Google Cloud Reference Architecture

(Link to download original Figjam file)

Notes

  • Google Cloud Storage is used to store web portal assets, training data and models.
  • User authentication services (not shown in diagram) provided by Authgear, which can be hosted in the same cluster or as an external service.

Optional Training Pipeline

  • FormX training pipeline is based on Kubeflow. Hence the rights to create CustomResourceDefinitions (CRD) in the cluster is required.

Cloud Resources Requirements

Products

Purposes

Minimum Specification

Google Kubernetes Engine

Pods to run the applications, workers
Redis: Cache authentication tokens
Authgear: Authentication

c2-standard-8 (8 vCPUs, 32GB RAM)
x 3 minimum for k8s
(See here for detailed requirements for training pipeline)

Google Cloud SQL for PostgreSQL

Store the configs, audit logs, temporarily result for async requests

db-standard-4 (4 vCPUs, 15GB RAM)
x 2 for high availability

Google Cloud Storage

Storage of the portal assets; (optional) images for training and models

N/A

Google Vision API

OCR

N/A

(Optional Components)

Networking:

  • Google Cloud Armor (WAF)
  • Google Cloud Load Balancer
  • Google Cloud CDN
    CI/CD:
  • Google Secret Manager
  • Google Artifact Registry

N/A