# High-Level Architecture Diagram: Company Inc.
## Cloud Infrastructure (GCP + GKE)
```mermaid
flowchart TB
subgraph Internet
Users((Users))
end
subgraph GCP["Google Cloud Platform"]
subgraph Projects["Project Structure"]
Prod[company-inc-prod]
Staging[company-inc-staging]
Shared[company-inc-shared]
Sandbox[company-inc-sandbox]
end
subgraph Edge["Edge / Networking"]
LB[Cloud Load Balancer
HTTPS · TLS termination]
CDN[Cloud CDN
Static Assets]
NAT[Cloud NAT
Egress]
end
subgraph VPC["VPC — Private Subnets"]
subgraph GKE["GKE Autopilot Cluster"]
Ingress[Ingress Controller]
subgraph Workloads
API[Backend — Python / Flask
HPA · 2–3 replicas]
SPA[Frontend — React SPA
Nginx]
end
Redis[Redis — Memorystore
Session / Cache]
Monitoring[Prometheus + Grafana
Observability]
end
end
subgraph Managed["Managed Services"]
Mongo[(MongoDB Atlas
3-node Replica Set
Private Endpoint)]
Secrets[Secret Manager]
Registry[Artifact Registry]
end
end
subgraph CICD["CI / CD"]
Git[Git Repository]
Actions[Gitea / GitHub Actions
Build · Test · Scan]
Argo[ArgoCD / Flux
GitOps Deploy]
end
Users --> LB
Users --> CDN
LB --> Ingress
CDN --> SPA
Ingress --> API
Ingress --> SPA
API --> Redis
API --> Mongo
API --> Secrets
GKE --> Registry
GKE --> NAT
Git --> Actions
Actions --> Registry
Argo --> GKE
```
## CI / CD Pipeline
```mermaid
flowchart LR
Dev[Developer] -->|push| Repo[Git Repo]
Repo -->|webhook| CI[CI Pipeline
lint · test · build]
CI -->|push image| Registry[Artifact Registry]
CI -->|update manifests| GitOps[GitOps Repo]
GitOps -->|sync| Argo[ArgoCD / Flux]
Argo -->|deploy| GKE[GKE Cluster]
```
## Network Security Layers
```mermaid
flowchart TD
Internet((Internet)) --> FW[VPC Firewall
Default deny]
FW --> LB[Load Balancer
HTTPS only]
LB --> NP[K8s Network Policies]
NP --> Pods[Application Pods
Private IPs only]
Pods --> PE[Private Endpoint
MongoDB Atlas]
```