Hello Reader,

One of the most common interview topic and real-world project implementation - Three-Tier Architecture. In this edition, we will go over a quick guide, along with some interview questions you might face:

First things first - why is this called "three-tier" architecture? Because this design consists of three distinct layers, as below:

• First layer is presentation layer. Customers consume the application using this layer. Generally, this is where the front end runs. For example - amazon.com website. This is implemented using an external facing load balancer distributing traffic to VMs (EC2s) running webserver.
• Second layer is application layer. This is where the business logic resides. This layer is sometimes called backend. Going with the previous example - you browsed your products on amazon.com, and now you found the product you like and then click “add to cart”. The flow comes to the application layer, validates the availability of the product, and then creates a cart. This layer is implemented with internal facing load balancer and VMs running applications such as Apache Tomcat, Oracle WebLogic etc.
• The last layer is the database layer. This is where information is stored. All the product information, your shopping cart, order history etc. The application layer interacts with this layer for CRUD (Create, Read, Update, Delete) operations. This could be implemented using one or a mix of databases - SQL (e.g. Amazon Aurora), and/or NoSQL (DynamoDB)

Now that we learned about the three layers, let's go over some interview topics on this:

• AWS Services for the layers: Interviewer might ask you what services will you choose for each layer. Though the diagram above is shown using EC2s running Web and App servers and ALB, in reality, there are many alternatives. A team with existing Kubernetes knowledge and infrastructure can implement the first two layers with Amazon EKS and Ingress with ALB. Perhaps the team has adopted serverless, and the first two layers can be implemented using S3, CloudFront, Lambda, and API Gateway. In an interview, always pick the services you are most confident of. Similarly, the database can also be chosen based on the team's expertise and business requirements. Database selection can be tricky, refer to this AWS guidance to study further.
• Scaling: If asked about scaling this architecture, keep in mind the AWS services used in the three layers and scale accordingly. For example, if you have used ALB, EC2, and the Amazon Aurora SQL database, then ALB is automatically scaled by AWS; implement an auto-scaling group for the EC2s; use sharding, and read replicas for the Aurora database. If you answer using alternative services, scale those services accordingly. On that note, keep in mind that Kubernetes is NOT scaled by simply creating auto scaling group like vanilla EC2.
• Security: This could be another hot topic for an interview. This is a vast topic in itself, but keep the following points handy:
  • Keep the servers, database, and internal ALB in private subnets to ensure they can't be accessed via internet directly
  • Utilize VPC constructs like NACL, security group to permit/deny and control the flow of traffic
  • The public-facing ALB is a critical component and will be subject to the initial wave of attacks. Use services like WAF, Shield, and Cognito to secure it
• High availability: Similar to scaling, make each layer highly available. AWS managed services like ALB (or Lambda, API Gateway, DynamoDB) is inherently highly available, and you do not need to do anything extra. However services like EC2, Kubernetes pods require you to run multiple copies of it in at least two Availability Zones. For Amazon Aurora, you can simply select multi-az and it will make your database highly available.

Lastly, why is this so popular in interviews? This architecture comprises many critical patterns: microservices, load balancing, scaling, performance optimization, high availability, and more. Based on your answers, the interviewer can dig deep and check your understanding of the core concepts.

If you have found this newsletter helpful, and want to support me 🙏:

Checkout my bestselling courses on AWS, System Design, Kubernetes, DevOps, and more: Max discounted links​

AWS SA Bootcamp with Live Classes, Mock Interviews, Hands-On, Resume Improvement and more (Next cohort launching in September): https://www.sabootcamp.com/​

Keep learning and keep rocking 🚀,

Raj