aws at childrens in the bbc
DESCRIPTION
A presentation I gave at the Manchester AWS user group about the use of AWS in the childrens department at the BBCTRANSCRIPT
Children’s interactive
AWS at BBC ChildrensAdam Evans / @ajevans85
Children’s interactive
BBC Childrens• 3 million + users a week • Originally hosted in house on bare metal • Recently gone through a rebuild AWS has
helped facilitate (Continuous Delivery)
Children’s interactive
Childrens Architecture - Overview
Children’s interactive
How we deployCOSMOS• Internal toolchain • Early stages of development • A thin wrapper/gateway around
AWS • Orchestrates deployment following
common format • Handles billing + auditing
Children’s interactive
How we deploy
Children’s interactive
Defining infrastructure• Applications split in to
components • Components define a set
of infrastructure (stacks) for a particular application.
• A thin wrapper around CloudFormation and acts as a way to organise and manage per project billing/stacks.
http://chrisfjones.github.io/coffin/
Children’s interactive
How we deploy• UI for promoting build
through environments • Forces INT -> Test -> Live • Keeps a audit trail of
deployments • Provides a API to build in
to CI pipeline
Children’s interactive
How we deploy• Baked AMI images • Fast startup in auto scaling
groups • Use scaling groups rolling
update • Easy role backs • https://github.com/Netflix/
aminator !
Children’s interactive
How we deploy
• Magic Build Tool (YABS) • Possible impedance, another
build tool when only need a RPM (FPM is simpler)
• Projects have a build file describing how to create a rpm and what rpm’s to include in the build
• This information is passed to the bake
MBT
https://github.com/jordansissel/fpm
Children’s interactive
Other features
• Actively running https://github.com/Netflix/SimianArmy • Forces to develop for failure • EC2 instances in a scaling group are volatile. Can’t
guarantee they’ll always be there
Chaos Monkey
Children’s interactive
Other featuresCentralised logging• Provides framework for
centralised logging of large volumes of data
• Uses Apache Flume to store Elastic Search indexes in S3
• Uses Kibana for visualisation + creating dashboards from log indexes
Children’s interactive
Other featuresMonitoring• Developers make use of Cloudwatch • Fine grained alarms defined in stacks • Integration with existing 24/7 ops Zenoss
system by thin middle tier listening to SNS topic.
• Batch metrics!
Children’s interactive
Other featuresSecurity• No direct public access to EC2 instances • COSMOS defines a framework to gain SSH
access to individual boxes if need to debug • Access to servers via a Bastian only • Bastian only accessible from internal
network • Boxes terminated 1hr after SSH access
reverting to original AMI • Heavy use of AWS Federated Access to the
AWS console
Children’s interactive
Questions