System Architecture Documentation
Table of Contents
- Architecture Overview
- System Design Principles
- Component Architecture
- Data Architecture
- Security Architecture
- Integration Architecture
- Deployment Architecture
- Performance Architecture
Architecture Overview
MS-Project follows a modern microservice architecture pattern with clean architecture principles at its core. The system is designed for high scalability, maintainability, and reliability.
High-Level Architecture Diagram
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Clients β
β (Web App, Mobile App, Third-party Systems) β
βββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β API Gateway Layer β
β (Load Balancer + Rate Limiting) β
βββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Authentication Service β
β (ForwardAuth + JWT) β
βββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β MS-Project Core β
β ββββββββββββββββ¬ββββββββββββββ¬βββββββββββββββββββββββ β
β β Handlers β Services β Repositories β β
β β (Fiber) β (Logic) β (GORM) β β
β ββββββββββββββββ΄ββββββββββββββ΄βββββββββββββββββββββββ β
βββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Data Layer β
β βββββββββββββββ¬βββββββββββββββ¬βββββββββββββββββββββ β
β β PostgreSQL β Redis β S3 Storage β β
β β (Primary) β (Cache) β (Files) β β
β βββββββββββββββ΄βββββββββββββββ΄βββββββββββββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββSystem Design Principles
1. Clean Architecture
The system follows Uncle Bob's Clean Architecture principles:
ββββββββββββββββββββββββββββββββββββββ
β Presentation Layer β
β (HTTP Handlers) β
ββββββββββββββββββββββββββββββββββββββ€
β Business Layer β
β (Services & Use Cases) β
ββββββββββββββββββββββββββββββββββββββ€
β Domain Layer β
β (Models & Entities) β
ββββββββββββββββββββββββββββββββββββββ€
β Infrastructure Layer β
β (Database, External APIs) β
ββββββββββββββββββββββββββββββββββββββ2. Domain-Driven Design (DDD)
- Bounded Contexts: Projects, Tasks, Products, Users
- Aggregates: Project (root), Task (root), Product
- Value Objects: Status, Priority, ProjectProgress
- Domain Events: TaskCreated, CommentAdded, StatusChanged
3. SOLID Principles
- Single Responsibility: Each service handles one domain
- Open/Closed: Extensible through interfaces
- Liskov Substitution: Interfaces over concrete types
- Interface Segregation: Small, focused interfaces
- Dependency Inversion: Depend on abstractions
4. Event-Driven Architecture
EventEmitter
βββ TaskCreatedEvent
βββ TaskUpdatedEvent
βββ CommentAddedEvent
βββ StatusChangedEvent
βββ ProjectApprovedEventComponent Architecture
Core Components
1. API Layer (/internal/handlers)
handlers/
βββ project_handler.go # Project endpoints
βββ task_handler.go # Task endpoints
βββ base_handler.go # Common functionalityResponsibilities:
- HTTP request/response handling
- Input validation
- Error formatting
- Response serialization
2. Service Layer (/internal/services)
services/
βββ project_service.go # Project business logic
βββ task_service.go # Task business logic
βββ comment_service.go # Comment operationsResponsibilities:
- Business logic implementation
- Transaction management
- Event emission
- Cross-service coordination
3. Repository Layer (Models)
models/
βββ base.go # Base model with ULID
βββ project.go # Project entity
βββ task.go # Task entity
βββ product.go # Product entity
βββ product_attribute.go # EAV attributes
βββ task_comment.go # Comment entityResponsibilities:
- Data persistence
- Query optimization
- Relationship management
- Data validation
4. Middleware Layer (/internal/middleware)
middleware/
βββ auth.go # JWT validation
βββ permissions.go # Permission checks
βββ rate_limit.go # Rate limiting
βββ logger.go # Request loggingComponent Interaction Flow
Client Request
β
API Gateway
β
Authentication Middleware
β
Permission Middleware
β
Handler (Controller)
β
Service (Business Logic)
β
Repository (Data Access)
β
DatabaseData Architecture
Database Design Philosophy
1. Entity-Attribute-Value (EAV) Pattern
Used for the flexible product system:
products (Core Entity)
βββ id
βββ name
βββ type
βββ ...
product_attributes (Attributes)
βββ product_id
βββ attribute_key
βββ attribute_value
βββ attribute_type2. Soft Deletes
All entities support soft deletion:
type BaseModel struct {
ID string `gorm:"primaryKey"`
CreatedAt time.Time
UpdatedAt time.Time
DeletedAt sql.NullTime `gorm:"index"`
}3. Audit Trail
History tables track all changes:
project_histories
task_histories
comment_historiesData Flow Architecture
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β Create ββββββΆβ Validate ββββββΆβ Save β
βββββββββββββββ βββββββββββββββ βββββββββββββββ
β β
βΌ βΌ
βββββββββββββββ βββββββββββββββ
β Emit Event β β History β
βββββββββββββββ βββββββββββββββCaching Strategy
ββββββββββββββ
β Request β
βββββββ¬βββββββ
βΌ
ββββββββββββββ Miss ββββββββββββββ
β Cache ββββββββββΆβ Database β
βββββββ¬βββββββ βββββββ¬βββββββ
β Hit β
βΌ βΌ
ββββββββββββββ ββββββββββββββ
β Return βββββββββββ Update β
β β β Cache β
ββββββββββββββ ββββββββββββββSecurity Architecture
Authentication Flow
ββββββββββββ βββββββββββββ ββββββββββββ
β Client ββββββΆβ API ββββββΆβ Auth β
ββββββββββββ βββββββββββββ β Service β
β² βββββββ¬βββββ
β β
β βββββββββββββ β
βββββββββββββ JWT βββββββββββββ
βββββββββββββAuthorization Model
Permissions Structure:
βββ Resource-based
β βββ projects:view-all
β βββ projects:create
β βββ projects:update
β βββ projects:delete
βββ Task-based
βββ tasks:view-assigned
βββ tasks:create
βββ tasks:update
βββ tasks:change-statusSecurity Layers
Network Security
- TLS/SSL encryption
- API Gateway firewall
- Rate limiting
Application Security
- JWT token validation
- Permission-based access
- Input sanitization
- SQL injection prevention
Data Security
- Encryption at rest
- Encrypted passwords
- Sensitive data masking
- Audit logging
Integration Architecture
External Service Integration
MS-Project
βββ Auth Service (ms-auth)
βββ Notification Service (ms-notifications)
βββ File Service (ms-files)
βββ Search Service (ms-search)Integration Patterns
1. Synchronous Communication
Service A ββHTTP/RESTβββΆ Service B
βββResponseββββ2. Asynchronous Communication
Service A ββEventβββΆ Message Queue βββΆ Service B3. File Storage Integration
Application βββΆ S3 API βββΆ Object Storage
βββ Pre-signed URLDeployment Architecture
Container Architecture
ms-project:
βββ Dockerfile
βββ docker-compose.yml
βββ kubernetes/
βββ deployment.yaml
βββ service.yaml
βββ configmap.yaml
βββ secrets.yamlKubernetes Deployment
βββββββββββββββββββββββββββββββββββββββ
β Kubernetes Cluster β
βββββββββββββββββββββββββββββββββββββββ€
β βββββββββββββ βββββββββββββ β
β β Pod β β Pod β β
β β MS-Projectβ β MS-Projectβ β
β βββββββββββββ βββββββββββββ β
β β β β
β βββββββββββββββββββββββββββ β
β β Service (LB) β β
β βββββββββββββββββββββββββββ β
β β β
β βββββββββββββ βββββββββββββ β
β β PostgreSQLβ β Redis β β
β β Pod β β Pod β β
β βββββββββββββ βββββββββββββ β
βββββββββββββββββββββββββββββββββββββββScaling Strategy
Horizontal Pod Autoscaling (HPA)
βββ Target CPU: 70%
βββ Min Replicas: 2
βββ Max Replicas: 10
βββ Scale Down Delay: 5 minutesPerformance Architecture
Performance Optimization Strategies
1. Database Optimization
-- Indexes
CREATE INDEX idx_projects_status ON projects(status);
CREATE INDEX idx_tasks_project_id ON tasks(projectId);
CREATE INDEX idx_products_project_id ON products(projectId);
-- Connection Pooling
MaxIdleConns: 10
MaxOpenConns: 100
ConnMaxLifetime: 1 hour2. Query Optimization
// Preload associations efficiently
db.Preload("Tasks").Preload("Products").Find(&project)
// Use selective fields
db.Select("id", "name", "status").Find(&projects)
// Batch operations
db.CreateInBatches(tasks, 100)3. Caching Strategy
Cache Layers:
βββ Application Cache (In-memory)
βββ Redis Cache (Distributed)
βββ CDN Cache (Static assets)
Cache TTL:
βββ User data: 5 minutes
βββ Project list: 1 minute
βββ Static data: 1 hour
βββ Configuration: 24 hours4. API Response Optimization
// Pagination
GET /api/v1/projects?page=1&limit=50
// Field filtering
GET /api/v1/tasks?fields=id,name,status
// Compression
Content-Encoding: gzipPerformance Monitoring
Metrics Collection:
βββ API Response Times
βββ Database Query Duration
βββ Cache Hit Ratio
βββ Error Rates
βββ Throughput (req/sec)
βββ Resource UtilizationResilience Patterns
1. Circuit Breaker
CircuitBreaker {
FailureThreshold: 5
SuccessThreshold: 2
Timeout: 30s
HalfOpenRequests: 3
}2. Retry Logic
Retry {
MaxAttempts: 3
BackoffStrategy: Exponential
InitialDelay: 100ms
MaxDelay: 5s
}3. Bulkhead Pattern
Bulkhead {
MaxConcurrent: 100
MaxWaitingRequests: 50
Timeout: 10s
}4. Health Checks
HealthCheck {
Database: /health/db
Redis: /health/redis
Dependencies: /health/deps
Overall: /health
}Technology Stack Details
Core Technologies
- Language: Go 1.24 (Performance, concurrency)
- Web Framework: Fiber v2 (Express-like, fast)
- ORM: GORM (Feature-rich, migrations)
- Database: PostgreSQL 15+ (ACID, JSON support)
- Cache: Redis 7+ (Performance, pub/sub)
- ID Generation: ULID (Sortable, unique)
Development Tools
- Testing: Testify + Testcontainers
- API Docs: Swagger/OpenAPI 3.0
- Linting: golangci-lint
- Formatting: gofmt + goimports
- Security: gosec
Infrastructure
- Container: Docker 24+
- Orchestration: Kubernetes 1.28+
- Service Mesh: Istio (optional)
- Monitoring: Prometheus + Grafana
- Logging: ELK Stack
- Tracing: Jaeger
Conclusion
The MS-Project architecture is designed to be:
- Scalable: Handles growth through horizontal scaling
- Maintainable: Clean architecture ensures code clarity
- Reliable: Multiple resilience patterns prevent failures
- Performant: Optimized at every layer
- Secure: Defense in depth approach
- Flexible: Adapts to changing requirements
This architecture provides a solid foundation for enterprise-grade project management while maintaining the flexibility to evolve with business needs.