/2020-jun-project1-group3

Primary LanguageHCLCreative Commons Attribution Share Alike 4.0 InternationalCC-BY-SA-4.0

GitHub repo size GitHub contributors GitHub last commit GitHub issues GitHub closed issues

PROJECT TITLE:

MIGRATION OF ON-PREMISES WEB APP TO CLOUD

PROJECT GROUP

DEVOPSACADEMY - PROJECT - GROUP3

TEAM MEMBERS:

 -  Daniel Andrade
 -  Fernando Rolnik
 -  Jay Amaranayake
 -  Vanitha Kaliyaperumal

MENTORS

  - Caio Trevisan
  - Denis Silva
  - Kiko Collet

Table of Contents

Current Business Status

A company in Australia currently have a web application running on-premisis in a Linux virtual machine. The application is being used by hundreds of customers every day and it is based on Wordpress which uses LAMP stack (Linux, Apache, MySQL and PHP) to offer great products.

Currently the solution is hosted in a single server (application and database) and deployments are made through FTP transfers to the server.

CURRENT WORKFLOW

Business Requirement

The CEO is worried that a traffic peak may bring down the website whih is a great loss to the business as a whole. The CEO wanted to migarte the On-premesis Web Application to AWS cloud and below are the requirements for the pilot migration project.

  • Containeraize the application using Docker.
  • The application needs to be secure (all data encrypted at rest and in transit).
  • The application needs to be Highly Available.
  • The application needs to support peaks of up to 10 times the average load (scalability).
  • The infrastructure needs to be reproducible and version controlled in case the CEO decides to expand the business to other parts of the world (consider infra as code).
  • There must be an easy and secure way of developing, with fast feedback (consider CI/CD practices or at least automation scripts).
  • Strategy for Logging and Alarming the health of the system.
  • Strategy for handling application component failure.

Assumptions

  • Data Migration is out of scope as it is a pilot migration.
  • Consider to include the Unit/Integration/service test in the CI pipeline or automation scripts.
  • Single GitHib repo will be delivered.
  • This pilot migration will be delivered using Terraform code.

Proposed Solution

Technology Products / Services

Below are the Technology Products chosen to deliver this pilot Migration solution.

REQUIREMENT TECHNOLOGY
Version Control System(VCS) GitHub
Infra as Code Terraform
PipeLine Tools GitHub Actions
Containerization Docker / Docker - Compose
Relational Database AURORA RDS MySQL Serverles
Container orchestrator ECS FARGATE
Container Registry ECR

High level design

Solution Diagram

Pre-Requisites

Installations Reference
Terraform Terraform Download
Git Git Install
AWS CLI AWS CLI
Docker Docker Install
JQ Jq Install
Make GNU Make

Configurations / Other Reference
AWS Account AWS Console
Registration Domain name Free Domain
Configure Nameservers in the Domain Add Nameserver
Create TLS/SSL Certificates AWS Certificate Manager
SSL Creation
Create SNS Topic and Subscription Confirmation Alarming
Create CloudWatch Rules Alarming

Quick Deployment from your computer

⚠️ This will deploy resources that are not entitled for AWS Free Tier and will incure a cost

Deployment steps

  • git clone git@github.com:devopsacademyau/2020-jun-project1-group3.git

  • paste the variables block with your values

    • export acm_cert_arn=
    • export AWS_ACCESS_KEY_ID=
    • export AWS_SECRET_ACCESS_KEY=
    • export domain_name=
    • export hosted_zone_id=
    • export ssh_allowed_cidr=
    • export tf_backend_bucket=
  • From the root of the repository: make deploy

  • Wait for about 10 minutes and you can check the progress from AWS console

  • Access the domain and enjoy your new blog

Destroy your deployment

  • From the root of the repository: make destroy

Test the CI/CD setup

⚠️ This will deploy resources that are not entitled for AWS Free Tier and will incure a cost

  • Fork the devopsacademyau/2020-jun-project1-group3

  • Add the following secrets into Github secrets of your forked repository.

    • acm_cert_arn
    • AWS_ACCESS_KEY_ID
    • AWS_SECRET_ACCESS_KEY
    • domain_name
    • hosted_zone_id
    • ssh_allowed_cidr
    • tf_backend_bucket
  • Clone the repo that is forked

  • Copy all the files from the actions folder into .github/workflow. It will override some of the existing files which is the intended behaviour.

  • Add, Commit and Push the modifications to master of the forked repository

  • Now the forked repository is ready to be used with Github Actions

How to trigger CI/CD Deploy action

  • Go to root of the repository
  • Add a file named deploy
  • Add, Commit and Push the new file to master of the forked repository
  • Check the Actions on your Github to see how actions are getting triggered
  • Check your AWS console to see how the deployment is progressing
  • Check your domain after about 10 minutes to see your new blog

How to trigger CI/CD Destroy action

  • Go to root of the repository
  • Add a file named destroy
  • Add, Commit and Push the new file to master of the forked repository
  • Check the Actions on your Github to see how actions are getting triggered
  • Check your AWS console to see how your resources are getting deleted

The Real CI/CD automation

  • Create a policy on master branch to mandate at least one approval on PRs from someone that isn't an author
  • Change any file on terraform folder and push - Make Plan
  • PR the pushed file - Make Apply
  • Change any file on docker folder and push - Make publish
  • PR the published file - Make deploy-wp - Wait a few minuites to see the container running.

⚠️ Remember to destroy to avoid any cost

Tech Debt/ Things to improve

  • MTLS to make traffic flow secure end to end
  • Improve module level documentation

More info

Deployment Steps in detail

  • Plan terraform from terraform folder

    make plan

  • Apply Terraform from terraform folder

    make apply

  • Obtain credentials to the Elastic Container Registry by executing below from Docker folder

    make login

  • Build Wordpress Container Image by executing below from Docker folder

    make build

  • Publish the docker image to ECS Registry by executing below from Docker folder

    make publish

  • Deploy with Updated image from terraform folder

    make deploy-wp

⚠️ Remember to destroy to avoid any cost

  • To destroy all the AWS resources deployed by terraform, execute below from repository root folder

    make destroy


Below are the different stages of Application Installation and readiness.

References

WORDPRESS BEST PRACTISE

AUTOMATING WORDPRESS

License

LICENSE