Skip to content

File Upload Service Design (HLD and LLD)

  1. Users can upload files.
  2. System stores files reliably.
  3. Users can retrieve/download files.
  4. Support large files (GBs).
  5. Generate shareable URLs.
  6. Support multiple file types (image, video, documents).
  7. Track file metadata.
  • Highly scalable
  • Highly available
  • Fault tolerant
  • Secure uploads
  • Fast upload/download
  • Handle large files
  • Cost optimized storage
flowchart TD
    C[Client] --> G[API Gateway]
    G --> U[Upload Service]
    U --> M[(Metadata DB)]
    U --> O[(Object Storage)]
    O --> CDN[CDN]

Uploads files using:

POST /files/upload

Supports direct upload or pre-signed URL upload.

Responsibilities:

  • Authentication
  • Rate limiting
  • Request routing
  • Logging

Examples:

  • Kong
  • Nginx
  • AWS API Gateway

Responsible for:

  • Validating uploads
  • Generating upload URLs
  • Saving metadata
  • Managing lifecycle

Examples:

  • Amazon S3
  • Google Cloud Storage
  • Azure Blob

Benefits:

  • Highly scalable
  • Durable
  • Cost effective

Schema:

FileMetadata
------------
id
user_id
file_name
file_size
content_type
storage_path
upload_time
status
checksum

Options:

  • MySQL
  • PostgreSQL
  • DynamoDB

Examples:

  • Cloudflare
  • CloudFront
  • Akamai

Provides fast downloads.

sequenceDiagram
    participant C as Client
    participant S as Upload Service
    participant O as Object Storage
    C->>S: Upload file
    S->>O: Store file
    O-->>S: Success
    S-->>C: Upload complete

Drawback: the upload service becomes the bottleneck.

sequenceDiagram
    participant C as Client
    participant S as Upload Service
    participant O as Object Storage
    C->>S: Request upload URL
    S-->>C: Pre-signed URL
    C->>O: Upload directly
    C->>S: Confirm upload
    S->>S: Save metadata

Advantages:

  • Reduces backend load
  • Scales efficiently

Use multipart upload.

File
- Part 1
- Part 2
- Part 3
- Part 4

Benefits:

  • Resume uploads
  • Parallel uploads
  • Retry individual parts
POST /files/upload-url

Request:

{
"fileName": "video.mp4",
"contentType": "video/mp4",
"fileSize": 50000000
}

Response:

{
"uploadUrl": "https://s3....",
"fileId": "12345"
}
POST /files/{fileId}/complete
GET /files/{fileId}

Returns download URL and metadata.

DELETE /files/{fileId}
files
------
id (PK)
user_id
file_name
file_size
content_type
storage_path
checksum
status
created_at
updated_at

Indexes:

CREATE INDEX idx_files_user_id ON files(user_id);
CREATE INDEX idx_files_created_at ON files(created_at);
@Entity
public class FileMetadata {
@Id
private String id;
private String userId;
private String fileName;
private Long fileSize;
private String contentType;
private String storagePath;
private String checksum;
private String status;
}
@RestController
@RequestMapping("/files")
public class FileController {
@PostMapping("/upload-url")
public UploadResponse generateUploadUrl(
@RequestBody UploadRequest request) {
return fileService.generateUploadUrl(request);
}
@PostMapping("/{id}/complete")
public void completeUpload(@PathVariable String id) {
fileService.completeUpload(id);
}
}
@Service
public class FileService {
public UploadResponse generateUploadUrl(UploadRequest request) {
String fileId = UUID.randomUUID().toString();
String presignedUrl = s3Service.generateUrl(fileId);
return new UploadResponse(fileId, presignedUrl);
}
}
  • Validate file types.
  • Block executable uploads where appropriate.
  • Scan uploaded files (e.g. ClamAV).
  • Require authentication.
  • Use expiring signed URLs.
  • Stateless upload service
  • Kubernetes + autoscaling
  • Load balancer
  • Queue-based background processing
flowchart TD
    U[Upload] --> K[Kafka/Queue]
    K --> V[Virus Scanner]
    K --> T[Thumbnail Generator]
    K --> P[Image Processor]
  • Direct uploads to object storage
  • CDN for downloads
  • Chunked uploads
  • Storage lifecycle policies

Example:

S3 Standard -> Glacier
upload_session
--------------
file_id
part_number
status

Use checksums (MD5/SHA256) to store identical content once and reference it from multiple users.

file v1
file v2
file v3
flowchart TD
    C[Client] --> G[API Gateway]
    G --> U[Upload Service]
    U --> D[(Metadata DB)]
    U --> S[(Object Storage)]
    S --> CDN[CDN]
    U --> Q[Message Queue]
    Q --> W[Workers: Virus Scan, Thumbnails]
  • Prefer pre-signed URLs for scalability.
  • Store metadata separately from file contents.
  • Use multipart uploads for large files.
  • Offload post-processing through asynchronous workers.
  • Secure uploads with authentication, validation, malware scanning, and expiring signed URLs.