Hi,
I am currently hosting, with Linode, an app that is in development. I would like to move to AWS in preparation for launch, keeping my linode for development. I require the following:
AWS:
1x EC2 AMI: To be used for web instances. Debian, Nginx, PHP & APC, CSF. Shared file mount. Reproduce the Linode web server environment.
1x ELB: To sit in front of the front-end instances. SSL only.
1x RDS MySQL: To be shared between all instances.
1x ElasticCache (memcache): To be shared between all instances.
1x SOLR 4 server: To be shared between all instances.
1x Proxy/Admin Server: To be used for all servers as a proxy when accessing the wider internet. Using rsyslog as a central point for logging from all servers before forwarding to papertrail. Used as a Tor hidden service that connects to the ELB.
Other requirements:
Rotating S3 Backup of code/files/db etc.
Auto scale to keep 2 EC2 instances available, and add instances as required to stay healthy.
Web is SSL only. Cloudflare handles redirect so no port 80 required at all.
OS to have all non-essential services disabled or removed. Latest stable software and all applicable security patches applied.
Single place to roll out code (SFTP). I am not using git or any versioning.
AWS security firewalls locked down and CSF configured on our instances. No external access other than for proxy and ELB (e.g. no direct web server access).
Authy for SSH on any server with external SSH access (e.g. proxy).
Full access to existing Linodes will be provided. Everything requested is currently configured in some form at Linode.
Other Notes:
Please advise on instance sizes and other options etc. Start small initially as budget is very tight, enough to get up and running and will be pumped up on launch.
If encryption is an option, use it (e.g. internal comms between servers/services).
We will continue to use CloudFlare->ELB for DNS/CDN/IP Proxy.
Where required, PGP will be used to transfer credentials to or from me.
Advise on nginx/php settings if you note any obvious issues or performance suggestions.
Job Completion:
I will consider the job completed when AWS is fully configured as above, secure & backed up, a snapshot of the dev files/code, permissions, and db is transferred and all tests ok.