Skip to content

Latest commit

 

History

History
328 lines (274 loc) · 19.8 KB

README.md

File metadata and controls

328 lines (274 loc) · 19.8 KB

Media Engineering Architecture & Deployment course

In this course you will learn:

  • How to deploy applications on a Linux server on an IaaS platform (Microsoft Azure).
  • How to deploy applications on a PaaS platform (Render).

In pursuit of this goal, you will learn:

  • How to use the command line and version control.
  • The basics of Unix system administration and cloud computing architectures.
  • Good security practices related to system administration and web applications.

This course is a Media Engineering web development course taught at HEIG-VD.

Legend

Parts of this guide are annotated with the following icons:

  • 📖 Slides or written documents pertaining to the various topics discussed during this course.
  • 🔨 An exercise aimed at practicing a topic discussed in class.
  • 💥 This exercise is graded.
  • 🔑 Solution(s) for an exercise.
  • 🎥 A video related to a subject.
  • 🏛️ The deployment architecture put in place during an exercise.

For you to succeed in this course, it is highly recommended that you read and complete all the content that is not labeled "extra".

What you will need

Plan

How to improve our basic deployment

The basic SFTP deployment of the PHP TodoList has several flaws which we will fix during the rest of the course:

  • Transfering files manually through SFTP is slow and error-prone. We will use Git to reliably transfer files from our central codebase and easily keep our deployment up-to-date over time.
  • Hardcoding configuration is a bad practice. We will use environment variables so that our application can be dynamically configured and deployed in any environment without changing its source code.
  • Starting our application manually is not suitable for a production deployment. We will use a process manager to manage the lifecycle of our application: starting it automatically when the server boots, and restarting it automatically if it crashes.
  • Accessing a web application through an IP address is not user-friendly. We will obtain a domain and configure its DNS zone file so that our application is accessible with a human-readable domain name.
  • Using a non-standard port is not user-friendly either. We will run the application on port 80 or 443 so that the end user does not have to specify a port in the browser's address bar.
  • Running our application server directly on port 80 or 443 will cause a problem: only one process can listen on a given port at the same time. We need another tool to support multiple production deployments on the same server. That will be the job of a reverse proxy like Apache or nginx.
  • Our application is not secure as indicated by the browser, because it is served over HTTP and not HTTPS. We will obtain a TLS/SSL certificate signed by a trusted certificate authority so that our application can be served over HTTPS and recognized as secure by browsers.
  • The PHP Development Server is not meant to deploy applications in production environments. We will use the FastCGI Process Manager to perform a production-grade deployment, making our application more resilient and able to serve more clients concurrently.

Our architecture so far

This is a simplified architecture of the main running processes and communication flow at the end of all the exercises we have done so far (up to 🔨 Deploy a PHP application with nginx and the FastCGI process manager at this time):

Architecture

Architecture PDF version.

📚 Note that unless you stopped it yourself, the systemd service you set up during the exercise 🔨 Manage a PHP application with systemd as a Process Manager is still running, and the PHP Todolist is still accessible on port 3000 as well as through nginx on port 80.

More Practice

Complete deployments

Extra

Frequently Asked Questions

What is the meaning of life?

42

How do I do X with the command line?

Read the command line cheatsheet

How do I do Y with Git?

Read the Git cheatsheet

How do I do Z with my server?

Read the system administration cheatsheet

How do I choose a password?

Don't use something that is hard to remember. You're better off using a passphrase (here's a French version).

References

These are the main references used throughout this course. More detailed and additional links to various online articles and documentation can be found at the end of each subject.

Wikipedia is also often referenced, namely these and related articles: