Cloud platform user guide

Who is this user guide for?

This user guide is for service teams with applications deployed, or intending to deploy, to the Ministry of Justice Cloud Platform. The platform manages the infrastructure that your application runs on and provides tooling for teams to deploy and manage their applications on that infrastructure. See also: About the Cloud Platform

Quickstart

• Overview of the Cloud Platform
• The Cloud Platform CLI
• Deploy your first Hello World application
• Create a GOV.UK Prototype Kit site
• Set up continuous deployment using GitHub Actions

How-to guides

• How to use kubectl to connect to the cluster
• Creating a Cloud Platform Environment
• Creating an ECR repository for your docker images
• Setting up GitHub Actions CD with Helm
• Creating a Route 53 Hosted Zone for your DNS records
• Adding AWS resources to your environment
• How do I run Rails database migrations?
• Removing an unneeded namespace

Concepts

• Kubernetes
• Deploying to the Cloud Platform
• Migrate from Template Deploy
• OFFICIAL SENSITIVE - can my service be hosted on the Cloud Platform?
• Security Controls on the Cloud Platform

Tutorials

• Deploying a Hello World application
• Deploying a multi-container application to the Cloud Platform

Deploying with Helm and CircleCI

• Prerequisite for Live-1 deployment
• Continuous Deployment of an application using CircleCI and Helm
• Deploying an application to the Cloud Platform with Helm

Monitoring applications

• Using the Cloud Platform Prometheus, AlertManager and Grafana
• Getting application metrics into Prometheus
• Creating your own custom alerts
• Creating Pingdom checks
• Using the CloudWatch data source in Grafana

Application logging

• Application Log Collection and Storage
• Accessing Application Log Data

Other topics

• Adding a secret to an application
• Cloud Platform Support
• Zero Downtime Deployments
• Using a custom domain
• Creating alerts for RDS
• Accessing your RDS database
• Viewing RDS Database Metrics
• RDS Snapshots
• Setup Postgres container
• Time Zone Cronjobs
• How to decommission unused template deploy services
• Git-Crypt
• Kubernetes Cronjobs
• Kubernetes jobs
• IP Filtering
• Applying a Maintenance Page
• Kubectl quick reference
• StatefulSets (Pods with Persistent Volumes)
• Storage Classes
• Troubleshooting guide
• Long-running environments operations
• Upgrading an RDS instance
• Migrating an RDS instance
• SSL connections with RDS
• Secrets overview
• ModSecurity - Web Application Firewall
• Network Policies
• Persistent-Volume encryption and snapshot
• Migrating an S3 bucket
• Access cross AWS resources
• Kibana Circleci Monitoring Dashboards
• Namespace/Container Resource Limits
• Checking the GitHub groups in your ID token
• Cloud Platform Disaster Recovery

Reference

• Cloud Platform Operational Processes
• Kubernetes resources

Getting help

• Ask Cloud Platform

Adding to the guide

If there’s something missing, please either let us know and we’ll add a new article, or if you’re comfortable writing one yourself, PRs will be gratefully received. Details on how to get in touch are in the “Getting Help” section above, and the “GithHub” link at the top right of this page will take you to the repository for this guide.

This page was last reviewed on 18 March 2021. It needs to be reviewed again on 18 June 2021 .

This page was set to be reviewed before 18 June 2021. This might mean the content is out of date.