Production planing is an important step which should not be omitted. While Athena allows to stand up a new empty environment quickly, it is important to test PROD environment throughly and establish performance and deployment testing in NFT environment.

Checklist

  • Production environment must be installed in a separate AWS account due to AWS resource level permission limitations
  • Consider setting up a separate domain and SSL wild-card certificate for a domain.
  • Create PROD environment playbooks. While PROD environment hosts same deployment artifacts (docker images) as DEV and UAT environment, deployment is often different.
  • Integration and testing for PROD external dependencies. While it must be seamless if tested in UAT, often proves to be low effort, high duration task.
  • Client data and support. While development team has good insights on how to deploy and support solution in DEV and UAT environment, you may not want DEV team to have access to production data. What means an extra effort to train your support team to support your particular solution.
  • Athena is a great platform which promotes re-usability and continuity through re-use, but you still have plenty of your own custom components, integrations and docker images, which have to be tested in NFT before they are deployed in PROD, to make sure custom based solution components are redundant and scale properly.
  • Performance testing. Athena is built on top of tested and highly reliable open source components used worldwide. But it is still necessary to do performance testing to be sure, that your solution performs as expected.
  • Expert accessibility. While you are sure that nothing can go wrong, it is a good idea to raise platform support level and make platform experts available during PROD and NFT environment setup and testing to mitigate environment issues quickly.
  • PROD environment usually requires different monitoring capabilities than DEV environment. Consider some effort to integrate and test different monitoring channel.
  • Consider some time for backup and logging

Infrastructure planning

Before deploying infrastructure it is necessary to document EC2 instance types, EBS volume types and sizes, RDS instance types and RDS data volume sizes.

It is also necessary to setproduction domain specific emails, key and certificate file locations.

In environment playbooks directory create group_vars directory and put tag_Environment_PROD file in there.

For example:

vpc_cidr: "10.2"

ec2_instance_type_bastion: t2.micro
internal_instance_type: c4.large
exchange_instance_type: t2.micro
backoffice_instance_type: t2.micro
public_instance_type: t2.micro
rds_postgresql_instance_type: db.t2.micro
rds_mysql_instance_type: db.t2.micro

rds_data_volume_size: 5
ec2_data_volume_size: 30
ec2_data_volume_iops: ""
ec2_data_volume_type: gp2

route53_domain: yourproductiondomain.com
route53_domain_internal: yourproductiondomain.internal
mailx_root: support@yourproductiondomain.com
noreply_email: noreply@yourproductiondomain.com
openvpn_user: noreply@yourproductiondomain.com

gateway_cert: yourproductiondomain.com.crt
gateway_chain: yourproductiondomain.com.chain.crt
gateway_key: yourproductiondomain.com.key
elb_cert: yourproductiondomain.com.crt
elb_chain: yourproductiondomain.com.chain.crt
elb_key: yourproductiondomain.com.key

first_user: firstname.lastname
first_user_email: firstname.lastname@yourproductiondomain.com