System Architecture
The EmpowerID system is built based on containerized server roles, including front-end UI, back-end job, various application microservices, and Database servers. EmpowerID is architected to automatically balance jobs across multiple containers for a fully redundant processing capability. Each back-end job container instance communicates an "I'm alive" heartbeat with the database to verify its availability to process requests. All jobs operate in a process claim mode that allows any container to process any job or perform any role that it is configured to perform in concert with the other servers and services. Jobs and processes leverage queues so processes are not interrupted when servers go offline, and changes can be batched up and retried. The EmpowerID UI is stateless and load-balanced. The databases are geographically mirrored, supporting automatic fail-over. Many of the modules operate as independent microservices that are published from EmpowerID as Azure App Services.
The EmpowerID application landscape includes the following components:
Azure SQL Database
EmpowerID Core Containers – UI and Worker
EmpowerID Microservices
EmpowerID Workflow Developer Studio client application
EmpowerID is implemented into three distinct environments for Development, User Acceptance, and Production.
EmpowerID’s SaaS service runs on Microsoft Azure as a highly scalable and available completely managed offering. EmpowerID Service Operations and Datacenter Operations will provision standardized core Service infrastructure in established Azure datacenter locations, at a location agreed with the customer to facilitate data residency and latency requirements for the customer’s production EmpowerID Cloud Identity environment. See the production and non-production environment details in the Included Services section below.
Core service SaaS infrastructure setup includes:
The required Azure Kubernetes Container infrastructure to operate the service
Network infrastructure setup and configuration such as firewalls and load balancing
EmpowerID Cloud Identity database installation and configuration
EmpowerID Cloud Identity container microservice deployments as per best practices
Installation of quality-of-service monitoring software
Testing the EmpowerID Production environment by performing base configuration testing
Disaster Recovery infrastructure setup and configuration
Service endpoints and URLs finalization
Service monitoring setup