TrustedLogin SaaS Server Setup
The TrustedLogin application is powered by Laravel and run on a Dockerized, high-availability, Kubernetes cluster.
The application handles account management, profiles, and billing. But most important, it receives and processes requests from the Client SDK and TrustedLogin Connector plugin.
What software powers TrustedLogin?
| Software | URL | Description |
|---|---|---|
| Helm | https://helm.sh/ | Kubernetes deployment |
| Docker | https://www.docker.com/ | Container management |
| Kubernetes | https://kubernetes.io/ | Container orchestration |
| Traefik | https://traefik.io/ | Load balancing & reverse proxy |
| Jetstack Cert Manager | https://github.com/jetstack/cert-manager | Kubernetes certificate management |
| Laravel | https://laravel.com/ | Web application framework |
| Laravel Spark | https://spark.laravel.com/ | Billing & portal |
| Laravel Dusk | https://dusk.laravel.com/ | Acceptance tests |
| Guzzle | https://packagist.org/packages/kozz/laravel-guzzle-provider | HTTP client |
| Hashicorp Vault | https://www.vaultproject.io/ | Key management |
| Elasticsearch | https://www.elastic.co/products/elasticsearch | Log search |
| Kibana | https://www.elastic.co/products/kibana | Log analysis |
| Velero | https://velero.io | Backup |
| MySQL | https://www.mysql.com/ | Database |
| Datadog | https://www.datadoghq.com/ | Log aggregation |
| Redis | https://redis.io/ | Caching |
| Prometheus | https://prometheus.io/ | Metrics & alerting |
Additional information
Helm
The TrustedLogin Kubernetes deployment is structured using Helm.
Kubernetes
The application is hosted on managed DigitalOcean Kubernetes ("DOKS").
Traefik
Traefik acts as a reverse-proxy load balancer.
- Redirects requests from http to https
- To restrict access based on IP addresses
- Routes traffic various services within Kubernetes account to url requested
Hashicorp Vault
TrustedLogin uses Vault as a key management system. It is configured with three fallback nodes to provide high-availability. Vault is configured to be auto-unsealing.
Velero
Velero backs up the Kubernetes deployment every six hours to Digital Ocean Spaces. We maintain backups for 3 days (72 hours).
Laravel Spark
The eCommerce and public-facing UI are powered by Laravel Spark.
MySQL
The Laravel Spark database uses Digital Ocean Managed MySQL with High Availability. Account, profile, and and Stripe billing metadata are stored in MySQL.
Elasticsearch
Logs stripped of PII are added to Elasticsearch for later analysis. See Elasticsearch documentation for more information.
Redis
Laravel uses redis as a caching mechanism for temporary data storage to speed up the process of performing database queries and getting feedback, which will, in turn, reduce the amount of time spent pulling up data. Our applicaiton relies on Digital Ocean fully managed redis instance in high availability mode.