Hi all. I am seeking general advice and resources for an architecture I am trying to set up for my company’s web applications.
I am familiar with some DevOps technologies like Docker, GitHub Actions and Vercel, but am struggling to piece together a full picture for how I can accomplish setting up an architecture with Nomad (and the rest of the Hashicorp suite) for our web app.
First I’ll give a quick background and how I imagine solving this, then I’ll list some key challenges I am hoping some of you may have some hints or answers to. Also feel free to let me know if you have some general thoughts on the architecture described here.
Our company has a giant monolithic .Net Framework 4.5 web app that we host on our own WMs (in Azure). To each WM we deploy multiple instances of this web app, each with its specific configuration in a web.config-file, and its own domain name. Each instance uses a database hosted on another WM (also in Azure).
The problem is this doesn’t scale very well, and we use a lot of time for upgrades and administration. We were hoping to hoping to find something other than Kubernetes due to its steep learning curve and possible issues containerizing this web app. Nomad and its Windows IIS Task Driver looks like it would be a good fit for this. Here is the parts we need as I see it:
- Terraform provisions the needed VMs and installs Nomad and other software.
- Nomad runs the websites using the Windows IIS Task Driver
- Consul for service discovery
- Possibly we’ll need Vault for secrets?
Here are some challenges I am unable to find answers to:
- I need to install .net framework 4.5, and possibly other more obscure software on servers. Can Terraform do this, or do I need to combine it with something like Ansible?
- Can we somehow do canary deployments using the Windows IIS Task driver? Maybe in some sort of combination with an nginx in front of it or something?
- There will be multiple IIS websites and application pools, each with their own domain name and a Web.config containing general config, secrets and bindings. What is the best way to manage this?
- Each update to the app will be accompanied by a database migration that will need to be applied at approximately the time when we are updating the application code (served by the Windows IIS task driver). How do we run these migrations?
- I am also truggling a bit to find the best way to run databases in Nomad. Preferably we’d like to spin those up in the same manner as other nodes in Nomad, almost like a Database-as-a-service, in the same way that is possible in Portworx (from what I understand).
Sorry for the longform post, but all help is greatly appreciated.