Post #374,291
4/27/13 11:28:30 PM
|
Re: So using AWS directly via AJAX?
The signup action vends a token that every other action validates before doing anything else. Because auth records are accessed every hit, they, along with user account info, are stored in dynamodb because it is good at keyed lookup. Further, it is fronted by elasticache so the Auth record lookup comes out of the cache most of the time.
In other words, session management. ;-)
This is nearly the exact same thing the Django contrib.auth module does, fwiw.
I'm sick of seeing gateway error on stuff like rails because the app process died
Well, Rails sux anyways, but if you're seeing gateway errors then you're not using supervisord or something similar. Understood on the simplest thing that works though. Different people just have different definitions of simplest.
As an example, there's a REST plugin for Django called Tastypie. Create your model definition in the ORM, tell Tastypie to serve it as a resource, and suddenly you have a full RESTful API with both list and detail endpoints, GET/POST/PUT/PATCH/DELETE support, authorization/authentication, XML/JSON/YAML responses based on content-accepts, and so on. It's seriously 15 minutes from blank page to functioning interface.
That said, the learning curve is there, and if you've already spent it elsewhere why change.
Regards, -scott Welcome to Rivendell, Mr. Anderson.
|
Post #374,293
4/28/13 12:53:32 AM
|
Re: So using AWS directly via AJAX?
>In other words, session management. ;-)
I guess - although our "session" is nothing more than identity management.
> if you're seeing gateway errors then you're not using supervisord or something similar.
Well that's the thing about elastic beanstalk - its a canned environment - you take what you get WRT environment and if you can't deploy what you need out of git - you're screwed. Autoscaling is a new game - if you have to telnet to your box to install stuff you've already lost it. When beanstalk spins up a new machine, it installs a default environment and does a git pull on a specific version number and that's pretty much it.
Anyhow, PHP eliminates the need to "use" anything else at all. Its all there.
Not sure what the python environment provides by default but it appears to be flask or django. http://aws.amazon.co...-with-amazon-rds/
I guess I should also mention that my partner started our app using what he knew and version zero was written using VB.net, IIS, and MSSQL - the only server technologies he knows. He did most of our UI and he is a brilliant UI guy and relentless polisher of experience but server stuff isn't his thing. Once I joined him in the venture, I got him to move from MSSQL to mysql in a weekend, and I ported his VB.net to PHP and he has since embraced it since it is very close to javascript. Also - we are planning for super high volume and every action is basically a page of PHP with hand tuned SQL. The whole service runs on about 30 actions and each one is about 1-2 pages of pretty straight forward code using PDO and some custom PHP library I wrote atop dynamodb. Whole product took the two of us six months to build and we have iOS, Android, Mac (there's a Phonegap for Mac), and web versions build on the same code base.
I'm pretty sold on building standalone apps in HTML/JS/CSS. I don't see me going back to building web pages anytime soon.
|
Post #374,306
4/28/13 12:23:13 PM
|
Re: So using AWS directly via AJAX?
EBS uses WSGI, just like a supervisord installation would. If I had the time I would look into it more closely, but I do know that it's only Python 2.6 and I need 2.7. I've also got some C++ that needs to be installed for the application to work (Google's OR tools).
With respect to telnet for installs, that's the crux of one of the questions I was going to ask you:
Right now I've got a very nice Ansible setup for automated installation and management of the system I'm currently building (which I won't describe now due to NDAs, but it should be released within a few weeks or so). The client had originally chosen a local IaaS provider that proved to be insufficient, so I did a survey of enterprise-class environments. AWS won over Azure (don't laugh, if it hadn't been for Amazon's pricing Azure might have won the contract), but now I need to translate my devops stuff to a different platform.
The Ansible scripts idempotently ensure the environment is configured correctly, update the code from github, update the database schema and migrate data if necessary, then restart the system. All via ssh, which is obviously problematic in AWS when an instance gets a new IP at restart. I could use 10.x addresses in a private VPC but I'm on a short schedule and want to change as little as possible during the initial port to AWS.
My approach so far is to create a management instance, use it to build and save a new AMI snapshot from the updated application code, down the existing instances, snapshot and update/migrate the database, then bring up new instances on the updated AMI. All of this is a bit of a pain in the ass, but it's what our AWS Partner contact suggested.
Since you're using Beanstalk you may not have considered any of this (apart from saying, gee, glad I don't have to do that), but if you've got any suggestions I'm all ears.
Regards, -scott Welcome to Rivendell, Mr. Anderson.
|
Post #374,315
4/28/13 2:14:30 PM
|
Re: So using AWS directly via AJAX?
EBS is nice when its just what you need and not so nice when it isn't. Sounds like it isn't.
The thing is - EBS is really just a nice ribbon and bow over a few specific Cloud Formations.
So I would build your own from the ground up - you can create a custom stack, custom ami's, etc and do that.
I haven't dug too far into it because EBS is fine for me - only thing I deploy is PHP and some static web resources.
http://aws.amazon.com/cloudformation/
|
Post #374,316
4/28/13 2:29:32 PM
|
I'll end up with CloudFormation, yes
But I need to automate the upgrade of the individual AMIs used in the formation first.
The basic stack will be:
1) nginx instances behind a load balancer
2) internal load balancer to Django instances in a private VPC
3) RDS MySQL (gah) in a multi-AA with read replica configuration, in the private VPC
4) ElastiCache, probably about 7 micros to start with, in the private VPC. It's cheaper, more resilient, and more efficient to use a bunch of micros instead of the larger instances.
5) Route 53 for DNS
6) S3 for media storage
7) CloudFront for CDN and media security (signed URLs)
Once things get rolling I'll start using Dynamo and queueing. Had I known that these reference architectures would be available at the start of the project I would have designed it differently to begin with. Oh well.
Thanks.
Regards, -scott Welcome to Rivendell, Mr. Anderson.
|
Post #374,421
4/30/13 11:18:22 PM
|
Re: I'll end up with CloudFormation, yes
Sounds like you have it figured. As long as you can get the thing to auto build when stuff comes online you're golden. No more hand building servers.
|
Post #374,430
5/1/13 10:33:57 AM
|
hmm, must be getting old
everything downstream of /foo
newbuild foo.tarball
stage all newbuilds in /tmp on every server via a global push
in mtc window, globally mv /foo/target /foo/target.$DATE
globally mv /tmp/foo.tarball /foo
tar xvf foo.tarball
globally or rolling restart foo.app
how is it done nowadays?
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 58 years. meep
|
Post #374,431
5/1/13 10:43:35 AM
5/4/13 2:08:41 PM
|
The problem is IP address
In AWS a new instance will come up with a different IP then it had before, unless you're using VPC and managing IP addresses manually (or scripted preferably).
But instead of doing a bunch of autodiscovery crap and copying tarballs everywhere, just change the underlying instance image once, run your deploy tests on that maintenance image, and then simply restart all the active VMs to get the new stuff.
Regards, -scott Welcome to Rivendell, Mr. Anderson.
Edited by malraux
May 4, 2013, 02:08:41 PM EDT
|
Post #374,434
5/1/13 11:41:02 AM
|
this stuff?
http://aws.amazon.com/console/
looks way better that the crapaud large telco cloud hosting service uses.
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 58 years. meep
|
Post #374,435
5/1/13 12:35:40 PM
|
Yep.
The nice thing about AWS is that everything in that console can be scripted with your choice of language, too.
Most (if not all) of the major configuration management tools support AWS out of the box as well.
They have a free account level that provides a single instance, DB, load balancer, pretty much everything in the product catalog free for a year if you feel like playing around with it.
Regards, -scott Welcome to Rivendell, Mr. Anderson.
|
Post #374,444
5/1/13 1:49:57 PM
|
might do that, thanks
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 58 years. meep
|
Post #374,555
5/4/13 1:55:50 PM
|
Re: The problem is IP address
Yep - most requested feature at REINVENT was ability to assign elastic IP to load balancer.
That would simplify a LOT of stuff.
|