Architecture Overview

Owned by Dave Ryan
Last updated: Apr 24, 2017 by Gert Burger
2 min read

This document acts as a reference point for the logical design of Canopy, and also provides guidelines on specific deployment scenarios.

Logical Overview


Services and Ports

Canopy communicates over the following TCP ports:

  • Canopy application server:
    • Web Server (https 0.0.0.0:443): main web application login interface, network accessible (i.e. bound to the "public" IP address). The default installation 

    • Django Application Server (http 127.0.0.1:8000): internal app server, bound to localhost. The web server proxies requests to this service.

    • RabbitMQ server (AMQP 127.0.0.1:5672): backend message queue for running asynchronous jobs via celery

  • Canopy database server:
    • Default: PostgreSQL  (pgql 127.0.0.1:5432): standard PostgreSQL interface (unencrypted). Encrypted configuration can be set up based on the standard PostgreSQL guidelines. This may be desirable if running the DB server on a separate server.
    • Other: if Oracle is used, the Oracle tnsnames.ora file is used. Specific ports can be configured in the canopy.ini file for connecting to custom configurations.
  • Canopy report server:
    • Docserver (http 127.0.0.1:8181): this is a python servlet that runs the docx generation service.
    • PDF converter (http 127.0.0.1:9016)

Deployment Guidelines

Single Server

By default Canopy will set up a single server instance using the standard service protocols listed above.

Enterprise Deployments

Within enterprise environments, service layers may be available for databases. Canopy supports separation of the following modules on separate servers:

  • Web server: the web server can be run on its own instance. The web server configuration would need to be configured to connect to the application server on the exposed port (default: 8000). Multiple servers can be deployed in high availability environments
  • Application server: the application server can be configured on a separate server. 
  • Database server: canopy requires a single database server. This database can be hosted on a network connected server. The database URL and PORT must be configured in the canopy.ini file on the application server. Database replication is not currently supported, however, 
  • Report server: both the docserver and the PDF converter can be deployed to a separate server (or servers) in order to offload the resource intensive operation of document generation. Both of these services can be deployed using TLS to encrypt network communications.
For configuration guidelines, see: XXXX.