System Architecture
The System Architecture of our end-to-end test incorporates an internal and an external cluster.
External Cluster
The external cluster represents the EuroDaT Client.
The client-controller
serves as an interface allowing external applications operated by EuroDaT participants to interact with the EuroDaT platform: It manages the communication between these external applications and EuroDaT's controller
.
In our test setup, we deploy the provider client
and the consumer client
in a separate external cluster that serves as our test environment.
It is important to note that these designations represent a single entity - the EuroDaT-Client
.
Internal Cluster
The internal cluster consists of five Namespaces:
control-plane
: constitutes the core of the platform. Its purpose is to build the connection to the external applications, to provide API endpoints, and to ensure that data transactions are properly initiated and managed through restricted workflow-templates. It acts as a central point of control for managing data access and usage and consists of multiple microservices which are described below.transaction-plane
: initiates the transaction-workflow using the provided workflow-templates via Argo Workflows, an open-source container-native workflow engine for orchestrating parallel jobs on Kubernetesdata-plane
: hosts the temporary databases for each transaction, as well as the associated workflow and the workflow-template which will be provided by the external user. The registration process of these workflow-templates is managed by thecontroller
.base
: Keycloak provides the IAM and monitoring functionalities.prometheus
: Prometheus is an open source metrics monitoring tool.
Services
Controller
The controller offers the possibility to start and end the transaction and to start the app workflow.
Functions
- endTransaction
- startTransaction
- startWorkflow
Backmessaging service
This service is responsible for communication with RabbitMQ and includes functions for declaring and deleting exchanges and queues, as well as publishing messages.
Functions
- createVHost
- declareExchangeAndQueue
- deleteExchangeAndQueue
- deleteVHost
- publishMessage
Credential service
This service is responsible for the creation and management of the database credentials.
Functions
- createRoleExternal
- createRoleInternal
Transaction service
This service offers the possibility to start, find or end a transaction.
Functions
- createTransaction
- endTransaction
- findTransaction
- getAllTransactionIds
Database service
This service creates and deletes the transaction and safe deposit databases.
Functions (transaction database)
- createRolesForDatabase
- createTransactionDatabase
- deleteRolesForDatabase
- deleteTransactionDatabase
Functions (safe-deposit database)
- createSafeDepositDatabase
- deleteSafeDepositDatabase
App service
This service offers the possibility to find or delete an app, get all app IDs or start the app registration.
Functions
- deleteApp
- findApp
- getAllAppIds
- startAppRegistration
Client controller
This controller offers the possibility to start or end a transaction or to start a workflow.
Functions
- endTransaction
- startTransaction
- startWorkflow
Contract service
This service offers the possibility to create, find, or terminate a contract or to get all contracts and the health status.
Functions
- createContract
- findContract
- getAllContracts
- health
- terminateContract