Testing Terraform Worflow in feature branch#6
Open
smtandabuzo wants to merge 17 commits into
Open
Conversation
Co-authored-by: Gordon Inggs <Gordonei@users.noreply.github.com>
…ssessment Add initial devops assessment
…ptimised layer caching for faster builds, implements healths checks at appropriate intervals, file permissions and environment variables, Gunicorn as production WSGI server. Ensured dependencies from requirements.txt are installed properly. Implemented S3 Client Optimization by using singleton pattern for s3 client to prevent repeated client initialization and added environment variable support.
…ed layer caching for faster builds, implements healths checks at appropriate intervals, file permissions and environment variables, Gunicorn as production WSGI server. Draft for git ignore file that is used to by pass non project files from commit.
…stack is made of two services, data-app for the containerized Python application and minio which refers to the official minio image, used as a convenient alternative to AWS S3. The script creates a bridge network used by the services to communicate. Named volume is used to ensure that minio data persists is retained across container restarts. Followed security best practises including supporting file based and environmental secrets and not storing secrets in version control, using Docker's built in secret management and providing error messages for missing configs.
… deployment script checks that all required prerequisites(Docker, Python) are setup, does code linting, deploys app with health checks and deployment error handling with error messaging. Implemented script that unit tests the application and provides error messages. Implemented script that verifies application is up and can connect to Minio and performs basic file operations and returns success or failure status
…f deployment failure, locking to prevent multiple concurrent deployments, error handling, restore previous versions, cleanup old backups
…val and data deletion.
…oying the application and required scripts as well as how to verify deployment, how to rollback and how to trouble shoot common issues.
…ainer environment already on local due to Docker container support, has Minio integration support, and has persistent connection support to support connection maintenance of the app. Provisioned IaC using Terraform which is best practise as it improves collaboration and version control and enhances consistency and reduces error and can be integrated into CI/CD pipelines for automated deployments and testing etc. Key resources created include VPC with public subnets in 2 availability zones for failover, internet gateway and route tables, security groups for ALB, ECS tasks and EFS, ECS cluster with Fargate, ALB, Minio with EFS for persistent storage, service discovery for internal DNS. Used AWS ECR for managing container images, best practise as it tracks version control for easy rollback, secure as it is integrated with IAM for access control, allows for faster deployments with AWS networking, integrates seamlessly with ECS and is cost effective as you pay only for storage and data transfer etc.
… that was setup with Terraform. Created the ECS service for MinIO with the correct bridge network mode and EC2 instance to run MinIO and EBS Volume to work with ECS and persist data across container restarts. Updated IAM Roles for EC2 container, ECS and Cloud Watch for log management, attached IAM Policies for EC2 container and added tags for resource management. Recreated minio target group due to config changes.
…lders to prevent unneccessary space usage.
…submission/sazimtandabuzo # Conflicts: # .gitignore # DEPLOYMENT.md # bin/deploy.sh
…lready on Github, configuration can be managed from central place. Refactor of Terraform script as part of preparation for CI CD pipeline. Setup environment variables for AWS Key and AWS Secret on Github Actions.
…rfile to align to CI CD pipeline configuration on Github Actions.
- Run terraform fmt to standardize formatting - Update GitHub Actions workflow to remove Slack notifications - Update README with architecture and deployment details
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.