Infrastructure as a Service

Overview

This page will outline the specifications for the infrastructure. It is very important that a strong infrastructure is used to facilitate better scalability, better developer experience and a better user experience. Most infrastructure will remain unaccusable to the general public

Secrets as a Service

Maintaining secrets will be vital for the entire infrastructure. To manage secrets, Vault by hashicorp will be used. Vault will allow for storing of and auto renewal of data such as passwords and certificates.

Automated Build, Test and Deploy

Automated building, testing and deploying will be done to ensure everything stays up to date. Currently, Jenkins seems to be the best solution for this task. Jenkins will be able to build the docker images, run a suite of tests and then publish the images to be deployed. Ideally, this system should be 100% automatic to help align with development goals such as weekly builds. The Gitea service will also assist with managing codebases

Monitoring as a Service

Monitoring everything will be another key component to success. For logging, all containers will log to a remote syslog system and will publish performance metrics to a database. Aggregate syslog will be read by a program such as Graylog and aggregate statistics will be displayed using Grafana or a custom application. This monitoring stack should be kept separate from the main stack.

User Management

Users will be managed using an OpenLDAP server and the application FusionDirectory, due to the fact that other services in the cloud rely on them and there really isn't any problems with using them

Messaging Between Services

Apache Kafka will be used to handle messaging between services.