search

CDLUC3 / N2T

next-gen N2T resolver
MIT License
0 stars 2 forks source link

Setup servers for development #13

Closed datadavev closed 1 year ago

datadavev commented 1 year ago

Task here is to setup two AWS EC2 instances for test and development of the replacement N2T and ARK resolver services.

Resource demands are not high, something in the order of T3.micro with linux should be sufficient. Less than 20GB storage will be needed.

At least one of the instances should be accessible on the public internet to facilitate load testing.

Depending on the outcomes from test and development, the anticipated services may be deployed as serverless instances. TBD.

marisastrong commented 1 year ago

Would like to have in the next couple of weeks.

ashleygould commented 1 year ago

stage and prd envs should be highly available - 2 hosts, ALB.

new host should be build on AmazonLinux2023.

ashleygould commented 1 year ago

My essay on new resolver hostnames

8/15/2023

The n2t resolver service is being refactored. There will now be two new subservices run by the EZID team: N2T resolver (name-to-thing) and ARK resolver. These are currently hosted under the following domains: 

nt2.net         route53 hostedzones in CDL-main AWS account
arks.org        dreamhost.com

As we build out the new infrastructure for these services we have lots of names to create.

Summary Proposed Service Names

n2t.cdlib.org
n2t.net -> n2t.cdlib.org
n2t-stg.cdlib.org
n2t-dev.cdlib.org
arks.cdlib.org
arks.org -> arks.cdlib.org
arks-stg.cdlib.org
arks-dev.cdlib.org

UC3 Tagging

N2T Resolver Subservice:        uc3-ezid-n2t
N2T Resolver FQSN:              uc3-ezid-n2t-prd
                                uc3-ezid-n2t-prd
                                uc3-ezid-n2t-prd
ARK Resolver Subservice:        uc3-ezid-arks
ARK Resolver FQSN:              uc3-ezid-arks-prd
                                uc3-ezid-arks-prd
                                uc3-ezid-arks-prd

Current DNS for N2T Resolver

production:     

n2t.net                 Route53 Alias   AliasTarget     ids-n2t2-prd.n2t.net.
ids-n2t2-prd.n2t.net    A record        public IP       54.244.52.1
                                        private IP      172.30.10.195   
ias-n2t-prd-lb.n2t.net. CNAME           ->              ids-n2t2-prd.n2t.net.
n2t-prd-alt.n2t.net.    CNAME           ->              ids-n2t2-prd.n2t.net.
n2t-prd.n2t.net.        CNAME           ->              ids-n2t2-prd.n2t.net.

stage:

ids-n2t2-stg.n2t.net.   A Record        public IP       54.244.52.10
                                        private IP      172.31.1.128
n2t-stg.n2t.net.        CNAME           ->              ids-n2t2-stg.n2t.net.

dev:

ids-n2t2-dev.n2t.net.   A Record        public IP       54.244.52.99
                                        private IP      172.31.30.228
n2t-dev.n2t.net.        CNAME           ->              ids-n2t2-dev.n2t.net

Proposed DNS for N2T Resolver

production:

n2t.net                 Route53 Alias   AliasTarget     uc3-ezid-n2t-prd-alb
n2t.cdlib.org           Route53 Alias   AliasTarget     uc3-ezid-n2t-prd-alb
uc3-ezid-n2t-prd-01.cdlib.org   A Record                (ip addr tbd)
uc3-ezid-n2t-prd-02.cdlib.org   A Record                (ip addr tbd)
uc3-ezid-n2t-prd-alb    ALB
uc3-ezid-n2t-prd-tg     TargetGroup     Targets:        uc3-ezid-n2t-prd-01.cdlib.org
                                                        uc3-ezid-n2t-prd-02.cdlib.org

stage:

n2t-stg.cdlib.org       Route53 Alias   AliasTarget     uc3-ezid-n2t-stg-alb
uc3-ezid-n2t-stg-01.cdlib.org   A Record                (ip addr tbd)
uc3-ezid-n2t-stg-02.cdlib.org   A Record                (ip addr tbd)
uc3-ezid-n2t-stg-alb    ALB
uc3-ezid-n2t-stg-tg     TargetGroup     Targets:        uc3-ezid-n2t-stg-01.cdlib.org
                                                        uc3-ezid-n2t-stg-02.cdlib.org

dev:

n2t-dev.cdlib.org       CNAME           ->              uc3-ezid-n2t-dev-01.cdlib.org
uc3-ezid-n2t-dev-01.cdlib.org   A Record                (ip addr tbd)

Current DNS for ARK Resolver

agould@localhost:~> dig arks.org

;; QUESTION SECTION:
;arks.org.                      IN      A

;; ANSWER SECTION:
arks.org.               207     IN      A       69.163.224.130

;; QUESTION SECTION:
arks.org.                       IN      NS

;; ANSWER SECTION:
arks.org.               14400   IN      NS      ns3.dreamhost.com.
arks.org.               14400   IN      NS      ns2.dreamhost.com.
arks.org.               14400   IN      NS      ns1.dreamhost.com.

Proposed DNS for ARK Resolver

production:

arks.net                Route53 Alias   AliasTarget     uc3-ezid-arks-prd-alb
arks.cdlib.org          Route53 Alias   AliasTarget     uc3-ezid-arks-prd-alb
uc3-ezid-arks-prd-01.cdlib.org  A Record                (ip addr tbd)
uc3-ezid-arks-prd-02.cdlib.org  A Record                (ip addr tbd)
uc3-ezid-arks-prd-alb   ALB
uc3-ezid-arks-prd-tg    TargetGroup     Targets:        uc3-ezid-arks-prd-01.cdlib.org
                                                        uc3-ezid-arks-prd-02.cdlib.org

stage:

arks-stg.cdlib.org      Route53 Alias   AliasTarget     uc3-ezid-arks-stg-alb
uc3-ezid-arks-stg-01.cdlib.org  A Record                (ip addr tbd)
uc3-ezid-arks-stg-02.cdlib.org  A Record                (ip addr tbd)
uc3-ezid-arks-stg-alb   ALB
uc3-ezid-arks-stg-tg    TargetGroup     Targets:        uc3-ezid-arks-stg-01.cdlib.org
                                                        uc3-ezid-arks-stg-02.cdlib.org

dev:

arks-dev.cdlib.org      CNAME           ->              uc3-ezid-arks-dev-01.cdlib.org
uc3-ezid-arks-dev-01.cdlib.org  A Record                (ip addr tbd)
datadavev commented 1 year ago

Nice, but there is another (unlisted) requirement of supporting round robin DNS for n2t.net and arks.org as there is a good possibility these will be hosted in multiple locations. As a consequence, we can't use CNAME records for those target, they must be A, ALIAS, or AAAA records. So ALIAS should work as a replacement for CNAME above.

ashleygould commented 1 year ago

I learned I can't CNAME a top-level domainname anyway. I'm updating the above plan to alias to an ALB.

Can you clarify about "possibility these will be hosted in multiple locations." we can discuss in standup.

datadavev commented 1 year ago

There is a good chance that other organizations may host duplicate services for redundancy. Same software stack, same configuration, and ideally same host name with clients randomly or geo-biased directed to the service instance.

ashleygould commented 1 year ago

the new resolver hosts are ready:

cnames:

Closing.