Community Ops/PaaS
Community Ops - PaaS
Purpose
Currently, Community websites are hosted on a variety of different infrastructure with no clear owner or maintainer, which has lead to downtime, security, and budgeting issues. The goal of this PaaS is to provide the production-quality infrastructure that the community and internal teams can use to host their services.
Apps that are going to run in Community Ops PaaS are:
- Mozilla discourse
- Mozilla community sites
- Participation infrastructure sites
AWS Architecture
- Mesos master nodes
- Mesos master
- Marathon
- Zookeeper
- Haproxy
- Mesos slave nodes
- Mesos slave
- Docker
- Shared RDS databases
- PostgreSQL
- MySQL
- Consul shared nodes
- Consul for both prod/staging
- GlusterFS shared nodes
- GlusterFS storage servers for both prod/staging
- Bastion node
- OpenVPN server
Software stack
Apache Mesos
Apache Mesos is a cluster manager that provides efficient resource isolation and sharing across distributed applications or frameworks.
Apache ZooKeeper
Apache ZooKeeper provides distributed configuration service, synchronization service, and naming registry for large distributed systems.
Marathon
Marathon is a production-grade container orchestration platform for Apache Mesos.
HAProxy
HAProxy is a high availability load balancer/proxy for TCP and HTTP application.
Consul
Consul is a distributed service discovery tool with health checking and k/v storage. Initially we will be using Consul just for health checking but we will expand this to replace Bamboo for service discovery.
Vault
Vault is a distributed tool for storing secrets. We will be using it to store any credentials required in our infra to be accessed by Ansible or Terraform.
GlusterFS
GlusterFS is a distributed storage service which allows us to persistently store data across the cluster.
Configuration Management
- Ansible playbooks
- Terraform configuration