Infrastructure

Overview

This page will outline the specifications for the infrastructure. It is very important that a strong infrastructure is used to facilitate better scalability, better developer experience and a better user experience. Most infrastructure will remain ~~unaccessible~~inaccessible to the general ~~public~~public. The infrastructure will be split up into different "stacks".

Logging/Metrics

Authentication as a ServiceLogging

~~Keycloak~~For logging, the GELF stack will be used to(Graylog, ~~manage~~elasticsearch, ~~user authentication and authorization between different microservices~~mongodb).

Monitoring as a ServiceMetrics

~~Monitoring~~For ~~everything~~metric capturing the GIT stack will be ~~another~~used ~~key~~(Grafana, ~~component~~InfluxDB, toTelegraf)

~~success.~~

Identity/Authentication

~~For logging, all containers will log to a remote syslog system~~

OpenLDAP and ~~will publish performance metrics to a database. Aggregate syslog will be read by a program such as Graylog and aggregate statistics will be displayed using Grafana or a custom application.~~ ~~This monitoring stack should be kept separate from the main stack.~~

Secrets as a Service

~~Step-CA~~Keycloak will be used for ~~automatically~~both ~~rotating certificates~~authentication and ~~keys.~~authorization. ~~Certs~~Accounts will be ~~valid~~created ~~for~~in ~~24 hours max~~OpenLDAP and not Keycloak in most cases

Database

Postgres will be ~~renewed at~~ the ~~15hr~~database ~~mark.~~of choice for all infrastructure services and application containers. Redis will also be use for caching

Files

File as a Service

storage

Minio will be used for storing and retrieving files. ~~Both~~It ~~users and system accounts will be available to use the service.~~

Automated Build, Test and Deploy

Automated building, testing and deploying will be done to ensure everything stays up to date. Currently, Jenkins seems to be the best solution for this task. Jenkins will be able to build the docker images, run a suite of tests and then publish the images to be deployed. Ideally, this system should be 100% automatic to help align with development goals such as weekly builds. The Gitea service will also assist with managing codebases

User Management

~~Users will be managed using~~is an ~~OpenLDAP~~S3 ~~server~~complaint ~~and~~file ~~the~~system

~~application FusionDirectory, due to the fact that other services in the cloud rely on them and there really isn't any problems with using them.~~

Messaging Between Services

~~Apache Kafka~~ ~~will be used to handle messaging between services.~~