By Kehinde Ogunlowo 9 min read

Data Engineering for AI: The Pipeline Architecture Every ML Team Needs

Build AI data pipelines that prevent temporal leakage, schema drift, and silent corruption. Kafka, Great Expectations, Feast — production-tested.

Data Engineering for AI: The Pipeline Architecture Every ML Team Needs

Your model is only as honest as the pipeline that feeds it. A 98% accurate model trained on leaked features is a 98% accurate liar. I have seen this exact scenario at four different organizations in the past three years: a model with spectacular offline metrics and garbage production performance, and the root cause was always the same — a data pipeline that silently corrupted the training process. Not with missing values or encoding errors. Those are easy. The failures that destroy production ML systems are temporal leakage that inflates your offline AUC by 15-30%, schema drift that changes the meaning of a column while keeping its name, and feature distributions that shift because an upstream team changed a default value and told nobody.

This article gives you the five-stage production pipeline architecture I have deployed at organizations processing millions of claims, transactions, and events per month. Every tool choice is production-tested: Apache Kafka for ingestion, Great Expectations for validation, dbt and Spark for transformation, Feast for feature serving, and Prometheus for monitoring.

Why AI Pipelines Are Not Analytics Pipelines

If you have built data warehouses, ETL pipelines, or real-time dashboards, you already have dangerous intuitions. Analytics pipelines optimize for a single question: "What is the current truth?" AI pipelines must answer a fundamentally harder question: "What was the truth at the exact moment this prediction was made?"

The Point-in-Time Correctness Problem

Consider a credit scoring model with a feature called customer_avg_transaction_30d. In an analytics pipeline, you compute this with a window function over the transactions table. The result is correct now.

But your model was trained on historical data. When the model made a prediction for customer Alice on March 15, it should have used transactions from February 13 through March 15. If you compute the feature on April 1 using all available data, you include transactions from March 16 through April 1 — transactions that did not exist at prediction time. Your model trained on future information.

This is temporal leakage, and it is the most common and most devastating bug in ML pipelines. It inflates offline metrics by 5-30%, then produces models that underperform in production with no obvious explanation. The offline evaluation says AUC 0.94. Production monitoring shows AUC 0.81. The data scientist blames "distribution shift." The actual cause is that the training pipeline cheated.

Point-in-time correctness requires four invariants:

  1. Event timestamps must be immutable. Once a transaction is recorded with a timestamp, that timestamp never changes. Corrections are new events.
  2. Feature computation must be parameterized by time. The function signature is compute_avg_transaction(customer_id, as_of_timestamp), not compute_avg_transaction(customer_id).
  3. Late-arriving data must not retroactively change features. If a March 14 transaction arrives on March 17, it is included in computations with as_of >= March 17, not retroactively inserted for March 14-16.
  4. Training datasets must use temporal joins. Join on customer_id AND ensure the feature timestamp is strictly before the label timestamp.

The Feast feature store enforces point-in-time correctness through its get_historical_features() API. But Feast cannot protect you from leakage that happens before features reach the store. If your dbt model computes a "30-day average" using a non-time-bounded window, the leakage is baked in before Feast ever sees it.

Feature Leakage Beyond Temporal Issues

Temporal leakage is the most common form, but not the only one:

  • Target encoding leakage. Encoding a categorical variable using the mean of the target variable across the full dataset before train/test split. Fix: compute target encodings only within each cross-validation fold's training partition.
  • Proxy leakage. Including a feature like transaction_was_reversed in a fraud detection model — it has 95% correlation with transaction_was_fraudulent because most reversed transactions are fraud. The model simply predicts "fraud if reversed" and adds no value.
  • Selection bias leakage. Training data only contains customers who were approved for a loan. The model learns default risk conditional on approval, not unconditionally. This is a pipeline problem because the data extraction query introduced the bias.

Schema Drift: The Silent Killer

Schema drift comes in three forms, and only the first is easy to catch:

Structural drift (columns added, removed, or renamed) throws a KeyError. Most teams handle this. Semantic drift (a column's meaning changes while its name and type stay the same) is where it gets dangerous. An upstream team changes the revenue column from USD to EUR. The column is still called revenue, still a float64, still has plausible values. Your model trains on mixed-currency data. No error. No alert. You discover it three months later.

Distribution drift (the statistical properties change) is subtler still. The age column shifts from mean 42 to mean 29 after a product change attracts younger users. The model was trained on the old distribution and degrades silently.

Great Expectations catches all three forms — but only if you define your expectations before you see the data. If you derive expectations from current data, you have encoded the current distribution as "normal" and your expectations drift with the data.

The Five-Stage Production Pipeline

Here is the architecture, built with tools that have strong open-source communities and enterprise adoption:

INGEST -> VALIDATE -> TRANSFORM -> FEATURE STORE -> MONITOR
Kafka     Great        dbt/Spark    Feast            Prometheus
S3        Expectations Delta Lake   Redis (online)   Grafana
CDC                                 S3 (offline)     PagerDuty

Stage 1: Ingestion

The ingestion layer's job is narrow: receive data, assign an ingestion timestamp, write to a staging area, and acknowledge receipt. It does NOT validate, transform, or enrich.

  • Apache Kafka for streaming events (transactions, clicks, sensor readings, claims submissions)
  • S3 event notifications for batch file drops (daily extracts, partner data feeds)
  • Debezium CDC for database change streams (customer profile updates, product catalog changes)
  • API polling for third-party data (credit bureau scores, exchange rates)

Separation of concerns matters here. If validation logic slows down the consumer, Kafka consumer lag increases and you risk message expiration or out-of-memory errors. Ingestion must be fast and reliable.

Check out our DevOps Toolkits collection for production-ready Kafka, Terraform, and pipeline infrastructure templates.

Stage 2: Validation

The validation layer applies data quality contracts before any transformation occurs. Great Expectations runs on staged data, not raw streams, because:

  1. Validation requires batch context (you cannot check "column mean is between 40 and 60" on a single record)
  2. Failed validation should not block ingestion — data should always be captured, with failures triggering alerts and routing to quarantine
  3. Validation contracts are versioned and reviewed like code

Define expectations for completeness (no unexpected nulls), freshness (data is not stale), uniqueness (no duplicate primary keys), referential integrity (foreign keys resolve), and statistical validity (distributions within expected bounds).

Stage 3: Transformation

The transformation layer converts validated raw data into features. dbt models and PySpark jobs must be:

  • Idempotent. Running the same transformation twice on the same input produces the same output.
  • Time-parameterized. Every transformation accepts an execution_date parameter controlling which data it processes.
  • Auditable. Every output row traces back to its input rows via ROW_NUMBER() or UUID generation.

Stage 4: Feature Store

Feast provides the interface between data engineering and machine learning:

  • Online serving via Redis or DynamoDB for real-time inference (sub-10ms latency)
  • Offline serving via S3 or BigQuery for training dataset construction (point-in-time correct joins)
  • Feature registry with metadata, ownership, lineage, and freshness SLAs
  • Versioning so model v3 uses feature definition v3 while model v2 continues on feature definition v2

Stage 5: Monitoring

A pipeline without monitoring is a pipeline that fails silently. Track five critical metrics:

Metric Alert Threshold
Ingestion lag > 5 min (streaming), > 1 hr (batch)
Validation pass rate < 99% for critical sources
Feature freshness Exceeds SLA (1 hr batch, 1 min streaming)
Feature distribution drift (PSI) > 0.2
Serving latency (P99) > 50ms for online features

Real-World Case Study: Healthcare Claims Pipeline Under HIPAA

At a healthcare organization processing millions of claims monthly, I built this pipeline for a fraud detection model consuming HL7 FHIR resources and EDI 837 transactions.

The ingestion layer handled FHIR JSON bundles and EDI 837 flat files arriving via Kafka and S3. Schema Registry enforced Avro schemas at the ingestion boundary. PHI identification ran at ingestion using Amazon Macie, tagging every record containing any of the eighteen HIPAA identifiers.

Great Expectations enforced 47 validation rules: claim amounts within expected ranges, procedure codes matching valid ICD-10 catalogs, provider NPIs resolving against the NPPES registry, and temporal consistency (service dates before submission dates).

The feature store (Feast on S3 with Redis for online serving) computed 156 features per claim. The critical design decision: a single code path for both batch (training) and streaming (serving) feature computation. When we initially implemented this, the model's accuracy dropped from 93% to 84% — not because the pipeline was worse, but because it was honest. The legacy system had been computing features with future-looking joins that inflated training metrics.

Browse our AI & ML Resources for healthcare-specific data pipeline templates and HIPAA-compliant architecture blueprints.

Frequently Asked Questions

What is the single most important thing to get right in an AI data pipeline?

Point-in-time correctness. Every other pipeline best practice — schema validation, monitoring, idempotency — is important but survivable if imperfect. Temporal leakage is not survivable. It produces models that appear excellent during evaluation and fail in production, and the failure is invisible because the model returns predictions with high confidence. Use Feast's get_historical_features() API and ensure every feature computation is parameterized by an as_of_timestamp. Test for leakage by training on data before a cutoff date and evaluating on data after it — if performance drops more than 5%, investigate temporal contamination.

How do we handle schema changes from upstream teams without breaking the pipeline?

Implement a schema contract layer using Apache Avro with Confluent Schema Registry. Define your pipeline's expected schema as a registered Avro schema with backward compatibility mode enabled. When an upstream team changes their schema, Schema Registry rejects changes that break backward compatibility (removing fields, changing types). For semantic drift (meaning changes that do not change the schema), Great Expectations statistical checks are your safety net — if the revenue column suddenly has a different mean and standard deviation, your expectations will fire before the data reaches your model. Critically, establish a communication protocol with upstream teams: they notify you before schema changes, and you have a 48-hour review window. Our free DevOps and SDLC course covers pipeline contract management in depth.

Should we build our own feature store or use a managed service?

Start with Feast (open source) unless you have budget for Tecton or are already on Databricks or SageMaker. Feast covers the two critical requirements — point-in-time correct offline retrieval and low-latency online serving — with minimal operational overhead when backed by S3 and Redis. Managed alternatives (Tecton, SageMaker Feature Store, Databricks Feature Store) add value at scale: better integration with their respective ecosystems, managed infrastructure, and enterprise support. The decision point is typically around 50+ features in production serving, at which point the operational burden of self-managing Feast's Redis cluster and materialization jobs justifies managed pricing.

Ready to accelerate your cloud career? Browse 320 premium digital blueprints or start with our 17 free courses.

Continue Learning

Kehinde Ogunlowo

Senior Multi-Cloud DevSecOps Architect & AI Engineer

AWS, Azure, GCP Certified | Secret Clearance | FedRAMP, CMMC, HIPAA

Enterprise experience at Cigna Healthcare, Lockheed Martin, NantHealth, BP Refinery, and Patterson UTI.

LinkedIn GitHub Portfolio

Start Your Cloud Career Today

Access 17 free courses covering AWS, Azure, GCP, DevOps, AI/ML, and cloud security — built by a practicing Senior Cloud Architect with enterprise experience.

Get Free Cloud Career Resources

Kehinde Ogunlowo

Senior Multi-Cloud DevSecOps Architect & AI Engineer

Enterprise experience at Cigna Healthcare, Lockheed Martin, NantHealth, and BP. AWS, Azure, GCP, Secret Clearance, FedRAMP, CMMC, HIPAA certified.

LinkedIn GitHub

You might also like

MLOps in 2026: Monitoring, Drift Detection, and Automated Retraining

April 02, 2026