1 Architecture
Philipp Keller edited this page 2026-02-17 14:00:00 +00:00

Architecture Overview

Network topology

Internet → Route 53 → ALB (public) → EKS nodes (private) → RDS (isolated)
                                   ↘ ElastiCache (private)

Services map

Service Technology Owner Namespace
API Rust/Axum backend team nexus
Frontend React/Vite (static CDN) frontend team
Data pipeline Python/Airflow data team airflow
Auth OIDC (Keycloak) platform team auth
Monitoring Prometheus + Grafana platform team monitoring

Deployment flow

PR merged to main
  → GitHub Actions CI
  → Docker build + push to registry.nexus.local
  → Helm upgrade (nexus-staging) — auto
  → Smoke tests
  → Manual approval gate
  → Helm upgrade (nexus-prod)