[WORK IN PROGRESS]
Basic infrastructure to deploy, run and maintain modern web applications at scale.
- Stable.
- Secure.
- Scalable.
- Replicable.
- Cost Effective.
- Highly Available.
- Highly Performant.
I created this repo to learn about infrastructures for modern web applications. In other words, learn how to release code to production and still be able to sleep at night.
I use Terraform to build, change and version the infrastructure and AWS to deploy it.
The code, services and infrastructure design is opinionated. Based on my learnings and past experience.
List of componenet i attempt to have in my infrastructure.
- Self hosted using Jenkins, Buildkite or another.
- VPN
- DNS
- Load Balancing
- Docker Image Registry
- Container Orchestration (Kubernetes)
- Messaging
- SQL/NoSQL Databases
- In Memory Databases
To provision the infrastructure first we need to pick a cloud infrastructure provider.
• Alibaba Cloud.
• Digital Ocean.
• Microsoft Azure.
• Amazon Web Services.
• Google Cloud Platform.
• etc.
I'll be using AWS only because i am already familiar with it.
This is the main account aka the one that pays the bills. It's responsibilities are:
• Create an oganization.
• Pay the bills of the organization.
• Create IAM Users so other people can access/manage the organization's infrastructure.
• Create sub-accounts within the organization per environment/project. I.e production & staging.
- Create a root account [email protected]
- Create an Organization "drilococo".
- Create sub-accounts under the organization for "staging" & "production" environments. For each sub-account, comple the sign-up steps. For each sub-account, create an Access Key and store them in a safe place (i.e password manager).
- Create an IAM User under the main account, with AdministratorAccess (or any other appropiate access role). This user will be able to: Manage (according the its role), the organiztion's infrastructure from the AWS Management Console. This user will be able to: Switch between the different organization's sub-accounts (staging & production). Create as many users as developers/people/managers need access to the infrastructure. Assign proper access roles to each user. For each IAM User, complete the sign-up steps. For each IAM User, setup role switching to allow the user to easily jump between staging & production environments.
[TODO]
[TODO]
Install and [Configure]((https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html) the AWS-CLI for an IAM User. Allow IAM Users to access organization's infrastructure from their machine using the command line.
Configure the CLI for each environment:
aws configure --profile drilococo-stagingaws configure --profile drilococo-production
When prompted provide the Access Key ID and Secret from the appropiate account (staging or production).
I'll use Terraform design/provision/manage/deliver the infrastructure using code.
[TODO] How to install and configure Terraform in my machine. [TODO] How to build, change and destroy infrastructure.
terraform init
| components/
|-- componentName/
| |-- vars/
| | |-- staging.tfvars
| | |-- production.tfvars
| |-- main.tf
| |-- outputs.tf
| |-- backend.tf
| |-- providers.tf
| |-- variables.tf
| modules/
|-- moduleName/
| |-- main.tf
| |-- outputs.tf
| |-- variables.tf
| |-- versions.tf
Reference
- https://www.terraform.io/docs/configuration/blocks/modules/syntax.html
- https://learn.hashicorp.com/collections/terraform/aws-get-started
- https://registry.terraform.io/providers/hashicorp/aws/latest/docs
-
CI/CD Pipeline (EC2 & Builkite)
-
Networking (VPC)
-
Orchestration (EKS, EC2)
-
Service Discovery (Route 53)
-
Load Balancing (ALB & ELB)
-
Monitoring (CloudWatch, NewRelic & Prometheus)
Per application configuration
- Databases (RDS)
- In Memory Databases (REDIS)
- Messaging (SNS & SQS)
- Monitoring (CloudWatch)
- Observability • Logs (FileBeat, Elastiseach & Kibana)
- Observability • Tracing ()