Guidelines for New Servers - openmrs/openmrs-contrib-itsmresources GitHub Wiki

Name and tier

  • For OpenMRS, we have used city names from Ethiopia for most of our server names. Bamboo agents are the exception, using Bamboo musical instruments.
  • Multiple services can live on the same machine, but make sure they belong to the same tier and have same backup configuration (all without backups or all with backups)
  • While Jetstream will be our main provider, we can choose some services and failover systems in other providers; or we will use different datacenter for the most important systems

Automation

  • Within Jetstream, all server names should be in the form ${OS_PROJECT_NAME}-servername by Jetstream convention. More details on Jetstream can be found in Provider Jetstream
  • Machines should be fully automated (Terraform, Ansible/Puppet/Docker). Our vms can be seen in automated docs. Process is defined in terraform docs
  • Terraform can create files in /etc/ansible/facts.d/, to be used as custom facts by ansible. After they are provisioned, they can be modified manually if there are changes.

General infra guidance

  • Do not use user docker for Bamboo
  • Every new machine should use let's encrypt ssh certificate.
  • It's preferable to use nginx over apache, for consistency.
  • Complex systems with data (like atlassian suite, ID) should have a staging version (which is used to validate an upgrade) - or at least a quick way to regenerate one.
  • Systems with state on the filesystem should do it in a different volume.
  • Backup files should be generated daily. Check Backups strategy
  • Check Monitoring and alerting overview as well.
  • Don't use the DNS redirect. It doesn't support HTTPS.

Read this before updating this wiki.

⚠️ **GitHub.com Fallback** ⚠️