You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/src/understand/overview.rst
+9-14Lines changed: 9 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -45,9 +45,9 @@ Backend components startup
45
45
46
46
The Wire server backend is designed to run on a kubernetes cluster. From a high level perspective the startup sequence from machine power-on to the Wire server being ready to receive requests is as follow:
47
47
48
-
1. *Kubernetes node power on*. Systemd starts the kubelet service which makes the worker node available to kubernetes. For more details about kubernetes startup refer to `the official kubernetes documentation <https://kubernetes.io/docs/reference/setup-tools/kubeadm/implementation-details/>`__. For details about the installation and configuration of kubernetes and worker nodes for Wire server see :ref:`Installing kubernetes and databases on VMs with ansible <ansible_vms>`
48
+
1. *Kubernetes node power on*. Systemd starts the kubelet service which makes the worker node available to kubernetes. For more details about kubernetes startup refer to `the official kubernetes documentation <https://kubernetes.io/docs/reference/setup-tools/kubeadm/implementation-details/>`__. For details about the installation and configuration of kubernetes and worker nodes for Wire server see :ref:`Installing kubernetes and databases on VMs with ansible <ansible_vms>`
49
49
2. *Kubernetes workload startup*. Kubernetes will ensure that Wire server workloads installed via helm are scheduled on available worker nodes. For more details about workload scheduling refer to `the official kubernetes documentation <https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/>`__. For details about how to install Wire server with helm refer to :ref:`Installing wire-server (production) components using Helm <helm_prod>`.
50
-
3. *Stateful workload startup*. Systemd starts the stateful services (cassandra, elasticsearch and minio). See for instance `ansible-cassandra role <https://github.com/wireapp/ansible-cassandra/blob/master/tasks/systemd.yml#L10>`__ and other database installation instructions in :ref:`Installing kubernetes and databases on VMs with ansible <ansible_vms>`
50
+
3. *Stateful workload startup*. Systemd starts the stateful services (cassandra, elasticsearch and minio). See for instance `ansible-cassandra role <https://github.com/wireapp/ansible-cassandra/blob/master/tasks/systemd.yml#L10>`__ and other database installation instructions in :ref:`Installing kubernetes and databases on VMs with ansible <ansible_vms>`
51
51
4. *Other services*. Systemd starts the restund docker container. See `ansible-restund role <https://github.com/wireapp/ansible-restund/blob/9807313a7c72ffa40e74f69d239404fd87db65ab/templates/restund.service.j2#L12-L19>`__. For details about docker container startup `consult the official documentation <https://docs.docker.com/get-started/overview/#docker-architecture>`__
52
52
53
53
.. note::
@@ -60,7 +60,7 @@ The Wire server backend is designed to run on a kubernetes cluster. From a high
60
60
Focus on pods
61
61
~~~~~~~~~~~~~
62
62
63
-
The Wire backend runs in `a kubernetes cluster <https://kubernetes.io/>`__, with different components running in different `pods <https://kubernetes.io/docs/concepts/workloads/pods/>`__.
63
+
The Wire backend runs in `a kubernetes cluster <https://kubernetes.io/>`__, with different components running in different `pods <https://kubernetes.io/docs/concepts/workloads/pods/>`__.
64
64
65
65
This is a list of those pods as found in a typical installation.
66
66
@@ -78,7 +78,7 @@ Frontend pods:
78
78
Pods with an HTTP API:
79
79
80
80
* ``brig``: `The user management API service <https://github.com/wireapp/wire-server/tree/develop/services/brig>`__. Connects to ``cassandra`` and ``elastisearch`` for user data storage, sends emails and SMS for account validation.
81
-
* ``cannon``: `WebSockets API Service <https://github.com/wireapp/wire-server/blob/develop/services/cannon/package.yaml#L6>`__. Holds WebSocket connections.
81
+
* ``cannon``: `WebSockets API Service <https://github.com/wireapp/wire-server/blob/develop/services/cannon/>`__. Holds WebSocket connections.
82
82
* ``cargohold``: `Asset Storage API Service <https://docs.wire.com/how-to/install/aws-prod.html>`__. Amazon-AWS-S3-style services are used by ``cargohold`` to store encrypted files that users are sharing amongst each other, such as images, files, and other static content, which we call assets. All assets except profile pictures are symmetrically encrypted before storage (and the keys are only known to the participants of the conversation in which an assets was shared - servers have no knowledge of the keys).
83
83
* ``galley``: `Conversations and Teams API Service <https://docs.wire.com/understand/api-client-perspective/index.html>`__. Data is stored in cassandra. Uses ``gundeck`` to send notifications to users.
84
84
* ``nginz``: Public API Reverse Proxy (Nginx with custom libzauth module). A modified copy of nginx, compiled with a specific set of upstream extra modules, and one important additional module zauth_nginx_module. Responsible for user authentication validation. Forwards traffic to all other API services (except federator)
@@ -88,16 +88,16 @@ Pods with an HTTP API:
88
88
89
89
Supporting pods and data storage:
90
90
91
-
* ``cassandra-ephemeral`` (or ``cassandra-external``): `NoSQL Database management system <https://github.com/wireapp/wire-server/tree/develop/charts/cassandra-ephemeral>`__ (https://en.wikipedia.org/wiki/Apache_Cassandra). Everything stateful in wire-server (cassandra is used by ``brig``, ``galley``, ``gundeck`` and ``spar``) is stored in cassandra.
92
-
* ``cassandra-ephemeral`` is for test clusters where persisting the data (i.e. loose users, conversations,...) does not matter, but this shouldn't be used in production environments.
91
+
* ``cassandra-ephemeral`` (or ``cassandra-external``): `NoSQL Database management system <https://github.com/wireapp/wire-server/tree/develop/charts/cassandra-ephemeral>`__ (https://en.wikipedia.org/wiki/Apache_Cassandra). Everything stateful in wire-server (cassandra is used by ``brig``, ``galley``, ``gundeck`` and ``spar``) is stored in cassandra.
92
+
* ``cassandra-ephemeral`` is for test clusters where persisting the data (i.e. loose users, conversations,...) does not matter, but this shouldn't be used in production environments.
93
93
* ``cassandra-external`` is used to point to an external cassandra cluster which is installed outside of Kubernetes.
94
94
* ``demo-smtp``: In "demo" installations, used to replace a proper external SMTP server for the sending of emails (for example verification codes). In production environments, an actual SMTP server is used directly instead of this pod. (https://github.com/namshi/docker-smtp)
95
95
* ``fluent-bit``: A log processor and forwarder, allowing collection of data such as metrics and logs from different sources. Not typically deployed. (https://fluentbit.io/)
96
-
* ``elastisearch-ephemeral`` (or ``elastisearch-external``): `Distributed search and analytics engines, stores some user information (name, handle, userid, teamid) <https://github.com/wireapp/wire-server/tree/develop/charts/elastisearch-external>`__. Information is duplicated here from cassandra to allow searching for users. Information here can be re-populated from data in cassandra (albeit with some downtime for search functionality) (https://www.elastic.co/what-is/elasticsearch).
97
-
* ``elastisearch-ephemeral`` is for test clusters where persisting the data doesn't matter.
96
+
* ``elastisearch-ephemeral`` (or ``elastisearch-external``): `Distributed search and analytics engines, stores some user information (name, handle, userid, teamid) <https://github.com/wireapp/wire-server/tree/develop/charts/elastisearch-external>`__. Information is duplicated here from cassandra to allow searching for users. Information here can be re-populated from data in cassandra (albeit with some downtime for search functionality) (https://www.elastic.co/what-is/elasticsearch).
97
+
* ``elastisearch-ephemeral`` is for test clusters where persisting the data doesn't matter.
98
98
* ``elastisearch-external`` refers to elasticsearch IPs located outside kubernetes by specifying IPs manually.
99
99
* ``fake-aws-s3``: Amazon-AWS-S3-compatible object storage using MinIO (https://min.io/), used by cargohold to store (encrypted) assets such as files, posted images, profile pics, etc.
100
-
* ``fake-aws-s3-reaper``: Creates the default S3 bucket inside fake-aws-s3.
100
+
* ``fake-aws-s3-reaper``: Creates the default S3 bucket inside fake-aws-s3.
101
101
* ``fake-aws-sns``. `Amazon Simple Notification Service (Amazon SNS) <https://docs.aws.amazon.com/AmazonS3/latest/userguide/NotificationHowTo.html>`__, used to push messages to mobile devices or distributed services. SNS can publish a message once, and deliver it one or more times.
102
102
* ``fake-aws-sqs``: `Amazon Simple Queue Service (Amazon SQS) queue <https://docs.aws.amazon.com/AmazonS3/latest/userguide/NotificationHowTo.html>`__, used to transmit any volume of data without requiring other services to be always available.
103
103
* ``redis-ephemeral``: Stores websocket connection assignments (part of the ``gundeck`` / ``cannon`` architecture).
@@ -146,8 +146,3 @@ As an example, this is the result of running the ``kubectl get pods --namespace
146
146
.. note::
147
147
148
148
This list is not exhaustive, and your installation may have additional pods running depending on your configuration.
0 commit comments