Skip to main content

Infrastructure

Overview

This page will outline the specifications for the infrastructure. It is very important that a strong infrastructure is used to facilitate better scalability, better developer experience and a better user experience. Most infrastructure will remain unaccessible to the general public

Authentication as a Service

Keycloak will be used to manage user authentication and authorization between different microservices

Monitoring as a Service

Monitoring everything will be another key component to success. For logging, all containers will log to a remote syslog system and will publish performance metrics to a database. Aggregate syslog will be read by a program such as Graylog and aggregate statistics will be displayed using Grafana or a custom application. This monitoring stack should be kept separate from the main stack.

Secrets as a Service

Maintaining secretsStep-CA will be vitalused for theautomatically entirerotating infrastructure.certificates Toand managekeys. secrets, Vault by hashicorpCerts will be used.valid Vaultfor 24 hours max and will allowbe forrenewed storingat ofthe and15hr auto renewal of data such as passwords and certificates.mark.

Files as a Service

Minio will be used for storing files. Both users and system accounts will be available to use the service.

Automated Build, Test and Deploy

Automated building, testing and deploying will be done to ensure everything stays up to date. Currently, Jenkins seems to be the best solution for this task. Jenkins will be able to build the docker images, run a suite of tests and then publish the images to be deployed. Ideally, this system should be 100% automatic to help align with development goals such as weekly builds. The Gitea service will also assist with managing codebases

User Management

Users will be managed using an OpenLDAP server and the application FusionDirectory, due to the fact that other services in the cloud rely on them and there really isn't any problems with using them. 

Messaging Between Services

Apache Kafka will be used to handle messaging between services.

Back to top