Differences

This shows you the differences between two versions of the page.

--- opennic:infra:wiki [2017-07-19T21:21:04Z] – created fusl
+++ opennic:infra:wiki [2017-10-18T15:11:18Z] – fusl
@@ Line 1: / Line 1: @@
 ====== wiki.opennic.org infrastructure ======
+==== Maintainers ====
+  - [[/user/fusl]]
+===== The Infrastructure =====
 The wiki.opennic.org website runs on [[https://aws.amazon.com/|Amazon Web Services (AWS)]] infrastructure and uses various services offered by AWS:
-===== Elastic File System =====
+==== Elastic File System ====
 The [[https://aws.amazon.com/efs/|EFS service]] is used to store all wiki pages, configurations, attachments, etc. on a scalable, shared filesystem using NFS as protocol.
-  * //Endpoint: ''fs-ee48faa7.efs.us-east-1.amazonaws.com''//
+  * Endpoint: ''fs-ee48faa7.efs.us-east-1.amazonaws.com''
-===== ElastiCache =====
+==== ElastiCache ====
 [[https://aws.amazon.com/elasticache/|ElastiCache]] stores all PHP sessions in a single Memcached instance to ensure session and login-state persistency and reliability across all floating wiki.opennic.org webserver instances.
-  * //Endpoint: ''prod-wiki-sess.xqtznt.cfg.use1.cache.amazonaws.com:11211''//
+  * Endpoint: ''prod-wiki-sess.xqtznt.cfg.use1.cache.amazonaws.com:11211''
-===== Auto Scaling =====
+==== Auto Scaling ====
 To automatically scale the wiki instances to the desired performance and to ensure reliability even on instance failures, we use an [[https://aws.amazon.com/autoscaling/|Auto Scaling]] group which handles automatic scaling at your desire.
-==== Details ====
+=== Details ===
-  * //Auto Scaling Group: ''prod-wiki''//
+  * Auto Scaling Group: ''prod-wiki''
-  * //Launch Configuration: ''prod-wiki-20170506-4''//
+  * Launch Configuration: ''prod-wiki-20170909''
-  * //Load Balancers: -//
+  * Load Balancers: -
-  * //Target Groups: ''prod-wiki''//
+  * Target Groups: ''prod-wiki''
-  * //Desired: ''2''//
+  * Desired: ''2''
-  * //Min: ''2''//
+  * Min: ''2''
-  * //Max: ''20''//
+  * Max: ''20''
-  * //Health Check Type: ''ELB''//
+  * Health Check Type: ''ELB''
-  * //Health Check Grace Period: ''180''//
+  * Health Check Grace Period: ''180''
-  * //Termination Policies: ''OldestLaunchConfiguration'', ''ClosestToNextInstanceHour'', ''Default''//
+  * Termination Policies: ''OldestLaunchConfiguration'', ''ClosestToNextInstanceHour'', ''Default''
-  * //Creation Time: ''Fri Apr 21 21:26:39 GMT+000 2017''//
+  * Creation Time: ''Fri Apr 21 21:26:39 GMT+000 2017''
-  * //Availability Zone(s): ''us-east-1a'', ''us-east-1b'', ''us-east-1d'', ''us-east-1e''//
+  * Availability Zone(s): ''us-east-1a'', ''us-east-1b'', ''us-east-1d'', ''us-east-1e''
-  * //Subnet(s): ''subnet-da5ebb80'',''subnet-94dd05dc'',''subnet-5f440563'',''subnet-74fc1258''//
+  * Subnet(s): ''subnet-da5ebb80'',''subnet-94dd05dc'',''subnet-5f440563'',''subnet-74fc1258''
-  * //Default Cooldown: ''180''//
+  * Default Cooldown: ''180''
-  * //Placement Group: -//
+  * Placement Group: -
-  * //Suspended Processes: -//
+  * Suspended Processes: -
-  * //Enabled Metrics: ''GroupPendingInstances'', ''GroupTotalInstances'', ''GroupInServiceInstances'', ''GroupDesiredCapacity'', ''GroupMaxSize'', ''GroupTerminatingInstances'', ''GroupMinSize'', ''GroupStandbyInstances''//
+  * Enabled Metrics: ''GroupPendingInstances'', ''GroupTotalInstances'', ''GroupInServiceInstances'', ''GroupDesiredCapacity'', ''GroupMaxSize'', ''GroupTerminatingInstances'', ''GroupMinSize'', ''GroupStandbyInstances''
-  * //Instance Protection: -//
+  * Instance Protection: -
-==== Scaling Policies ====
+=== Scaling Policies ===
-=== prod-wiki-high ===
+== prod-wiki-high ==
-  * //Policy type: ''Simple scaling''//
+  * Policy type: ''Simple scaling''
-  * //Execute policy when: ''prod-wiki-high'' (breaches the alarm threshold: ''TargetResponseTime >= 1'' for *300* seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'')//
+  * Execute policy when: ''prod-wiki-high'' (breaches the alarm threshold: ''TargetResponseTime >= 1'' for ''300'' seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'')
-  * //Take the action: ''Add 2 instances''//
+  * Take the action: ''Add 2 instances''
-  * //And then wait: ''180 seconds before allowing another scaling activity''//
+  * And then wait: ''180 seconds before allowing another scaling activity''
-=== prod-wiki-low ===
+== prod-wiki-low ==
-  * //Policy type: ''Simple scaling''//
+  * Policy type: ''Simple scaling''
-  * //Execute policy when: ''prod-wiki-low'' (breaches the alarm threshold: ''TargetResponseTime <= 0.5'' for *300* seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'')//
+  * Execute policy when: ''prod-wiki-low'' (breaches the alarm threshold: ''TargetResponseTime <= 0.5'' for ''300'' seconds for the metric dimensions ''LoadBalancer = app/prod-wiki/0ec4b8b4601b350c'')
-  * //Take the action: ''Remove 1 instances''//
+  * Take the action: ''Remove 1 instances''
-  * //And then wait: ''180 seconds before allowing another scaling activity''//
+  * And then wait: ''180 seconds before allowing another scaling activity''
-==== Tags ====
+=== Tags ===
 ^ Key ^ Value ^ Tag New Instances ^
 | Name | prod-wiki | Yes |
-==== Launch Configuration ====
+=== Launch Configuration ===
-  * //AMI: ''ami-80861296''//
+  * AMI: //AMI created by [[https://github.com/opennic/packers/tree/master/opennic-wiki|opennic-wiki packer]]//
-  * //Instance type: ''t2.nano'' (t2.nano (Variable ECUs, 1 vCPUs, 2.4 GHz, Intel Xeon Family, 0.5 GiB memory, EBS only))//
+  * Instance type: ''t2.nano'' (t2.nano (Variable ECUs, 1 vCPUs, 2.4 GHz, Intel Xeon Family, 0.5 GiB memory, EBS only))
-  * //Name: ''prod-wiki-20170506-4''//
+  * Name: ''prod-wiki-20170506-4''
-  * //Request Spot Instances - Request Spot Instances: No//
+  * Request Spot Instances - Request Spot Instances: No
-  * //IAM role: ''None''//
+  * IAM role: ''None''
-  * //Monitoring - Enable CloudWatch detailed monitoring: No//
+  * Monitoring - Enable CloudWatch detailed monitoring: No
-  * //Kernel ID: ''Use default''//
+  * Kernel ID: ''Use default''
-  * //RAM Disk ID: ''Use default''//
+  * RAM Disk ID: ''Use default''
-  * //User data (As text): {{:opennic:infra:prod-wiki-asg-user-data.txt|}}//
+  * User data (As text): -
-  * //IP Address Type: ''Assign a public IP address to every instance.''//
+  * IP Address Type: ''Assign a public IP address to every instance.''
-  * //Storage//
+  * Storage
-    * //Volume Type: ''Root''//
+    * Volume Type: ''Root''
-    * //Device: ''/dev/sda1''//
+    * Device: ''/dev/sda1''
-    * //Snapshot: ''snap-066a4d67938024381''//
+    * Snapshot: ''snap-066a4d67938024381''
-    * //Size (GiB): ''8''//
+    * Size (GiB): ''8''
-    * //Volume Type: ''Magnetic''//
+    * Volume Type: ''Magnetic''
-    * //IOPS: ''N/A''//
+    * IOPS: ''N/A''
-    * //Throughput: ''N/A''//
+    * Throughput: ''N/A''
-    * //Delete on Termination: Yes//
+    * Delete on Termination: Yes
-    * //Encrypted: No//
+    * Encrypted: No
-  * //Security group: ''sg-3eccfc41''//
+  * Security group: ''sg-3eccfc41''
-===== Elastic Load Balancer =====
+==== Elastic Load Balancer ====
 An [[https://aws.amazon.com/elasticloadbalancing/|Elastic Load Balancer]] distributes HTTP queries to wiki.opennic.org across all instances in the auto scaling group.
-  * //Basic Configuration//
+  * Basic Configuration
-    * //Name: ''prod-wiki''//
+    * Name: ''prod-wiki''
-    * //ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:loadbalancer/app/prod-wiki/0ec4b8b4601b350c''//
+    * ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:loadbalancer/app/prod-wiki/0ec4b8b4601b350c''
-    * //DNS name: ''prod-wiki-1538888183.us-east-1.elb.amazonaws.com''//
+    * DNS name: ''prod-wiki-1538888183.us-east-1.elb.amazonaws.com''
-    * //Scheme: ''internet-facing''//
+    * Scheme: ''internet-facing''
-    * //Type: ''application''//
+    * Type: ''application''
-    * //Availability Zones: ''subnet-5f440563 - us-east-1e'', ''subnet-74fc1258 - us-east-1d'', ''subnet-94dd05dc - us-east-1a'', ''subnet-da5ebb80 - us-east-1b''//
+    * Availability Zones: ''subnet-5f440563 - us-east-1e'', ''subnet-74fc1258 - us-east-1d'', ''subnet-94dd05dc - us-east-1a'', ''subnet-da5ebb80 - us-east-1b''
-    * //Creation time: ''April 21, 2017 at 09:21:32 PM UTC+0''//
+    * Creation time: ''April 21, 2017 at 09:21:32 PM UTC+0''
-    * //Hosted zone: ''Z35SXDOTRQ7X7K''//
+    * Hosted zone: ''Z35SXDOTRQ7X7K''
-    * //State: ''active''//
+    * State: ''active''
-    * //VPC: ''vpc-64c5d102''//
+    * VPC: ''vpc-64c5d102''
-    * //IP address type: ''dualstack''//
+    * IP address type: ''dualstack''
-    * //AWS WAF Web ACL: -//
+    * AWS WAF Web ACL: -
-  * //Security//
+  * Security
-    * //Security groups: ''sg-095e6d76''//
+    * Security groups: ''sg-095e6d76''
-  * //Attributes//
+  * Attributes
-    * //Deletion protection: ''Disabled''//
+    * Deletion protection: ''Disabled''
-    * //Idle timeout: ''60 seconds''//
+    * Idle timeout: ''60 seconds''
-    * //Access logs: ''Disabled''//
+    * Access logs: ''Disabled''
-  * //Listeners//
+  * Listeners
-    * //Listener 1//
+    * Listener 1
-      * //ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/7ce4c2f1d63a6d38''//
+      * ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/7ce4c2f1d63a6d38''
-      * //Protocol: ''HTTP''//
+      * Protocol: ''HTTP''
-      * //Port: ''80''//
+      * Port: ''80''
-      * //Default target group: ''prod-wiki''//
+      * Default target group: ''prod-wiki''
-    * //Listener 2//
+    * Listener 2
-      * //ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/1d209761648cd7dc''//
+      * ARN: ''arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/1d209761648cd7dc''
-      * //Protocol: ''HTTPS (Secure HTTP)''//
+      * Protocol: ''HTTPS (Secure HTTP)''
-      * //Port: ''443''//
+      * Port: ''443''
-      * //Default target group: ''prod-wiki''//
+      * Default target group: ''prod-wiki''
-      * //Certificate type: ''Choose an existing certificate from AWS Certificate Manager (ACM)''//
+      * Certificate type: ''Choose an existing certificate from AWS Certificate Manager (ACM)''
-      * //Certificate name: ''wiki.opennic.org (arn:aws:acm:us-east-1:110568221216:certificate/0184f12e-ae11-4e74-8ba6-ad7a3bd7c846)''//
+      * Certificate name: ''wiki.opennic.org (arn:aws:acm:us-east-1:110568221216:certificate/0184f12e-ae11-4e74-8ba6-ad7a3bd7c846)''
-      * //Security policy: ''ELBSecurityPolicy-TLS-1-2-2017-01''//
+      * Security policy: ''ELBSecurityPolicy-TLS-1-2-2017-01''
-  * //Monitoring - CloudWatch alarms//
+  * Monitoring - CloudWatch alarms
-    * //prod-wiki-high//
+    * prod-wiki-high
-      * //ELBSecurityPolicy-TLS-1-2-2017-01: -//
+      * ELBSecurityPolicy-TLS-1-2-2017-01: -
-      * //Whenever: ''Average Latency''//
+      * Whenever: ''Average Latency''
-      * //Is: ''>='' ''1,000''//
+      * Is: ''>='' ''1,000''
-      * //For at least: ''1'' consecutive period(s) of ''5 Minutes''
+      * For at least: ''1'' consecutive period(s) of ''5 Minutes''
-    * //prod-wiki-low//
+    * prod-wiki-low
-      * //ELBSecurityPolicy-TLS-1-2-2017-01: -//
+      * ELBSecurityPolicy-TLS-1-2-2017-01: -
-      * //Whenever: ''Average Latency''//
+      * Whenever: ''Average Latency''
-      * //Is: ''<='' ''500''//
+      * Is: ''<='' ''500''
-      * //For at least: ''1'' consecutive period(s) of ''5 Minutes''
+      * For at least: ''1'' consecutive period(s) of ''5 Minutes''
+==== git sync ====
+The entire web root directory is synced to [[https://github.com/opennic/wikipages|GitHub]] approximately every 60 minutes using a [[https://github.com/opennic/packers/blob/master/opennic-wiki/files-pre/etc/cron.hourly/gitsync|crontab script]] deployed when building the AWS AMI using our [[https://github.com/opennic/packers/tree/master/opennic-wiki|Packer deployment definitions]]. Some files are [[https://github.com/opennic/wikipages/blob/master/.gitignore|not synced]] to the repository.