Capstone: Workshop Co. 3-Year Plan
Architecture from startup to 10k users/month.
Capstone objectives
- Design a hybrid cloud architecture document for Workshop Co.
- Justify IaaS/SaaS choices, regions, scaling, and sovereignty
- Include cost summary, failover plan, and 12-month roadmap
The brief
Workshop Co. — architecture review 2026
- Domain
workshopco.ca- Current
- Edmonton Proxmox primary; Montreal VPS DR; Google + Calendly SaaS
- Goals
- 99.5% booking uptime, Canadian customer data preference, budget < $400 CAD/mo vendors
- Growth
- Double class capacity by fall; consider Calgary pop-up location
- Deliverable
- One-page architecture + narrative for owner approval
Part 1 — architecture diagram (written)
Describe components, regions, and data flows. Include: Traefik, web, DB, Nextcloud, bastion, Montreal DR, SaaS integrations.
Model architecture
- Edmonton (primary): Proxmox — Traefik LXC, web VM 110, db VM 120, files VM 130, bastion; authoritative PostgreSQL
- Montreal VPS: nightly pg_basebackup + static mirror; Route53/Swift DNS health check failover
- SaaS: Google Workspace (staff), Stripe (payments API only), Calendly embed until native booking matures
- Flows: Customers → HTTPS → Traefik → web → db; staff email bypasses Proxmox; backups encrypted to Montreal
Part 2 — service model justification
For each component, state IaaS/PaaS/SaaS/on-prem and one-sentence why.
Sample justification
| Component | Model | Why |
|---|---|---|
| Booking app + DB | On-prem IaaS | Control, latency, Canadian basement + DR copy |
| SaaS (Google) | Not core IP; reliability worth vendor lock-in | |
| DR VPS | IaaS (Swift Host) | Cheap Canadian region, Marcus retains OS control |
| Future Calgary pop-up | PaaS or SaaS POS | No staff to rack servers in temporary space |
Part 3 — failover and scaling roadmap
Write 5-step DNS failover when Edmonton is down. Add 12-month scaling triggers (when to add second web VM, when to move DB primary to Montreal).
Sample plan
Failover: (1) Uptime monitor detects Edmonton HTTPS fail 3×5 min (2) Marcus confirms not false positive (3) Promote read-only Montreal DB or activate last backup (4) Lower TTL pre-stage; swap A record to Montreal VPS (5) Post-incident review within 48h.
Scaling triggers: p95 >2s Sat → add RAM; sustained 70% CPU 4 weeks → second web VM; DB disk >80% → expand volume or dedicated host; fall doubling → CDN for assets before K8s.
Part 4 — budget and sovereignty statement
One paragraph for Workshop Co. owner: monthly cost, where customer PII lives, and one acknowledged SaaS trade-off.
Sample paragraph
We spend about $256/month on vendors (excluding Marcus's time). Customer booking names and emails live primarily on our Edmonton server with encrypted nightly copies in Montreal, both in Canada. Staff email uses Google in global datacenters under Google's DPA — we keep payment card data out of our database via Stripe. If Alberta privacy expectations tighten, we will evaluate Canadian email alternatives against $50+/user migration cost.
Book 8 picks up here: APIs, LLMs & AI — HTTP APIs, tokens, context length, and how Workshop Co. could add an FAQ assistant without leaking customer data.
Book 7 complete
You can classify cloud service models, compare hosting types, design hybrid Canadian architectures, and defend decisions with cost, scaling, and sovereignty reasoning — the vocabulary Marcus needs when Workshop Co. outgrows the basement.