Infrastructure as code, automation, monitoring, disaster recovery, security, scaling and cost tracking are all subjects that are easily accessible but too often overlooked until it is already too late. In this session Cotap will share what AWS offers to help them stay ahead of the curve. By following 4 simple rules they will show how Cotap's Engineering team has been able to run for the past 12 months with over four nines of availability. They deploy 3 to 5 times a day, run in 2 regions/6 AZs and still manage to keep AWS costs below the monthly salary of an Engineer.

1. AWS Loft: Behind the scenes with Cotap
Architecting for the Cloud:
Hoping for the best, prepared for the worst.

11. Infrastructure as Code

12. Infrastructure as Code
● Current state
● Past decisions
● Tracking the evolution

13. Infrastructure as Code
● CloudFormation
● Design -> JSON
● Version Control!

14. Infrastructure as Code

15. Infrastructure as Code

16. Infrastructure as Code

19. Rule #1
All changes have to be under Version
Control

20. Design for automation

21. Design for automation
● AutoScalingGroups
● Hardware: CloudFormation
● Software: Configuration management
● Cattle not Cats

22. Rule #2
No instances should be launched manually.

23. Monitoring & Alerting

24. Monitoring & Alerting
● Cost of
o Interruptions
o Waking somebody up
● Channels
● Self-healing infrastructure
● External monitoring
● Page only when critical

25. Monitoring & Alerting
Situation Channel Page
Disk full 60% Chat, Email ✗
Disk full 90% Chat, Email, PagerDuty ✓
Chef not running for > 30m Chat, Email ✗
Redis not running for > 3 x 5s Chat, Email, PagerDuty ✓
ElasticSearch N-1 Chat, Email ✗
ElasticSearch N-2 Chat, Email, PagerDuty ✓

26. Monitoring & Alerting
● Cost of
o Interruptions
o Waking somebody up
● Channels
● Self-healing infrastructure
● External monitoring
● Page only when critical

27. Platform to fail

28. Platform to fail
● Easy creation of temporary “Stacks”
● Branches can get their own hardware
● Clients can talk to a branch
● QA happens on Sandbox
● Exact copy of Production
● Scale up/down based on needs
● Different Region (us-east-1)

29. Platform to fail

30. Platform to fail
● Easy creation of temporary “Stacks”
● Branches can get their own hardware
● Clients can talk to a branch
● QA happens on Sandbox
● Exact copy of Production
● Scale up/down based on needs
● Different Region (us-east-1)

31. Rule #3
All changes have to go through Sandbox.

32. Rule #4
Production is just a more powerful Sandbox

33. Disaster Recovery

34. Disaster Recovery
● Multi-AZs
● Traffic routing
● Multi-Regions (S3 too)
● AutoScalingGroups Min:1 Max:1
● Off-site backups (VPN + Disks)
● RPO + RTO

35. Security

36. Security
● MFA
● Public key distribution
● Root key rotation
● Private/Public Subnets
● ACLs/Security Groups
● Update AMIs
● Trusted Advisor!

37. Security

38. Scaling

39. Scaling
● Preemptive
● Automatic
● Vertically
● Horizontally
● Bottlenecks

40. Scaling

41. Cost Control

42. Cost Control
● Tags
o Role
o Environment
● Cost explorer
● Threshold alerting
● Share monthly
● Export to CSV
● Right-Scale (ASG)

43. Cost Control

44. Cost Control

45. Cost Control
● Tags
o Role
o Environment
● Cost explorer
● Threshold alerting
● Share monthly
● Export to CSV
● Right-Scale (ASG)

46. 4 rules of 5 nines.
● All changes have to be under VC
● No instance should be launched manually
● All changes are deployed to Sandbox first
● Production is just a more powerful Sandbox

47. Questions?
t: @martincozzi
e: martin@cotap.com
engineering.cotap.com