A network layout well-suited to most organizational needs.
The network framework POC was built to accomplish the following goals most organizations need.
- Availability: Designed to survive up to 2/3 AZs going down at once in a region
- Scalability: Large network namespace to account for huge deployments
- Security: Only one way in and out via a DMZ subnet, network ACLs between subnets aka layers, firewall rules for different logical types of infrastructure
- Segregation: Services are arranged logically in a series of five subnets;
- DMZ (public resources such as load balancers)
- Routing (NGINX/HAProxy/layer 7 routing rules)
- Services (for backend web services, async workers, and ETL jobs)
- Data (for databases: e.g. Postgres, RabbitMQ, Elasticsearch, basically things that are stateful)
- Admin (for administrative services like ZooKeeper and etcd and logstash and nagios and whatever)
This network framework is known as Titan and has been deployed for large enterprise customers. Rather than building a network from scratch, this network framework can be used to provide a highly-available, secure, and scalable network foundation.
Authors and contributors listed in
Licensed at your option of either of the above licenses.
Dedicated to the crew of the U.S.S. Gloria and in loving memory of Lieutenant Hoerig.
Independence Day, Second of May, we will never forget.