Reduce the number of load balancer groups on dev and prod #93
Assignees
Labels
chore
routine tasks that must be done, but require little active brain power
funder/otffoss2023-2024
priority/medium
Comments
2 tasks
hellais
added
priority/medium
priority/low
chore
|
We should make sure that https://api.prod.ooni.io/ still works, since DW is using this in their app. |
This was referenced Sep 5, 2024
hellais
pushed a commit
that referenced
this issue
Sep 6, 2024
This diff removes the microservice hosts from the prometheus alerts. Part of #93
8 tasks
hellais
added a commit
that referenced
this issue
Oct 1, 2024
Changes: * Add support for creating digital ocean droplets for test helpers * Switch networking config to NAT gateway less setup Fixes: * #92 * #91 * #93 Checklist for doing it: * [x] Create terraform module for deploying test helpers to digital ocean * [x] Tweak ECS task sizes to reduce instance consumption * [x] Drop ECS cluster for test helpers * [x] Setup direct load balancer rules to address services based on hostname * [x] Drop test helper monitoring on AWS in monitoring host * [x] Add support for SAN in ACM certificates by creating new module * [x] Setup nginx based load balancing for test helpers * [x] Refactor EC2 instance deployment to use cloud-init Since AWS costs are too high for the test helpers with IPv6 support, we switch them back to digital ocean. How this is implemented is by adding a new rule to the oonibackend proxy that acts as a load balancer towards the test helpers on digital ocean. The reason to do this is so that we don't have to complicate the TLS setup by having to do certificate provisioning on the test helpers, but rather are able to keep it in AWS. Moreover by having a single entry point to the test helpers it means we can implement a cache which works across all the test helper backends, instead of having a per-test helper caching layer. What is missing is adding the rules that perform routing on a per domain basis to the load balancer config. --------- Co-authored-by: decfox <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We should have only 1 load balancer for all API services, instead of 1 per service.
For each service, since we need direct monitoring of each individual service, we should configure the rules of the general load balancer to do routing on a path basis (which we already do) and also on a hostname basis (which we need to add).
This is related to: #62
The text was updated successfully, but these errors were encountered: