Installation topology which would seperate database from rest of the components

Hi,

What sensitive information does cassandra and Postgres DB store, should we install them in a protected data centre while rest of the components can be internet facing.

If the initial throughput on the platform is very less, can we install all APIGEE components in one singe node across two data centres (for HA) and Cassandra + ZooKeeper + Qpid server + Postgres on a different node across data centres.

Thanks,

Karthick.

Solved Solved
0 2 215
1 ACCEPTED SOLUTION

Hi Karthick,

Data stores & sensitive information

Cassandra is used to store proxy bundle configurations, traffic management counters, L2 caches, and data stored by proxies in BaaS.

Postgres is used to accumulate analytics details including information about the clients connecting, source IP addresses, app keys and any other metrics you've defined for analytics.

Whether this constitutes "sensitive" data or not is a matter of discussion in the business, but generally the operational and configuration information is not sensitive, but data stored in cache or BaaS may be. Of course, these components CAN be located in protected LAN segments so long as those connection points are opened between the nodes.

Minimal Topologies

There are a variety of topologies that work, but the smallest that we generally recommend for production is a 5-node topology. When I say "production" I really mean anything that is being used for day-to-day business. Developers creating proxies is production, as the developer is the customer of the Edge services at that point.

Having said that, it is possible to deploy to fewer nodes, with the trade off that the performance starts to become bottlenecked by IO and memory availability.

Generally speaking, we would discourage smaller deployments without a deep discussion with a Principal Architect about your specific conditions.

View solution in original post

2 REPLIES 2

@Anil Sagar please help me on this

Hi Karthick,

Data stores & sensitive information

Cassandra is used to store proxy bundle configurations, traffic management counters, L2 caches, and data stored by proxies in BaaS.

Postgres is used to accumulate analytics details including information about the clients connecting, source IP addresses, app keys and any other metrics you've defined for analytics.

Whether this constitutes "sensitive" data or not is a matter of discussion in the business, but generally the operational and configuration information is not sensitive, but data stored in cache or BaaS may be. Of course, these components CAN be located in protected LAN segments so long as those connection points are opened between the nodes.

Minimal Topologies

There are a variety of topologies that work, but the smallest that we generally recommend for production is a 5-node topology. When I say "production" I really mean anything that is being used for day-to-day business. Developers creating proxies is production, as the developer is the customer of the Edge services at that point.

Having said that, it is possible to deploy to fewer nodes, with the trade off that the performance starts to become bottlenecked by IO and memory availability.

Generally speaking, we would discourage smaller deployments without a deep discussion with a Principal Architect about your specific conditions.