MIGRATION OF ON-PREMISES WEB APP TO CLOUD
DEVOPSACADEMY - PROJECT - GROUP3
- Daniel Andrade
- Fernando Rolnik
- Jay Amaranayake
- Vanitha Kaliyaperumal
- Caio Trevisan
- Denis Silva
- Kiko Collet
A company in Australia currently have a web application running on-premisis in a Linux virtual machine. The application is being used by hundreds of customers every day and it is based on Wordpress which uses LAMP stack (Linux, Apache, MySQL and PHP) to offer great products.
Currently the solution is hosted in a single server (application and database) and deployments are made through FTP transfers to the server.
The CEO is worried that a traffic peak may bring down the website whih is a great loss to the business as a whole. The CEO wanted to migarte the On-premesis Web Application to AWS cloud and below are the requirements for the pilot migration project.
- Containeraize the application using Docker.
- The application needs to be secure (all data encrypted at rest and in transit).
- The application needs to be Highly Available.
- The application needs to support peaks of up to 10 times the average load (scalability).
- The infrastructure needs to be reproducible and version controlled in case the CEO decides to expand the business to other parts of the world (consider infra as code).
- There must be an easy and secure way of developing, with fast feedback (consider CI/CD practices or at least automation scripts).
- Strategy for Logging and Alarming the health of the system.
- Strategy for handling application component failure.
- Data Migration is out of scope as it is a pilot migration.
- Consider to include the Unit/Integration/service test in the CI pipeline or automation scripts.
- Single GitHib repo will be delivered.
- This pilot migration will be delivered using Terraform code.
Technology Products / Services
Below are the Technology Products chosen to deliver this pilot Migration solution.
| REQUIREMENT | TECHNOLOGY |
|---|---|
| Version Control System(VCS) | GitHub |
| Infra as Code | Terraform |
| PipeLine Tools | GitHub Actions |
| Containerization | Docker / Docker - Compose |
| Relational Database | AURORA RDS MySQL Serverles |
| Container orchestrator | ECS FARGATE |
| Container Registry | ECR |
| Installations | Reference |
|---|---|
| Terraform | Terraform Download |
| Git | Git Install |
| AWS CLI | AWS CLI |
| Docker | Docker Install |
| JQ | Jq Install |
| Make | GNU Make |
| Configurations / Other | Reference |
|---|---|
| AWS Account | AWS Console |
| Registration Domain name | Free Domain |
| Configure Nameservers in the Domain | Add Nameserver |
| Create TLS/SSL Certificates | AWS Certificate Manager |
| SSL Creation | |
| Create SNS Topic and Subscription Confirmation | Alarming |
| Create CloudWatch Rules | Alarming |
-
git clone [email protected]:devopsacademyau/2020-jun-project1-group3.git -
paste the variables block with your values
export acm_cert_arn=export AWS_ACCESS_KEY_ID=export AWS_SECRET_ACCESS_KEY=export domain_name=export hosted_zone_id=export ssh_allowed_cidr=export tf_backend_bucket=
-
From the root of the repository:
make deploy -
Wait for about 10 minutes and you can check the progress from AWS console
-
Access the domain and enjoy your new blog
- From the root of the repository:
make destroy
-
Fork the devopsacademyau/2020-jun-project1-group3
-
Add the following secrets into Github secrets of your forked repository.
acm_cert_arnAWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYdomain_namehosted_zone_idssh_allowed_cidrtf_backend_bucket
-
Clone the repo that is forked
-
Copy all the files from the
actionsfolder into.github/workflow. It will override some of the existing files which is the intended behaviour. -
Add, Commit and Push the modifications to master of the forked repository
-
Now the forked repository is ready to be used with Github Actions
- Go to root of the repository
- Add a file named
deploy - Add, Commit and Push the new file to master of the forked repository
- Check the Actions on your Github to see how actions are getting triggered
- Check your AWS console to see how the deployment is progressing
- Check your domain after about 10 minutes to see your new blog
- Go to root of the repository
- Add a file named
destroy - Add, Commit and Push the new file to master of the forked repository
- Check the Actions on your Github to see how actions are getting triggered
- Check your AWS console to see how your resources are getting deleted
- Create a policy on master branch to mandate at least one approval on PRs from someone that isn't an author
- Change any file on terraform folder and push - Make Plan
- PR the pushed file - Make Apply
- Change any file on docker folder and push - Make publish
- PR the published file - Make deploy-wp - Wait a few minuites to see the container running.
- MTLS to make traffic flow secure end to end
- Improve module level documentation
Deployment Steps in detail
-
Plan terraform from terraform folder
make plan -
Apply Terraform from terraform folder
make apply -
Obtain credentials to the Elastic Container Registry by executing below from Docker folder
make login -
Build Wordpress Container Image by executing below from Docker folder
make build -
Publish the docker image to ECS Registry by executing below from Docker folder
make publish -
Deploy with Updated image from terraform folder
make deploy-wp
-
To destroy all the AWS resources deployed by terraform, execute below from repository
rootfoldermake destroy
Below are the different stages of Application Installation and readiness.
- Network Setup
- Database Installation
- Shared Storage Setup
- Application Installation
- Securing Application
- Logging and Alarming
References
License