PHASE-2

PHASE 2
College Name: The Oxford College Of Engineering
Team Name: Black Squad
TEAM_ID: 5160484
Group Members:
• Name: Jayadeep A
CAN ID Name: CAN_33854820

• Name: Deepak G
CAN ID Name: CAN_33856908

• Name: Ahalya U
CAN ID Name: CAN_33852624

• Name: Kanchi Kiran K

CAN ID Name: CAN_33857256

PROJECT TITLE: Content Delivery Networks (CDNs) with IBM Cloud Akamai
Integration.

Architecture Overview
1. Core Components
• Client: Users accessing content through web browsers, mobile apps, or IoT devices.
• CDN Edge Servers:
o Located at geographically distributed points of presence (PoPs).
o Serve cached content to clients, reducing latency and load on origin servers.
o Provided by Akamai.
• IBM Cloud:
o Hosting and managing the origin server.
o Provides additional services like object storage, analytics, and security.
• Integration Layer:
o IBM Cloud and Akamai integration, enabling seamless content delivery.
PHASE-2
2. Workflow
1. Request Flow:
o A client requests content via DNS.
o The request is routed to the nearest Akamai edge server using Anycast DNS.
2. Edge Server Caching:
o If the content is cached, the edge server serves it directly to the client.
o If the content is not cached, the edge server retrieves it from the origin server
hosted on IBM Cloud.
3. Origin Server:
o The IBM Cloud origin server processes uncached requests and delivers content
to the edge server.
o Integrates with Akamai to ensure proper content distribution and performance.
4. Content Delivery:
o The edge server caches the content for subsequent requests.
o The client receives content quickly, benefiting from reduced latency.
3. Key Features
• Scalability: Handle high traffic using Akamai’s extensive PoP network.
• Performance: Minimized latency with edge caching and IBM Cloud's robust
infrastructure.
• Security: IBM Cloud offers integrated security services like WAF and DDoS
protection.
• Analytics: Real-time data on content delivery performance and user interactions via
IBM Cloud monitoring tools and Akamai's analytics.
4. Integration Details
• API Communication:
o IBM Cloud integrates with Akamai via APIs to manage content updates, cache
invalidation, and delivery policies.
• Content Purging:
o Synchronization between IBM Cloud and Akamai for cache purging when
content updates occur.
 PHASE-2
• Monitoring:
o Unified dashboards for monitoring traffic, performance, and incidents.
5. Deployment Diagram
1. IBM Cloud:
o Host applications and content.
o Use IBM Cloud Functions for serverless operations.
2. Akamai PoPs:
o Distribute content closer to end users.
o Provide edge logic for optimized delivery.
3. Clients:
o Access cached and dynamically retrieved content efficiently.

Service Integration:
1. Service Integration Components
1. Core Services:
o IBM Cloud Services:
▪ IBM Cloud Object Storage
▪ IBM Db2 on Cloud or Cloudant
▪ IBM API Gateway
▪ IBM Cloud Monitoring
o Akamai Services:
▪ Edge servers for caching and delivery.
▪ Akamai Web Application Firewall (WAF) and DDoS Protection.
o Third-Party Tools:
▪ CI/CD pipelines (e.g., Jenkins, GitHub Actions).
▪ Analytics tools (e.g., Google Analytics or IBM Watson Analytics).
PHASE-2
2. Integration Middleware:
o IBM Event Streams:
▪ Kafka-based messaging system for asynchronous communication
between components.
o API Gateway:
▪ Acts as a central hub for managing API calls between IBM Cloud and
Akamai.
o Service Mesh:
▪ IBM Cloud Kubernetes Service with Istio for managing service-to-
service communication securely.
2. Integration Workflow
a. Content Workflow
1. Content Deployment:
o Developers upload content to IBM Cloud Object Storage or databases.
o IBM API Gateway triggers Akamai APIs for cache invalidation or content
synchronization.
2. Cache Synchronization:
o Updated content metadata is shared with Akamai using APIs for PoP caching.
o Integration with Akamai’s Content Control Utility (CCU) for real-time cache
management.
b. Dynamic Data Delivery
1. Data Query Handling:
o IBM Db2 or Cloudant APIs provide dynamic data to edge servers.
o APIs are exposed through IBM API Gateway for controlled access.
2. Edge Integration:
o Akamai edge servers pull dynamic content from IBM Cloud based on user
requests.
c. Security Integration
1. Authentication and Authorization:
o IBM Cloud Identity and Access Management (IAM) integrates with Akamai’s
security services for unified access control.
 PHASE-2
o OAuth 2.0 and API keys ensure secure communication.
2. Threat Mitigation:
o Akamai WAF filters malicious requests before they reach IBM Cloud.
o Logs from Akamai and IBM Cloud are integrated into a centralized Security
Information and Event Management (SIEM) system.
d. Monitoring and Analytics
1. Unified Monitoring:
o IBM Cloud Monitoring integrates with Akamai analytics dashboards.
o Logs from both platforms are aggregated using IBM Log Analysis.
2. Performance Metrics:
o Akamai provides real-time edge performance metrics.
o IBM Cloud monitors origin server health and database performance.

3. API Integration
• IBM Cloud API Gateway:
o Centralizes all API endpoints.
o Provides rate limiting, logging, and security for API calls.
• Akamai APIs:
o Content Delivery APIs:
▪ Cache purge, content preload, and delivery rules.
o Security APIs:
▪ WAF rule configuration and threat intelligence updates.
• Custom API Workflows:
o IBM Cloud Functions provide serverless integrations for custom logic like real-
time cache purging or traffic redirection.

4. Key Integration Patterns

• Event-Driven Integration:
o IBM Event Streams notify Akamai of content updates to synchronize caches.
 PHASE-2
• Microservices:
o Decoupled services communicate via REST or gRPC APIs.
• Service Mesh:
o Secure, load-balanced communication between IBM Cloud microservices and
Akamai edge servers.

5. Tools for Integration

1. IBM App Connect:
o Automates workflows between IBM and Akamai services.
2. Terraform or Ansible:
o Infrastructure as Code (IaC) for provisioning and managing integrations.
3. CI/CD Pipelines:
o Continuous deployment of updates to both IBM Cloud and Akamai
configurations.
 PHASE-2
Dataflow diagram
PHASE-2
PHASE-2
 PHASE-2

Implementation Plan
Step 1: Set Up IBM Cloud Object Storage
• Create a bucket in IBM Cloud Object Storage for storing content and backup data.
• Configure appropriate storage classes (e.g., Standard, Vault) based on performance and cost
requirements.
• Apply bucket-level encryption and access control policies to secure stored content.
Step 2: Set Up IBM Cloudant Database
• Create a Cloudant NoSQL database to manage structured and dynamic data.
• Configure replication and synchronization settings for disaster recovery.
• Implement database partitioning and indexing to optimize query performance.
Step 3: Automate Data Backup and Delivery with IBM Cloud Functions
• Develop and deploy serverless functions to:
o Automatically back up application and database data to IBM Cloud Object Storage at
specified intervals.
 PHASE-2
o Handle cache invalidation and synchronization with Akamai edge servers after content
updates.
• Implement automated recovery workflows to restore data from backups in case of failure or
data loss.
Step 4: Configure Akamai CDN
• Set up Akamai edge servers and integrate them with IBM Cloud Object Storage.
• Define cache rules, including expiration policies and content preload options.
• Integrate Akamai’s APIs for real-time cache invalidation and delivery optimization.
Step 5: Security Configuration
• Use IBM Key Protect to implement encryption for all data in transit and at rest.
• Set up role-based access controls (RBAC) to restrict permissions for backup, delivery, and
recovery processes.
• Configure Akamai Web Application Firewall (WAF) and DDoS protection for content delivery
endpoints.
Step 6: Monitor and Optimize System Performance
• Integrate IBM Cloud Monitoring to:
o Track the health of data backups and Akamai edge server performance.
o Set up alerts for backup failures, cache misses, and system downtimes.
• Use Akamai’s analytics dashboard to monitor content delivery performance and optimize cache
configurations.

CONTRIBUTION:
1) Jayadeep A (CAN ID: CAN_33854820): Divided the work to the teammates based on their
knowledge of what they can do, documentation work and Implementation part.
2) Deepak G (CAN ID: CAN_33856908): Created the Dataflow Diagram.
3) Ahalya U (CAN ID: CAN_33852624): Found Out all the services which can be used for
this project.
4) Kanchi Kiran K (CAN ID: CAN_33857256): Came up with Architecture Overview.
* Every member of this had involved in adding their own opinion on how to implement this project
equally.