RedMart Migrating from EC2 to VPC with Chef
28
EC2 to VPC with Chefand some other CI stuff... +
-
Upload
ritesh-angural -
Category
Technology
-
view
404 -
download
4
description
We at RedMart migrated our platform from EC2 to VPC on AWS. This is an outline of how we went about doing it.
Transcript of RedMart Migrating from EC2 to VPC with Chef
EC2 to VPC with Chefand some other CI stuff...
+
About
● Leading online grocery store in Singapore.
● Proprietary Ecommerce platform
● `redmart10` for 10% off. :)
EC2 to VPC
EC2 to VPC - Goals
● Automate our infrastructure.● Security● Maintain (or improve) workflow● Migrate with zero downtime
Security ☐
VPC
● Public Subnets● Private Subnets● Gateway● NATs
VPC InfraPublic Subnet10.0.0.0/24
Private10.0.1.0/24
Frontend,ELBs
Backend,Api, Servicesetc.
GatewayInternet. Mostly cats.
HOP
Mongo(Ecom)
Mongo(Fulfillment)
RedMart VPC (10.0.0.0/16)
Scale/ERP
Scale DB
Private (10.0.2.0/24)
Why VPC - without
● Securityo Security groups
Node
Why VPC - With
● Securityo Security groupso Network ACLso Route Tableso VPN
● Easier to manageo Intra VPCo External
NodeNode Node Node
Gatewayor
NAT
Security ☑Maintain (or improve) Workflow ☐
Workflow 1 - Deployment
1. Code2. Push to git3. Relax
Developer
1. Transfer Artifacts to S3
Push
Build
Fail
Pass
Emails, Slack
SSH
Chef Server
`sudo chef-client`
Download
2. Get nodes, SSH
Workflow 2 - Bootstrapping
1. Clone boilerplate project repo2. Clone boilerplate cookbook & role
3. knife create server -r “role[shiny_new_app]”4. Code!
1. Transfer Artifacts to S3
Chef ServerDevOps
`sudo chef-client`
Bootstrap
Download
Developer
1. Transfer Artifacts to S3
Push
Build
Fail
Pass
Send Emails
SSH
Chef ServerDevOps
`sudo chef-client`
Bootstrap
Download
2. Get nodes, SSH
Travis process
1. Tests and Builds your project2. If success:
o Uploads project to S3o Finds nodes relevant to your project (chef search)o Triggers `chef-client` on relevant nodes
Chef Process
1. Bootstrapping a node `knife bootstrap`
a. creates a server with specified role & environment
2. Converging a node `sudo chef-client`
a. role based recipe eg. recipe[golden_admin]
b. redmart deployment recipe eg. recipe[base_redmart::deploy]
i. download artifacts based from s3ii. extractiii. run start script eg. eg. `sh /ci/start.sh`
iv. symlink release
Everyone deploys the same way.
Security ☑Maintain (or improve) Workflow ☑
Migrate with zero downtime ☐
Stateful services
● Mongo (superfun)● Redis● Rabbitmq (not really stateful)
Mongo with six hosts
Apps
private
Apps
VPC Internet
public
Redis Daisy chaining
● Crucial to ensure user sessions not losto slaveof IPADDRESSo slave-read-only no
private
VPC Internet
public
Rabbitmq
● Keep alive till queues die out.
Apps
private
Apps
VPC Internet
public
Non stateful apps
● sudo chef-client● Hooray for chef!
DDay
● Duplicate version of entire redmart.com in VPC.o chef.redmart.como chefapi.redmart.com
● Change DNS of everything in public subnet● TTL!
Security ☑Maintain (or improve) Workflow ☑
Migrate with zero downtime ☑
… Cache busted!
● Full chef-client takes - 1min● 3 nodes deployed sequentially - 3 mins● Deploying one node at a time not okay.● Cache busting on Backbone.js apps
Solution: parallel triggering of chef & specific deployment recipe - 5 secs
What’s worked for us
● Infra as code is awesome● One command to deploy is awesome● Chef search is awesome● Chef for entire lifecycle (bootstrap +
deployment) is awesome
Thank you
We’re hiring! - redmart.recruiterbox.comWe now have bread! - redmart.comSlides - slideshare.net/riteshangural
