System Architecture 🏗️
Intro
Last updated
Was this helpful?
Intro
Last updated
Was this helpful?
In this section, I will delve into an example implementation of Backstage using a combination of Google Cloud Platform (GCP) services, Okta for Single Sign-On (SSO) authentication and authorization, and GitHub integration to access organization data.
Here's a preliminary glimpse into the system's structure:
Backstage Layer
Backstage deployed on Cloud Run
Traffic outside of work hours is very low to none
✅ Cost savings from going serverless and scaling to 0 instances when not in use
⚠️ Tradeoff was cold starts. The first request needs to wait for a new container, causing a delay (10-15s).
Cloud Run has autoscaling, meaning that you don't necessarily need to put a load balancer in front!
Storage Layer
Cloud SQL: User, project and organization metadata
Cloud Storage: API documentation stored (swagger/openAPI)
Secret Manager: App secrets fetched and used as environment variables during build and runtime
Integration Layer
Okta: Authentication/Authorization
GitHub: Repository and organization data management
Third-party tools: Monitoring via Cloud Logs and Google Analytics.
Nice-to-Have (But Not Achieved)
Leveraging cache stores (Redis, etc.) to improve performance
Pipeline Components
Trigger: Cloud Build trigger listening for merge to default branch events
Build Process:
Pull latest Backstage image from Artifact Registry (build cache)
Build new Docker image with latest changes
Push updated image to Artifact Registry
Deploy new instance to Cloud Run
Nice-to-Have (But Not Achieved):
Staging environment
Canary rollout
Small percentage -> monitor metrics -> increase traffic if stable
Key Benefits
Efficient Builds: Docker layer caching reduces build time
GitOps Deployment: Zero-touch deployment process
Rollback Capability: Easy rollback to previous versions