MOSIP Docs 1.1.5
GitHubCommunityTech Blogs
  • Home
  • Architecture
    • Guiding Principles
    • MOSIP Architecture
      • Technology Stack
    • MOSIP and Data
      • Naming Standards
      • Data-Model
    • Privacy & Security
      • Cryptography in MOSIP
    • Anonymous Profiling Support
  • Modules
    • Pre-Registration
      • Pre-Registration Functionality
      • UI Specification for Pre-registration
      • Pre-Registration Configuration
    • Registration
      • Registration Functionality
      • Registration Packet
      • Registration Client Setup
      • First User Registration and Onboarding
      • Guide to Configure MOSIP for Biometrics
      • Guide to On-board Biometric Devices
      • Device Integration Specifications
      • UI Specification for Registration Client
    • Registration Processor
      • Registration Processor Functionality
      • Deduplication and Manual Adjudication
      • MOSIP ID Object Definition
    • ID Repository
    • ID Authentication
      • ID Authentication Functionality
    • Resident Services
      • Resident Services Functionality
    • Partner Management
      • Partner Management Functionality
      • MOSIP Partner Secure Communication
      • Partner Self Service Portal
    • Administration
      • Admin Services Functionality
      • Download Card
    • Kernel
      • Audit Manager Functionality
        • Admin Service Audits
        • Resident Service Audits
        • Partner Management Audits
        • Registration Client Audits
        • Registration Processor Audits
        • ID Repository Audits
        • ID Authentication Audits
        • Pre-registration Audits
      • Authentication and Authorization Functionality
      • Auth Adapter
      • Auth Implementation
      • Common Services Functionality
      • Data Services Functionality
      • Master Data Services Functionality
      • UIN and VID Generation Service Functionality
      • VID Generator
  • Biometrics
    • ABIS
    • Biometric SDK
    • MDS Specification
    • Biometric Specification
    • CBEFF XML
    • Compliance Tool Kit
  • Build & Deploy
    • Sandbox Installer
    • Deployment Architectures
    • Cell Based Deployment Architecture
    • Hardware Security Module HSM Specifications
    • Hardware Sizing
    • Customizations for a Country
    • Other Installation Guides
      • Steps to Install and Configure HDFS
      • Steps to Install and use PostgreSQL Version 10.2 on RHEL 7.5
      • Steps to Install Clam AntiVirus Version 0.101.0
      • Steps to Install Keycloak Standalone Server
    • Services in MOSIP
  • Glossary
  • Contribute
    • Call for Contribution
    • Contributor's Guide
    • Code of Conduct
    • Issue Reporting Guideline
    • Coding Standards
      • Auth Angular User Guide
      • Auth SpringBoot User Guide
      • Gitub Workflow
      • MOSIP Java Coding Standards
      • MOSIP REST API guidelines
      • Registration Client UI Developer Document
      • Registration Client Developer Documentation
      • Security Tools
    • Testing
      • Test Rig Design
      • Tester Documentation
      • Testing Attachments Kernel
  • APIs
    • ABIS APIs
    • Admin APIs
    • AuthN and AuthZ APIs
    • Biometric SDK APIs
    • BlacklistedWords APIs
    • Common APIs
    • Device APIs
    • Device Type and Subtype APIs
    • Device Management APIs
    • Document APIs
    • Dynamic Fields APIs
    • Holiday APIs
    • ID Authentication APIs
    • ID Repository APIs
    • ID Schema APIs
    • Kernel APIs
    • Machine APIs
    • Master Data Biometric APIs
    • Packet APIs
    • Packet Manager APIs
    • Partner Management Service APIs
    • Pre Registration APIs
    • Registration Center APIs
    • Registration Processor APIs
    • Resident Service APIs
    • Sync Data APIs
    • Template APIs
    • Zone APIs
  • Older Releases
    • Release Notes 1.1.5
      • Enhancements
      • Defect Fixes
      • Patches
        • Patch 1.1.5.5
        • Patch 1.1.5.5-P1
    • Release Notes 1.1.4
      • Enhancements
      • Defect Fixes
    • Release Notes 1.1.3
      • Features
      • Bug Fixes
    • Release Notes 1.1.2
      • Features
      • Bug Fixes
    • Release Notes 1.1.1
      • Bug Fixes
      • Artifact Version
    • Release Notes 1.1.0
      • Features
      • Bug Fixes
      • 1.2.0 Features
      • Artifact Version
    • Release Notes 1.0.6
    • Release Notes 1.0.5
    • Release Notes 1.0.0
      • Features
    • Release Notes 0.9.0
  • Roadmap
    • Roadmap Activities
  • Revision History
  • License
Powered by GitBook
On this page
  • Introduction
  • Deployment architecture choices
  • Security: Deployment with secure zones
  • Scalability: Cell based architecture
  • Rapid deployment: Hybrid architecture

Was this helpful?

Export as PDF
  1. Build & Deploy

Deployment Architectures

Introduction

Running a national ID system is no mean task and involves numerous challenging aspects. The software system at the core is a critical infrastructure and needs to address high availability, reliability, scalability, security, resilience, and manageability. Choosing the right deployment architecture plays an important role in helping achieving architectural goals while also catering to the law of the land. Cost of implementing such an architecture also matters.

Mosip has a micro-services architecture that organizes functionality into myriad small services and execution units. Each of these can be scaled separately as well as replaced / upgraded. This makes the platform powerful and provides plenty of flexibility and configurability in the hands of the implementor. There is also the corresponding complexity of dealing with a higher number of components in the system in the areas of configuration, security, deployment, dependency management, monitoring and testing.

Deployment architecture choices

In order to get the best out of mosip and keep manageability high the deployment architecture plays a crucial role. Let us take a look at a few of the common deployment architecture options available based on various perspectives.

  • Packaging choices

    • Option 'Jar' - Spring boot services in Virtual Machines|

    • Option 'Docker' - Dockers on a Kubernetes container management setup

  • Infrastructure choices

    • Option 'On-Premise' - Deploy in a private or own data center

    • Option 'Cloud' - Deploy in a cloud

    • Option 'Hybrid' - Cloud + On Premises

  • Platform choices

    • Option 'Open Source' - Proven community favored platforms

    • Option 'Cloud Native' - Cutting edge supported cloud technologies from AWS, Azure, GCP et al

    • Option 'Commercial' - Established and well supported priced packages

Security: Deployment with secure zones

The architecture proposed may be deployed on-premise or cloud. Here, all MOSIP modules are installed with clear separation between militarised and demilitarised zones.

Scalability: Cell based architecture

For linear scaling of capacity and provisioning of hardware, a cell based architecture (along with secure zones) may be preferred.

Rapid deployment: Hybrid architecture

A hybrid architecture may be considered where benefits of cloud and on-premise are leveraged. While cloud provides rapid deployment and ease of management, on-premise can facilitate data localization and any other policy requirements.

An example of hybrid architecture is given below:

PreviousSandbox InstallerNextCell Based Deployment Architecture

Last updated 3 years ago

Was this helpful?

Cell based architecture