System Architecture 🏗️

Infrastructure Overview

In this section, I will delve into an example implementation of Backstage using a combination of Google Cloud Platform (GCP) services, Okta for Single Sign-On (SSO) authentication and authorization, and GitHub integration to access organization data.

Here's a preliminary glimpse into the system's structure:

• Backstage Layer

  • Backstage deployed on Cloud Run

    • Traffic outside of work hours is very low to none

    • ✅ Cost savings from going serverless and scaling to 0 instances when not in use

      • ⚠️ Tradeoff was cold starts. The first request needs to wait for a new container, causing a delay (10-15s).
• Storage Layer

  • Cloud SQL: User, project and organization metadata

  • Cloud Storage: API documentation stored (swagger/openAPI)

  • Secret Manager: App secrets fetched and used as environment variables during build and runtime

• Integration Layer

  • Okta: Authentication/Authorization

  • GitHub: Repository and organization data management

  • Third-party tools: Monitoring via Cloud Logs and Google Analytics.

• Nice-to-Have (But Not Achieved)

CI/CD Deployment Pipeline 🔄

Pipeline Components

• Trigger: Cloud Build trigger listening for merge to default branch events

• Build Process:

  • Pull latest Backstage image from Artifact Registry (build cache)

  • Build new Docker image with latest changes

  • Push updated image to Artifact Registry

  • Deploy new instance to Cloud Run

• Nice-to-Have (But Not Achieved):

  • Staging environment

  • Canary rollout

    • Small percentage -> monitor metrics -> increase traffic if stable

Key Benefits

• Efficient Builds: Docker layer caching reduces build time

• GitOps Deployment: Zero-touch deployment process

• Rollback Capability: Easy rollback to previous versions