SlideShare a Scribd company logo

Infrastructure Considerations : Design : "webops"

Piyush Kumar
Piyush Kumar
Technology
1 of 20
"Preparing for the future" By : ~/Piyush
 5+ years experience designing, setting up, testing & running production web systems in varied deployment environments  Experience setting up colocation IDCs with Active-Active DR sites for India’s No. 1 OTA  Experience working on public cloud platforms like AWS and setting up private cloud infrastructure  …Generation G : Gamification /engineer/   Tags: techie, open source enthusiast, engineer, geek, DevOps, web ops, security , Tripper(MMYT),Ex-Nextag-ian :)
 Scalable  Robust and Always Available  Manageable  Resilience  Operationally Visible (Monitor Everything)  Cost effective
 Avoid unnecessary change by selecting a long-term supported distribution on which to base your platform. ◦ RHEL / CentOS ◦ Ubuntu LTS (Long Term Support) ◦ Debian Stable My preference:- RHEL / CentOS (Red Hat Stability & yum wins)
 Use your capacity model to drive a decision on how you build infrastructure : Check SLAs & Cost constraints ◦ 100% dedicated hardware (Self Managed / Outsourced) ◦ 100% cloud (May consider AWS /or Rackspace) ◦ Hybrid  Cloud success relies on “automating” key service management processes to optimize the run-time operation of /dynamic workloads/ in a shared-resource environment.
 Split each service(/layer) out across its own set of servers for easier scale-out and management. ◦ Traffic Management / (both Global Traffic & Local traffic management) ◦ Application Servers ◦ Data Store Servers ◦ Email Services ◦ + Minimize Distribution of State:-  Keep services that require storage to a minimum, for ease of backups and management - like Data Services (backups)
 Use redundant pairs(on devices/appliances) , /HA/ & clustering or failover to ensure availability of service(s). ◦ Minimum down-time. ◦ Application & services redundancy + Load Balanced cluster on one site & DR too ◦ DB HA+ Data Store(MySQL) Backup and Recovery ◦ Choose and implement best suited Failover strategy ◦ Redundant Network on each node (+ on Server: Linux NIC bond)
◦ Dev , QA and staging platforms (both application & N/W platform) to prove application and configuration changes before they go live into production. ◦ Most of the Live site issues are due to lack of similar configuration environment / platform for Dev / QA / Staging Testing. ◦ LAB Env:-  Performance/Stress LAB  Experimentation LAB (A/B or Multivariate experiment) support with Live traffic
 Virtualization is key here :) ...actually this is changing world ...not the cloud !!  + Selecting the Right Virtualization Technology  Use network boot and installer tools; or templated provisioning to build servers identically ◦ PXE Boot + Kickstart ◦ VMWare ESXi Template /Citrix Xenserver ◦ Amazon AMI (EC2) ◦ OpenNebula
 Package Management - YUM repositories (Distribution + Own)  Create you own Repository servers for packages + Code both  Use configuration management tools to deploy configuration automatically from a central location. ◦ Puppet / Facter ◦ Chef ◦ CFEngine (Nova) ◦ RANCID (N/w Devices)
 Use a central service for identity and password management ◦ OpenLDAP ◦ Active Directory ◦ TACACS+ (N/w devices)  Have proper accounting/audit Logging  Inventory Management : ◦ Use facter facts + CMDB based Inventory Management
◦ Version Control:-  SVN / GIT ◦ Use continuous integration and deployment tools to test and release software  Jenkins (Hudson) / Go  Capistrano / Fabric ◦ ....Deploy more frequently ...so as to build confidence in the whole system for change management
 Starting from Site Availability Checks & External Dependencies Checks to much more detailed data to Capture as much data as possible.  Store time-series data for trend analysis, and alert when thresholds are breached. ◦ CPU / RAM / IO / Network usage per server ◦ Application metrics ◦ Disc space usage ◦ Network bandwidth ◦ MySQL numbers ◦ ...etc
 So, source could be anything starting from DB, logs, SNMP, http etc  + have Real time reporting over it (Dashboards)  + Real time data extraction  Tools to consider: ◦ Ganglia / Centreon / Nagios ◦ OpManager for URL monitoring ◦ Selenium RC based checks (Functional tests) etc  Alerting on both Minimum/Maximum Thresholds (OK, WARN, CRITICAL)!
 Continue to plan your resource requirements based on growth expectations, new features and performance targets  Use data from: ◦ Your monitoring system! ◦ Business requirements  Continuously Improve: ◦ Profile applications and reduce resource usage (Dtrace) ◦ Review performance against capacity model ◦ Feed a “Top 10” hitlist back to developers may be slow queries etc
 Varnish cache ◦ Reverse proxy, flexible configuration with inline C support  Nginx ◦ Event based / Lightweight ◦ Runs more than 8% of the web  PHP-FPM ◦ Best FastCGI implementation available for PHP  MySQL Server tuning / optimization  Caching:- In memory data store - Memcached / Redis
 As a first exercise - do have a IT Infrastructure & Application Threat Modeling done along with Risk Assessment then…..consider having ◦ HIDS (OSSEC) /IPTABLES ◦ WAF (Web Application Firewall) ◦ IPS (Intrusion prevention system) ◦ Linux Hardening ◦ DLP (Data Leakage Prevention) ◦ Data Encryption considerations wrt Data Classification  Security Monitoring & Attack Detection  Key thing is to "Enable continuous compliance" ...maybe PCI-DSS for an e-comm.
 Diagnosing / Troubleshooting and Fixing production issues  Change Management and Delivery  Automate as much as possible with centralized management of Scripting etc  Backup/restore : Always do test drills for them  Don’t re-invent the wheel & try to Go with proven and solid technologies when you can  Last :) Keep-on Re-architecting the infrastructure (may be small things) to optimize efficiency (every 6 months) ...learn from mistakes (yours/ others too :))
Questions if Any !!  Ping Me on:- IRC /freenode/ : PiyushK ##infra-talk Gtalk: piykumar Twitter @piykumar

Recommended

Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Piyush Kumar
 
"In love with Open Source : Past, Present and Future" : Keynote OSDConf 2014
"In love with Open Source : Past, Present and Future" : Keynote OSDConf 2014"In love with Open Source : Past, Present and Future" : Keynote OSDConf 2014
"In love with Open Source : Past, Present and Future" : Keynote OSDConf 2014Piyush Kumar
 
Por trás da infraestrutura do Cloud - Campus Party 2014
Por trás da infraestrutura do Cloud - Campus Party 2014Por trás da infraestrutura do Cloud - Campus Party 2014
Por trás da infraestrutura do Cloud - Campus Party 2014Gleicon Moraes
 
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at Uber
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at UberWSO2Con USA 2017: Scalable Real-time Complex Event Processing at Uber
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at UberWSO2
 
Devops Days, 2019 - Charlotte
Devops Days, 2019 - CharlotteDevops Days, 2019 - Charlotte
Devops Days, 2019 - Charlottebotsplash.com
 
WSO2Con ASIA 2016: Deployment Patterns and Capacity Planning
WSO2Con ASIA 2016: Deployment Patterns and Capacity PlanningWSO2Con ASIA 2016: Deployment Patterns and Capacity Planning
WSO2Con ASIA 2016: Deployment Patterns and Capacity PlanningWSO2
 
Streaming Data Analytics with ksqlDB and Superset | Robert Stolz, Preset
Streaming Data Analytics with ksqlDB and Superset | Robert Stolz, PresetStreaming Data Analytics with ksqlDB and Superset | Robert Stolz, Preset
Streaming Data Analytics with ksqlDB and Superset | Robert Stolz, PresetHostedbyConfluent
 
Azure PaaS (WebApp & SQL Database) workshop solution
Azure PaaS (WebApp & SQL Database) workshop solutionAzure PaaS (WebApp & SQL Database) workshop solution
Azure PaaS (WebApp & SQL Database) workshop solutionGelis Wu
 

Recommended

Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Piyush Kumar
 
"In love with Open Source : Past, Present and Future" : Keynote OSDConf 2014
"In love with Open Source : Past, Present and Future" : Keynote OSDConf 2014"In love with Open Source : Past, Present and Future" : Keynote OSDConf 2014
"In love with Open Source : Past, Present and Future" : Keynote OSDConf 2014Piyush Kumar
 
Por trás da infraestrutura do Cloud - Campus Party 2014
Por trás da infraestrutura do Cloud - Campus Party 2014Por trás da infraestrutura do Cloud - Campus Party 2014
Por trás da infraestrutura do Cloud - Campus Party 2014Gleicon Moraes
 
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at Uber
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at UberWSO2Con USA 2017: Scalable Real-time Complex Event Processing at Uber
WSO2Con USA 2017: Scalable Real-time Complex Event Processing at UberWSO2
 
Devops Days, 2019 - Charlotte
Devops Days, 2019 - CharlotteDevops Days, 2019 - Charlotte
Devops Days, 2019 - Charlottebotsplash.com
 
WSO2Con ASIA 2016: Deployment Patterns and Capacity Planning
WSO2Con ASIA 2016: Deployment Patterns and Capacity PlanningWSO2Con ASIA 2016: Deployment Patterns and Capacity Planning
WSO2Con ASIA 2016: Deployment Patterns and Capacity PlanningWSO2
 
Streaming Data Analytics with ksqlDB and Superset | Robert Stolz, Preset
Streaming Data Analytics with ksqlDB and Superset | Robert Stolz, PresetStreaming Data Analytics with ksqlDB and Superset | Robert Stolz, Preset
Streaming Data Analytics with ksqlDB and Superset | Robert Stolz, PresetHostedbyConfluent
 
Azure PaaS (WebApp & SQL Database) workshop solution
Azure PaaS (WebApp & SQL Database) workshop solutionAzure PaaS (WebApp & SQL Database) workshop solution
Azure PaaS (WebApp & SQL Database) workshop solutionGelis Wu
 
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Docker, Inc.
 
Taking the friction out of microservice frameworks with Lagom
Taking the friction out of microservice frameworks with LagomTaking the friction out of microservice frameworks with Lagom
Taking the friction out of microservice frameworks with LagomMarkus Eisele
 
Micro service architecture
Micro service architecture Micro service architecture
Micro service architecture Ayyappan Paramesh
 
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...The Oracle Application Container Cloud as the Microservices Platform (APAC OU...
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...Lucas Jellema
 
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XI
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XINagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XI
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XINagios
 
Building Applications with Carbon Studio on Premise and Cloud
Building Applications with Carbon Studio on Premise and CloudBuilding Applications with Carbon Studio on Premise and Cloud
Building Applications with Carbon Studio on Premise and CloudWSO2
 
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017Codemotion
 
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...Lviv Startup Club
 
Serverless and cloud computing
Serverless and cloud computingServerless and cloud computing
Serverless and cloud computingzekeLabs Technologies
 
Project Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerProject Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerRightScale
 
Couchbase Meetup Jan 2016
Couchbase Meetup Jan 2016Couchbase Meetup Jan 2016
Couchbase Meetup Jan 2016Michael Kehoe
 
Container Patterns
Container PatternsContainer Patterns
Container PatternsMatthias Luebken
 
Azuresatpn19 - An Introduction To Azure Data Factory
Azuresatpn19 - An Introduction To Azure Data FactoryAzuresatpn19 - An Introduction To Azure Data Factory
Azuresatpn19 - An Introduction To Azure Data FactoryRiccardo Perico
 
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...HostedbyConfluent
 
My local test Environment
My local test EnvironmentMy local test Environment
My local test EnvironmentDanielHillinger
 
Toyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewToyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewTokyo Azure Meetup
 
Qui Quaerit, Reperit. AWS Elasticsearch in Action
Qui Quaerit, Reperit. AWS Elasticsearch in ActionQui Quaerit, Reperit. AWS Elasticsearch in Action
Qui Quaerit, Reperit. AWS Elasticsearch in ActionGlobalLogic Ukraine
 
Breaking the Monolith - Microservice Extraction at SoundCloud
Breaking the Monolith - Microservice Extraction at SoundCloudBreaking the Monolith - Microservice Extraction at SoundCloud
Breaking the Monolith - Microservice Extraction at SoundCloudJan Kischkel
 
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...HostedbyConfluent
 
Microservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service meshMicroservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service meshChristian Posta
 
Lookout on Scaling Security to 100 Million Devices
Lookout on Scaling Security to 100 Million DevicesLookout on Scaling Security to 100 Million Devices
Lookout on Scaling Security to 100 Million DevicesScyllaDB
 
Private Cloud with Open Stack, Docker
Private Cloud with Open Stack, DockerPrivate Cloud with Open Stack, Docker
Private Cloud with Open Stack, DockerDavinder Kohli
 

More Related Content

What's hot

Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Docker, Inc.
 
Taking the friction out of microservice frameworks with Lagom
Taking the friction out of microservice frameworks with LagomTaking the friction out of microservice frameworks with Lagom
Taking the friction out of microservice frameworks with LagomMarkus Eisele
 
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...The Oracle Application Container Cloud as the Microservices Platform (APAC OU...
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...Lucas Jellema
 
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XI
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XINagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XI
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XINagios
 
Building Applications with Carbon Studio on Premise and Cloud
Building Applications with Carbon Studio on Premise and CloudBuilding Applications with Carbon Studio on Premise and Cloud
Building Applications with Carbon Studio on Premise and CloudWSO2
 
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017Codemotion
 
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...Lviv Startup Club
 
Project Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerProject Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerRightScale
 
Couchbase Meetup Jan 2016
Couchbase Meetup Jan 2016Couchbase Meetup Jan 2016
Couchbase Meetup Jan 2016Michael Kehoe
 
Azuresatpn19 - An Introduction To Azure Data Factory
Azuresatpn19 - An Introduction To Azure Data FactoryAzuresatpn19 - An Introduction To Azure Data Factory
Azuresatpn19 - An Introduction To Azure Data FactoryRiccardo Perico
 
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...HostedbyConfluent
 
My local test Environment
My local test EnvironmentMy local test Environment
My local test EnvironmentDanielHillinger
 
Toyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewToyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewTokyo Azure Meetup
 
Qui Quaerit, Reperit. AWS Elasticsearch in Action
Qui Quaerit, Reperit. AWS Elasticsearch in ActionQui Quaerit, Reperit. AWS Elasticsearch in Action
Qui Quaerit, Reperit. AWS Elasticsearch in ActionGlobalLogic Ukraine
 
Breaking the Monolith - Microservice Extraction at SoundCloud
Breaking the Monolith - Microservice Extraction at SoundCloudBreaking the Monolith - Microservice Extraction at SoundCloud
Breaking the Monolith - Microservice Extraction at SoundCloudJan Kischkel
 
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...HostedbyConfluent
 
Microservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service meshMicroservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service meshChristian Posta
 

What's hot (20)

Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
Everything You Need to Know About Docker and Storage by Ryan Wallner, ClusterHQ
 
Taking the friction out of microservice frameworks with Lagom
Taking the friction out of microservice frameworks with LagomTaking the friction out of microservice frameworks with Lagom
Taking the friction out of microservice frameworks with Lagom
 
Micro service architecture
Micro service architecture Micro service architecture
Micro service architecture
 
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...The Oracle Application Container Cloud as the Microservices Platform (APAC OU...
The Oracle Application Container Cloud as the Microservices Platform (APAC OU...
 
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XI
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XINagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XI
Nagios Conference 2014 - Shamas Demoret - Getting Started With Nagios XI
 
Building Applications with Carbon Studio on Premise and Cloud
Building Applications with Carbon Studio on Premise and CloudBuilding Applications with Carbon Studio on Premise and Cloud
Building Applications with Carbon Studio on Premise and Cloud
 
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
Mario Cartia - SMACK is the new LAMP! - Codemotion Milan 2017
 
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
 
Serverless and cloud computing
Serverless and cloud computingServerless and cloud computing
Serverless and cloud computing
 
Project Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerProject Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on Docker
 
Couchbase Meetup Jan 2016
Couchbase Meetup Jan 2016Couchbase Meetup Jan 2016
Couchbase Meetup Jan 2016
 
Container Patterns
Container PatternsContainer Patterns
Container Patterns
 
Azuresatpn19 - An Introduction To Azure Data Factory
Azuresatpn19 - An Introduction To Azure Data FactoryAzuresatpn19 - An Introduction To Azure Data Factory
Azuresatpn19 - An Introduction To Azure Data Factory
 
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...
Feed Your SIEM Smart with Kafka Connect (Vitalii Rudenskyi, McKesson Corp) Ka...
 
My local test Environment
My local test EnvironmentMy local test Environment
My local test Environment
 
Toyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overviewToyko azure meetup # 1 azure paa s overview
Toyko azure meetup # 1 azure paa s overview
 
Qui Quaerit, Reperit. AWS Elasticsearch in Action
Qui Quaerit, Reperit. AWS Elasticsearch in ActionQui Quaerit, Reperit. AWS Elasticsearch in Action
Qui Quaerit, Reperit. AWS Elasticsearch in Action
 
Breaking the Monolith - Microservice Extraction at SoundCloud
Breaking the Monolith - Microservice Extraction at SoundCloudBreaking the Monolith - Microservice Extraction at SoundCloud
Breaking the Monolith - Microservice Extraction at SoundCloud
 
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...
Creating a Kafka Topic. Super easy? | Andrew Stevenson and Marios Andreopoulo...
 
Microservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service meshMicroservices and Integration: what's next with Istio service mesh
Microservices and Integration: what's next with Istio service mesh
 

Similar to Infrastructure Considerations : Design : "webops"

Lookout on Scaling Security to 100 Million Devices
Lookout on Scaling Security to 100 Million DevicesLookout on Scaling Security to 100 Million Devices
Lookout on Scaling Security to 100 Million DevicesScyllaDB
 
Private Cloud with Open Stack, Docker
Private Cloud with Open Stack, DockerPrivate Cloud with Open Stack, Docker
Private Cloud with Open Stack, DockerDavinder Kohli
 
SOUG_Deployment__Automation_DB
SOUG_Deployment__Automation_DBSOUG_Deployment__Automation_DB
SOUG_Deployment__Automation_DBUniFabric
 
Monitoring in Motion: Monitoring Containers and Amazon ECS
Monitoring in Motion: Monitoring Containers and Amazon ECSMonitoring in Motion: Monitoring Containers and Amazon ECS
Monitoring in Motion: Monitoring Containers and Amazon ECSAmazon Web Services
 
[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...
[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...
[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...Ludovic Piot
 
A real-life account of moving 100% to a public cloud
A real-life account of moving 100% to a public cloudA real-life account of moving 100% to a public cloud
A real-life account of moving 100% to a public cloudJulien SIMON
 
5 Quick Wins for the Cloud
5 Quick Wins for the Cloud5 Quick Wins for the Cloud
5 Quick Wins for the CloudRightScale
 
VMworld 2013: How to Replace Websphere Application Server (WAS) with TCserver
VMworld 2013: How to Replace Websphere Application Server (WAS) with TCserver VMworld 2013: How to Replace Websphere Application Server (WAS) with TCserver
VMworld 2013: How to Replace Websphere Application Server (WAS) with TCserver VMworld
 
Cloud Native Development
Cloud Native DevelopmentCloud Native Development
Cloud Native DevelopmentManuel Garcia
 
Automating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAutomating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAkshaya Mahapatra
 
Continuent Tungsten - Scalable Saa S Data Management
Continuent Tungsten - Scalable Saa S Data ManagementContinuent Tungsten - Scalable Saa S Data Management
Continuent Tungsten - Scalable Saa S Data Managementguest2e11e8
 
Towards the Cloud: Architecture Patterns and VDI Story
Towards the Cloud: Architecture Patterns and VDI StoryTowards the Cloud: Architecture Patterns and VDI Story
Towards the Cloud: Architecture Patterns and VDI StoryIT Expert Club
 
Migrating enterprise workloads to AWS
Migrating enterprise workloads to AWS Migrating enterprise workloads to AWS
Migrating enterprise workloads to AWS Tom Laszewski
 
Cloudy in Indonesia: Java and Cloud
Cloudy in Indonesia: Java and CloudCloudy in Indonesia: Java and Cloud
Cloudy in Indonesia: Java and CloudEberhard Wolff
 
Bootstrapping - Session 1 - Your First Week with Amazon EC2
Bootstrapping - Session 1 - Your First Week with Amazon EC2Bootstrapping - Session 1 - Your First Week with Amazon EC2
Bootstrapping - Session 1 - Your First Week with Amazon EC2Amazon Web Services
 
8 - OpenShift - A look at a container platform: what's in the box
8 - OpenShift - A look at a container platform: what's in the box8 - OpenShift - A look at a container platform: what's in the box
8 - OpenShift - A look at a container platform: what's in the boxKangaroot
 
VMworld 2013: How SRP Delivers More Than Power to Their Customers
VMworld 2013: How SRP Delivers More Than Power to Their Customers VMworld 2013: How SRP Delivers More Than Power to Their Customers
VMworld 2013: How SRP Delivers More Than Power to Their Customers VMworld
 

Similar to Infrastructure Considerations : Design : "webops" (20)

Lookout on Scaling Security to 100 Million Devices
Lookout on Scaling Security to 100 Million DevicesLookout on Scaling Security to 100 Million Devices
Lookout on Scaling Security to 100 Million Devices
 
Private Cloud with Open Stack, Docker
Private Cloud with Open Stack, DockerPrivate Cloud with Open Stack, Docker
Private Cloud with Open Stack, Docker
 
SOUG_Deployment__Automation_DB
SOUG_Deployment__Automation_DBSOUG_Deployment__Automation_DB
SOUG_Deployment__Automation_DB
 
Monitoring in Motion: Monitoring Containers and Amazon ECS
Monitoring in Motion: Monitoring Containers and Amazon ECSMonitoring in Motion: Monitoring Containers and Amazon ECS
Monitoring in Motion: Monitoring Containers and Amazon ECS
 
[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...
[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...
[Capitole du Libre] #serverless -  mettez-le en oeuvre dans votre entreprise...
 
Dean Hagen
Dean HagenDean Hagen
Dean Hagen
 
A real-life account of moving 100% to a public cloud
A real-life account of moving 100% to a public cloudA real-life account of moving 100% to a public cloud
A real-life account of moving 100% to a public cloud
 
5 Quick Wins for the Cloud
5 Quick Wins for the Cloud5 Quick Wins for the Cloud
5 Quick Wins for the Cloud
 
Arun_cv_new - Copy
Arun_cv_new - CopyArun_cv_new - Copy
Arun_cv_new - Copy
 
VMworld 2013: How to Replace Websphere Application Server (WAS) with TCserver
VMworld 2013: How to Replace Websphere Application Server (WAS) with TCserver VMworld 2013: How to Replace Websphere Application Server (WAS) with TCserver
VMworld 2013: How to Replace Websphere Application Server (WAS) with TCserver
 
Cloud Native Development
Cloud Native DevelopmentCloud Native Development
Cloud Native Development
 
Automating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps ApproachAutomating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps Approach
 
Continuent Tungsten - Scalable Saa S Data Management
Continuent Tungsten - Scalable Saa S Data ManagementContinuent Tungsten - Scalable Saa S Data Management
Continuent Tungsten - Scalable Saa S Data Management
 
Towards the Cloud: Architecture Patterns and VDI Story
Towards the Cloud: Architecture Patterns and VDI StoryTowards the Cloud: Architecture Patterns and VDI Story
Towards the Cloud: Architecture Patterns and VDI Story
 
Migrating enterprise workloads to AWS
Migrating enterprise workloads to AWS Migrating enterprise workloads to AWS
Migrating enterprise workloads to AWS
 
Madrid meetup #7 deployment models
Madrid meetup #7 deployment modelsMadrid meetup #7 deployment models
Madrid meetup #7 deployment models
 
Cloudy in Indonesia: Java and Cloud
Cloudy in Indonesia: Java and CloudCloudy in Indonesia: Java and Cloud
Cloudy in Indonesia: Java and Cloud
 
Bootstrapping - Session 1 - Your First Week with Amazon EC2
Bootstrapping - Session 1 - Your First Week with Amazon EC2Bootstrapping - Session 1 - Your First Week with Amazon EC2
Bootstrapping - Session 1 - Your First Week with Amazon EC2
 
8 - OpenShift - A look at a container platform: what's in the box
8 - OpenShift - A look at a container platform: what's in the box8 - OpenShift - A look at a container platform: what's in the box
8 - OpenShift - A look at a container platform: what's in the box
 
VMworld 2013: How SRP Delivers More Than Power to Their Customers
VMworld 2013: How SRP Delivers More Than Power to Their Customers VMworld 2013: How SRP Delivers More Than Power to Their Customers
VMworld 2013: How SRP Delivers More Than Power to Their Customers
 

Recently uploaded

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Recently uploaded (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Infrastructure Considerations : Design : "webops"

  • 1. "Preparing for the future" By : ~/Piyush
  • 2. 5+ years experience designing, setting up, testing & running production web systems in varied deployment environments  Experience setting up colocation IDCs with Active-Active DR sites for India’s No. 1 OTA  Experience working on public cloud platforms like AWS and setting up private cloud infrastructure  …Generation G : Gamification /engineer/   Tags: techie, open source enthusiast, engineer, geek, DevOps, web ops, security , Tripper(MMYT),Ex-Nextag-ian :)
  • 3. Scalable  Robust and Always Available  Manageable  Resilience  Operationally Visible (Monitor Everything)  Cost effective
  • 4.
  • 5. Avoid unnecessary change by selecting a long-term supported distribution on which to base your platform. ◦ RHEL / CentOS ◦ Ubuntu LTS (Long Term Support) ◦ Debian Stable My preference:- RHEL / CentOS (Red Hat Stability & yum wins)
  • 6. Use your capacity model to drive a decision on how you build infrastructure : Check SLAs & Cost constraints ◦ 100% dedicated hardware (Self Managed / Outsourced) ◦ 100% cloud (May consider AWS /or Rackspace) ◦ Hybrid  Cloud success relies on “automating” key service management processes to optimize the run-time operation of /dynamic workloads/ in a shared-resource environment.
  • 7. Split each service(/layer) out across its own set of servers for easier scale-out and management. ◦ Traffic Management / (both Global Traffic & Local traffic management) ◦ Application Servers ◦ Data Store Servers ◦ Email Services ◦ + Minimize Distribution of State:-  Keep services that require storage to a minimum, for ease of backups and management - like Data Services (backups)
  • 8. Use redundant pairs(on devices/appliances) , /HA/ & clustering or failover to ensure availability of service(s). ◦ Minimum down-time. ◦ Application & services redundancy + Load Balanced cluster on one site & DR too ◦ DB HA+ Data Store(MySQL) Backup and Recovery ◦ Choose and implement best suited Failover strategy ◦ Redundant Network on each node (+ on Server: Linux NIC bond)
  • 9. ◦ Dev , QA and staging platforms (both application & N/W platform) to prove application and configuration changes before they go live into production. ◦ Most of the Live site issues are due to lack of similar configuration environment / platform for Dev / QA / Staging Testing. ◦ LAB Env:-  Performance/Stress LAB  Experimentation LAB (A/B or Multivariate experiment) support with Live traffic
  • 10. Virtualization is key here :) ...actually this is changing world ...not the cloud !!  + Selecting the Right Virtualization Technology  Use network boot and installer tools; or templated provisioning to build servers identically ◦ PXE Boot + Kickstart ◦ VMWare ESXi Template /Citrix Xenserver ◦ Amazon AMI (EC2) ◦ OpenNebula
  • 11. Package Management - YUM repositories (Distribution + Own)  Create you own Repository servers for packages + Code both  Use configuration management tools to deploy configuration automatically from a central location. ◦ Puppet / Facter ◦ Chef ◦ CFEngine (Nova) ◦ RANCID (N/w Devices)
  • 12. Use a central service for identity and password management ◦ OpenLDAP ◦ Active Directory ◦ TACACS+ (N/w devices)  Have proper accounting/audit Logging  Inventory Management : ◦ Use facter facts + CMDB based Inventory Management
  • 13. ◦ Version Control:-  SVN / GIT ◦ Use continuous integration and deployment tools to test and release software  Jenkins (Hudson) / Go  Capistrano / Fabric ◦ ....Deploy more frequently ...so as to build confidence in the whole system for change management
  • 14. Starting from Site Availability Checks & External Dependencies Checks to much more detailed data to Capture as much data as possible.  Store time-series data for trend analysis, and alert when thresholds are breached. ◦ CPU / RAM / IO / Network usage per server ◦ Application metrics ◦ Disc space usage ◦ Network bandwidth ◦ MySQL numbers ◦ ...etc
  • 15. So, source could be anything starting from DB, logs, SNMP, http etc  + have Real time reporting over it (Dashboards)  + Real time data extraction  Tools to consider: ◦ Ganglia / Centreon / Nagios ◦ OpManager for URL monitoring ◦ Selenium RC based checks (Functional tests) etc  Alerting on both Minimum/Maximum Thresholds (OK, WARN, CRITICAL)!
  • 16. Continue to plan your resource requirements based on growth expectations, new features and performance targets  Use data from: ◦ Your monitoring system! ◦ Business requirements  Continuously Improve: ◦ Profile applications and reduce resource usage (Dtrace) ◦ Review performance against capacity model ◦ Feed a “Top 10” hitlist back to developers may be slow queries etc
  • 17. Varnish cache ◦ Reverse proxy, flexible configuration with inline C support  Nginx ◦ Event based / Lightweight ◦ Runs more than 8% of the web  PHP-FPM ◦ Best FastCGI implementation available for PHP  MySQL Server tuning / optimization  Caching:- In memory data store - Memcached / Redis
  • 18. As a first exercise - do have a IT Infrastructure & Application Threat Modeling done along with Risk Assessment then…..consider having ◦ HIDS (OSSEC) /IPTABLES ◦ WAF (Web Application Firewall) ◦ IPS (Intrusion prevention system) ◦ Linux Hardening ◦ DLP (Data Leakage Prevention) ◦ Data Encryption considerations wrt Data Classification  Security Monitoring & Attack Detection  Key thing is to "Enable continuous compliance" ...maybe PCI-DSS for an e-comm.
  • 19. Diagnosing / Troubleshooting and Fixing production issues  Change Management and Delivery  Automate as much as possible with centralized management of Scripting etc  Backup/restore : Always do test drills for them  Don’t re-invent the wheel & try to Go with proven and solid technologies when you can  Last :) Keep-on Re-architecting the infrastructure (may be small things) to optimize efficiency (every 6 months) ...learn from mistakes (yours/ others too :))
  • 20. Questions if Any !!  Ping Me on:- IRC /freenode/ : PiyushK ##infra-talk Gtalk: piykumar Twitter @piykumar