This project is the infrastructure as code management for URL shortener backend using AWS.
images/: Packer files for building AMIimage.pkr.hcl: Main packer scriptscripts/: Scripts to be run when provisioning AMI
instances/: Terraform files to provision EC2 in VPCmain.tf: Main terraform scriptansible/: Ansible scripts to run post-provisioning tasks such as mounting EBS volume, set up file system, copy postgres data, setup SSL for nginxscripts/: Scripts to automate(everything after step 2 of the workflow) start and stop of EC2, DNS, and deployment of URL shortener backend. Calls ansible scripts
Provisions a EBS-backed EC2 AMI, and install the necessary softwares for URL shortener backend, i.e. postgres, redis, as well as nginx
cd into images/
Define variables that are declared in image.pkr.hcl in a new file variables.auto.pkrvars.hcl
Build image: packer build -machine-readable -var-file variables.auto.pkrvars.hcl image.pkr.hcl | tee build.log
cd into instances/
Copy the AMI ID from packer build, update it in variables.tf
Provision infra: terraform apply
Everything from here onwards is handled in instances/scripts/start.sh
Run post-provisioning configurations such as mounting EBS volume, setting PostGreSQL data directory, nginx SSL, grafana
Rerun the latest deploy job in github action
Traffic flow
Deployment pipeline
- Extract common functions into a reusable python module
- Use ansible roles to define reusable configurations
- Use terraform modules to define reusable configurations
- IAM user and policies for system admin
- container image scan
- Use terraform vault to store secrets
- Create postgres roles and user: app, grafana
- Grafana: Traces, alerts on infra & app, monitor grafana itself
- Use AWS ECS for multi container deployment
- Update architecture diagram
- Dockerise nginx
- Messed up PostGreSQL WAL by
rsyncing/var/lib/postgresql/13/main/to its new data directory. Don't do it.