From 7a75722733e71846536bd4aeb9d57b1afabe2b70 Mon Sep 17 00:00:00 2001 From: shockrah Date: Thu, 25 Nov 2021 20:45:15 -0800 Subject: [PATCH] + Docs for sigma and internal ips --- readme | 33 +++++++++++++++++++++++++-------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/readme b/readme index 63be571..2beb585 100644 --- a/readme +++ b/readme @@ -42,6 +42,11 @@ SSH/Ansible Host VPC. This way we only accept internal SSH connections. Rationale: To reduce surface area to the outside werld +Reverse Proxy + This server is going to sit between Alpha & Beta as + both are going to need need to take HTTP requests + from the internet but I don't want to expose them. + Section 3. Codenames ==================== @@ -53,6 +58,8 @@ Beta - Static Nginx Server Gamma - Dev/Ansible host +Sigma - Web App Reverse Proxy + Crete - Primary Subnet used to host stuff Section 4. Network Layout @@ -60,25 +67,30 @@ Section 4. Network Layout Crete + Subnet 10.0.0.128/26 Refers to the primary subnet that most services live on. Contains its own internet gateway as services here basically require 24/7 internet access. > High number of web services -Subnet 10.0.0.128/25 Alpha - Public IP: not required - Internal IP: 10.0.1.1 + Internal IP: 10.0.0.129 + Web Docker Host Beta - Public IP: required for public websites + Internal IP: 10.0.0.130 + Static Web Server Gamma - Ephemeral: only up when absolutely required - Will request Elastic IP when it needs one - however it will release the IP when not - required to reduce overall cost of running this system + Internal IP: 10.0.0.131 + Has an EIP bound however the server is only up when required. + +Sigma + Internal IP: 10.0.0.132 + Reverse Proxy for Alpha and Beta. Doing this means we don't have + to assign EIP's for every single one. + Section 5. Image's Used for Hosting =================================== @@ -104,3 +116,8 @@ Instance Types with rationale Nginx server Gamma - t3.micro Ansible host + Sigma - t3.small + Using a small since we only need enough power + to supply a load balancer(of sorts). Also some + of the workers behind this are kinda large which + means we can't scrape by with something tiny