Back to Documentation

Infrastructure

Deploy and manage Peregrine in your environment with enterprise-grade reliability

AWS GovCloud Deployment

Architecture Overview

Peregrine is designed for deployment in AWS GovCloud, ensuring compliance with federal security requirements.

Core Components

Compute Layer
  • • ECS Fargate for containerized services
  • • EC2 instances for GPU workloads
  • • Lambda for serverless functions
  • • Auto-scaling groups
Data Layer
  • • RDS PostgreSQL (Multi-AZ)
  • • ElastiCache for Redis
  • • S3 for object storage
  • • EBS for persistent volumes

Deployment Steps

1

Infrastructure as Code

# Deploy infrastructure with Terraform
terraform init
terraform plan -out=tfplan
terraform apply tfplan
2

Configure Networking

Set up VPC, subnets, and security groups

  • • Private subnets for application tier
  • • Public subnets for load balancers
  • • NAT gateways for outbound traffic
  • • VPC endpoints for AWS services
3

Deploy Applications

# Deploy with AWS CDK
cdk bootstrap
cdk deploy PeregrineStack --all

Kubernetes & Container Setup

EKS Configuration

Deploy Peregrine on Amazon EKS for orchestrated container management.

# peregrine-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: peregrine-api
  namespace: peregrine
spec:
  replicas: 3
  selector:
    matchLabels:
      app: peregrine-api
  template:
    metadata:
      labels:
        app: peregrine-api
    spec:
      containers:
      - name: api
        image: peregrine/api:latest
        ports:
        - containerPort: 8080
        env:
        - name: DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: peregrine-secrets
              key: database-url
        resources:
          requests:
            memory: "1Gi"
            cpu: "500m"
          limits:
            memory: "2Gi"
            cpu: "1000m"
        livenessProbe:
          httpGet:
            path: /health
            port: 8080
          initialDelaySeconds: 30
          periodSeconds: 10

Container Registry

ECR Setup

aws ecr create-repository \
  --repository-name peregrine/api \
  --region us-gov-west-1

Image Security

  • • Vulnerability scanning enabled
  • • Image signing with KMS
  • • Automated base image updates
  • • SBOM generation

Monitoring & Alerting

Observability Stack

Metrics

CloudWatch & Prometheus

Traces

AWS X-Ray & Jaeger

Logs

CloudWatch Logs & ELK

Alert Configuration

Critical Alerts

  • • API response time > 2s (P99)
  • • Error rate > 1%
  • • Database CPU > 80%
  • • Disk usage > 85%

Warning Alerts

  • • Queue depth > 1000 messages
  • • Memory usage > 70%
  • • SSL certificate expiry < 30 days
  • • Failed login attempts > 10/min

Dashboards

Pre-configured dashboards for system health monitoring.

# Example CloudWatch Dashboard
{
  "widgets": [
    {
      "type": "metric",
      "properties": {
        "metrics": [
          ["Peregrine", "APILatency", {"stat": "p99"}],
          [".", "APIRequests", {"stat": "Sum"}],
          [".", "APIErrors", {"stat": "Sum"}]
        ],
        "period": 300,
        "stat": "Average",
        "region": "us-gov-west-1",
        "title": "API Performance"
      }
    }
  ]
}

Backup & Disaster Recovery

Backup Strategy

Automated Backups

  • • RDS automated snapshots (daily)
  • • S3 cross-region replication
  • • EBS volume snapshots (hourly)
  • • Configuration backups to Git

Recovery Objectives

  • • RTO: 4 hours
  • • RPO: 1 hour
  • • Backup retention: 30 days
  • • Annual DR testing

Disaster Recovery Plan

Recovery Procedures

  1. 1
    Assess Impact

    Determine scope and services affected

  2. 2
    Initiate Failover

    Switch to standby region if needed

  3. 3
    Restore Data

    Restore from latest clean backup

  4. 4
    Verify Services

    Run health checks and validation tests

Infrastructure as Code

All infrastructure is managed through code for consistency and repeatability.

Terraform

Core infrastructure provisioning

AWS CDK

Application stack deployment

Ansible

Configuration management