This describes the devices we deploy in the [[ phacility_cluster | Phacility Cluster]], and some related things which aren't technically devices.
Device Classes
======
| Device Class | Pool Size | Description | Notes |
|---|---|---|---|
| `admin` | 1 | Admin Application Server | Serves `admin.phacility.com`. |
| `aux` | 1 | Auxiliary Services | Internal utility host. |
| `alb` | 1 | Admin Load Balancer | ELB for `admin.phacility.com`.
| `bastion` | 1| SSH Bastion Host | Bastion host for ops commands. |
| `clb` | 1 | Corp Site LB | Load balances `phacility.com` requests. |
| `corp` | 1 | Corp Site | Serves `phacility.com` requests. |
| `db` | 3 | Database Server | Runs MySQL. |
| `lb` | 1 | Web Load Balancer | ELB for instances. |
| `nlb` | 1 | Notification Load Balancer | ELB for websockets. |
| `notify` | 1 | Notifications | Aphlict notification server. |
| `repo` | 3 | Repos/Daemons | Terminates VCS HTTP/SSH traffic. |
| `secure` | 1 | Secure | Serves the upstream and related services. |
| `vault` | 1 | SSH Load Balancer | Load balances VCS SSH requests. |
| `web` | 1 | Application Server | Terminates normal HTTP traffic. |
Storage Classes
=======
| Storage Class | Count | Notes |
|---|---|---|
| `abak` | 1 | Stores administrative backups. |
| `adata` | 1 | Administrative server working storage. |
| `dbak` | 3 | Stores database backups. |
| `ddata` | 3 | Database server working storage. |
| `rbak` | 3 | Stores repository backups. |
| `rdata` | 3 | Repository working storage. |
| `rlog` | 3 | Repository host logs. |
| `sbak` | 1 | Upstream backup. |
| `sdata` | 1 | Upstream database. |
| `srepo` | 1 | Upstream repos. |
| //`swap`// | - | Temporary swap volume. |
Service Classes
=======
| Service Class | Count | Notes |
|---|---|---|
| `repox` | 3 | Repository cluster service, may have multiple devices. |
| `dbx` | 3 | Database cluster service, may have multiple devices. |
| `auxx` | 1 | Auxiliary cluster service. |
Device: admin
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Internal | Operational SSH access. |
| 80 | Internal | Accepts requests from `alb` and `web` devices. |
These servers host `admin.phacility.com` and run the Instances application.
Instances in the cluster also make calls here to retrieve configuration.
Currently, a maximum of one `admin` device is supported, because some details about database credentials are assumed. Minor software changes are required to expand the size of this pool.
Device: aux
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Internal | Operational SSH access. |
These servers are used by internal processes. In particular, backups are staged here during export.
Device: alb
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 80 | Public Internet | Serves `http://admin.phacility.com` |
| 443 | Public Internet | Serves `https://admin.phacility.com` |
These are ELBs which sit in front of the `admin` pool and terminate SSL for public requests to the web UI.
Device: bastion
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Public Internet | Gatekeeper for operational access. |
For details on bastion hosts, see [[ phacility_cluster/bastion | Phacility Cluster Bastion]].
Device: clb
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 80 | Public Internet | Serves `phacility.com` corporate site. |
| 443 | Public Internet | Serves `phacility.com` corporate site. |
These are ELBs which sit in front of the `corp` pool and terminate SSL for corporate site requests.
Device: corp
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Internal | Operational SSH access. |
| 80 | Internal | Serves `phacility.com` corporate site. |
These are web application servers which serve corporate site requests.
These are currently launched into the `block002` subnet because it's part of the `us-west-1c` availability zone, where we historically have reserved instances. It's desirable to spread across multiple availability zones in the long run, anyway.
Device: db
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Internal | Operational SSH access. |
| 3306 | Internal | Provides MySQL services. |
These database servers run MySQL.
Device: lb
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 80 | Public Internet | Serves `phacility.com` wildcard DNS. |
| 443 | Public Internet | Serves `phacility.com` wildcard DNS. |
These are ELBs which sit in front of the `web` pool and terminate SSL for instance requests.
Device: nlb
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 443 | Public Internet | Forwards websockets to `notify` hosts. |
This does TCP forwarding of websocket requests.
Device: notify
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 22280 | Internal | Notification client port. |
| 22281 | Internal | Notification server port. |
Runs an Aphlict notification server.
Device: repo
======
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Internal | Operational SSH access. |
| 80 | Internal | Serves Conduit requests from `web` hosts. |
| 2223 | Internal | Serves SSH requests from `web` hosts. |
These devices store and serve repositories, and run daemons.
Device: secure
======
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Public Internet | Serves upstream repositories. |
| 80 | Public Internet | Serves `javelinjs.com`, `phabricator.org`, `blog.phacility.com`, redirects to HTTPS. |
| 443 | Public Internet | Serves `secure.phabricator.com`. |
| 2222 | Public Internet | Operational SSH access. |
These devices serve the upstream, `secure.phabricator.com`. Because this service needs to be available to deploy the cluster, devices in this tier are only half-contained in the cluster. The cluster administration tools work, but the tier does not depend on cluster services. The goal is to prevent a cascading failure in the event of a cluster disaster.
Normally, you connect to these hosts with `bin/remote ssh secure001` over the VPC. In a disaster scenario, keys with access to the bastion can access these hosts directly with `ssh -p 2222 ubuntu@secure.phabricator.com`.
Because this device is not entirely within the cluster, it runs some services via `cron`. You can review them with `crontab -e`.
Device: vault
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Public Internet | Serves `vault.phacility.com` over SSH, forwarding requests to the `web` tier. |
| 2222 | Internal | Operational SSH access. |
These devices are SSH load balancers. They're implemented as normal hosts running HAProxy instead of as ELBs because ELBs can not forward inbound traffic on port 22.
Eventually, it would be nice to either merge these into the ELBs (if ELBs support forwarding port 22 in the future) or merge the ELBs into these (if we have some stronger reasoning for running our own load balancers).
The cost of having these machines in a separate class is twofold: the raw cost of more moving parts, and we have to serve SSH from `vault.phacility.com` (which we can direct here via DNS) instead of directly from instance domains. If we could merge the HTTP and SSH load balancing, we could accept both HTTP and SSH traffic on instance domains.
(We could serve SSH traffic on instance domains on a nonstandard port which the ELBs do support, but this seems worse to me than serving from a dedicated domain. We could also serve from both, so `instance@vault.phacility.com` and `instance@instance.phacility.com:2345` would both work.)
Device: web
=====
| Listening Port | Interface | Notes |
|---|---|---|
| 22 | Internal | Operational SSH access. |
| 80 | Internal | Serves HTTP application traffic from `lb` balancers. |
| 2223 | Internal | Serves SSH application traffic from `vault` balancers. |
These are standard application web servers.