This is an old revision of the document!
wiki.opennic.org infrastructure
Maintainers
The Infrastructure
The wiki.opennic.org website runs on Amazon Web Services (AWS) infrastructure and uses various services offered by AWS in the us-east-1 (US East (N. Virginia)) region:
Elastic File System
The EFS service is used to store all wiki pages, configurations, attachments, etc. on a scalable, shared filesystem using NFS as protocol.
- Endpoint:
fs-ee48faa7.efs.us-east-1.amazonaws.com
ElastiCache
ElastiCache stores all PHP sessions in a single Memcached instance to ensure session and login-state persistency and reliability across all floating wiki.opennic.org webserver instances.
- Endpoint:
prod-wiki-sess.xqtznt.cfg.use1.cache.amazonaws.com:11211
Auto Scaling
To automatically scale the wiki instances to the desired performance and to ensure reliability even on instance failures, we use an Auto Scaling group which handles automatic scaling at your desire.
Details
- Auto Scaling Group:
prod-wiki
- Launch Configuration:
prod-wiki-20170909
- Load Balancers: -
- Target Groups:
prod-wiki
- Desired:
2
- Min:
2
- Max:
20
- Health Check Type:
ELB
- Health Check Grace Period:
180
- Termination Policies:
OldestLaunchConfiguration
,ClosestToNextInstanceHour
,Default
- Creation Time:
Fri Apr 21 21:26:39 GMT+000 2017
- Availability Zone(s):
us-east-1a
,us-east-1b
,us-east-1d
,us-east-1e
- Subnet(s):
subnet-da5ebb80
,subnet-94dd05dc
,subnet-5f440563
,subnet-74fc1258
- Default Cooldown:
180
- Placement Group: -
- Suspended Processes: -
- Enabled Metrics:
GroupPendingInstances
,GroupTotalInstances
,GroupInServiceInstances
,GroupDesiredCapacity
,GroupMaxSize
,GroupTerminatingInstances
,GroupMinSize
,GroupStandbyInstances
- Instance Protection: -
Scaling Policies
prod-wiki-high
- Policy type:
Simple scaling
- Execute policy when:
prod-wiki-high
(breaches the alarm threshold:TargetResponseTime >= 1
for300
seconds for the metric dimensionsLoadBalancer = app/prod-wiki/0ec4b8b4601b350c
) - Take the action:
Add 2 instances
- And then wait:
180 seconds before allowing another scaling activity
prod-wiki-low
- Policy type:
Simple scaling
- Execute policy when:
prod-wiki-low
(breaches the alarm threshold:TargetResponseTime ⇐ 0.5
for300
seconds for the metric dimensionsLoadBalancer = app/prod-wiki/0ec4b8b4601b350c
) - Take the action:
Remove 1 instances
- And then wait:
180 seconds before allowing another scaling activity
Tags
Key | Value | Tag New Instances |
---|---|---|
Name | prod-wiki | Yes |
Launch Configuration
- AMI: AMI created by opennic-wiki packer
- Instance type:
t2.nano
(t2.nano (Variable ECUs, 1 vCPUs, 2.4 GHz, Intel Xeon Family, 0.5 GiB memory, EBS only)) - Name:
prod-wiki-20170506-4
- Request Spot Instances - Request Spot Instances: No
- IAM role:
None
- Monitoring - Enable CloudWatch detailed monitoring: No
- Kernel ID:
Use default
- RAM Disk ID:
Use default
- User data (As text): -
- IP Address Type:
Assign a public IP address to every instance.
- Storage
- Volume Type:
Root
- Device:
/dev/sda1
- Snapshot:
snap-066a4d67938024381
- Size (GiB):
8
- Volume Type:
Magnetic
- IOPS:
N/A
- Throughput:
N/A
- Delete on Termination: Yes
- Encrypted: No
- Security group:
sg-3eccfc41
Elastic Load Balancer
An Elastic Load Balancer distributes HTTP queries to wiki.opennic.org across all instances in the auto scaling group.
- Basic Configuration
- Name:
prod-wiki
- ARN:
arn:aws:elasticloadbalancing:us-east-1:110568221216:loadbalancer/app/prod-wiki/0ec4b8b4601b350c
- DNS name:
prod-wiki-1538888183.us-east-1.elb.amazonaws.com
- Scheme:
internet-facing
- Type:
application
- Availability Zones:
subnet-5f440563 - us-east-1e
,subnet-74fc1258 - us-east-1d
,subnet-94dd05dc - us-east-1a
,subnet-da5ebb80 - us-east-1b
- Creation time:
April 21, 2017 at 09:21:32 PM UTC+0
- Hosted zone:
Z35SXDOTRQ7X7K
- State:
active
- VPC:
vpc-64c5d102
- IP address type:
dualstack
- AWS WAF Web ACL: -
- Security
- Security groups:
sg-095e6d76
- Attributes
- Deletion protection:
Disabled
- Idle timeout:
60 seconds
- Access logs:
Disabled
- Listeners
- Listener 1
- ARN:
arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/7ce4c2f1d63a6d38
- Protocol:
HTTP
- Port:
80
- Default target group:
prod-wiki
- Listener 2
- ARN:
arn:aws:elasticloadbalancing:us-east-1:110568221216:listener/app/prod-wiki/0ec4b8b4601b350c/1d209761648cd7dc
- Protocol:
HTTPS (Secure HTTP)
- Port:
443
- Default target group:
prod-wiki
- Certificate type:
Choose an existing certificate from AWS Certificate Manager (ACM)
- Certificate name:
wiki.opennic.org (arn:aws:acm:us-east-1:110568221216:certificate/0184f12e-ae11-4e74-8ba6-ad7a3bd7c846)
- Security policy:
ELBSecurityPolicy-TLS-1-2-2017-01
- Monitoring - CloudWatch alarms
- prod-wiki-high
- ELBSecurityPolicy-TLS-1-2-2017-01: -
- Whenever:
Average Latency
- Is:
>=
1,000
- For at least:
1
consecutive period(s) of5 Minutes
- prod-wiki-low
- ELBSecurityPolicy-TLS-1-2-2017-01: -
- Whenever:
Average Latency
- Is:
⇐
500
- For at least:
1
consecutive period(s) of5 Minutes
git sync
The entire web root directory is synced to GitHub approximately every 60 minutes using a crontab script deployed when building the AWS AMI using our Packer deployment definitions. Some files are not synced to the repository.