Next revision | Previous revision Next revisionBoth sides next revision |
opennic:infra:wiki [2017-07-19T21:21:04Z] – created fusl | opennic:infra:wiki [2017-09-09T02:38:48Z] – fusl |
---|
The [[https://aws.amazon.com/efs/|EFS service]] is used to store all wiki pages, configurations, attachments, etc. on a scalable, shared filesystem using NFS as protocol. | The [[https://aws.amazon.com/efs/|EFS service]] is used to store all wiki pages, configurations, attachments, etc. on a scalable, shared filesystem using NFS as protocol. |
| |
* //Endpoint: ''fs-ee48faa7.efs.us-east-1.amazonaws.com''// | * Endpoint: ''fs-ee48faa7.efs.us-east-1.amazonaws.com'' |
| |
===== ElastiCache ===== | ===== ElastiCache ===== |
[[https://aws.amazon.com/elasticache/|ElastiCache]] stores all PHP sessions in a single Memcached instance to ensure session and login-state persistency and reliability across all floating wiki.opennic.org webserver instances. | [[https://aws.amazon.com/elasticache/|ElastiCache]] stores all PHP sessions in a single Memcached instance to ensure session and login-state persistency and reliability across all floating wiki.opennic.org webserver instances. |
| |
* //Endpoint: ''prod-wiki-sess.xqtznt.cfg.use1.cache.amazonaws.com:11211''// | * Endpoint: ''prod-wiki-sess.xqtznt.cfg.use1.cache.amazonaws.com:11211'' |
| |
===== Auto Scaling ===== | ===== Auto Scaling ===== |
| |
==== Details ==== | ==== Details ==== |
* //Auto Scaling Group: ''prod-wiki''// | * Auto Scaling Group: ''prod-wiki'' |
* //Launch Configuration: ''prod-wiki-20170506-4''// | * Launch Configuration: ''prod-wiki-20170909'' |
* //Load Balancers: -// | * Load Balancers: - |
* //Target Groups: ''prod-wiki''// | * Target Groups: ''prod-wiki'' |
* //Desired: ''2''// | * Desired: ''2'' |
* //Min: ''2''// | * Min: ''2'' |
* //Max: ''20''// | * Max: ''20'' |
* //Health Check Type: ''ELB''// | * Health Check Type: ''ELB'' |
* //Health Check Grace Period: ''180''// | * Health Check Grace Period: ''180'' |
* //Termination Policies: ''OldestLaunchConfiguration'', ''ClosestToNextInstanceHour'', ''Default''// | * Termination Policies: ''OldestLaunchConfiguration'', ''ClosestToNextInstanceHour'', ''Default'' |
* //Creation Time: ''Fri Apr 21 21:26:39 GMT+000 2017''// | * Creation Time: ''Fri Apr 21 21:26:39 GMT+000 2017'' |
* //Availability Zone(s): ''us-east-1a'', ''us-east-1b'', ''us-east-1d'', ''us-east-1e''// | * Availability Zone(s): ''us-east-1a'', ''us-east-1b'', ''us-east-1d'', ''us-east-1e'' |
* //Subnet(s): ''subnet-da5ebb80'',''subnet-94dd05dc'',''subnet-5f440563'',''subnet-74fc1258''// | * Subnet(s): ''subnet-da5ebb80'',''subnet-94dd05dc'',''subnet-5f440563'',''subnet-74fc1258'' |
* //Default Cooldown: ''180''// | * Default Cooldown: ''180'' |
* //Placement Group: -// | * Placement Group: - |
* //Suspended Processes: -// | * Suspended Processes: - |
* //Enabled Metrics: ''GroupPendingInstances'', ''GroupTotalInstances'', ''GroupInServiceInstances'', ''GroupDesiredCapacity'', ''GroupMaxSize'', ''GroupTerminatingInstances'', ''GroupMinSize'', ''GroupStandbyInstances''// | * Enabled Metrics: ''GroupPendingInstances'', ''GroupTotalInstances'', ''GroupInServiceInstances'', ''GroupDesiredCapacity'', ''GroupMaxSize'', ''GroupTerminatingInstances'', ''GroupMinSize'', ''GroupStandbyInstances'' |
* //Instance Protection: -// | * Instance Protection: - |
| |
==== Scaling Policies ==== | ==== Scaling Policies ==== |
=== prod-wiki-high === | === prod-wiki-high === |
* //Policy type: ''Simple scaling''// | * Policy type: ''Simple scaling'' |
* //Execute policy when: ''prod-wiki-high'' (breaches the alarm threshold: ''TargetResponseTime >= 1'' for *300* seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'')// | * Execute policy when: ''prod-wiki-high'' (breaches the alarm threshold: ''TargetResponseTime >= 1'' for ''300'' seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'') |
* //Take the action: ''Add 2 instances''// | * Take the action: ''Add 2 instances'' |
* //And then wait: ''180 seconds before allowing another scaling activity''// | * And then wait: ''180 seconds before allowing another scaling activity'' |
| |
=== prod-wiki-low === | === prod-wiki-low === |
* //Policy type: ''Simple scaling''// | * Policy type: ''Simple scaling'' |
* //Execute policy when: ''prod-wiki-low'' (breaches the alarm threshold: ''TargetResponseTime <= 0.5'' for *300* seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'')// | * Execute policy when: ''prod-wiki-low'' (breaches the alarm threshold: ''TargetResponseTime <= 0.5'' for ''300'' seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'') |
* //Take the action: ''Remove 1 instances''// | * Take the action: ''Remove 1 instances'' |
* //And then wait: ''180 seconds before allowing another scaling activity''// | * And then wait: ''180 seconds before allowing another scaling activity'' |
| |
==== Tags ==== | ==== Tags ==== |
| |
==== Launch Configuration ==== | ==== Launch Configuration ==== |
* //AMI: ''ami-80861296''// | * AMI: //AMI created by [[https://github.com/opennic/packers/tree/master/opennic-wiki|opennic-wiki packer]]// |
* //Instance type: ''t2.nano'' (t2.nano (Variable ECUs, 1 vCPUs, 2.4 GHz, Intel Xeon Family, 0.5 GiB memory, EBS only))// | * Instance type: ''t2.nano'' (t2.nano (Variable ECUs, 1 vCPUs, 2.4 GHz, Intel Xeon Family, 0.5 GiB memory, EBS only)) |
* //Name: ''prod-wiki-20170506-4''// | * Name: ''prod-wiki-20170506-4'' |
* //Request Spot Instances - Request Spot Instances: No// | * Request Spot Instances - Request Spot Instances: No |
* //IAM role: ''None''// | * IAM role: ''None'' |
* //Monitoring - Enable CloudWatch detailed monitoring: No// | * Monitoring - Enable CloudWatch detailed monitoring: No |
* //Kernel ID: ''Use default''// | * Kernel ID: ''Use default'' |
* //RAM Disk ID: ''Use default''// | * RAM Disk ID: ''Use default'' |
* //User data (As text): {{:opennic:infra:prod-wiki-asg-user-data.txt|}}// | * User data (As text): - |
* //IP Address Type: ''Assign a public IP address to every instance.''// | * IP Address Type: ''Assign a public IP address to every instance.'' |
* //Storage// | * Storage |
* //Volume Type: ''Root''// | * Volume Type: ''Root'' |
* //Device: ''/dev/sda1''// | * Device: ''/dev/sda1'' |
* //Snapshot: ''snap-066a4d67938024381''// | * Snapshot: ''snap-066a4d67938024381'' |
* //Size (GiB): ''8''// | * Size (GiB): ''8'' |
* //Volume Type: ''Magnetic''// | * Volume Type: ''Magnetic'' |
* //IOPS: ''N/A''// | * IOPS: ''N/A'' |
* //Throughput: ''N/A''// | * Throughput: ''N/A'' |
* //Delete on Termination: Yes// | * Delete on Termination: Yes |
* //Encrypted: No// | * Encrypted: No |
* //Security group: ''sg-3eccfc41''// | * Security group: ''sg-3eccfc41'' |
| |
===== Elastic Load Balancer ===== | ===== Elastic Load Balancer ===== |
An [[https://aws.amazon.com/elasticloadbalancing/|Elastic Load Balancer]] distributes HTTP queries to wiki.opennic.org across all instances in the auto scaling group. | An [[https://aws.amazon.com/elasticloadbalancing/|Elastic Load Balancer]] distributes HTTP queries to wiki.opennic.org across all instances in the auto scaling group. |
| |
* //Basic Configuration// | * Basic Configuration |
* //Name: ''prod-wiki''// | * Name: ''prod-wiki'' |
* //ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:loadbalancer/app/prod-wiki/0ec4b8b4601b350c''// | * ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:loadbalancer/app/prod-wiki/0ec4b8b4601b350c'' |
* //DNS name: ''prod-wiki-1538888183.us-east-1.elb.amazonaws.com''// | * DNS name: ''prod-wiki-1538888183.us-east-1.elb.amazonaws.com'' |
* //Scheme: ''internet-facing''// | * Scheme: ''internet-facing'' |
* //Type: ''application''// | * Type: ''application'' |
* //Availability Zones: ''subnet-5f440563 - us-east-1e'', ''subnet-74fc1258 - us-east-1d'', ''subnet-94dd05dc - us-east-1a'', ''subnet-da5ebb80 - us-east-1b''// | * Availability Zones: ''subnet-5f440563 - us-east-1e'', ''subnet-74fc1258 - us-east-1d'', ''subnet-94dd05dc - us-east-1a'', ''subnet-da5ebb80 - us-east-1b'' |
* //Creation time: ''April 21, 2017 at 09:21:32 PM UTC+0''// | * Creation time: ''April 21, 2017 at 09:21:32 PM UTC+0'' |
* //Hosted zone: ''Z35SXDOTRQ7X7K''// | * Hosted zone: ''Z35SXDOTRQ7X7K'' |
* //State: ''active''// | * State: ''active'' |
* //VPC: ''vpc-64c5d102''// | * VPC: ''vpc-64c5d102'' |
* //IP address type: ''dualstack''// | * IP address type: ''dualstack'' |
* //AWS WAF Web ACL: -// | * AWS WAF Web ACL: - |
* //Security// | * Security |
* //Security groups: ''sg-095e6d76''// | * Security groups: ''sg-095e6d76'' |
* //Attributes// | * Attributes |
* //Deletion protection: ''Disabled''// | * Deletion protection: ''Disabled'' |
* //Idle timeout: ''60 seconds''// | * Idle timeout: ''60 seconds'' |
* //Access logs: ''Disabled''// | * Access logs: ''Disabled'' |
* //Listeners// | * Listeners |
* //Listener 1// | * Listener 1 |
* //ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/7ce4c2f1d63a6d38''// | * ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/7ce4c2f1d63a6d38'' |
* //Protocol: ''HTTP''// | * Protocol: ''HTTP'' |
* //Port: ''80''// | * Port: ''80'' |
* //Default target group: ''prod-wiki''// | * Default target group: ''prod-wiki'' |
* //Listener 2// | * Listener 2 |
* //ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/1d209761648cd7dc''// | * ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/1d209761648cd7dc'' |
* //Protocol: ''HTTPS (Secure HTTP)''// | * Protocol: ''HTTPS (Secure HTTP)'' |
* //Port: ''443''// | * Port: ''443'' |
* //Default target group: ''prod-wiki''// | * Default target group: ''prod-wiki'' |
* //Certificate type: ''Choose an existing certificate from AWS Certificate Manager (ACM)''// | * Certificate type: ''Choose an existing certificate from AWS Certificate Manager (ACM)'' |
* //Certificate name: ''wiki.opennic.org (arn:aws:acm:us-east-1:110568221216:certificate/0184f12e-ae11-4e74-8ba6-ad7a3bd7c846)''// | * Certificate name: ''wiki.opennic.org (arn:aws:acm:us-east-1:110568221216:certificate/0184f12e-ae11-4e74-8ba6-ad7a3bd7c846)'' |
* //Security policy: ''ELBSecurityPolicy-TLS-1-2-2017-01''// | * Security policy: ''ELBSecurityPolicy-TLS-1-2-2017-01'' |
* //Monitoring - CloudWatch alarms// | * Monitoring - CloudWatch alarms |
* //prod-wiki-high// | * prod-wiki-high |
* //ELBSecurityPolicy-TLS-1-2-2017-01: -// | * ELBSecurityPolicy-TLS-1-2-2017-01: - |
* //Whenever: ''Average Latency''// | * Whenever: ''Average Latency'' |
* //Is: ''>='' ''1,000''// | * Is: ''>='' ''1,000'' |
* //For at least: ''1'' consecutive period(s) of ''5 Minutes'' | * For at least: ''1'' consecutive period(s) of ''5 Minutes'' |
* //prod-wiki-low// | * prod-wiki-low |
* //ELBSecurityPolicy-TLS-1-2-2017-01: -// | * ELBSecurityPolicy-TLS-1-2-2017-01: - |
* //Whenever: ''Average Latency''// | * Whenever: ''Average Latency'' |
* //Is: ''<='' ''500''// | * Is: ''<='' ''500'' |
* //For at least: ''1'' consecutive period(s) of ''5 Minutes'' | * For at least: ''1'' consecutive period(s) of ''5 Minutes'' |
| ===== git sync ===== |
| The entire web root directory is synced to [[https://github.com/opennic/wikipages|GitHub]] approximately every 30 minutes using [[https://github.com/opennic/wikipages/blob/master/sync.sh|this]] simple bash script. Some files are [[https://github.com/opennic/wikipages/blob/master/.gitignore|not synced]] to the repository, for example the ''conf/users.auth.php'' file containing all users with their email addresses and passwords until LDAP authentication is up and running. |