Success!

Note

Error

Session expiration Your session is going to expireClick here to extend

Budget:

Small project <800

Posted on

6/29/17 1:28 AM

Buyer:

Til***

This project has expired

Why don't you register anyway? We are sure that you will find many similar projects out of the thousands waiting for you!

Post similar project now

Description

We are a tech startup based in Germany. For our deployment we are looking for a Microsoft Azure or AWS expert to help us with our initial setup and possibly maintenance.

Our setup consists of four applications, each with a mostly identical staging and a production environment, as well as one database, blob storage, load-balancing, Queue, etc:

1. Main Server (staging + production)

- PHP 7.* (We are using Laravel PHP 5.4)

- OpenSSL PHP Extension

- PDO PHP Extension

- Mbstring PHP Extension

- Tokenizer PHP Extension

- XML PHP Extension

- Apache or Nginx webserver

- HTTPS (Let's Encrypt is fine)

- Connected to our database

- Connected to a queue service (like AWS SQS)

- Connected to a blob storage (like AWS S3)

- Public IP address, DNS records, etc.

- Load-balancing + auto-scaling

2. Worker (staging + production)

- Identical to main server, but with less power.

- No public IP address, only connected to our main server (1.)

- Configured to process jobs from queue service.

- Connected to our database

- Connected to the same blob storage as our main server.

3. Python server (staging + production)

- Standard python environment, configured to run Django

- Connected only to our main server (1.) and worker (2.)

4. Website (staging + production)

- Basic nodejs environment to run Nuxt.js framework

- Seperated from all other applications, database, etc.

- HTTPS (Let's Encrypt is fine)

- Public IP address, DNS records, etc.

- Load-balancing + auto-scaling

Further requirements:

a. Database (staging + production)

- MySQL or compatible (we're doing no fancy stuff, just basic operations)

- Connected to main server (1.) and worker (2.)

b. Blob storage (staging + production)

- Accessible through FTP/FTPS

- Connected to main server (1.) and worker (2.)

c. Queue service (staging + production)

- Beanstalk, Amazon SQS or Redis

d. VPC/VPN

- Main server (1.), worker (1.) and python server (3.) should be in their own VPC/VPN (staging + production) 

- Website (4.) should be in his own VPC/VPN (staging + production)

Regarding our deployment technique:

We have a build system (buddy.works) which processes (installing dependencies, etc.) our code from our GitHub repositories and pipes them to AWS Elastic Beanstalk, Azure (via local git repository) or FTP. We would like to keep it that way, so we don't have to install any dependencies on our servers.

Security + Backups:

- Our systems should be configured to auto-scale and our main server (1.) and website (4.) should have a load-balancer.

- All applications should only be accessible as declared above. Security groups, VPCs/VPNs (per environment), etc. should be configured to enforce this.

- Application Firewall

- Persistent storage (blob and database) requires a decent backup strategy: mirroring, automated snapshots, redundancy, different zones, etc.

Access:

- All applications should be accessible through a VPN connection using a number of SSH certificates.

- The databases should be accessible through a bastion host using a number of SSH certificates.

We are a tech startup based in Germany. For our deployment we are looking for a Microsoft Azure or AWS expert to help us with our initial setup and possibly maintenance.


Our setup consists of four applications, each with a mostly identical staging and a production environment, as well as one database, blob storage, load-balancing, Queue, etc:



1. Main Server (staging + production)


- PHP 7.* (We are using Laravel PHP 5.4)
- OpenSSL PHP Extension
- PDO PHP Extension
- Mbstring PHP Extension
- Tokenizer PHP Extension
- XML PHP Extension
- Apache or Nginx webserver
- HTTPS (Let's Encrypt is fine)
- Connected to our database
- Connected to a queue service (like AWS SQS)
- Connected to a blob storage (like AWS S3)
- Public IP address, DNS records, etc.
- Load-balancing + auto-scaling



2. Worker (staging + production)

  • - Identical to main server, but with less power.
  • - No public IP address, only connected to our main server (1.)
  • - Configured to process jobs from queue service.
  • - Connected to our database
  • - Connected to the same blob storage as our main server.


3. Python server (staging + production)

  • - Standard python environment, configured to run Django
  • - Connected only to our main server (1.) and worker (2.)


4. Website (staging + production)

  • - Basic nodejs environment to run Nuxt.js framework
  • - Seperated from all other applications, database, etc.
  • - HTTPS (Let's Encrypt is fine)
  • - Public IP address, DNS records, etc.
  • - Load-balancing + auto-scaling


Further requirements:


a. Database (staging + production)

  • - MySQL or compatible (we're doing no fancy stuff, just basic operations)
  • - Connected to main server (1.) and worker (2.)


b. Blob storage (staging + production)

  • - Accessible through FTP/FTPS
  • - Connected to main server (1.) and worker (2.)


c. Queue service (staging + production)

  • - Beanstalk, Amazon SQS or Redis


d. VPC/VPN

  • - Main server (1.), worker (1.) and python server (3.) should be in their own VPC/VPN (staging + production) 
  • - Website (4.) should be in his own VPC/VPN (staging + production)


Regarding our deployment technique:


We have a build system (buddy.works) which processes (installing dependencies, etc.) our code from our GitHub repositories and pipes them to AWS Elastic Beanstalk, Azure (via local git repository) or FTP. We would like to keep it that way, so we don't have to install any dependencies on our servers.



Security + Backups:

  • - Our systems should be configured to auto-scale and our main server (1.) and website (4.) should have a load-balancer.
  • - All applications should only be accessible as declared above. Security groups, VPCs/VPNs (per environment), etc. should be configured to enforce this.
  • - Application Firewall
  • - Persistent storage (blob and database) requires a decent backup strategy: mirroring, automated snapshots, redundancy, different zones, etc.


  • Access:

  • - All applications should be accessible through a VPN connection using a number of SSH certificates.
  • - The databases should be accessible through a bastion host using a number of SSH certificates.