In this post Mr Flip Flops talks about the ability of Anoto Live Forms to handle huge load demands, while managing system vulnerability and data compliance risk via established best in class processes.
Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change. Amazon EC2 changes the economics of computing by allowing you to pay only for capacity that you actually use.
So what have we actually done here?
The main 4 things we have done here is the following:
- We have moved the database off the Anoto Live Forms server. We have done this for two reasons. The first and obvious one is to ease the load on the Anoto Live Forms server and we can run a more cost effective instance there. The second reason is to run the database with the purpose (Amazon RDS Relational Database Service).
- In addition to separating the MySQL-server we will add a cache service (Amazon ElastiCache) that will take more load off the server when doing requests to it.
- We have also taken some other heavy load tasks off the Anoto Live Forms server such as PDF-generation (requires custom development) and heavy event handler tasks. We will use a load balancer (Amazon Elastic Load Balancing) and auto scaling here so that we always have enough instances to be able to satisfy the need, but not paying for any extra.
- For security reasons we have a dedicated server that is the only server that has SSH-access to our private cloud. We make sure to have this turned on only when we need to. The rest of the time we will only have port 443 (HTTPS) open to the server.
This is only the beginning. What more can we do?
- We can add backup services with snapshots or by using Amazon S3 storage.
- We can add a read replica of the database to ease the pressure on the MySQL-server.
- We can clone this whole system into another availability zone with a load balancer and auto scaling in front to remove the vulnerability of one zone going down. This will look different depending on how the particular environment looks like, but it is possible.
- As we now can see servers as applications instead of actual physical servers we can easily clone our server before any software changes are to be made.
- We can for example upgrade it and make sure it works as we want before we bring our users over.
Most important, security and compliance
On top of this we have a security team that is one of the best in the world and when we then look at the Amazon Compliance program it makes it an ideal platform for us to work with. To capture the key idea here I took the following picture at the Amazon Summit 2014 Amsterdam: