Production planing is an important step which should not be omitted. While Athena allows to stand up a new empty environment quickly, it is important to test PROD environment throughly and establish performance and deployment testing in NFT environment.
- Production environment must be installed in a separate AWS account due to AWS resource level permission limitations
- Consider setting up a separate domain and SSL wild-card certificate for a domain.
- Create PROD environment playbooks. While PROD environment hosts same deployment artifacts (docker images) as DEV and UAT environment, deployment is often different.
- Integration and testing for PROD external dependencies. While it must be seamless if tested in UAT, often proves to be low effort, high duration task.
- Client data and support. While development team has good insights on how to deploy and support solution in DEV and UAT environment, you may not want DEV team to have access to production data. What means an extra effort to train your support team to support your particular solution.
- Athena is a great platform which promotes re-usability and continuity through re-use, but you still have plenty of your own custom components, integrations and docker images, which have to be tested in NFT before they are deployed in PROD, to make sure custom based solution components are redundant and scale properly.
- Performance testing. Athena is built on top of tested and highly reliable open source components used worldwide. But it is still necessary to do performance testing to be sure, that your solution performs as expected.
- Expert accessibility. While you are sure that nothing can go wrong, it is a good idea to raise platform support level and make platform experts available during PROD and NFT environment setup and testing to mitigate environment issues quickly.
- PROD environment usually requires different monitoring capabilities than DEV environment. Consider some effort to integrate and test different monitoring channel.
- Consider some time for backup and logging
It is also necessary to setproduction domain specific emails, key and certificate file locations.
In environment playbooks directory create
group_vars directory and put
tag_Environment_PROD file in there.
vpc_cidr: "10.2" ec2_instance_type_bastion: t2.micro internal_instance_type: c4.large exchange_instance_type: t2.micro backoffice_instance_type: t2.micro public_instance_type: t2.micro rds_postgresql_instance_type: db.t2.micro rds_mysql_instance_type: db.t2.micro rds_data_volume_size: 5 ec2_data_volume_size: 30 ec2_data_volume_iops: "" ec2_data_volume_type: gp2 route53_domain: yourproductiondomain.com route53_domain_internal: yourproductiondomain.internal mailx_root: email@example.com noreply_email: firstname.lastname@example.org openvpn_user: email@example.com gateway_cert: yourproductiondomain.com.crt gateway_chain: yourproductiondomain.com.chain.crt gateway_key: yourproductiondomain.com.key elb_cert: yourproductiondomain.com.crt elb_chain: yourproductiondomain.com.chain.crt elb_key: yourproductiondomain.com.key first_user: firstname.lastname first_user_email: firstname.lastname@example.org