Skip to main content
Table of contents


Node classes without redundancy

Below we provide a list of node classes that are not configured to be highly available (HA). This means that short outages of these machines are architecturally considered acceptable.

Installation of a critical software component on a non-redundant node class has caused an incident in the past. This happened when pgbouncer, required for all Postgresql database accesses at the time, was installed on db_admin, a single EC2 instance. That single instance became unavailable and took down Postgres in Production.

Please do not install new services or applications on any of the following machines unless it’s OK for your service to be down 5% of the time:

  • db-admin
  • transition-db-admin
  • content-data-api-db-admin
  • asset-master
  • jumpbox
  • ckan
  • apt
  • mirrorer
  • licensing_backend

If in doubt, please discuss your requirements with RE GOV.UK (#re-govuk on Slack).

This page was last reviewed on 12 August 2020. It needs to be reviewed again on 12 February 2021 by the page owner #re-govuk .
This page was set to be reviewed before 12 February 2021 by the page owner #re-govuk. This might mean the content is out of date.