-
Notifications
You must be signed in to change notification settings - Fork 74
1.0 GovCMS Platform
The GovCMS hosting platform is designed to host Drupal CMS websites and support continuous deployment. It uses containerisation to segregate projects and scale to meet traffic demands, as opposed to traditional shared, virtual or dedicated hosting.
Services run primarily in Docker containers, which in turn run on OpenShift in Amazon Web Services (AWS). The tooling is almost exclusively open source, and the configuration for most of the tools is managed in code.
The key points of the GovCMS platform are listed here, with additional information (or links) further down.
- Projects are segregated (eg. projects do not share containers). This is one of the key advantages of containerisation - one project cannot impede another.
- GitHub is used for public code (i.e. open source code). This is optional but encouraged :)
- A private hosted version of GitLab is used for continuous integration and test scripts, as well as some private repositories. Not to be confused with the public 'www.gitlab.com'.
- The stack of technologies that a project uses (like the nginx, php, redis, etc) run as individual Docker containers.
- Lagoon co-ordinates the moving parts.
- Docker containers are clones of Docker images, which live in the cloud and can be cloned down as needed to wherever Docker is running.
- Where possible, the same containers are used both locally and in the cloud.
- OpenShift orchestrates Docker containers in the cloud, and is not required for local development.
- Docker Compose orchestrates containers for local development using Docker, instead of OpenShift.
This diagram gives an overview of how the elements of the govCMS platform fit together.
I
N site 1 site 2 site 3 site 4 <---- Public facing websites,
T ^ ^ ^ ^ each of which is a
E | | | | segregated project on
R | | | | the GovCMS platform
N +----+-----------+-----------+-----------+----+
E | Akamai Content Delivery Network (CDN) |
T | (DDoS protection, speed + uptime boost) |
+---------------------------------------------+
^ ^ ^ ^
G | | | |
O +----------------+----+----+-+----+----+-+----+----+-+----+----+
V | | | php | | php | | php | | php |
C | | | ------- | | ------- | | ------- | | ------- |
M | l----------> | nginx | | nginx | | nginx | | nginx |
S | | | ------- | | ------- | | ------- | | ------- |
| | Lagoon | redis | | redis | | | | solr |
P | | (Amazee) +---------+-+---------+-+---------+-+---------+
L | | | |
A | l------------> OpenShift (Kubernetes, Docker images) |
T | | |
F +--------------------------------------------------------------+
O | Amazon WebServices (AWS), Sydney |
R | inc. RDS for database |
M +--------------------------------------------------------------+
^
|
|
+-------+---------+ +----------------+
| | | |
| Gitlab | | Github |
| (private) | | (public) |
| | | |
| Testing | | open source |
| CI | | code where |
| Some code | | possible |
| | | |
+-----------------+ +----------------+
^ ^
| |
v |
local1.com local2.com local3.com
+-------------------------------------+
L | php | | php | | php | <--- The same Docker images
O | --------- | | -------- | | -------- | are used locally as in
C | mariadb | | mariadb | | mariadb | the cloud. This way,
A | --------- | | -------- | | -------- | developers get the most
L | nginx | | nginx | | nginx | accurate possible
| --------- | | -------- | | -------- | environment to test in.
| test | | test | | test |
+-------------------------------------+
+-------------------------------------+
| Docker (Docker Compose) |
+-------------------------------------+
A 'Service' refers to a program or peice of software. The GovCMS platform leverages several major open-source projects as services.
OpenShift is a security-focused open source container application platform based on top of Docker containers, and is a tool to automate the build, deployment, and management of enterprise applications on Kubernetes. The OpenShift Container Platform is supported and maintained by RedHat, providing stability for version upgrades as well as managing any security patches.
Kubernetes (https://kubernetes.io)
Kubernetes is an open source orchestration system, originally created by Google, for automating the deployment, scaling, and management of containerized applications, eliminating many of the manual processes involved in running at scale.
Kubernetes will automatically resolve issues with any container, site or availability zone. Self-healing capabilities ensure automated recovery of individual sites, or in the most extreme case, entire physical data centers (availability zones).
Lagoon from Amazee.io is made up of a number of interconnected open source services working together on OpenShift - at a high level, these services and tools include things like GraphQL API, Rabbit MQ, Ansible scripts. By using Docker Compose locally, when you push your repository Lagoon determines what images to deploy for you from the same configuration files, which means your remote hosting uses the same images as your local setup.
GitLab (https://about.gitlab.com)
GitLab is an open source Git repository manager with issue management, version control, code review, monitoring, continuous integration and continuous deployment.
In the context of GovCMS hosting, 'GitLab' refers to the privately-hosted instance of GitLab managed by the Department of Finance, not the public website 'https://www.gitlab.com'.
GitLab will also be used to manage the release and patch process – allowing precise control over the availability of GovCMS releases, with the ability to create on-demand test environments for agencies to test upcoming features and releases.