Cloud architecture

Owned by Enrico Fucile
Last updated: Jun 01, 2021
3 min read

These are the two options proposed by Amazon.

  1. Decided to adopt option 1. It provides enough resilience as a backup can be activated and recovery should not take long. Loggers are able to keep data at the station for a long time.

 

Option 1 – Single Server Deployment

 

 

This option is consistent with the existing deployment, however you would run the single combined application/database server in AWS EC2. In this option the following items have been considered:

 

  • Use of a Network Load Balancer to provide a layer of separation from the internet, allow for future implementation of an Auto-scaling Group, and provide health detection of the application(s).

  • Use of an EC2 instance running Windows Server and SQL Server. AWS provides machine images (called AMIs) that include Windows Server and SQL server combined, or you can choose to use a Windows-only instance and install SQL Server yourself.

  • Backups would be performed using Snapshots of the EC2 instances volumes, or alternatively using manual backup/export features inside Windows/SQL Server and copying content to Amazon S3 buckets.

 

Option 2 – App Server and Managed Database

 

 

This option would see the database component moved to AWS’ managed database service, Amazon RDS. We support many popular database engines, including SQL Server and MySQL.

 

  • Use of a Multi-AZ RDS deployment ensures your database is synchronously replicated to another Availability Zone in your Region, providing high availability.

  • RDS managed backups can be used.

 

 

Considerations

 

Additional to the options above, the following options should be considered for the existing server application:

 

  • Use of an Auto-Scaling Group for the application server, will ensure it can be recovered easily in the event the server fails or becomes unhealthy. This option assumes the application software installation can be fully automated, or an image (AMI) can be created with the software fully configured. The Auto-Scaling Group would then integrate with the Network Load Balancers Health checks to determine if/when to deploy a new server.

 

For components that fall outside the existing server application, the following services could be considered for future use:

 

  • AWS Transfer Family

     provides managed FTP services for your applications, and could be used to replace the existing service for upload/download of content.

  • AWS IoT

     provides a range of IoT related services that can be used to manage endpoint devices and ingest data through managed MQTT streaming endpoints.

 

Finally, AWS provides a range of security and management services that should be used as part of any solution, some of which include:

 

  • Amazon GuardDuty

    , a threat detection service that continuously monitors for malicious activity and unauthorized behaviour.

  • AWS CloudTrail

    ,  a service that enables governance, compliance, operational auditing, and risk auditing.

  • AWS Systems Manager

    , a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources.