Deployment Architecture

Appsmith can be deployed as a single Docker container with a single volume for storing persistent data. For production environments, Appsmith recommends deploying Appsmith on a Kubernetes platform. This page provides an overview of the deployment architecture for Self-hosted Appsmith, focusing on its key components and their interactions in a Kubernetes-based environment.

Core components

The Appsmith deployment architecture consists of several key components grouped by their purpose and functionality. These include the Appsmith server, customer data sources, Kubernetes pods, external managed services, and frontend architecture. The diagram below illustrates these key components, their interactions, and data flow when Appsmith is deployed on a Kubernetes platform:

Appsmith Deployment Architecture

Appsmith Server

The Appsmith Server is a cloud service (cs.appsmith.com) managed by Appsmith that serves as the control layer. It's responsible for:

• Licensing: Managing deployment licenses.
• Template configuration: Handles the configuration and management of application templates within Appsmith.

Customer data (external systems)

Customer Data refers to customer's external systems that Appsmith interfaces with, such as:

• SQL Databases: PostgreSQL, MySQL, Microsoft SQL Server, etc.
• APIs: REST APIs, GraphQL endpoints, and other third-party services.
• Cloud Storage Services: AWS S3, DynamoDB, Redshift, and more.

These external datasources allow Appsmith to fetch, process, and visualize data within the platform.

Kubernetes Pods

When deployed on Kubernetes, Appsmith uses different pods, each responsible for a specific service or functionality. These include:

Keycloak

Keycloak manages authentication and authorization for Appsmith using protocols like Security Assertion Markup Language (SAML).

• Keycloak supports Single Sign-On (SSO) using SAML, providing a seamless login experience across multiple services.
• It ensures secure user login and session management by issuing and validating tokens for authentication.

Temporal

Temporal orchestrates distributed workflows and long-running processes in the backend.

• Temporal handles tasks that require persistence, such as handling business logic processes and approval or rejection actions.
• It continuously polls the Temporal cluster to start or resume execution of pending or paused tasks within a workflow.

Java Backend (Appsmith Server)

The Java Backend is the central hub for user interaction, integrating with all components of Appsmith to provide a seamless experience, and handles core business logic within Appsmith.

• Authentication: Manages login credentials, OAuth 2.0 authentication with Google and GitHub, and Single Sign-On (SSO) with OIDC and SAML.
• CRUD API: Provides APIs for managing users, workspaces, applications, pages, and widgets.
• Action Execution: Executes queries on databases and external APIs.
• Git Integration: Maintains clones of Git-connected apps on the file system, ensuring version control and codebase management.

Node.js Backend

The Node.js Backend is a lightweight server that handles several key features to support the Appsmith platform:

• It maps dependencies between APIs, queries, and web UI components.
• It ensures that references for all referencing entities are updated whenever their names change in Appsmith.

Caddy

Caddy acts as a web server and reverse proxy for Appsmith:

• Caddy routes requests to appropriate backend services, whether for static assets (e.g., JavaScript, CSS, images) or dynamic content.
• It handles SSL termination, ensuring secure communication between the user and the backend services.
• For path-unidentified requests, Caddy serves the index.html page, allowing the React frontend to handle routing in a typical single-page application (SPA) fashion.

External Managed Services

For high availability and scalability, Appsmith configures certain components as external managed services. These services handle persistent storage and caching, ensuring the system remains performant and reliable in demanding environments.

MongoDB Appsmith database

MongoDB serves as the persistent data store for Appsmith, storing all necessary data needed and generated by Appsmith’s building blocks, such as:

• User information and access permissions.
• Applications users are building and have deployed.
• External data sources connected to Appsmith.
• Queries that connect those datasources to the applications.

Redis Cache

Redis serves as a caching layer, improving performance by:

• Caching frequently accessed data.
• Managing user sessions for authentication and authorization processes.
• Reducing database load by storing temporary data, thus enhancing system performance.

PostgresDB Appsmith database

PostgreSQL database that stores Keycloak user data when Single Sign-On (SSO) authentication is configured using SAML.

• It stores critical authentication-related data, including user information and session data for the SSO integration.

Application Load Balancer (ALB)

The Application Load Balancer (ALB) distributes incoming traffic across multiple frontend instances to ensure:

• High availability and fault tolerance by routing traffic to healthy instances.
• Efficient load distribution to prevent traffic bottlenecks.

React Frontend

The React Frontend is the web client where users interact with Appsmith to design and use internal tools. It:

• Provides the user interface for building, managing, and interacting with applications.
• Communicates with the backend services using REST APIs and WebSocket protocols for real-time interactions.
• Is hosted behind the Application Load Balancer (ALB) to ensure scalable and reliable access to the platform.

See also

• Installation Guides: Learn how to install Appsmith on different platforms.
• Install Appsmith on Kubernetes: Learn how to install Appsmith on Kubernetes.