Skip to main content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Share your experience with the FAS IT-Playbook by taking this brief survey

System Architecture

Explore FSS19 Phase 3 Modernization’s cloud architecture approach. FSS19 Phase 3 Modernization is implementing an architecture to support mission-critical functionality as the application is modernized over two production deployments.

Product/Technology Features

The technical architectural approach for the FSS19 Phase 3 Modernization applications is oriented towards the twin goals of expediting migration from the mainframe to the cloud and establishing the foundation for a cloud-native approach for future iterative development. The implementation is guided by the principles of aligning to GSA enterprise architecture, leveraging managed cloud services and GSA shared services where possible, following a containerization approach to facilitate resiliency, and fully automating the continuous release of all application deliverables.

system architecture chart

The team outlined several features needed at the start of the FSS19 Phase 3 Modernization project, including: SSO Login/SecureAuth Integration, Okta, Caching Solution (e.g., Elasticache), Microservice Management, Independent Data Layer Management, S3, and RDS. FSS19 Phase 3 Modernization takes advantage of the FCS MCaaS platform which provides managed services oriented around containerization of workloads in Amazon EKS. This allows the FSS19 Phase 3 Modernization team to focus on the business value of the applications being migrated and inherit security, deployment, and hosting services managed by FCS. MCaaS tenants are provisioned for each environment, Dev, Test, and Production, with pre-deployed and configured services like Helm, Istio, and Flux that support deployments and traffic routing within the cluster and pipeline services like Github, Jenkins, ECR and Sonarqube. Other GSA enterprise cloud services outside MCaaS are employed for networking, DNS, load balancing, API management, and reporting and analytics.

Application Requirements

At the outset, the FSS19 Phase 3 Modernization team identified several key performance (e.g., uptime, accessible instances, asynchronous processing, page load expectations) and non-functional (e.g., data integrity/replication, modular new applications, security secrets, file transfer capability, notification capability) requirements when beginning the intake process with FCS MCaaS. Security requirements were also identified at the outset, including around encryption of sensitive data in transit and at rest, logging/monitoring/notification, log access, data retention, and data access.

Data Requirements

All systems in scope still rely on data currently housed on the Unisys Clearpath Mainframe in the DMSII database. There is one set of PIID tables (6 tables) that are in an on-prem Sybase database in the GSA Data Center. Once the FSS19 Phase 3 Modernization project is complete, all systems will rely on data housed on the GSA MCaaS cloud environment in a new MySQL database. The graphic below outlines reference architecture for the data migration for Mass Mods and Contracting Services.

Tables used by the applications will be migrated to the Cloud. An initial full load [Bulk Data Transfer (BDT)] will be performed followed by ongoing replication [Change Data Capture (CDC)].
Below are the detailed requirements:

System architecture chart

Cloud Dependencies

Key cloud dependencies include:

Integrations

The FSS19 Phase 3 Modernization systems are highly integrated with other internal and external applications in the FSS19 ecosystem. The goal is to have a seamless transition of all the interfaces to the applications on the cloud:

Dependency Name Details
OCMS Interfacing application part of contract management lifecycle (post-award)
SWS Interfacing application part of contract management lifecycle (pre-award)
ORS Interfacing application part of contract management lifecycle (pre-award)
eMod/eOffer Interfacing application part of contract management lifecycle (post-award)
ECMS Support Service
API Exchange Support Service
Okta External vendor; Mass Mods users are authenticated through Okta SSO
SecureAuth External Vendor
Vendor Support Center Downstream System
FPDS-NG Downstream System
CALM Downstream System
Advantage Downstream system (PIID only)
eLibrary Downstream system (contract data)
ROADS Downstream system (contract data)
SAM.gov EPLS