Designs

How to draw architecture diagram of your current project (web application on-prem)?

By SND
June 9, 2026 3 Min Read
0

High level architecture

This is our target

Architecture Flow

Users (Mobile/Desktop) → F5 (ASM + LTM) → UI Layer → API Gateway → Service Layer → Databases → Logging/Monitoring

The design follows a highly available microservices architecture deployed on Kubernetes, with separate Product and Order domains.

1. User Layer

Mobile & Desktop Clients

These are the consumer channels accessing the platform.

Responsibilities

  • User interaction
  • Authentication initiation
  • Request generation
  • Displaying Product and Order information

NFR Mapping

NFRContribution
UsabilityResponsive UI across devices
AccessibilitySupport for different browsers and devices
PerformanceFast page rendering
AvailabilityMultiple UI instances ensure continuity

2. F5 Layer (ASM + LTM)

F5 BIG-IP

ASM (Application Security Manager)

Acts as a Web Application Firewall (WAF).

Responsibilities

  • OWASP Top 10 protection
  • SQL injection prevention
  • XSS protection
  • Bot mitigation
  • Request filtering

LTM (Local Traffic Manager)

Acts as the external load balancer.

Responsibilities

  • Traffic distribution
  • Health checks
  • SSL termination
  • Failover routing

NFR Mapping

NFRContribution
SecurityWAF protection
AvailabilityLoad balancing and failover
ReliabilityHealth monitoring
ScalabilityTraffic distribution
PerformanceSSL offloading

3. UI Layer

Product UI Instances (2)

  • Product UI Instance 1
  • Product UI Instance 2

Order UI Instances (2)

  • Order UI Instance 1
  • Order UI Instance 2

Responsibilities

  • Presentation layer
  • User session handling
  • API consumption
  • Client-side validation

NFR Mapping

NFRContribution
AvailabilityActive-active deployment
ScalabilityHorizontal scaling
PerformanceReduced user latency
MaintainabilityIndependent UI deployments

4. API Gateway

Possible implementations:

Responsibilities

  • Request routing
  • Authentication
  • Authorization
  • Rate limiting
  • API versioning
  • Request transformation
  • Centralized logging

NFR Mapping

NFRContribution
SecurityAuthentication & authorization
PerformanceIntelligent routing
ScalabilityGateway clustering
MaintainabilityCentral API management
ObservabilityRequest tracing

5. Product Service Domain

HAProxy – you can use Ingress  as well.

Load balances traffic across Product pods.

Product Java Pods (3)

Responsibilities

  • Product catalog
  • Inventory
  • Pricing
  • Product search

NFR Mapping

NFRContribution
Availability3 pods with failover
ScalabilityHorizontal pod scaling
PerformanceParallel processing
ReliabilityPod redundancy
MaintainabilityMicroservice isolation

6. Order Service Domain

HAProxy

Load balances requests to Order services.

Order Python Pods (3)

Responsibilities

  • Order creation
  • Order validation
  • Payment orchestration
  • Fulfillment workflows

NFR Mapping

NFRContribution
AvailabilityMultiple pods
ReliabilityFailover support
ScalabilityScale independently from Product service
MaintainabilityDomain separation
PerformanceConcurrent request handling

7. Database Layer

Product Database

Stores:

  • Products
  • Inventory
  • Pricing

Order Database

Stores:

  • Orders
  • Transactions
  • Order status

Primary + Replica Configuration

Benefits

  • Read scaling
  • Disaster recovery
  • Backup support
  • Reduced database bottlenecks

NFR Mapping

NFRContribution
AvailabilityReplication
ReliabilityData redundancy
PerformanceRead replicas
RecoverabilityBackup and restore
IntegrityACID transactions

8. Logging Platform (ELK)

Components

Elastic Stack (ELK)

  • Filebeat / Fluentd / Logstash
  • Elasticsearch
  • Kibana

Responsibilities

  • Centralized logging
  • Log aggregation
  • Search and analytics
  • Audit trail
  • Incident investigation

NFR Mapping

NFRContribution
ObservabilityCentral log visibility
AuditabilitySecurity and compliance logs
ReliabilityFaster troubleshooting
MaintainabilityRoot cause analysis

9. Monitoring Layer

Prometheus + Grafana

  • Metrics collection
  • Alerting
  • Dashboarding
  • Capacity planning

NFR Mapping

NFRContribution
ObservabilityReal-time monitoring
AvailabilityEarly failure detection
ReliabilitySLA tracking
PerformanceBottleneck identification

10. CI/CD Pipeline

Source Control

GitLab (or GitHub)

Stores source code.

Build & Deployment

Jenkins

Pipeline stages:

  1. Build
  2. Unit Test
  3. Security Scan
  4. Package
  5. Publish Artifact
  6. Deploy

Kubernetes Packaging

Helm

Manages Kubernetes deployments.

NFR Mapping

NFRContribution
DeployabilityAutomated releases
ReliabilityConsistent deployments
SecurityAutomated scans
MaintainabilityVersioned releases
RecoverabilityRollback support

11. Kubernetes Platform

Kubernetes

Responsibilities

  • Container orchestration
  • Auto-scaling
  • Self-healing
  • Rolling updates
  • Service discovery

NFR Mapping

NFRContribution
AvailabilitySelf-healing pods
ScalabilityHPA/Cluster scaling
ReliabilityAutomated recovery
MaintainabilityDeclarative deployment
DeployabilityRolling upgrades

12. UC (User Center / IAM)

A centralized identity provider, commonly implemented using Keycloak.

Responsibilities

  • SSO
  • OAuth2/OpenID Connect
  • User management
  • Role-based access control

NFR Mapping

NFRContribution
SecurityCentral identity management
ComplianceAccess auditing
UsabilitySingle sign-on
MaintainabilityCentralized authentication

End-to-End NFR Coverage Matrix

NFRComponents Supporting It
AvailabilityF5 LTM, API Gateway, HAProxy, Kubernetes, Multi-Pod Deployment, DB Replicas
ScalabilityKubernetes, HAProxy, API Gateway, Horizontal UI Scaling
PerformanceF5, API Gateway, HAProxy, Read Replicas
SecurityF5 ASM, API Gateway, Keycloak, TLS, Security Scans
ReliabilityKubernetes Self-Healing, Replicated Databases, Multiple Pods
MaintainabilityMicroservices, Helm, Jenkins, Central Logging
ObservabilityELK, Prometheus, Grafana
RecoverabilityDatabase Replicas, Helm Rollbacks, CI/CD
DeployabilityJenkins, Helm, Kubernetes
AuditabilityELK, Keycloak, API Gateway Logs

This architecture would typically support enterprise targets such as 99.9–99.95% availability, horizontal scaling, centralized security controls, automated deployments, and full observability across Product and Order domains.

GCP Equivalent architecture

How to draw architecture diagram of your current project (web application) google cloud- GCP?

Author

SND

Technology leader with 24 years of experience designing and delivering large-scale enterprise applications across multiple industries. Expertise in Java, Spring ecosystem, cloud-native architectures, and distributed systems. Strong background in Big Data, machine learning, and building scalable, high-performance platforms. Extensive experience with open-source technologies, databases, microservices, and modern application modernization initiatives. Proven track record of leading architecture, engineering, and digital transformation programs from concept to production.

Follow Me
Other Articles
No Comment! Be the first one.

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright 2026 — My Interview Partner. All rights reserved. Blogsy WordPress Theme