Skip to content
This repository has been archived by the owner on Dec 6, 2022. It is now read-only.

1.0 GovCMS Platform

Simon Hobbs edited this page Nov 11, 2019 · 16 revisions

The GovCMS hosting platform is designed to host Drupal CMS websites and support continuous deployment. It uses containerisation to segregate projects and scale to meet traffic demands, as opposed to traditional shared, virtual or dedicated hosting.

On this page

Main components

The key components of the GovCMS platform are described here in point form.

  • GitHub is used for public (open source) code where possible.
  • GovCMS has its own private instance of Gitlab for CI and private repositories.
  • Your project runs on individual Docker containers (for Nginx, PHP, MariaDB, etc). These are hosted publicly.
  • As a first principle, all projects run independently (they don't share services).
  • Where possible, the same dockers images are the basis for local, testing and production containers.
  • Lagoon by Amazee.io is the collection of services that co-ordinates the moving parts in the cloud.
  • OpenShift by Redhata is responsible for deploying Docker containers onto AWS, under instruction from Lagoon.
  • Lagoon and OpenShift are not required for local development. Local development uses Docker and Docker Compose.

Basic architecture

This diagram gives an overview of how the elements of the GovCMS platform fit together.

                             
I                            
N                      site 1      site 2      site 3     site 4   <---- Public facing websites, 
T                        ^           ^           ^           ^           each of which is a 
E                        |           |           |           |           segregated project on
R                        |           |           |           |           the GovCMS platform
N                   +----+-----------+-----------+-----------+----+
E                   |    Akamai Content Delivery Network (CDN)    |
T                   |   (DDoS protection, speed + uptime boost)   |
                    +---------------------------------------------+
                         ^           ^           ^           ^
G                        |           |           |           |
O  +----------------+----+----+-+----+----+-+----+----+-+----+----+
V  |   |            | php     | | php     | | php     | | php     |
C  |   |            | ------- | | ------- | | ------- | | ------- |
M  |   +----------> | nginx   | | nginx   | | nginx   | | nginx   |
S  |   |            | ------- | | ------- | | ------- | | ------- |
   |   | Lagoon     | redis   | | redis   | |         | | solr    |
P  |   | (Amazee)   +---------+-+---------+-+---------+-+---------+
L  |   |            |                                             |
A  |   +------------>   OpenShift (Kubernetes, Docker images)     |
T  |                |                                             |
F  +--------------------------------------------------------------+
O  |              Amazon WebServices (AWS), Sydney                |
R  |               inc. RDS for mariadb databases                 |
M  +--------------------------------------------------------------+
                                 ^
                                 |
   +--------------------------------------------------------------+
   |              GitLab (privately hosted)                       |
   |       Testing, Continuous Integration (CI), some code        |
   +--------------------------------------------------------------+
                     ^                   
                     |
                     |                     local1.com    local2.com   local3.com      
       +----------------------+          +-------------------------------------+
       |                      |          | php       | | php      | | php      |  <--- The same Docker images
L      | Local working files  |          | --------- | | -------- | | -------- |       are used locally as in  
O      |                      |          | mariadb   | | mariadb  | | mariadb  |       the cloud. This way,
C      | on your PC           | ----+->  | --------- | | -------- | | -------- |       developers get the most
A      |                      |     |    | nginx     | | nginx    | | nginx    |       accurate possible
L      +----------------------+     |    | --------- | | -------- | | -------- |       environment to test in.
      / - - - - - - - - - - - -\    |    | test      | | test     | | test     |
     / - - - - - - - - - - - - -\   |    +-------------------------------------+
     ============================   |    |      Docker (Docker Compose)        |
                                    |    +-------------------------------------+
                                    |    
                                    |        +----------------+
                                    |        |                |
                                    |        |  Github        |
                                    |        |  (public)      |
                                    +----->  |                |
                                             |  open source   |
                                             |  code where    |
                                             |  possible      |
                                             |                |
                                             +----------------+

Services

Some more information about the key services we use.

OpenShift is a security-focused open source container application platform based on top of Docker containers, and is a tool to automate the build, deployment, and management of enterprise applications on Kubernetes. The OpenShift Container Platform is supported and maintained by RedHat, providing stability for version upgrades as well as managing any security patches.

Kubernetes is an open source orchestration system, originally created by Google, for automating the deployment, scaling, and management of containerized applications, eliminating many of the manual processes involved in running at scale.

Kubernetes will automatically resolve issues with any container, site or availability zone. Self-healing capabilities ensure automated recovery of individual sites, or in the most extreme case, entire physical data centers (availability zones).

Lagoon from Amazee.io is made up of a number of interconnected open source services working together on OpenShift - at a high level, these services and tools include things like GraphQL API, Rabbit MQ, Ansible scripts. By using Docker Compose locally, when you push your repository Lagoon determines what images to deploy for you from the same configuration files, which means your remote hosting uses the same images as your local setup.

GitLab is an open source Git repository manager with issue management, version control, code review, monitoring, continuous integration and continuous deployment.

In the context of GovCMS hosting, 'GitLab' refers to the privately-hosted instance of GitLab managed by the Department of Finance, not the public website 'https://www.gitlab.com'.

GitLab will also be used to manage the release and patch process – allowing precise control over the availability of GovCMS releases, with the ability to create on-demand test environments for agencies to test upcoming features and releases.