-
Notifications
You must be signed in to change notification settings - Fork 10
Architecture patterns
These descriptions cover some of the techniques we're using to provide web services. They're meant to provide a conceptual overview. These are not complete or exact diagrams of what we've actually deployed.
- Audience: general public
- Direct web traffic from individuals
- Search engines
- Purpose: serve www.usa.gov content
- Public static web site diagram
- Audiences:
- Content team
- Contact center (via API)
- Purpose: maintain content for Public static web site
- Drupal CMS diagram
- Audience: any external web client
- Purpose:
- Route web traffic to appropriate app (based on hostname and/or path)
- Forbid some traffic
- Serve "redirects" for requests to decommissioned domains
We can use the API poller pattern when the data will vary over time, but will be the same for every visitor within a given timeframe.
- Audience: general public
- Purpose: Retrieve data from an API server and summarize it for use in a web page or web application
- Authenticate securely with the API server
- Limit the number of API requests we make, compared with on-demand queries
- Refresh data at a regular rate, independent of updates to the Public static site
- API Poller diagram
To come
Not yet implemented!
In order to use data from external web services "on the fly," we'll need a server to handle the connection to the external service.
- Audience: general public
- Purpose: Retrieve data from an API server for use in a web page or web application
- Authenticate securely with the API server
- Cache results as appropriate, to limit the number of API requests made
- API requests may be user-specific and on-demand
- API proxy diagram
We deploy apps (except for the egress proxy) into cloud.gov spaces that disallow outgoing traffic beyond trusted IP ranges. If an app needs to communicate with an external service, we route that traffic through an Egress proxy server that's configured with an allowlist of expected domains.
- Audience: N/A
- Purpose: Allow a process on one of our apps to communicate with an external service, for example:
- Calling an external API
- Sending log data to New Relic
- Egress proxy diagram
To come
To come