25 ‐ HLD ‐ LLD - SanjeevOCI/Azure GitHub Wiki

High-Level Design (HLD) vs Low-Level Design (LLD) in Cloud

1. Overview

Aspect High-Level Design (HLD) Low-Level Design (LLD)
Definition A broad overview of the system architecture and components. A detailed, technical blueprint of the system implementation.
Purpose To provide a conceptual understanding of the solution. To provide step-by-step details for implementation.
Audience Stakeholders, architects, and decision-makers. Developers, engineers, and implementation teams.

2. Key Components

High-Level Design (HLD)

  • Architecture Diagram:
    • Shows the overall cloud architecture (e.g., VPCs, VNets, regions, zones).
  • Major Components:
    • Lists key services (e.g., compute, storage, networking, databases).
  • Data Flow:
    • Describes how data moves between components.
  • Scalability and Resilience:
    • High-level strategies for scaling and fault tolerance.
  • Security Overview:
    • Broad security measures (e.g., IAM, encryption, firewalls).
  • Cost Estimation:
    • Rough cost analysis for the proposed solution.

Low-Level Design (LLD)

  • Detailed Diagrams:
    • Includes subnetting, IP ranges, routing tables, and peering configurations.
  • Service Configurations:
    • Specific details for each service (e.g., VM sizes, storage tiers, database configurations).
  • Implementation Steps:
    • Step-by-step instructions for deploying resources.
  • Automation:
    • Scripts or templates (e.g., Terraform, ARM templates, CloudFormation).
  • Security Policies:
    • Detailed IAM roles, NSGs, firewall rules, and compliance configurations.
  • Monitoring and Logging:
    • Specific tools and configurations for monitoring (e.g., Azure Monitor, CloudWatch).

3. Example in Cloud Context

High-Level Design (HLD)

  • Scenario: Deploying a web application in Azure.
  • HLD Components:
    • Architecture: A 3-tier architecture with a frontend, backend, and database.
    • Services:
      • Frontend: Azure App Service.
      • Backend: Azure Kubernetes Service (AKS).
      • Database: Azure SQL Database.
    • Networking:
      • VNet with subnets for frontend, backend, and database.
    • Security:
      • Azure Firewall and Azure Active Directory (AAD) for authentication.
    • Scalability:
      • Auto-scaling for App Service and AKS.

HLD Diagram:

+---------------------------+
|       Azure Front Door    |
+---------------------------+
            |
+---------------------------+
|       Hub VNet            |
|  (Shared Services)         |
|  - Azure Firewall          |
|  - Monitoring Tools        |
+---------------------------+
            |
    +-------+-------+
    |               |
+-----------+   +-----------+
| Spoke VNet1 |   | Spoke VNet2 |
| (Frontend)  |   | (Backend)   |
| App Service |   | AKS         |
+-----------+   +-----------+
            |
    +-----------+
    | Spoke VNet3 |
    | (Database)  |
    | Azure SQL   |
    +-----------+

Low-Level Design (LLD)

  • Scenario: Implementing the above web application.
  • LLD Components:
    • VNet Configuration:
      • Address Space: 10.0.0.0/16.
      • Subnets:
        • Frontend: 10.0.1.0/24.
        • Backend: 10.0.2.0/24.
        • Database: 10.0.3.0/24.
    • App Service:
      • SKU: Standard S1.
      • Deployment Slot: Enabled.
    • AKS:
      • Node Pool: 3 nodes, Standard_D2_v2.
      • Networking: Azure CNI.
    • Database:
      • Azure SQL Database with Geo-Replication.
      • Backup Retention: 7 days.
    • Security:
      • NSGs for each subnet.
      • IAM roles for AKS and App Service.
    • Automation:
      • Terraform scripts for deploying the infrastructure.

LLD Diagram:

+---------------------------+
|       Hub VNet            |
|  Address: 10.0.0.0/16     |
|  Subnet: 10.0.0.0/24      |
|  - Azure Firewall         |
|  - Monitoring Tools       |
+---------------------------+
            |
    +-------+-------+-------+
    |               |       |
+-----------+   +-----------+   +-----------+
| Spoke VNet1 |   | Spoke VNet2 |   | Spoke VNet3 |
| Address:    |   | Address:    |   | Address:    |
| 10.1.0.0/16 |   | 10.2.0.0/16 |   | 10.3.0.0/16 |
| Subnet:     |   | Subnet:     |   | Subnet:     |
| 10.1.1.0/24 |   | 10.2.1.0/24 |   | 10.3.1.0/24 |
| App Service |   | AKS         |   | Azure SQL   |
+-----------+   +-----------+   +-----------+

4. Key Differences

Aspect HLD LLD
Focus Conceptual and strategic. Technical and implementation-specific.
Details High-level overview of components. Detailed configurations and steps.
Audience Architects, stakeholders, decision-makers. Engineers, developers, and implementers.
Output Architecture diagrams, service list. Detailed diagrams, scripts, and configurations.

5. When to Use

  • HLD:

    • During the initial planning phase to align stakeholders and define the overall architecture.
    • For presentations to non-technical audiences.

  • LLD:

    • During the implementation phase to guide engineers and developers.
    • For technical documentation and operational handover.

Conclusion

  • HLD provides a bird's-eye view of the cloud solution, focusing on architecture and strategy.
  • LLD dives into the technical details, ensuring the solution is implemented correctly.
  • Both are essential for successful cloud projects, with HLD setting the vision and LLD ensuring precise execution.