Shopify App Infrastructure on AWS
At Sunrise Integration we understand that the development of high-quality software is only one part of successful software engineering. The other part is creating resilient architecture to deploy the software on. In this article, we will look at one of our architectural solutions for enterprise-level Shopify app deployment on AWS Cloud.
With Shopify's ability to post webhooks on AWS EventBridge, splitting up the webhook processing part of a Shopify application into its own microservice becomes a natural decision. Figure 1 is a contextual diagram of a Shopify application.
In terms of AWS, we can represent a webhook processing microservice with the following AWS services:
AWS EventBridge. Shopify uses it to post webhooks.
Simple Queue Service (SQS). Enterprise-level Shopify apps may receive tens of thousands of webhooks per day. SQS provides throttling that will prevent data stores and third-party APIs from being overwhelmed.
AWS Lambda. This is where webhook processing code lives. Since the webhook load varies, Lambda will provide great scalability to the webhook processing service.
Much like a webhook processing microservice, Shopify apps also need to be able to scale. In order to achieve scalability as well as efficiency, flexibility and ease of management, our solution is to use Elastic Container Service (ECS) Fargate to deploy the Shopify app. Figure 2 is the contextual diagram in terms of AWS services.
Continuous Integration / Continuous Deployment automation allows development teams to concentrate on writing code without being distracted by DevOps issues. Our solution uses CodePipeline and CodeBuild AWS services to deploy webhooks microservice and main application. They provide automation, reliability and durability to CI/CD processes.
High Level Overview
Taking into account what we’ve discussed above, the high level overview of AWS infrastructure is shown in Figure 3.
The Shopify application is deployed into a serverless managed Fargate cluster and fronted by Global Accelerator with AWS Shield. Depending on the use cases for the Shopify app, CloudFront can be used instead of Global Accelerator. Application Load Balancer allows for horizontal scaling during times of high traffic.
Shopify webhooks are posted to EventBridge, which sends them to Simple Queue Service (SQS). If messages error out and can’t be processed by Lambda function, they go to Dead Letter Queue (DLQ). CloudWatch alarm is configured to notify a developer if DLQ receives messages.
Lambda, Fargate cluster, and RDS, also send the logs to CloudWatch for inspection and troubleshooting. CloudWatch alarms such as high CPU utilization, high disk space utilization, etc. are configured to notify a client.
Figure 4 shows an example of a Virtual Private Cloud Architecture for Shopify Application.
The VPC is split up into three public and two private subnets. Besides the Shopify App that is deployed in the Fargate Cluster across three availability zones, public subnets also have Client VPN for developers to connect to the database, and NAT Gateway for a Lambda function to communicate with external APIs. The Lambda function is deployed across two availability zones in private subnets. The database has multi-AZ configuration for automatic failover during disaster recovery.
Enterprise Experience Matters
The architecture, described above, achieves the following goals essential for enterprise-level applications:
Decoupling. Webhooks microservice is integrated with EventBridge and SQS.
Security. Resources, such as databases, are deployed into private subnets and have data encryption at rest.
Reliability. Resources are deployed across multiple availability zones. Multi-AZ configuration is used for the database for automatic failover.
Scalability and Performance Efficiency. These goals are achieved through using serverless technologies of ECS Fargate and Lambda.
Observability. Application components send telemetries to ClowdWatch logs. Alarms are configured for certain metrics to notify a developer if something goes wrong.
CI/CD Automation. AWS CodePipeline and CodeBuild are automatically triggered when changes (pull requests) are made to main/development branches of git repositories.
Enterprise development for highly available applications takes experience and know-how. Because the team at Sunrise Integration has 22+ years of experience serving top companies with large demands, your development project is in good hands!