feat: add Sentry, Cloudflare R2, and CloudFlare CDN integrations
Production quick wins for improved observability and scalability: Sentry Error Tracking: - Add sentry-sdk[fastapi] dependency - Initialize Sentry in main.py with FastAPI/SQLAlchemy integrations - Add Celery integration for background task error tracking - Feature-flagged via SENTRY_DSN (disabled when empty) Cloudflare R2 Storage: - Add boto3 dependency for S3-compatible API - Create storage_service.py with StorageBackend abstraction - LocalStorageBackend for development (default) - R2StorageBackend for production cloud storage - Feature-flagged via STORAGE_BACKEND setting CloudFlare CDN/Proxy: - Create middleware/cloudflare.py for CF header handling - Extract real client IP from CF-Connecting-IP - Support CF-IPCountry for geo features - Feature-flagged via CLOUDFLARE_ENABLED setting Documentation: - Add docs/deployment/cloudflare.md setup guide - Update infrastructure.md with dev vs prod requirements - Add enterprise upgrade checklist for scaling beyond 1000 users - Update installation.md with new environment variables All features are optional and disabled by default for development. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -73,31 +73,52 @@ This guide documents the complete infrastructure for the Wizamart platform, from
|
||||
|
||||
### What We Have Now
|
||||
|
||||
| Component | Technology | Status |
|
||||
|-----------|------------|--------|
|
||||
| Web Framework | FastAPI + Uvicorn | ✅ Production Ready |
|
||||
| Database | PostgreSQL 15 | ✅ Production Ready |
|
||||
| ORM | SQLAlchemy 2.0 | ✅ Production Ready |
|
||||
| Migrations | Alembic | ✅ Production Ready |
|
||||
| Templates | Jinja2 + Tailwind CSS | ✅ Production Ready |
|
||||
| Authentication | JWT (PyJWT) | ✅ Production Ready |
|
||||
| Email | SMTP/SendGrid/Mailgun/SES | ✅ Production Ready |
|
||||
| Payments | Stripe | ✅ Production Ready |
|
||||
| Task Queue | Celery 5.3 + Redis | ✅ Production Ready |
|
||||
| Task Scheduler | Celery Beat | ✅ Production Ready |
|
||||
| Task Monitoring | Flower | ✅ Production Ready |
|
||||
| Caching | Redis 7 | ✅ Production Ready |
|
||||
| File Storage | Local filesystem | ⏳ Needs S3 for prod |
|
||||
| Component | Technology | Dev Required | Prod Required | Status |
|
||||
|-----------|------------|--------------|---------------|--------|
|
||||
| Web Framework | FastAPI + Uvicorn | ✅ | ✅ | ✅ Production Ready |
|
||||
| Database | PostgreSQL 15 | ✅ | ✅ | ✅ Production Ready |
|
||||
| ORM | SQLAlchemy 2.0 | ✅ | ✅ | ✅ Production Ready |
|
||||
| Migrations | Alembic | ✅ | ✅ | ✅ Production Ready |
|
||||
| Templates | Jinja2 + Tailwind CSS | ✅ | ✅ | ✅ Production Ready |
|
||||
| Authentication | JWT (PyJWT) | ✅ | ✅ | ✅ Production Ready |
|
||||
| Email | SMTP/SendGrid/Mailgun/SES | ❌ | ✅ | ✅ Production Ready |
|
||||
| Payments | Stripe | ❌ | ✅ | ✅ Production Ready |
|
||||
| Task Queue | Celery 5.3 + Redis | ❌ | ✅ | ✅ Production Ready |
|
||||
| Task Scheduler | Celery Beat | ❌ | ✅ | ✅ Production Ready |
|
||||
| Task Monitoring | Flower | ❌ | ⚪ Optional | ✅ Production Ready |
|
||||
| Caching | Redis 7 | ❌ | ✅ | ✅ Production Ready |
|
||||
| File Storage | Local / Cloudflare R2 | Local | R2 | ✅ Production Ready |
|
||||
| Error Tracking | Sentry | ❌ | ⚪ Recommended | ✅ Production Ready |
|
||||
| CDN / WAF | CloudFlare | ❌ | ⚪ Recommended | ✅ Production Ready |
|
||||
|
||||
### What We Need to Add
|
||||
**Legend:** ✅ Required | ⚪ Optional/Recommended | ❌ Not needed
|
||||
|
||||
| Component | Priority | Reason |
|
||||
|-----------|----------|--------|
|
||||
| S3/MinIO | High | Scalable file storage |
|
||||
| Sentry | High | Error tracking |
|
||||
| CloudFlare | Medium | CDN + DDoS protection |
|
||||
| Load Balancer | Medium | Horizontal scaling |
|
||||
| Prometheus/Grafana | Low | Metrics and dashboards |
|
||||
### Development vs Production
|
||||
|
||||
**Development** requires only:
|
||||
- PostgreSQL (via Docker: `make docker-up`)
|
||||
- Python 3.11+ with dependencies
|
||||
|
||||
**Production** adds:
|
||||
- Redis (for Celery task queue)
|
||||
- Celery workers (for background tasks)
|
||||
- Reverse proxy (Nginx)
|
||||
- SSL certificates
|
||||
|
||||
**Optional but recommended for Production:**
|
||||
- Sentry (error tracking) - Set `SENTRY_DSN` to enable
|
||||
- Cloudflare R2 (cloud storage) - Set `STORAGE_BACKEND=r2` to enable
|
||||
- CloudFlare CDN (caching/DDoS) - Set `CLOUDFLARE_ENABLED=true` to enable
|
||||
|
||||
### What We Need for Enterprise (Future Growth)
|
||||
|
||||
| Component | Priority | When Needed | Estimated Users |
|
||||
|-----------|----------|-------------|-----------------|
|
||||
| Load Balancer | Medium | Horizontal scaling | 1,000+ concurrent |
|
||||
| Database Replica | Medium | Read-heavy workloads | 1,000+ concurrent |
|
||||
| Redis Sentinel | Low | Cache redundancy | 5,000+ concurrent |
|
||||
| Prometheus/Grafana | Low | Advanced metrics | Any (nice to have) |
|
||||
| Kubernetes | Low | Multi-region/HA | 10,000+ concurrent |
|
||||
|
||||
---
|
||||
|
||||
@@ -838,7 +859,7 @@ python -c "from app.core.database import engine; print(engine.connect())"
|
||||
|
||||
## Migration Path
|
||||
|
||||
### Phase 1: Current (Development) ✅ COMPLETE
|
||||
### Phase 1: Development ✅ COMPLETE
|
||||
- ✅ PostgreSQL 15 (Docker)
|
||||
- ✅ FastAPI + Uvicorn
|
||||
- ✅ Local file storage
|
||||
@@ -850,35 +871,93 @@ python -c "from app.core.database import engine; print(engine.connect())"
|
||||
- ✅ Celery 5.3 (background jobs)
|
||||
- ✅ Celery Beat (scheduled tasks)
|
||||
- ✅ Flower (task monitoring)
|
||||
- ⏳ S3/MinIO (file storage)
|
||||
- ⏳ Sentry (error tracking)
|
||||
- ✅ Cloudflare R2 (cloud file storage)
|
||||
- ✅ Sentry (error tracking)
|
||||
- ✅ CloudFlare CDN (caching + DDoS protection)
|
||||
|
||||
### Phase 3: Scale
|
||||
- Horizontal app scaling (multiple Uvicorn instances)
|
||||
- Load balancer (Nginx/HAProxy)
|
||||
- PostgreSQL read replicas
|
||||
- Redis Sentinel/cluster
|
||||
- CDN for static assets (CloudFlare)
|
||||
- Dedicated Celery workers per queue
|
||||
### Phase 3: Scale (1,000+ Users)
|
||||
- ⏳ Load balancer (Nginx/HAProxy/ALB)
|
||||
- ⏳ Horizontal app scaling (2-4 Uvicorn instances)
|
||||
- ⏳ PostgreSQL read replica
|
||||
- ⏳ Dedicated Celery workers per queue
|
||||
|
||||
### Phase 4: High Availability
|
||||
- Multi-region deployment
|
||||
- Database failover
|
||||
- Container orchestration (Kubernetes)
|
||||
- Full monitoring stack (Prometheus/Grafana/Loki)
|
||||
### Phase 4: Enterprise (5,000+ Users)
|
||||
- ⏳ Redis Sentinel/cluster
|
||||
- ⏳ Database connection pooling (PgBouncer)
|
||||
- ⏳ Full monitoring stack (Prometheus/Grafana)
|
||||
- ⏳ Log aggregation (Loki/ELK)
|
||||
|
||||
### Phase 5: High Availability (10,000+ Users)
|
||||
- ⏳ Multi-region deployment
|
||||
- ⏳ Database failover (streaming replication)
|
||||
- ⏳ Container orchestration (Kubernetes)
|
||||
- ⏳ Global CDN with edge caching
|
||||
|
||||
---
|
||||
|
||||
## Enterprise Upgrade Checklist
|
||||
|
||||
When you're ready to scale beyond 1,000 concurrent users:
|
||||
|
||||
### Infrastructure
|
||||
|
||||
- [ ] **Load Balancer** - Add Nginx/HAProxy in front of API servers
|
||||
- Enables horizontal scaling
|
||||
- Health checks and automatic failover
|
||||
- SSL termination at edge
|
||||
|
||||
- [ ] **Multiple API Servers** - Run 2-4 Uvicorn instances
|
||||
- Scale horizontally instead of vertically
|
||||
- Blue-green deployments possible
|
||||
|
||||
- [ ] **Database Read Replica** - Add PostgreSQL replica
|
||||
- Offload read queries from primary
|
||||
- Backup without impacting production
|
||||
|
||||
- [ ] **Connection Pooling** - Add PgBouncer
|
||||
- Reduce database connection overhead
|
||||
- Handle connection spikes
|
||||
|
||||
### Monitoring & Observability
|
||||
|
||||
- [ ] **Prometheus + Grafana** - Metrics dashboards
|
||||
- Request latency, error rates, saturation
|
||||
- Database connection pool metrics
|
||||
- Celery queue lengths
|
||||
|
||||
- [ ] **Log Aggregation** - Loki or ELK stack
|
||||
- Centralized logs from all services
|
||||
- Search and alerting
|
||||
|
||||
- [ ] **Alerting** - PagerDuty/OpsGenie integration
|
||||
- On-call rotation
|
||||
- Escalation policies
|
||||
|
||||
### Security
|
||||
|
||||
- [ ] **WAF Rules** - CloudFlare or AWS WAF
|
||||
- SQL injection protection
|
||||
- Rate limiting at edge
|
||||
- Bot protection
|
||||
|
||||
- [ ] **Secrets Management** - HashiCorp Vault
|
||||
- Rotate credentials automatically
|
||||
- Audit access to secrets
|
||||
|
||||
---
|
||||
|
||||
## Next Steps
|
||||
|
||||
1. **Configure S3/MinIO** - For production file storage (high priority)
|
||||
2. **Set up Sentry** - Error tracking (high priority)
|
||||
3. **Add CloudFlare** - CDN + DDoS protection (medium priority)
|
||||
4. **Configure load balancer** - When scaling horizontally
|
||||
5. **Choose production deployment** - VPS or Docker based on team preference
|
||||
**You're production-ready now!** Optional improvements:
|
||||
|
||||
1. **Enable Sentry** - Add `SENTRY_DSN` for error tracking (free tier)
|
||||
2. **Enable R2** - Set `STORAGE_BACKEND=r2` for cloud storage (~$5/mo)
|
||||
3. **Enable CloudFlare** - Proxy domain for CDN + DDoS protection (free tier)
|
||||
4. **Add load balancer** - When you need horizontal scaling
|
||||
|
||||
See also:
|
||||
- [Production Deployment Guide](production.md)
|
||||
- [CloudFlare Setup Guide](cloudflare.md)
|
||||
- [Docker Deployment](docker.md)
|
||||
- [Environment Configuration](environment.md)
|
||||
- [Background Tasks Architecture](../architecture/background-tasks.md)
|
||||
|
||||
Reference in New Issue
Block a user