From e88f4a44f753927610a2ca0c9b8c6c0a8777438c Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Wed, 14 Aug 2024 20:37:56 +0200 Subject: [PATCH] feat: references to other pages --- 01-introduction.md | 6 ++-- 03-architecture-guide.md | 61 +++++++++++++++++++++++++++++----------- 2 files changed, 47 insertions(+), 20 deletions(-) diff --git a/01-introduction.md b/01-introduction.md index 2afa7bb..0eaea27 100644 --- a/01-introduction.md +++ b/01-introduction.md @@ -13,6 +13,6 @@ Hashistack-Ansible's project aims at providing a production-ready, repeatable, a # Index -1. [Introduction](./01_introduction.md) -2. [General informations](./02_general_informations.md) -3. [Architecture Guide](./) \ No newline at end of file +1. [Introduction](01-introduction) +2. [General informations](02-general-informations) +3. [Architecture Guide](03-architecture-guide) diff --git a/03-architecture-guide.md b/03-architecture-guide.md index f8e9b29..8dac72b 100644 --- a/03-architecture-guide.md +++ b/03-architecture-guide.md @@ -2,21 +2,27 @@ Hashistack-Ansible allows you to deploy a number of architecture, wether you want to deploy a dev, testing, or production environment. These different architectures are described in this section. -## Dev deployment +## Dev/Testing deployment If you only want to deploy a test environment, you can simply add a simgle host to each service that you want to deploy. ```ini [haproxy_servers] +test-server [vault_servers] -test01 +test-server [consul_servers] -test01 +test-server [nomad_servers] -test01 +test-server + +[nomad_clients] +test-server + +[consul_agents] ``` In this example, you will end end with each service running on a single host, with no clustering, and no redundancy. This setup *IS NOT RECOMMENDED** for anything but testing purposes, as it provides zero resiliency, and will break if anything goes down. @@ -33,11 +39,6 @@ graph LR; Nomad Server }; ``` - -## Testing/Preprod deployment - -For testing, of pre-production deployments, running all services on the same nodes might be a good way to cut cost and/or save resources. - ## Production deployment For production use, it is recommended to separate concerns as much as possible. This means that consul, vault and nomad, as well as the haproxy services, should be on different nodes altogether. The **client-facing** and **cluster-facing** interfaces should also be separated. @@ -76,22 +77,48 @@ graph TD haproxy1[HAProxy] & haproxy2[HAProxy] -->|http :8200| vault subgraph vault - direction LR - vault1[Vault 01] <--> vault2[Vault 02] - vault2[Vault 02] <--> vault3[Vault 03] - vault3[Vault 03] <--> vault1[Vault 01] + direction LR + subgraph vaultnode1 + direction TB + vault1[Vault 01] <--> consulvaultagent1([Consul agent]) + end + subgraph vaultnode2 + direction TB + vault2[Vault 02] <--> consulvaultagent2([Consul agent]) + end + subgraph vaultnode3 + direction TB + vault3[Vault 03] <--> consulvaultagent3([Consul agent]) + end + vaultnode1 <--> vaultnode2 + vaultnode2 <--> vaultnode3 + vaultnode3 <--> vaultnode1 end + + vault -->|Service registration| consul haproxy1[HAProxy] & haproxy2[HAProxy] -->|http :4646| nomad subgraph nomad direction LR - nomad1[Nomad 01] <--> nomad2[Nomad 02] - nomad2[Nomad 02] <--> nomad3[Nomad 03] - nomad3[Nomad 03] <--> nomad1[Nomad 01] + subgraph nomadnode1 + direction TB + nomad1[Nomad 01] <--> consulnomadagent1([Consul agent]) + end + subgraph nomadnode2 + direction TB + nomad2[Nomad 02] <--> consulnomadagent2([Consul agent]) + end + subgraph nomadnode3 + direction TB + nomad3[Nomad 03] <--> consulnomadagent3([Consul agent]) + end + nomadnode1 <--> nomadnode2 + nomadnode2 <--> nomadnode3 + nomadnode3 <--> nomadnode1 end nomad -->|Service registration| consul ``` -> **Note**: you can substract the haproxy part if using an external load-balancing solution, like AWS ALB,or any other LB technology, for connecting to your platform. +> [!NOTE]: you can substract the haproxy part if using an external load-balancing solution, like AWS ALB,or any other LB technology, for connecting to your platform.