Skip to content

Deployment prod (AWS)

Jump to bottom
Andrii Popov edited this page May 3, 2024 · 11 revisions

This deployment method is suitable for prod!

Preliminaries

For production deployment, the following AWS services have to be provisioned:

  • RDS cluster (MySQL 8.x)
  • Elastic Cache cluster (based on Redis 7.x)
  • Fleet of 1-N EC2 instances, x86, t3.medium/t3.large, either AWS Linux or Ubuntu;
  • Managed ACM TLS certificate for your domain, like mit-ratos.edu.us))
  • Route 53 records of type alias or CNAME with values www routed to your ALB/CloudFront distribution (public DNS name);

For min. configuration you need:

In this min. config CloudFront distribution will do SSL termination and cache static content at Edge Locations;

  • Single EC2 instance;
  • CloudFront distribution, with the origin pointing to EC2 instance public DNS name/IP address

For standard configuration you need:

In this standard config you have auto-scaling group that maintains given number of EC2 instances, fronted by ALB to do Round Robin across all instances; either fronted by ALB or CloudFront distribution to do SSL termination;

  • 2 or more EC2 instances;
  • ASG (Auto-scaling group), connected to target EC2 instances, launch template;
  • ALB (Application Load Balancer), connected to target group made of ASG;
  • (Optionally) CloudFront distribution, with origin pointing to ALB.

Configurations

EC2

  • Prepare AMI image with the application.
  • Install docker and run a container with the app, download docker pull gelever85/ratos3:prod
  • Make sure all env., variables (including RDS URL and credentials) are in place and set up correctly;

RDS (MySQL 8.x)

  • Provision RDS instance of required capacity in a private subnet of your VPC, set: username, password and database name, min requirement db.m5d.large
  • It is recommended to use an option:

Multi-AZ DB instance: creates a primary DB instance and a standby DB instance in a different AZ. Provides high availability and data redundancy, but the standby DB instance doesn't support connections for read workloads.

  • Set-up connectivity to your EC2 instance or ASG via configuring security groups: configure the security groups associated with your EC2 instances to allow outgoing connections to the RDS instance. This ensures that the EC2 instances can communicate with the RDS instance over the network.

Elastic Cache Redis (7.x)

  • Provision ElastiCache Redis cluster of required capacity in a private subnet of your VPC, min requirement cache.r7g.lrage
  • It is recommended to use an option:

**Cluster mode** enables replication across multiple shards for enhanced scalability and availability.

and

**Multi-AZ **provides enhanced high availability through automatic failover to a read replica, cross AZs, in case of a primary node failover.

and

Parameter groups control the runtime properties of your nodes and clusters. = default.redis7

Warning(!): Elastic Cache Redis cluster does not support a number of config, including CONFIG. In order to make the application work with this cluster you need to create a custom parameter group based on default.redis7 setting parameter notify-keyspace-events to EA.

Clone this wiki locally