Architecture
In an environment dominated by monoliths, agility is key to the success of this and any FACET-Acq project. This is the single guiding principle.
- UI/UX VueJS Framework
- Single page application design
- Styling Bulma CSS framework
- Dynamic Updates Socket.io web sockets to avoid polling
- Authentication with X.509 certificates
- Authorization with JWT for statesless management of authorization and user recognition
- Laravel MVC framework for the application layer/backend
- Php 7.1+ Server Side Scripting
-
Php-FPM Interpreter
- This can be deployed within a UNIX socket interface to comply with all security requirements for network interfaces
-
NGINX Web Server
- This can be swapped with Apache2 if deployment standards have not yet been developed for this modern and extremely high-performance web server
- PostgreSQL 9.6.x+
- Redis 4.0.5+
- S3 persistent file storage with 11-nines durability
- Travis-CI
- Automated test coverage
Given that many agencies struggle with cloud procedures and adoption, as well as the anticipated need for realistic deployment for testing and security review; the project maintains an 'infrastructure' directory with Terraform infrastructure as code. This provides out of the box idempotent infrastructure deployment geared toward the AWS platform.
While this project is not directly endorsing AWS, it is the dominant cloud services provider and includes a FedRAMP certified infrastructure set as well as ISO-27001 & ISO-9001:2015 certification.
While the application stack can be deployed on bare metal, on-premise virtualization, or in an air-gapped network, the cost and security benefits of AWS make it a compelling option and convenient testing paradigm.
The security advantages of a well-architected Docker container deployment of application components make this a worthwhile option to explore. Additionally, in a cloud-based environment, such containers allow for faster scaling during high volume transaction processing and pay for this increased capacity only when necessary.
To maximize scalability and resiliency, application containers are designed to be stateless and independent. The application is designed to sustain 99.99% availability and maintain data integrity with 99.999999999% durability including the simultaneous loss of two data centers within a single region without processing or user impact.
While data will be processed by Post Award itself as RESTful API calls, most data today is handled as some form of EDI including X12 and XML data. To provide parity, the application supports this structure and has been designed for 99.99% availability across two geographic regions and two isolated/distinct data centers within each region.
