Both sides previous revision Previous revision | |
opennic:infra:wiki [2017-10-18T15:17:40Z] – fusl | opennic:infra:wiki [2019-04-23T08:59:41Z] (current) – fusl |
---|
| |
===== The Infrastructure ===== | ===== The Infrastructure ===== |
The wiki.opennic.org website runs on [[https://aws.amazon.com/|Amazon Web Services (AWS)]] infrastructure and uses various services offered by AWS in the us-east-1 (US East (N. Virginia)) [[http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html|region]]: | The wiki.opennic.org website runs as simple virtual machine on Fusl's private infrastructure for open source projects shared with [[https://www.archiveteam.org/|Archive Team]] and others at [[https://nforce.com/|NFOrce]] in the Netherlands (Nedzone Datacenter). |
| |
==== Elastic File System ==== | |
The [[https://aws.amazon.com/efs/|EFS service]] is used to store all wiki pages, configurations, attachments, etc. on a scalable, shared filesystem using NFS as protocol. | |
| |
* Endpoint: ''fs-ee48faa7.efs.us-east-1.amazonaws.com'' | |
| |
==== ElastiCache ==== | |
[[https://aws.amazon.com/elasticache/|ElastiCache]] stores all PHP sessions in a single Memcached instance to ensure session and login-state persistency and reliability across all floating wiki.opennic.org webserver instances. | |
| |
* Endpoint: ''prod-wiki-sess.xqtznt.cfg.use1.cache.amazonaws.com:11211'' | |
| |
==== Auto Scaling ==== | |
To automatically scale the wiki instances to the desired performance and to ensure reliability even on instance failures, we use an [[https://aws.amazon.com/autoscaling/|Auto Scaling]] group which handles automatic scaling at your desire. | |
| |
=== Details === | |
* Auto Scaling Group: ''prod-wiki'' | |
* Launch Configuration: ''prod-wiki-20170909'' | |
* Load Balancers: - | |
* Target Groups: ''prod-wiki'' | |
* Desired: ''2'' | |
* Min: ''2'' | |
* Max: ''20'' | |
* Health Check Type: ''ELB'' | |
* Health Check Grace Period: ''180'' | |
* Termination Policies: ''OldestLaunchConfiguration'', ''ClosestToNextInstanceHour'', ''Default'' | |
* Creation Time: ''Fri Apr 21 21:26:39 GMT+000 2017'' | |
* Availability Zone(s): ''us-east-1a'', ''us-east-1b'', ''us-east-1d'', ''us-east-1e'' | |
* Subnet(s): ''subnet-da5ebb80'',''subnet-94dd05dc'',''subnet-5f440563'',''subnet-74fc1258'' | |
* Default Cooldown: ''180'' | |
* Placement Group: - | |
* Suspended Processes: - | |
* Enabled Metrics: ''GroupPendingInstances'', ''GroupTotalInstances'', ''GroupInServiceInstances'', ''GroupDesiredCapacity'', ''GroupMaxSize'', ''GroupTerminatingInstances'', ''GroupMinSize'', ''GroupStandbyInstances'' | |
* Instance Protection: - | |
| |
=== Scaling Policies === | |
== prod-wiki-high == | |
* Policy type: ''Simple scaling'' | |
* Execute policy when: ''prod-wiki-high'' (breaches the alarm threshold: ''TargetResponseTime >= 1'' for ''300'' seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'') | |
* Take the action: ''Add 2 instances'' | |
* And then wait: ''180 seconds before allowing another scaling activity'' | |
| |
== prod-wiki-low == | |
* Policy type: ''Simple scaling'' | |
* Execute policy when: ''prod-wiki-low'' (breaches the alarm threshold: ''TargetResponseTime <= 0.5'' for ''300'' seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'') | |
* Take the action: ''Remove 1 instances'' | |
* And then wait: ''180 seconds before allowing another scaling activity'' | |
| |
=== Tags === | |
^ Key ^ Value ^ Tag New Instances ^ | |
| Name | prod-wiki | Yes | | |
| |
=== Launch Configuration === | |
* AMI: //AMI created by [[https://github.com/opennic/packers/tree/master/opennic-wiki|opennic-wiki packer]]// | |
* Instance type: ''t2.nano'' (t2.nano (Variable ECUs, 1 vCPUs, 2.4 GHz, Intel Xeon Family, 0.5 GiB memory, EBS only)) | |
* Name: ''prod-wiki-20170506-4'' | |
* Request Spot Instances - Request Spot Instances: No | |
* IAM role: ''None'' | |
* Monitoring - Enable CloudWatch detailed monitoring: No | |
* Kernel ID: ''Use default'' | |
* RAM Disk ID: ''Use default'' | |
* User data (As text): - | |
* IP Address Type: ''Assign a public IP address to every instance.'' | |
* Storage | |
* Volume Type: ''Root'' | |
* Device: ''/dev/sda1'' | |
* Snapshot: ''snap-066a4d67938024381'' | |
* Size (GiB): ''8'' | |
* Volume Type: ''Magnetic'' | |
* IOPS: ''N/A'' | |
* Throughput: ''N/A'' | |
* Delete on Termination: Yes | |
* Encrypted: No | |
* Security group: ''sg-3eccfc41'' | |
| |
==== Elastic Load Balancer ==== | |
An [[https://aws.amazon.com/elasticloadbalancing/|Elastic Load Balancer]] distributes HTTP queries to wiki.opennic.org across all instances in the auto scaling group. | |
| |
* Basic Configuration | |
* Name: ''prod-wiki'' | |
* ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:loadbalancer/app/prod-wiki/0ec4b8b4601b350c'' | |
* DNS name: ''prod-wiki-1538888183.us-east-1.elb.amazonaws.com'' | |
* Scheme: ''internet-facing'' | |
* Type: ''application'' | |
* Availability Zones: ''subnet-5f440563 - us-east-1e'', ''subnet-74fc1258 - us-east-1d'', ''subnet-94dd05dc - us-east-1a'', ''subnet-da5ebb80 - us-east-1b'' | |
* Creation time: ''April 21, 2017 at 09:21:32 PM UTC+0'' | |
* Hosted zone: ''Z35SXDOTRQ7X7K'' | |
* State: ''active'' | |
* VPC: ''vpc-64c5d102'' | |
* IP address type: ''dualstack'' | |
* AWS WAF Web ACL: - | |
* Security | |
* Security groups: ''sg-095e6d76'' | |
* Attributes | |
* Deletion protection: ''Disabled'' | |
* Idle timeout: ''60 seconds'' | |
* Access logs: ''Disabled'' | |
* Listeners | |
* Listener 1 | |
* ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/7ce4c2f1d63a6d38'' | |
* Protocol: ''HTTP'' | |
* Port: ''80'' | |
* Default target group: ''prod-wiki'' | |
* Listener 2 | |
* ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/1d209761648cd7dc'' | |
* Protocol: ''HTTPS (Secure HTTP)'' | |
* Port: ''443'' | |
* Default target group: ''prod-wiki'' | |
* Certificate type: ''Choose an existing certificate from AWS Certificate Manager (ACM)'' | |
* Certificate name: ''wiki.opennic.org (arn:aws:acm:us-east-1:110568221216:certificate/0184f12e-ae11-4e74-8ba6-ad7a3bd7c846)'' | |
* Security policy: ''ELBSecurityPolicy-TLS-1-2-2017-01'' | |
* Monitoring - CloudWatch alarms | |
* prod-wiki-high | |
* ELBSecurityPolicy-TLS-1-2-2017-01: - | |
* Whenever: ''Average Latency'' | |
* Is: ''>='' ''1,000'' | |
* For at least: ''1'' consecutive period(s) of ''5 Minutes'' | |
* prod-wiki-low | |
* ELBSecurityPolicy-TLS-1-2-2017-01: - | |
* Whenever: ''Average Latency'' | |
* Is: ''<='' ''500'' | |
* For at least: ''1'' consecutive period(s) of ''5 Minutes'' | |
==== git sync ==== | ==== git sync ==== |
The entire web root directory is synced to [[https://github.com/opennic/wikipages|GitHub]] approximately every 60 minutes using a [[https://github.com/opennic/packers/blob/master/opennic-wiki/files-pre/etc/cron.hourly/gitsync|crontab script]] deployed when building the AWS AMI using our [[https://github.com/opennic/packers/tree/master/opennic-wiki|Packer deployment definitions]]. Some files are [[https://github.com/opennic/wikipages/blob/master/.gitignore|not synced]] to the repository. | The entire web root directory is synced to [[https://github.com/opennic/wikipages|GitHub]] approximately every 60 minutes using a [[https://github.com/opennic/packers/blob/master/opennic-wiki/files-pre/etc/cron.hourly/gitsync|crontab script]]. Some files are [[https://github.com/opennic/wikipages/blob/master/.gitignore|excluded]] from being synchronized to the git repository. |