical Scaling Challenges

• Scaling up/down takes longer

• Chance of missing transactions during


Your App in the scaling cutover
Application load balancer
BIGGER server
• Limited scaling

• Expensive

Copyright © Rajdeep Saha - All Rights Reserved


Regular Application

CPU
Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Horizontal Scaling

CPU
Your App in the
server

CPU
Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Horizontal Scaling

CPU
Your App in the
server

CPU
Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Horizontal Scaling

CPU
Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Horizontal Scaling Deep Dive

CPU
Your App in the
server
Application load balancer

Copyright © Rajdeep Saha - All Rights Reserved


Horizontal Scaling Deep Dive

CPU
Your App in the
server

Application load balancer CPU


Your App in the
server

Copyright © Rajdeep Saha - All Rights Reserved


Horizontal Scaling
• Scaling up/down faster
CPU
Your App in the • Massively scalable
server

• Cost effective
Application load balancer CPU
Your App in the
server • Legacy code needs to be refactored for
horizontal scaling

Copyright © Rajdeep Saha - All Rights Reserved


VM, Container, Serverless
Scaling on AWS

Copyright © Rajdeep Saha - All Rights Reserved


Vertical vs Horizontal Scaling on AWS
• EC2 vertical and horizontal scaling
• Container scaling
• Lambda scaling
• Fargate scaling

Copyright © Rajdeep Saha - All Rights Reserved


Let’s Whiteboard!

Copyright © Rajdeep Saha - All Rights Reserved


Real World Interview Tips
on Scaling

Copyright © Rajdeep Saha - All Rights Reserved


How can you make your application scalable for a
big traffic day?
Average Answer

Put the VMs in auto scaling group and use load balancer

Elastic Load Balancing

Auto Scaling group

Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


GOOD Answer
Pre-warm Load
Balancers

Elastic Load Balancing


Run IEM (Infrastructure Event Management) to
ensure it can handle high traffic

Auto Scaling group


Scheduled Scaling
Amazon EC2 Amazon EC2
Lightweight AMI

Use database proxy (e.g.,


RDS proxy)

Increase Account Limits


Utilize different (Account + Region) combo

Talk about breaking the app into microservices


Going into Kubernetes or Serverless doesn’t eliminate these challenges

Copyright © Rajdeep Saha - All Rights Reserved


Serverless Scaling

Use database proxy (e.g.,


RDS proxy)

Amazon API Gateway AWS Lambda


Enable API caching Provisioned Concurrency
Use HTTP API (Scheduled)
Optimize Lambda code using X-
Ray
Optimize Lambda configuration using
CloudWatch Insights

Increase Account Limits


Utilize different (Account + Region) combo

Copyright © Rajdeep Saha - All Rights Reserved


Container Scaling

Pre-warm Load
ALB Ingress
Balancers

Elastic Load Balancing


Use replicaset to run
multiple copies of the pod Availability Zone 1 Availability Zone 2

Use cluster
overprovisioner to
provision nodes
Autoscaler
Cluster

Use database proxy (e.g.,


RDS proxy)

Increase Account Limits


Utilize different (Account + Region) combo

Copyright © Rajdeep Saha - All Rights Reserved


Synchronous vs. Event
Driven/Async Architectures

Copyright © Rajdeep Saha - All Rights Reserved


Microservices
store/get

Elastic Load Balancing


store/post

Amazon EC2

store/delete
Amazon API Gateway

AWS Lambda

Copyright © Rajdeep Saha - All Rights Reserved


Synchronous Architecture

Amazon API Gateway AWS Lambda Amazon DynamoDB

Copyright © Rajdeep Saha - All Rights Reserved


Synchronous Architecture

Amazon API Gateway AWS Lambda Amazon DynamoDB

Copyright © Rajdeep Saha - All Rights Reserved


Synchronous Architecture

AWS Lambda Amazon DynamoDB


Amazon API Gateway
Reached Limit

This call
failed

Copyright © Rajdeep Saha - All Rights Reserved


Synchronous Architecture

This call Amazon API Gateway


AWS Lambda Amazon DynamoDB

Reached Limit
failed

Challenges
• All components of Synchronous architectures MUST scale together
• Consumer needs to resend transaction for re-processing
• Expensive

Copyright © Rajdeep Saha - All Rights Reserved


Event-Driven/Async Architecture

Amazon API Gateway Amazon Simple Queue AWS Lambda Amazon DynamoDB
Service

Copyright © Rajdeep Saha - All Rights Reserved


Event-Driven/Async Architecture

Amazon Simple Queue AWS Lambda Amazon DynamoDB


Amazon API Gateway
Service

Advantages
• Each component can scale independently
• Retry built in
• Cost effective than synchronous architecture

Copyright © Rajdeep Saha - All Rights Reserved


Stronger Together!

• Use synchronous and event-driven architectures where


applicable

• Example ordering system


• Order inserts can be done event-driven
• Order status retrieval synchronously

Copyright © Rajdeep Saha - All Rights Reserved


PubSub Vs Queues

Copyright © Rajdeep Saha - All Rights Reserved


Streaming vs Messaging

Copyright © Rajdeep Saha - All Rights Reserved


SQL vs NoSQL

Copyright © Rajdeep Saha - All Rights Reserved


What We Going To Learn...

● SQL Vs NoSQL
● AWS Database Options
● Amazon Aurora Vs DynamoDB
● Conclusion
SQL Vs NoSQL Database
SQL Database (RDBMS) NoSQL Database
Tables have predefined schema Schemaless
Holds structured data Holds structured and unstructured
data
Good fit for joins and complex Generally, not good fit for complex
queries multi table queries
Emphasizes on ACID properties Follows the Brewers CAP theorem
(Atomicity, Consistency, Isolation (Consistency, Availability and
and Durability) Partition tolerance )
Generally, scales vertically Generally, scales horizontally.
AWS DynamoDB scales
automatically!
Schema Vs Schemaless Schemaless

Schema

Artist Song Album Price Genre Critic


Title Title Rating
SQL Vs NoSQL in AWS
SQL DATABASES NOSQL DATABASES

Amazon Aurora
Amazon DynamoDB

Amazon DocumentDB (with Amazon Managed


Amazon RDS MongoDB compatibility) Apache Cassandra
Service

Note - You can always run your favorite non-AWS database on EC2
Amazon DynamoDB
Amazon Aurora Amazon DynamoDB

MySQL and PostgreSQL compatible relational


database built for the cloud. 5 times faster than Key-value and document database with single-
standard MySQL, 3 times faster than standard digit millisecond performance AT ANY SCALE
PostgreSQL at 1/10th the cost
Multi-Master Supported for MySQL Multi-Master

Cross region Active-Passive replication Supported Cross region Active-Active replication


for MySQL (Global Database) Supported (Global Tables)

Choosing Multi-AZ & Read Replicas provide High Inherently replicates across three AZs - HA and
Availability Durable
Inherently Scalable, can handle more than 10
Vertical scaling. Serverless Aurora scales
trillion requests/day & peaks of more than 20
automatically, not as scalable as Dynamo.
million requests/second

Has integrated caches, can’t be adjusted Provides adjustable in-memory caching via
DAX
Enable backups, snapshots for DR Inherently durable, Point In Time Backups can
be enabled
TAKING IT ALL IN - RIGHT TOOL FOR RIGHT JOB!
Websockets

Copyright © Rajdeep Saha - All Rights Reserved


Request-Response

Amazon API Gateway AWS Lambda Amazon DynamoDB

Client Server

Only client can invoke server


Server can NOT initiate connection to client

Copyright © Rajdeep Saha - All Rights Reserved


Websocket

$connect

Amazon API Gateway AWS Lambda Amazon DynamoDB

Client Server

Connection stays open


Server can send messages to client
Can be achieved using Load Balancer and API Gateway

Copyright © Rajdeep Saha - All Rights Reserved


Websocket Use Cases
$connect

Amazon API Gateway AWS Lambda Amazon DynamoDB

Client Server

Chat applications – WhatsApp, Chatbots, Telegram

Copyright © Rajdeep Saha - All Rights Reserved


Caching

Copyright © Rajdeep Saha - All Rights Reserved


Caching – What and Why

API
Gateway/Load Backend Database
Balancer

Copyright © Rajdeep Saha - All Rights Reserved


Caching – What and Why

Backend
API
(Running
Gateway/Load
complex Database
Balancer
queries)

Copyright © Rajdeep Saha - All Rights Reserved


Faster & Cost-efficient

Cache
Backend
API
(Returns data
Gateway/Load
from cache if
Balancer
present)

Database

Copyright © Rajdeep Saha - All Rights Reserved


How Does Cache get Populated?

Backend Cache
API (Fetch from
Gateway/Load DB and insert
Balancer into cache for
cache miss)

Database

• Cache insert strategies later

Copyright © Rajdeep Saha - All Rights Reserved


How Does Cache get Deleted?
• Cache entries deleted after a specified time

• This is Time To Live (TTL)

• Cache entries can be updated with backend code


• Think of cache like another database or file system

Copyright © Rajdeep Saha - All Rights Reserved


Cache is NOT restricted to Backend
Cache
Cache

Cache
API
Gateway/Load Backend
Balancer

Database

Copyright © Rajdeep Saha - All Rights Reserved


Which Caching Service to Use When?

• Use managed caching of the service

• If service doesn’t provide caching then use cache database

Amazon ElastiCache

ElastiCache for ElastiCache for


Redis Memcached

Copyright © Rajdeep Saha - All Rights Reserved


Using Caching on AWS Services

Amazon API Gateway AWS Lambda Amazon DynamoDB

Client Enable API Cache

Copyright © Rajdeep Saha - All Rights Reserved


Using Caching on AWS Services

Amazon API Gateway AWS Lambda Amazon DynamoDB

Client Enable API Cache Enable Dynamo Cache (DAX)


 Calculate cost

Copyright © Rajdeep Saha - All Rights Reserved


Using Caching on AWS Services

Amazon API Gateway AWS Lambda Amazon DynamoDB


(Dynamic Content) Enable Dynamo Cache (DAX)
Enable API Cache  Calculate cost

Amazon CloudFront
Cache
Amazon Simple Storage
Service
(Static Content)

Copyright © Rajdeep Saha - All Rights Reserved


Using Caching on AWS Services

Amazon Elastic Kubernetes


Elastic Load Balancing Amazon RDS
Service
Client

Amazon ElastiCache

Copyright © Rajdeep Saha - All Rights Reserved


Redis Memcached
&
Caching Strategies

Copyright © Rajdeep Saha - All Rights Reserved


Memcached vs. Redis
Memcached Redis

Simple data types Complex data types


Large nodes with multiple cores or Sort or rank in-memory datasets
threads
Replicate data
Ability to scale out/in
Automatic failover
Can cache object
Backup and restore
Publish and subscribe
Support multiple databases

Copyright © Rajdeep Saha - All Rights Reserved


ElastiCache Use Cases
• Cache frequently accessed data – user profile, preferences,
item descriptions etc.
•Gaming leaderboards, real-time recommendations,
messaging, and more

Copyright © Rajdeep Saha - All Rights Reserved


Lazy Loading

Cache hit
Read Cache miss
Writes cache Amazon ElastiCache

Receives data from database


Amazon EC2
Amazon Aurora

Copyright © Rajdeep Saha - All Rights Reserved


Write-Through

Write
Write/Update to cache
Amazon ElastiCache

Write/Update to database
Amazon EC2
Amazon Aurora

Copyright © Rajdeep Saha - All Rights Reserved


High Availability

Copyright © Rajdeep Saha - All Rights Reserved


High Availability

• System continues functioning even when some of its


components fail

• System guarantees certain percentage of uptime

Copyright © Rajdeep Saha - All Rights Reserved


Identifying Single Point of Failure

• Servers running your applications

• Database

• Load balancer

• Analyze each component and validate single point of failure

Copyright © Rajdeep Saha - All Rights Reserved


Achieving High Availability on Cloud

Elastic Load Balancing

Amazon EC2

• Elastic Load Balancer is inherently highly available (managed by Cloud


Provider)
• Auto Scaling Group makes the server scalable, not highly available
• There is a delay to spin server up

Copyright © Rajdeep Saha - All Rights Reserved


Achieving High Availability on Cloud

Elastic Load Balancing

Auto Scaling
Group

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2

• Achieve high availability but costs extra money


• What is an option which is automatically highly available i.e. HA
managed by Cloud Provider?

Copyright © Rajdeep Saha - All Rights Reserved


Achieving High Availability on Cloud

Elastic Load Balancing

AWS Lambda

• How about Kubernetes?

Copyright © Rajdeep Saha - All Rights Reserved


Achieving High Availability on Cloud

Elastic Load Balancing

Copyright © Rajdeep Saha - All Rights Reserved


Achieving High Availability on Cloud

Elastic Load Balancing

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Achieving High Availability on Cloud

Elastic Load Balancing

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Achieving High Availability on Cloud

Elastic Load Balancing

Auto Scaling Group


(Cluster Autoscaler)

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2

• Don’t over index on cost when you design or answer interview question

Copyright © Rajdeep Saha - All Rights Reserved


High Availability Vs
Fault Tolerance

Copyright © Rajdeep Saha - All Rights Reserved


High Availability

Elastic Load Balancing

Auto Scaling Group


(Cluster Autoscaler)

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


High Availability
100 TPS

Elastic Load Balancing

Auto Scaling Group 50 TPS 50 TPS


(Cluster Autoscaler)

X
Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


High Availability
50 TPS

Elastic Load Balancing

Auto Scaling Group


(Cluster Autoscaler)
X
50 TPS 50 TPS

X
Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Fault Tolerant
Need to maintain 100 TPS
even if 1 AZ is down

Elastic Load Balancing

Auto Scaling Group


(Cluster Autoscaler)
X
50 TPS 50 TPS

X
Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Fault Tolerant
Need to maintain 100 TPS
even if 1 AZ is down

Elastic Load Balancing

Auto Scaling Group


(Cluster Autoscaler)

Availability Zone 1 Availability Zone 2 Availability Zone 3

Amazon EC2 Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Fault Tolerant
Need to maintain 100 TPS
even if 1 AZ is down

Elastic Load Balancing

Auto Scaling Group 50 TPS 50 TPS


(Cluster Autoscaler)

X
Availability Zone 1 Availability Zone 2 Availability Zone 3

Amazon EC2 Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Fault Tolerant
Need to maintain 100 TPS
even if 1 AZ is down

Elastic Load Balancing

Auto Scaling Group 50 TPS 50 TPS


(Cluster Autoscaler)

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Fault Tolerant
Need to maintain 100 TPS
even if 1 AZ is down

Elastic Load Balancing

Auto Scaling Group


(Cluster Autoscaler)
X
100 TPS 100 TPS

X X
Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2 Amazon EC2 Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Fault Tolerant
Need to maintain 100 TPS
even if 1 AZ is down

Elastic Load Balancing

Auto Scaling Group 50 TPS 50 TPS


(Cluster Autoscaler)

X
Availability Zone 1 Availability Zone 2 Availability Zone 3

Amazon EC2 Amazon EC2 Amazon EC2

• Fault tolerant system is more expensive than highly available system

Copyright © Rajdeep Saha - All Rights Reserved


Distributed Systems

Copyright © Rajdeep Saha - All Rights Reserved


Centralized Systems

Single Server

Copyright © Rajdeep Saha - All Rights Reserved


Single Point of Failure
The system is
down!

Single Server

Copyright © Rajdeep Saha - All Rights Reserved


Centralized Systems Scaling

Single Server

Copyright © Rajdeep Saha - All Rights Reserved


Centralized Systems Scaling

Single Server with more


CPU and memory

Copyright © Rajdeep Saha - All Rights Reserved


Centralized Systems Examples

Apps on local machine

IBM DB2 on Mainframe

Single Server with more


CPU and memory

Any apps running on single


datacenter server

Copyright © Rajdeep Saha - All Rights Reserved


Distributed Systems

Copyright © Rajdeep Saha - All Rights Reserved


Distributed Systems

Copyright © Rajdeep Saha - All Rights Reserved


Distributed Systems

Load Balancer

Copyright © Rajdeep Saha - All Rights Reserved


Distributed Systems
• System “distributed” on many servers

• Scale out by adding more servers


• Horizontal scaling

• No single point of failure

• Most modern systems are distributed

Copyright © Rajdeep Saha - All Rights Reserved


Hashing

Copyright © Rajdeep Saha - All Rights Reserved


Hashing

#
This is a
sample a1234xc67
message
Hash Function Fixed sized string

Input of any length

Copyright © Rajdeep Saha - All Rights Reserved


Hashing

• Same input will always create same output


• Little change in input should create a vastly different output
• Hash function should be fast

More Importantly – How is hashing applied in system design??

Copyright © Rajdeep Saha - All Rights Reserved


Table Partitions

DynamoDB
Table

Partition1 Partition2 Partition3


DynamoDB Primary Key

{
Partition key "Artist":"Dua Lipa",
Sort key "Song":"Levitating",
"Album":"Future Nostalgia",
"Year":2020,
"SongRating":4.8,
"Genre":"Pop"
}
DynamoDB Partitions
{
"Artist":"Dua Lipa",
"Song":"Levitating",
"Album":"Future Nostalgia",
"Year":2020, f(x)
"SongRating":4.8,
"Genre":"Pop" Hash Function
} (on partition key)

Partition1 Partition2 Partition3


DynamoDB Partitions

f(x)
Hash Function
(on partition key)

{
"Artist":"Dua Lipa",
"Song":"Levitating",
"Album":"Future Nostalgia",
"Year":2020,
"SongRating":4.8,
"Genre":"Pop"
}

Partition1 Partition2 Partition3


DynamoDB Partitions

f(x)
Hash Function
(on partition key)

{
{ "Artist":"Dua Lipa",
"Artist":"Queen", "Song":"Levitating",
"Song":“We Will Rock You", "Album":"Future Nostalgia",
"Album":“News of the world", "Year":2020,
"Year":1977 "SongRating":4.8,
} "Genre":"Pop"
}
{
"Artist":"Dua Lipa",
"Song":"Pretty Please",
"Album":"Future Nostalgia",
"Year":2020
}

Partition1 Partition2 Partition3


DynamoDB Partitions

Query or GetItem f(x) Goes to proper


Hash Function partition
(on partition key)

{
{ "Artist":"Dua Lipa",
"Artist":"Queen", "Song":"Levitating",
"Song":“We Will Rock You", "Album":"Future Nostalgia",
"Album":“News of the world", "Year":2020,
"Year":1977 "SongRating":4.8,
} "Genre":"Pop"
}
{
"Artist":"Dua Lipa",
"Song":"Pretty Please",
"Album":"Future Nostalgia",
"Year":2020
}

Partition1 Partition2 Partition3


Database Sharding
(Horizontal Partitioning)

Copyright © Rajdeep Saha - All Rights Reserved


Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

Database

m5.large

ID NAME PRICE
1 Alarm clock 25
2 Chair 20
3 Chocolate 10
4 TV 400
5 Couch
Copyright © Rajdeep Saha - All Rights Reserved
100
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

Database

m5.large

ID NAME PRICE
1 Alarm clock 25
2 Chair 20
3 Chocolate 10
4 TV 400
5 Couch
Copyright © Rajdeep Saha - All Rights Reserved
100
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

Database

m5.2xlarge
ID NAME PRICE
1 Alarm clock 25
2 Chair 20
3 Chocolate 10
4 TV 400
5 Couch
Copyright © Rajdeep Saha - All Rights Reserved
100
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

Database

m5.large

ID NAME PRICE
1 Alarm clock 25
2 Chair 20
3 Chocolate 10
4 TV 400
5 Couch
Copyright © Rajdeep Saha - All Rights Reserved
100
Database Sharding
ID NAME PRICE
1 Alarm clock 25
2 Chair 20 Database

3 Chocolate 10
m5.large
4 TV 400
5 Couch 100

Database Database Database


Shard 1 Shard 2 Shard 3

m5.large m5.large m5.large

ID NAME PRICE ID NAME PRICE ID NAME PRICE


1 Alarm clock 25 3 Chocolate 10 5 Couch 100
2 Chair 20 4 TV 400

Copyright © Rajdeep Saha - All Rights Reserved


Database Sharding
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

Database Database Database


Shard 1 Shard 2 Shard 3

m5.large m5.large m5.large

ID NAME PRICE ID NAME PRICE ID NAME PRICE


1 Alarm clock 25 3 Chocolate 10 5 Couch 100
2 Chair 20 4 TV 400

Copyright © Rajdeep Saha - All Rights Reserved


Hashing
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

Database Database Database


Shard 1 Shard 2 Shard 3

m5.large m5.large m5.large

ID NAME PRICE ID NAME PRICE ID NAME PRICE


1 Alarm clock 25 3 Chocolate 10 5 Couch 100
2 Chair 20 4 TV 400

Copyright © Rajdeep Saha - All Rights Reserved


Advantages
• Scaling horizontally supports distributed computing
• Faster query response times
• Limited blast radius during outage

Database Database Database


Shard 1 Shard 2 Shard 3

m5.large m5.large m5.large

ID NAME PRICE ID NAME PRICE ID NAME PRICE


1 Alarm clock 25 3 Chocolate 10 5 Couch 100
2 Chair 20 4 TV 400

Copyright © Rajdeep Saha - All Rights Reserved


Disadvantages
• Unbalanced shards
• Resharding is painful
• Implementing sharding logic is an overhead

Database Database Database


Shard 1 Shard 2 Shard 3

m5.large m5.large m5.large

ID NAME PRICE ID NAME PRICE ID NAME PRICE


1 Alarm clock 25 3 Chocolate 10 5 Couch 100
2 Chair 20 4 TV 400

Copyright © Rajdeep Saha - All Rights Reserved


Disaster Recovery
RPO & RTO

Copyright © Rajdeep Saha - All Rights Reserved


How will you achieve DR?
• There are multiple approaches to DR
• Active-Active is NOT the only solution

• RPO/RTO plays a critical role

Copyright © Rajdeep Saha - All Rights Reserved


RPO

1Hour 1Hour

Backup at 1 PM Backup at 2 PM
Storage

Copyright © Rajdeep Saha - All Rights Reserved


RPO
1:59:59 PM

1Hour 59 mins 59 secs

Backup at 1 PM
Storage

Recovery Point Objective = Amount of DATA that is allowed to


d be lost during a disaster measured
d in time
= 1 Hour for this case

Copyright © Rajdeep Saha - All Rights Reserved


How do you reduce RPO?

30 min 30 min

Backup at 1 PM Backup at 1:30 PM


Storage

Copyright © Rajdeep Saha - All Rights Reserved


How about real time RPO?

Replication

Storage Storage at DR Region

Copyright © Rajdeep Saha - All Rights Reserved


RTO
1 PM

Application

Recovery Time Objective = Amount of TIME application d


d can be down during a disaster

Copyright © Rajdeep Saha - All Rights Reserved


RTO
2 PM

Application

Recovery Time Objective = Amount of TIME application d


d can be down during a disaster
= 1 Hour for this case

Copyright © Rajdeep Saha - All Rights Reserved


Disaster Recovery
Options and Strategies

Copyright © Rajdeep Saha - All Rights Reserved


DR Strategies

https://docs.aws.amazon.com/whitepapers/latest/disaster-recovery-workloads-on-aws/disaster-recovery-options-
in-the-cloud.html
Copyright © Rajdeep Saha - All Rights Reserved
Backup Restore

https://docs.aws.amazon.com/whitepapers/latest/disaster-recovery-workloads-on-aws/disaster-recovery-options-in-the-
cloud.html
Copyright © Rajdeep Saha - All Rights Reserved
Pilot Light

https://docs.aws.amazon.com/whitepapers/latest/disaster-recovery-workloads-on-aws/disaster-recovery-options-in-the-
cloud.html
Copyright © Rajdeep Saha - All Rights Reserved
Warm Standby

https://docs.aws.amazon.com/whitepapers/latest/disaster-recovery-workloads-on-aws/disaster-recovery-options-in-the-
cloud.html
Copyright © Rajdeep Saha - All Rights Reserved
Multi-site Active/Active

https://docs.aws.amazon.com/whitepapers/latest/disaster-recovery-workloads-on-aws/disaster-recovery-options-in-the-
cloud.html
Copyright © Rajdeep Saha - All Rights Reserved
SECTION 2 – REUSABLE
PARTS OF SYSTEM
DESIGN

Copyright © Rajdeep Saha - All Rights Reserved


5 Pillars of AWS Well
Architected Framework
(Not just for AWS)

Copyright © Rajdeep Saha - All Rights Reserved


https://wa.aws.amazon.com/map.html

Copyright © Rajdeep Saha - All Rights Reserved


Impact on System Design
• Use this to answer the interview q – “How do you ensure your
design is good?”

• Understand the priority for the application

• Well Architected Review (WAR)

Copyright © Rajdeep Saha - All Rights Reserved


Three-Tier Architecture

Copyright © Rajdeep Saha - All Rights Reserved


3 Tiers
Presentation
Layer
(Frontend)

Application
Layer
(Backend)

Database

Copyright © Rajdeep Saha - All Rights Reserved


3 Tiers
Presentation
Layer
(Frontend)

Application
Layer
(Backend)

Database

Copyright © Rajdeep Saha - All Rights Reserved


3 Tiers
Presentation
Layer
(Frontend)

Application
Layer Bunch of Business Logic
(Backend)

Database

Copyright © Rajdeep Saha - All Rights Reserved


3 Tiers
Presentation
Layer
(Frontend)

Application
Layer
(Backend)

Database

Copyright © Rajdeep Saha - All Rights Reserved


3 Tiers

Amazon EC2 Running


Webserver

Amazon EC2 Running


Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


3 Tiers
10.20.30.40

Amazon EC2 Running


Webserver

50.60.70.80

Amazon EC2 Running


Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


3 Tiers
Elastic Load Balancing

Amazon EC2 Running Webserver

Elastic Load Balancing

Amazon EC2 Running Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


Single Points
Of Failure Elastic Load Balancing

Amazon EC2 Running Webserver

Elastic Load Balancing

Amazon EC2 Running Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


Scalable & HA
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Webserver Webserver

Elastic Load Balancing


Auto Scaling Group

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


Network Public Subnet

Security Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Private Subnet

Amazon EC2 Amazon EC2


Webserver Webserver

Private Subnet

Elastic Load Balancing


Auto Scaling Group

Availability Zone 1 Availability Zone 2

Private Subnet
Amazon EC2 Amazon EC2
Appserver Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


Network Public Subnet

Security Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Private Subnet

Amazon EC2
• NACL Webserver
Amazon EC2
Webserver

• Security Group
Private Subnet

• WAF with Load Balancer Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Private Subnet
Amazon EC2 Amazon EC2
Appserver Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


How about Database? Public Subnet

Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Private Subnet

Amazon EC2 Amazon EC2


Webserver Webserver
• SQL Vs. NoSQL
Private Subnet

• Use AWS Native Elastic Load Balancing

Databases
Auto Scaling Group
Availability Zone 1 Availability Zone 2

Private Subnet
Amazon EC2 Amazon EC2
Appserver Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


Database HA Public Subnet

Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Private Subnet

• Multi-AZ Amazon EC2


Webserver
Amazon EC2
Webserver

• Global Database Private Subnet

(Replication) Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Private Subnet
Amazon EC2 Amazon EC2
Appserver Appserver

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Database Optimization Public Subnet

Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Private Subnet

• Read Replica Amazon EC2


Webserver
Amazon EC2
Webserver

• Caching Layer Private Subnet

Elastic Load Balancing

• Query Tuning
Auto Scaling Group
Availability Zone 1 Availability Zone 2

Private Subnet
Amazon EC2 Amazon EC2
Appserver Appserver

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Presentation Layer
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Webserver Webserver
Application Layer

Elastic Load Balancing


Auto Scaling Group

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver
Database

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Three-Tier Architecture
with Serverless

Copyright © Rajdeep Saha - All Rights Reserved


Presentation Layer
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Webserver Webserver
Application Layer

Elastic Load Balancing


Auto Scaling Group

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver
Database

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Presentation Layer
Static Content

Amazon CloudFront Amazon Simple Storage


Dynamic Content Service

Application Layer
Amazon API Gateway

AWS Lambda
Database

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Three-Tier Architecture
with Kubernetes

Copyright © Rajdeep Saha - All Rights Reserved


Presentation Layer
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Webserver Webserver
Application Layer

Elastic Load Balancing


Auto Scaling Group

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver
Database

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
ALB Ingress

Presentation Layer

Autoscaler
Elastic Load Balancing

Cluster
Availability Zone 1 Availability Zone 2

ALB Ingress
Application Layer

Elastic Load Balancing


Autoscaler
Cluster

Availability Zone 1 Availability Zone 2


Database

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Data Analytics System Design
on
AWS

Copyright © Rajdeep Saha - All Rights Reserved


Steps of Data Analytics

Collect Reports
Transform Query
Data and insight

Copyright © Rajdeep Saha - All Rights Reserved


Steps of Data Analytics

Collect Reports
Transform Query
Data and insight

Amazon Kinesis AWS Glue Amazon Athena Amazon QuickSight

Amazon Managed Amazon EMR Amazon Redshift Amazon EMR


Streaming for Kafka

Amazon Simple Storage Amazon Elasticsearch


Service Service Amazon SageMaker

Copyright © Rajdeep Saha - All Rights Reserved


Sample Architecture #1
Query and report on click stream

Amazon Kinesis Amazon Simple Storage Amazon Athena Amazon QuickSight


Data Firehose Service

Crawler

AWS Glue AWS glue data


catalog

Copyright © Rajdeep Saha - All Rights Reserved


Sample Architecture #2a
ETL and data warehouse

Redshift
Spectrum

Amazon Kinesis Amazon Simple Storage AWS Glue Amazon Simple Storage Amazon Redshift
Data Firehose Service Service

Copyright © Rajdeep Saha - All Rights Reserved


Sample Architecture #2b
ETL and data warehouse

Load data into


Redshift Tables

Amazon Kinesis Amazon Simple Storage AWS Glue Amazon Redshift


Data Firehose Service

Copyright © Rajdeep Saha - All Rights Reserved


Quick Detour into AWS Glue
• Serverless data integration tool

• Glue crawlers can run on data and create


metadata

• Visually create ETL flow (Supports


Python/Spark and Scala)

• Enrich, clean, and normalize data without


AWS Glue
writing code (Glue Databrew)

• Replicate data across various sources (Glue


Elastic Views)

Copyright © Rajdeep Saha - All Rights Reserved


Sample Architecture #3
Unified catalog across multiple data stores

Amazon Redshift

Amazon Redshift

Amazon Simple Storage


Service
AWS glue data
AWS Glue catalog Amazon Athena Amazon QuickSight

Amazon RDS

Amazon EMR

Database running
on Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


Amazon EMR

• Managed big data platform from AWS

• Runs open-source tools – Apache Spark, Apache


Hive. Apache Hbase, Apache Flink, Apache Hudi,
and Presto

Amazon EMR • Run on EC2 or EKS (Elastic Kubernetes Service), or


on-prem using EMR on Outposts

Copyright © Rajdeep Saha - All Rights Reserved


Sample Architecture #4
Big data analysis of click stream data

Amazon Kinesis Amazon Simple Storage Amazon EMR Amazon SageMaker


Data Firehose Service

Crawler

AWS Glue AWS glue data


catalog

Copyright © Rajdeep Saha - All Rights Reserved


Sample Architecture #5
In stream querying and ETL

Amazon Kinesis
Data Streams
SQL
Amazon Kinesis
Java, Scala, Python Amazon Kinesis Amazon Simple Storage
Data Analytics Data Firehose Service

Amazon Managed
Streaming for Kafka

Copyright © Rajdeep Saha - All Rights Reserved


The Illusive Data Lake

Collect Reports
Transform Query
Data and insight

Amazon Kinesis AWS Glue Amazon Athena Amazon QuickSight

Amazon Managed Amazon EMR Amazon Redshift Amazon EMR


Streaming for Kafka

Amazon Simple Storage Amazon Elasticsearch


Service Service Amazon SageMaker

Copyright © Rajdeep Saha - All Rights Reserved


The Illusive Data Lake

Collect Reports
Transform Query
Data and insight

Amazon Kinesis AWS Glue Amazon Athena Amazon QuickSight

Amazon Managed Amazon EMR Amazon Redshift Amazon EMR


Streaming for Kafka

Amazon Elasticsearch
Service Amazon SageMaker
Amazon Simple
Storage Service
Copyright © Rajdeep Saha - All Rights Reserved
Using Well Architected for
Performance/Cost Optimization
(Challenge Faced Question)

Copyright © Rajdeep Saha - All Rights Reserved


Tackling Any Tuning/Troubleshooting
• Monitor

• Measure

• Remediate

Copyright © Rajdeep Saha - All Rights Reserved


Tackling Any Tuning/Troubleshooting
• Monitor
• Logs
• Metrics
• Traces

• Measure
• Define KPI
• Send alarms

• Remediate
• Configuration
• Code

Copyright © Rajdeep Saha - All Rights Reserved


EC2 Based Application
• Monitor
• Logs
• Metrics – CPU/Memory Utilization on CloudWatch
• Traces

• Measure
• Define KPI
• Send alarms – CloudWatch Alarm

• Remediate
• Configuration – Used home grown algorithm/compute optimizer to optimize EC2
capacity
• Code

Copyright © Rajdeep Saha - All Rights Reserved


Lambda Based Application
• Monitor
• Logs
• Metrics – Lambda is throttling (but already have high memory)
• Traces – Enabled X-Ray trace

• Measure
• Define KPI – found which section is taking longer
• Send alarms

• Remediate
• Configuration
• Code – Moved database connection to global section

Copyright © Rajdeep Saha - All Rights Reserved


3-Tier Design
Elastic Load Balancing
Amazon CloudWatch

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Webserver Webserver AWS X-Ray

Elastic Load Balancing


Auto Scaling Group

Availability Zone 1 Availability Zone 2


AWS Cost Explorer
AWS Cost Explorer
Amazon EC2 Amazon EC2
Appserver Appserver

Database

Copyright © Rajdeep Saha - All Rights Reserved


Copyright © Rajdeep Saha - All Rights Reserved
Copyright © Rajdeep Saha - All Rights Reserved
Copyright © Rajdeep Saha - All Rights Reserved
Copyright © Rajdeep Saha - All Rights Reserved
Understanding
Encryption at Rest &
Client/Server Side
Encryption

Copyright © Rajdeep Saha - All Rights Reserved


Encryption Flow

Encryption Key

Bob 1234 A4$xacvf4

Encryption Algorithm
Plaintext Encrypted
Client Side Encryption
Your Application running in EC2 or
Onprem
A4$x
Bob acvf4
1234

Plaintext Encrypted

A4$xacvf
4

Encrypted

AWS Storage
S3, EBS, RDS etc.
Server Side Encryption
Your Application running in EC2 or Onprem
Bob
1234

Plaintext

Bob
1234 HTTPS

Plaintext

AWS Storage
A4$x
acvf4

Encrypted
Managing Key Yourselves
Encryption Key

● Keys need to be rotated periodically

● Making it harder to obtain the key for intruders


Envelope Encryption
Customer
Master Key

Plaintext Encrypted
Encryption Algorithm
Data Key Data Key
Managing Key Yourselves
Encryption Key

● Keys need to be rotated periodically

● Making it harder to obtain the key for intruders

● Track and log your keys usage, detect anomaly


AWS KMS (Key Management
System)
● Fully Managed

● Centralized Key Management

● Integration with AWS Services


● Built in Auditing
● Secure and Compliant
Encryption Flow

Encryption Key

Bob 1234 A4$xacvf4

Encryption Algorithm
Plaintext Encrypted
Envelope Encryption
Customer
Master Key

Plaintext Encrypted
Encryption Algorithm
Data Key Data Key
AWS KMS

● AWS Managed

Customer ● Customer Managed


Master Key

Plaintext Encrypted
Encryption Algorithm
Data Key Data Key
AWS Managed CMK Customer Managed CMK
● Identified by ● Can be given any name
aws/servicename
● AWS generated ● Customer created
● Can’t be deleted ● Can be
deleted/enabled/disabled
● Can’t be baked into ● Can baked into custom
custom roles roles
● Rotated once every 3 ● Rotated once a year
years automatically automatically or manually
Security at Transit

Copyright © Rajdeep Saha - All Rights Reserved


Data in Transit

Client

• Hyper Text Transfer Protocol


HTTP
• All information is sent in clear text
• Vulnerable to attack
• Not used in real world systems

Server

Copyright © Rajdeep Saha - All Rights Reserved


Data in Transit

• Hyper Text Transfer Protocol Secure


Client • All information is encrypted
• Uses one of the two protocols:
• SSL (Secure Socket Layer)
HTTPS
• TLS (Transport Layer Security)
• MTLS (Mutual TLS)
• TLS is faster, newer, and built on
SSL
Server

Copyright © Rajdeep Saha - All Rights Reserved


SSL/TLS Flow

Client

ServerHello
ClientHello
Send server certificate

Server

Copyright © Rajdeep Saha - All Rights Reserved


SSL/TLS Flow

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)

Server

Copyright © Rajdeep Saha - All Rights Reserved


SSL/TLS Flow

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)
Client Key Exchange –
client sends a pre-master
key encrypted with server’s
public key

Server

Copyright © Rajdeep Saha - All Rights Reserved


SSL/TLS Flow

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)
Server uses its private key
to decrypt the pre-master
key

Server

Copyright © Rajdeep Saha - All Rights Reserved


SSL/TLS Flow

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)
Server uses its private key
to decrypt the pre-master
key
Client and Server both use
pre-master key to compute
a shared secret key

Server

Copyright © Rajdeep Saha - All Rights Reserved


SSL/TLS Flow

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)

Client sends an encrypted


test message using shared
secret

Server

Copyright © Rajdeep Saha - All Rights Reserved


SSL/TLS Flow

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)

Server sends message back


encrypted with shared
secret

Server

Copyright © Rajdeep Saha - All Rights Reserved


SSL/TLS Flow

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)

Actual communication
begins

Server

Copyright © Rajdeep Saha - All Rights Reserved


Mutual TLS

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)

For TLS Client validates


Server certificate

Server

Copyright © Rajdeep Saha - All Rights Reserved


Mutual TLS

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)

For MTLS:
• Client validates Server cert
• Server also validate Client cert

CA stored in Server
Server

Copyright © Rajdeep Saha - All Rights Reserved


Mutual TLS in AWS

Client Compares certificate signature with CAs in


certificate database
(Public Certificate)
Certificate Authority (CA)

For MTLS:
• Client validates Server cert
• Server also validate Client cert

Server
Amazon API Gateway

AWS Certificate Manager

Elastic Load Balancing

Copyright © Rajdeep Saha - All Rights Reserved


Mutual TLS in AWS

Client Compares certificate


signature with CAs in
certificate database
(Public Certificate) Certificate Authority (CA)

For MTLS:
• Client validates Server cert
• MTLS is used for B2B
• Server also validate Client cert

• TLS is used with thin clients (web


browsers)
Server
Amazon API Gateway

AWS Certificate Manager

Elastic Load Balancing

Copyright © Rajdeep Saha - All Rights Reserved


Real World TLS with
ALB, NLB, API Gateway

Copyright © Rajdeep Saha - All Rights Reserved


Mutual TLS in AWS

Client Compares certificate


signature with CAs in
certificate database
(Public Certificate) Certificate Authority (CA)

For MTLS:
• Client validates Server cert
• Server also validate Client cert

Server
Amazon API Gateway

AWS Certificate Manager

Elastic Load Balancing

Copyright © Rajdeep Saha - All Rights Reserved


TLS with API Gateway
Client

HTTPS

• API Gateway must have HTTPS


Server
• By default, API Gateway will use
Amazon API Gateway AWS Certificate Manager AWS default cert

• With custom domain, you can


bring in your own cert

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


TLS with API Gateway
Client

HTTPS

Server
SSL/TLS Terminates

Amazon API Gateway AWS Certificate Manager


• Traffic is within AWS network
HTTP • Unencrypted by default

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


TLS with API Gateway
Client

HTTPS
• API Gateway can create an SSL
cert for backend
Server
SSL/TLS Terminates
• Backend server needs to
Amazon API Gateway AWS Certificate Manager
validate the cert
HTTPS

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


TLS with NLB
Client

HTTPS

• SSL/TLS can NOT be terminated


Server
SSL/TLS Passthrough at NLB
NLB
AWS Certificate Manager
• Backend server need to validate
HTTPS cert

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


TLS with ALB
Client

HTTPS
• ALB can accept either HTTP or
HTTPS traffic from client
Server
SSL/TLS Terminates
(SSL Offloading)
ALB
• SSL/TLS will terminate at ALB
AWS Certificate Manager
• Backend traffic within AWS
HTTP network

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


TLS with ALB
Client

HTTPS

Server • ALB can have HTTPS to server if


SSL/TLS Terminates required
ALB AWS Certificate Manager

HTTPS

Amazon EC2

Copyright © Rajdeep Saha - All Rights Reserved


IDS/IPS
Intrusion Detection/Prevention System

Copyright © Rajdeep Saha - All Rights Reserved


IDS IPS
Internet

Firewall

Alert
IDS

Application

• Scans L3-L7 traffic


• Detects and sends alerts

Copyright © Rajdeep Saha - All Rights Reserved


IDS IPS
Internet

Firewall

Alert
IDS

Application

• Scans L3-L7 traffic


• Detects and sends alerts
• Does NOT prevent the traffic
Copyright © Rajdeep Saha - All Rights Reserved
IDS IPS
Internet Internet

Firewall Firewall
Alert
Alert
IDS IPS
Quarantine
Delete

Application Application

• Scans L3-L7 traffic • Scans L3-L7 traffic


• Detects and sends alerts • Detects and sends alerts
• Does NOT prevent the traffic • Prevents malicious traffic from
Copyright © Rajdeep Saha - All Rights Reserved
reaching application
IDS IPS
Internet Internet

Firewall Firewall
Alert
Alert
IDS IPS
Quarantine
Delete

Application Application

• Scans L3-L7 traffic • Scans L3-L7 traffic


• Detects and sends alerts • Detects and sends alerts
• Does NOT prevent the traffic • Prevents malicious traffic from
Copyright © Rajdeep Saha - All Rights Reserved
reaching application
IDS IPS
Internet Internet

Firewall Firewall
Alert
Alert
IDS IPS
Quarantine
Delete

Application Application

• Scans L3-L7 traffic • Scans L3-L7 traffic


• Detects and sends alerts • Detects and sends alerts
• Does NOT prevent the traffic • Prevents malicious traffic from
Copyright © Rajdeep Saha - All Rights Reserved
reaching application
IDS

AI/ML Analysis of
Traffic
Amazon EC2
(Running IDS)

Amazon EC2
(Running Application)

Copyright © Rajdeep Saha - All Rights Reserved


IDS

AI/ML Analysis of
IDS Traffic
Amazon EC2
(Running Application + IDS Agent)

Copyright © Rajdeep Saha - All Rights Reserved


IDS

Amazon CloudWatch AWS CloudTrail

Analysis of Logs
Amazon EC2
(Running Application)

Copyright © Rajdeep Saha - All Rights Reserved


IDS

Copyright © Rajdeep Saha - All Rights Reserved


IDS IPS
Internet Internet

Firewall Firewall
Alert
Alert
IDS IPS
Quarantine
Delete

Application Application

• Scans L3-L7 traffic • Scans L3-L7 traffic


• Detects and sends alerts • Detects and sends alerts
• Does NOT prevent the traffic • Prevents malicious traffic from
Copyright © Rajdeep Saha - All Rights Reserved
reaching application
IPS
Firewall

Amazon EC2
(Running IPS)

Amazon EC2
(Running Application)

Copyright © Rajdeep Saha - All Rights Reserved


IPS
+
IPS AWS Network Firewall

Amazon EC2
(Running Application)

Copyright © Rajdeep Saha - All Rights Reserved


IDS/IPS Vs NACL/Security Group
• NACL/Security Group works on just L3/4 layer
• IDS/IPS works on L3-L7

• Security group does NOT have deny rules


• IPS have deny rules

• NACL/Security Group doesn’t have “intelligence”


• IDS/IPS has sophisticated rules that gets updated

• IDS/IPS can introduce latency to the app

Copyright © Rajdeep Saha - All Rights Reserved


SECTION 3 – SYSTEM
DESIGN OF MODERN
APPLICATIONS

Copyright © Rajdeep Saha - All Rights Reserved


Must Knows for System
Design Interviews

Copyright © Rajdeep Saha - All Rights Reserved


• Microservices
• Using Load Balancer Vs. API Gateway
• Sync Vs. Async patterns
• Database Selection
• SQL Vs. NoSQL
• Caching
• Caching of Database and CDN
• Security
• AuthN/Z, Encryption at Rest and Transit
• Make it Scalable and Highly Available

Copyright © Rajdeep Saha - All Rights Reserved


URL Shortener
(TinyUrl/Bit.ly)

Copyright © Rajdeep Saha - All Rights Reserved


Copyright © Rajdeep Saha - All Rights Reserved
Copyright © Rajdeep Saha - All Rights Reserved
Basic Functionality - Saving

Goes to bit.ly
Short URL saved into a database

Primary Key
Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Basic Functionality - Retrieving

Goes to bit.ly
Looks up long URL and redirects

Primary Key

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
High Level Diagram

Auto Scaling Group Elastic Load Balancing

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver

ElastiCache for Redis

Copyright © Rajdeep Saha - All Rights Reserved


What is Interviewer Looking for?

• How is the 7-byte shortened URL


generated

• How can the URL generator scale?


Goes to bit.ly
Looks up long URL and redirects

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Some Math!

• Shortened URL can contain:


• a-z = 26 characters
• A – Z = 26 characters
• 0-9 = 10 characters

• Total of (26 + 26 +10) = 62 characters


7
• 7 characters URL out of 62 characters = 62
• = 3.5 Trillion unique combinations = 42 bits (242)

• Depending on rate of consumption, increase the shortened URL size

Copyright © Rajdeep Saha - All Rights Reserved


Bad Randomizer Approach
Randomly generated short URL

Already exists
Randomly generated short URL
Long URL
Already exists
Randomly generated short URL
Amazon EC2
Inserted okay

Copyright © Rajdeep Saha - All Rights Reserved


Bad Randomizer Approach
Randomly generated short URL

Already exists
Randomly generated short URL Same short URL Another
Long URL Long URL
Already exists
Amazon EC2 Randomly generated short URL
Amazon EC2

Inserted okay

Copyright © Rajdeep Saha - All Rights Reserved


Taking Randomness Out – MD5
#
This is a
sample 11001111
message
Hash Function Fixed sized string

Input of any length

• Message Digest Algorithm 5

• Produces 128-bit value from an arbitrary length string

• Hash algorithm
• Same input strings will always generate same output string
• Two different strings can NOT produce the same output

Copyright © Rajdeep Saha - All Rights Reserved


MD5 Continued
• Take first 42 bits of the 128 bit MD5 output

• 42 bits to 7 characters
1101…. (Total 42 bits)
=21+21+20+21 + …
=12345

Convert to Base 62 (Get numbers from 0-61)


=3idarWH

Copyright © Rajdeep Saha - All Rights Reserved


Ideal Approach
• 42 bits to 7 characters (Remember 42 bits translate to max 3.5 trillion in actual
numeric)

• For each URL shortening request if the application has a unique number between
1 - 3.5 Trillion as input, the output will be unique

• For each URL request use a number, then increment it by one for the next request

• Do this from 1 - 3.5 trillion

Copyright © Rajdeep Saha - All Rights Reserved


Where should the Counter be?

Auto Scaling Group Elastic Load Balancing

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2 Amazon EC2


Appserver Appserver Counter

ElastiCache for Redis

Copyright © Rajdeep Saha - All Rights Reserved


Range Based Approach
3,500,000,000,000

3,500,000,000,000/1,000,000
=3,500,000

Elastic Load Balancing


Auto Scaling Group

Availability Zone 2 Availability Zone 1 Availability Zone 2 Availability Zone 2

Amazon EC2 Amazon EC2 Amazon EC2 Amazon EC2


Appserver Appserver Appserver Appserver

Uses 1-1,000,000 Uses 1,000,001- Uses 2,000,001- Uses 3,000,001-


2,000,000 3,000,000 4,000,000

ElastiCache for Redis

Copyright © Rajdeep Saha - All Rights Reserved


Assigning Ranges Maintains ranges from
0-3.5 trillion with each
range of 1 million

Availability Zone 2 Availability Zone 1 Availability Zone 2 Availability Zone 2

Amazon EC2 Amazon EC2 Amazon EC2 Amazon EC2


Appserver Appserver Appserver Appserver

Uses 1-1,000,000 Uses 1,000,001- Uses 2,000,001- Uses 3,000,001-


2,000,000 3,000,000 4,000,000

Copyright © Rajdeep Saha - All Rights Reserved


Quick Detour to Apache ZooKeeper
Maintains ranges from
0-3.5 trillion with each
range of 1 million

• Centralized service for maintaining configuration information

• Highly available and provides distributed synchronization


• Better than running a counter service on single EC2

• Can be run in Amazon EMR

Copyright © Rajdeep Saha - All Rights Reserved


Assigning Ranges Maintains ranges from 0-3.5
trillion with each range of 1
million

Amazon EMR
Each EC2 grabs a range
when it comes up

Availability Zone 2 Availability Zone 1 Availability Zone 2 Availability Zone 2

Amazon EC2 Amazon EC2 Amazon EC2 Amazon EC2


Appserver Appserver Appserver Appserver

Uses 1-1,000,000 Uses 1,000,001- Uses 2,000,001- Uses 3,000,001-


2,000,000 3,000,000 4,000,000

ElastiCache for Redis

Copyright © Rajdeep Saha - All Rights Reserved


Amazon/Flipcart

Copyright © Rajdeep Saha - All Rights Reserved


Three-Tier Architecture

Copyright © Rajdeep Saha - All Rights Reserved


Presentation Layer
Elastic Load Balancing

Auto Scaling Group


Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Webserver Webserver
Application Layer

Elastic Load Balancing


Auto Scaling Group

Availability Zone 1 Availability Zone 2

Amazon EC2 Amazon EC2


Appserver Appserver
Database

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Requirements/Design Spec
REQUIREMENTS DESIGN SPEC
• Product catalog • Scalable

• Shopping cart • Highly Available

• Buy product • Cost efficient

• Product recommendation • Secure

Copyright © Rajdeep Saha - All Rights Reserved


Three-Tier Architecture
EC2 Vs Kubernetes Vs Serverless

Copyright © Rajdeep Saha - All Rights Reserved


Presentation Layer
Static Content

Amazon CloudFront Amazon Simple Storage


Dynamic Content Service

Application Layer
Amazon API Gateway

AWS Lambda
Database

Amazon Aurora
Copyright © Rajdeep Saha - All Rights Reserved
Presentation Layer
Static Content

Amazon CloudFront Amazon Simple Storage


Dynamic Content Service

Application Layer
Amazon API Gateway

AWS Lambda
Browse Buy
Database

Amazon DynamoDB Amazon Aurora


Copyright © Rajdeep Saha - All Rights Reserved
Presentation Layer
Static Content

Amazon CloudFront Amazon Simple Storage


Dynamic Content Service

Application Layer
Amazon API Gateway

AWS Lambda
Browse
Buy
Database

ElastiCache for Redis

Amazon DynamoDB Amazon Aurora


Copyright © Rajdeep Saha - All Rights Reserved
Database Probing

Presentation Layer
Static Content

Amazon CloudFront Amazon Simple Storage


• Expect lots of database questions Dynamic Content Service

• Keep SQL vs NoSQL, sharding, Read

Application Layer
replica, caching, global database in mind
Amazon API Gateway

AWS Lambda
Browse
Buy
Database

ElastiCache for Redis

Amazon DynamoDB Amazon Aurora


Copyright © Rajdeep Saha - All Rights Reserved
Shopping Cart
Product
ProductID Name Price AvailableCount
100 TV $450 5
200 Face Mask $5 1000
300 Hand Sanitizer $10 0

ShoppingCart
CartID PersonLogin ProductID
10000 John.Wilson 100
10000 John.Wilson 200
20000 Tina.Smith 300

Copyright © Rajdeep Saha - All Rights Reserved


Presentation Layer
Static Content

Amazon CloudFront Amazon Simple Storage


Dynamic Content Service

Application Layer
Amazon API Gateway

AWS Lambda
Browse
Buy
Database

ElastiCache for Redis

Amazon DynamoDB Amazon Aurora


Copyright © Rajdeep Saha - All Rights Reserved
Several
Microservices

Presentation Layer
Amazon CloudFront Amazon Simple Storage
Service

Application Layer
Amazon API Gateway
Database

DB DB DB

Copyright © Rajdeep Saha - All Rights Reserved


Calling
Third Party APIs

Presentation Layer
Amazon CloudFront Amazon Simple Storage
Service

Application Layer
Amazon API Gateway

Third Party API


Pass API Credentials
Database

DB DB DB

Copyright © Rajdeep Saha - All Rights Reserved


Handling
Super High Traffic

Presentation Layer
Amazon CloudFront Amazon Simple Storage
Service

Application Layer
Amazon API Gateway
Database

DB DB DB

Copyright © Rajdeep Saha - All Rights Reserved


Async/Event
Driven Design

Presentation Layer
Amazon CloudFront Amazon Simple Storage
Service

Application Layer
Amazon API Gateway

Amazon SQS
Database

DB DB
DB

Copyright © Rajdeep Saha - All Rights Reserved


Product
Recommendation

• Collaborative Filtering

• Check Tinder system design recommendation part

Copyright © Rajdeep Saha - All Rights Reserved


Security Login (Authentication)

Amazon CloudFront Amazon Simple Storage


Service
Data at Transit

Amazon API Gateway

Third Party API


Pass API Credentials
Security of the
Application

Data at Rest DB DB DB

Copyright © Rajdeep Saha - All Rights Reserved


Copyright © Rajdeep Saha - All Rights Reserved

You might also like