GOV.UK
GOV.UK and Virtual Private Networks (VPNs)
GOV.UK uses several VPNs to connect environments. This page explains what they are and what happens if they stop working.
VPN between live organisation and disaster recovery organisation
There’s a VPN in each Carrenza environment (currently staging and production) which connects the live organisation to the disaster recovery organisation. It’s used for monitoring the disaster recovery machines and for syncing data to them. The VPNs are managed by Carrenza.
If it goes down, these things will happen:
- The machines on the disaster recovery side of the connection will appear as unreachable hosts in GOV.UK monitoring
- Data replication will pause
VPN between live organisation and Licensing
Licensing is hosted in Skyscape. There’s a VPN in each environment which connects it to the live (Carrenza) organisation. The VPN is managed by Carrenza and Skyscape.
If it goes down, these things will happen:
- The machines on the disaster recovery (Skyscape) side of the connection will appear as unreachable hosts in GOV.UK monitoring
Applying for a licence should remain available because the connection between GOV.UK (the router and content store) and the Licensify organisation is made over the internet rather than over the VPN.
More about Monitoring
- Add a deployment dashboard for an application
- Add an Icinga passive check to a Jenkins job
- Add sidekiq-monitoring to your application
- Error reporting with Sentry
- Graphite and deployment dashboards
- How to deal with errors
- Metrics
- Monitor Sidekiq queues for your application
- Monitoring screens
- Nagios NRPE connection failures
- Pingdom Bouncer canary check
- Sidekiq
- Tools: Icinga, Grafana and Graphite, Kibana and Fabric
- Uptime Metrics
- Use AWS X-Ray to trace app requests
- Use Terraboard to monitor Terraform state