Instagram 從 AWS 搬到 Facebook 機房
source link: https://blog.gslin.org/archives/2014/06/30/4839/instagram-%e5%be%9e-aws-%e6%90%ac%e5%88%b0-facebook-%e6%a9%9f%e6%88%bf/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Instagram 從 AWS 搬到 Facebook 機房
Instagram 在 Instagram Engineering Blog 上宣佈的消息:「Migrating From AWS to FB」。
整個 migration 的過程是採取不停機轉移,所以 effort 比直接停機轉移高很多:
The main blocker to this easy migration was that Facebook’s private IP space conflicts with that of EC2. We had but one route: migrate to Amazon’s Virtual Private Cloud (VPC) first, followed by a subsequent migration to Facebook using Amazon Direct Connect. Amazon’s VPC offered the addressing flexibility necessary to avoid conflicts with Facebook’s private network.
先把整個系統轉移到 Amazon VPC 裡,然後再拉 AWS Direct Connect 串起來,接下來才是慢慢把 instance 轉移到 Facebook 的機房內。
中間也有一些工作:
To provide portability for our provisioning tools, all of the Instagram-specific software now runs inside of a Linux Container (LXC) on the servers in Facebook’s data centers.
所以已經導入 LXC 了...
Related
在 EC2 上面疊 IPsec
AWS 發了一篇關於在 EC2 上面疊 IPsec 的方式:「Creating an opportunistic IPSec mesh between EC2 instances」。 這個需求主要是因為 AWS 一直沒有保證在同一區的流量有加密 (包括了同一個機房的流量、同一個 AZ 但不同機房的流量,以及同一區跨 AZ 之間的流量),甚至跨帳號間的 VPC Peering 都不保證有加密,只說「跟兩台 instance 之間的溝通相同」,用詞很小心 (參考「Amazon VPC FAQs」這邊的說明): Q. Is VPC peering traffic within the region encrypted? No. Traffic between instances in peered VPCs remains private and isolated –…
December 13, 2018In "Murmuring"
Amazon VPC 支援純 IPv6 的網段了
Amazon VPC 支援純 IPv6 的網段了:「Amazon Virtual Private Cloud (VPC) customers can now create IPv6-only subnets and EC2 instances」。 先前機器都還是要設一個 IPv4 位置,所以網段都必須有 IPv4 network space,這次推出使得機器可以跑在 IPv6-only network 上了,不過 Linux 裡面應該還是會有個 lo 與 127.0.0.1... 短時間應該用不到,不過可以先玩看看感覺一下...
November 27, 2021In "AWS"
Amazon VPC 允許直接把整個網段配到某台 EC2 Instance 上了
看到「Amazon Virtual Private Cloud (VPC) customers can now assign IP prefixes to their EC2 instances」這邊的消息,VPC 可以把整個網段配到某台 EC2 Instance 上了。 之前也有其他方法可以做到類似的事情: 用 VPC 提供的 Routing Table 把網段指到某台 EC2 的機器上。 把這台 EC2 機器的「Enable Source/Destination Check」關閉。 目前就是用這個方法搞定 VPN server 的:我們希望機器連上 VPN 後拿到 10.x.x.x 的 IP address,而且可以被 VPC 內直接存取,而不要被 NAT 掉。 好像該開張票轉移過去...
July 24, 2021In "AWS"
2 thoughts on “Instagram 從 AWS 搬到 Facebook 機房”
Leave a Reply
Your email address will not be published. Required fields are marked *
Comment *
Name *
Email *
Website
Notify me of follow-up comments by email.
Notify me of new posts by email.
To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)
Post navigation
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK