Help Center/ Well-Architected Framework/ Well-Architected Framework and Practices/ Resilience Pillar/ Reference Architecture/ Typical Deployment Architecture for E-commerce Applications (99.99% Availability)
Updated on 2025-05-22 GMT+08:00

Typical Deployment Architecture for E-commerce Applications (99.99% Availability)

E-commerce applications are developed for external customers. These applications with a requirement for high availability (up to 99.99% uptime) and low mean time to recovery (a maximum of 52.56 minutes of downtime per year) must be architected to withstand component failures.

Assume that the fault interruption duration and change interruption duration are as follows:

  • Fault-caused interruptions: Assume that there are three fault-caused interruptions each year. It takes 10 minutes to decide on the emergency recovery for each interruption and 5 minutes to recover application services. Thus, the total yearly interruption time is 45 minutes.
  • Change-caused interruptions: Assume that applications support canary deployment or blue-green deployment, which are automatically completed. Software updates do not interrupt services.

As estimated above, the application system is unavailable for 45 minutes each year, meeting the design objectives for high availability.

The typical architecture of an e-commerce application consists of two main parts: a stateless application layer at the frontend and a database at the backend. The frontend stateless application layer can be composed of ECS or CCE instances; while the backend typically uses RDS for MySQL, depending on the service type. There are also sometimes DDS databases and middleware such as DCS and Kafka. To meet the availability requirement, the recommended solution is as follows: