A Technical Deep Dive Albert Alby Holtsclaw Senior DevOps Architect Senior Database Administrator East Tennessee State University Disclaimer This presentation is being recorded Goals and Overview ID: 1037246
Download Presentation The PPT/PDF document "Moving Banner to Docker & AWS:" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
1. Moving Banner to Docker & AWS: A Technical Deep DiveAlbert ‘Alby’ HoltsclawSenior DevOps Architect / Senior Database AdministratorEast Tennessee State UniversityDisclaimer: This presentation is being recorded.
2. Goals and OverviewMotivationArchitectureProcesses, Technologies, and Services UsedBenefits Gained and Challenges Encountered
3. MotivationsEnterprise Systems, custom applicationsFacing Upgrades: SQL Server, Windows Server, Codebase (Accessibility, Framework)Growing number of “mission critical” applicationsAging Banner ERP InfrastructureERP Hosts: RHEL 5, Hardware Replacement, Datacenter Migration (2017)Availability, Scalability, Disaster Recovery / BCGrowing Infrastructure Needs / Banner 9Need for higher efficiency, easier maintenancePuppet / Configuration Management wasn’t enough
4. ArchitectureVPC Setup: dev vs prod, subnets, multi-AZDatabases:Oracle on EC2 (Unable to leverage RDS, filesystem access, one-off patches)SQL Server Cluster on RDS, MySQL on Aurora RDSJob Submission: EC2 (Docker in future?)All Banner 9 Apps, SSB, Others: Docker / ECS ClustereInvoice / IFEP / Old Middleware: EC2 (for now)Elastic Load Balancers / Application Load BalancersETL / Data Integration / Scheduled Tasks: AWS Lambda
5. Architecture
6. ArchitectureBanner Oracle EC2https://banner.infosys.etsu.edu/applicationNavigatorElastic Load Balancerhaproxy1haproxy2ECS Compute ClusterApp. Load BalancerJobsub EC2PublicPrivateOther EC2Other On-Prem
7. Architecture
8. Architecture
9. Technologies and ServicesDocker
10. Technologies and ServicesDockerentrypoint.py
11. Technologies and ServicesGit & ECS ConfigsECS Compute Cluster
12. Technologies and ServicesGit & ECS ConfigsECS Compute Cluster
13. Technologies and ServicesTerraformresource "aws_instance" " dban" {ami = "ami-ae7bfdb8"instance_type = "m4.xlarge"subnet_id = "${module.vpc.private_subnets[1]}"key_name = "linux_banner_key"private_ip = “xxx.xx.xx.xxx"vpc_security_group_ids = ["${aws_security_group.dban.id}"]root_block_device{ volume_type = "gp2" volume_size = "100" delete_on_termination = "false"}}
14. Technologies and ServicesTerraformresource "aws_ecs_service" "prod-BannerAdmin" { name = "prod-BannerAdmin" cluster = "${aws_ecs_cluster.pcompute.id}" task_definition = "${aws_ecs_task_definition.prod-BannerAdmin.arn}" desired_count = 2 iam_role = "${aws_iam_role.pecs_service_role.arn}" depends_on = ["aws_iam_role_policy.pecs_service_role_policy"] load_balancer { target_group_arn = "${aws_alb_target_group.prod-BannerAdmin.arn}" container_name = "prod-BannerAdmin", container_port = 8080 } …..}
15. Technologies and ServicesTerraform
16. Technologies and ServicesLambdarave-rssc2gcampustoursmaintec2-start-parkableerrors-remedy-to-slackSecureAccess_ETLpobox-syncpwebsql1-ip-checkebs-backup-workercontracts_etlemailertrs-etlwetssa-log-cleancampus_tours_emailercompcalc_etlmajor-changecontact_methods_etlsnsToSlackprovost_etlebs-backup-pruneec2-stop-parkableTRS_Remindersparking
17. Technologies and ServicesAMIs and SnapshotsSnap AMIs quarterly or major upgradesSnap AMIs for install baselinesSnapshots nightlyAutomated Backup and Prune via LambdaMigrate to Amazon Data Lifecycle Manager
18. Technologies and ServicesRoute 53 and DNS forwardersLegacy domainsPoint on-prem DNS entry to APEX load balancergoldlink.etsu.edudegreeworks.etsu.edu
19. Technologies and ServicesLoggingCloudwatchCloudtrail (Audit)S3 Log Dumps
20. Technologies and ServicesMonitoringPrometheusAlerts ManagerSlackGrafana
21. Technologies and ServicesConfiguration Management
22. BenefitsBetter Disaster RecoveryAMIs, Snapshots, Infrastructure as CodeHigh AvailabilityMulti-AZ, Multiple Instances, Load BalancedImproved ScalabilityECS Compute Clusters, Auto-Scaling Groups, Containers. Capacity on DemandImproved SecurityNetwork Isolation, Security Groups, Monitoring, VPN Gateway, PeeringEasier to MaintainDeclarative Infrastructure and Services. Git / Continuous Integration Pipelines
23. ChallengesTimingStaffing (workload/capacity and self-learning)Cost (Op-ex vs Cap-ex)AWS ContractNetworking (VPN Gateway, CISCO ASA, SQL Fixup protocol, persistent connection sniping)
24. What’s Next?Containerize more appsPuppetize when containers not idealCreate standby in separate region Increase usage of CI/CDIncrease monitoring via Prometheus and smart alertingAll the Dashboards!!!Greenfield ProjectsAWS FargateKubernetes (EKS or Standalone)
25. CollaborationBandock Google Groupbandock@googlegroups.comBanner AWS Slack GroupApril SimsSouthern Utah Universityaprilcsims@gmail.comMonthly (ish) Meetings
26. Albert ‘Alby’ HoltsclawSenior DevOps Architect / Senior Database AdministratorAlbertHoltsclaw.comholtsclawa@etsu.edu