Skip to main content

AWS Infrastructure Documentation

Table of Contents

  1. AWS Accounts Overview
  2. Account Details & Purpose
  3. Regional Strategy
  4. Production Infrastructure (395785058010)
  5. Development Infrastructure (852003208338)
  6. Designs.AI Infrastructure
  7. Billing & Cost Analysis
  8. Network Architecture

AWS Accounts Overview

High-level Architecture

Account Summary Table

Account NameAccount IDEmailPurposeStatus
pixlr-production-main395785058010aws+pixlr-production-main@pixlr.comMain production environment for Pixlr servicesActive
pixlr-development-main852003208338aws+pixlr-development-main@pixlr.comDevelopment environment, AI/ML teamActive
pixlr-production-mobile181450561888aws+pixlr-production-mobile@pixlr.comMobile production servicesActive
G-ASIAPACIFIC (S) PTE LTD - P6420528867224procurement6@g-asiapac.comBilling account (compute contract, discounted pricing)Active
designsai-production-main438260820662aws+designsai-production-main@pixlr.comCurrent running Designs.AI productionActive
designsai-production-revamp570082719261aws+designsai-production-revamp@pixlr.comNew Designs.AI production (not launched, empty)Active
designsai-development-revamp301262837942aws+designsai-development-revamp@pixlr.comNew Designs.AI dev (IaC with Terraform/Terragrunt)Active
designsai-development-main842551319943aws+designsai-development-main@pixlr.comLegacy Designs.AI dev (to be migrated)Active
designsai-development-designmaker938715747800aws+designsai-development-designmaker@pixlr.comTemporary accountTo be deleted
inabit-production-main654654504946aws+inabit-production-main@pixlr.comDiscontinued Inabit productionTo be deleted
pixlrgroup-data024848480918aws+pixlrgroup-data@pixlr.comData servicesActive
pixlrgroup-it864997391138itadmin+awsit@pixlr.comIT administrationActive
pixlrgroup-management024848484830aws+pixlrgroup-management@pixlr.comManagement accountActive
pixlrgroup-security924594388360aws+pixlrgroup-security@pixlr.comSecurity servicesActive
vectr-production-main331173110675aws+vectr-production-main@pixlr.comVectr productionActive

Account Details & Purpose

🔴 Critical Note: Billing Configuration

⚠️ IMPORTANT: All accounts must bill through the G-ASIAPACIFIC (S) PTE LTD - P6 (420528867224) account due to compute contract with AWS for discounted pricing.

Primary Production Account: pixlr-production-main (395785058010)

Purpose: Main production environment for all Pixlr services (production and development workloads)

Key Features:

  • Hosts both production and development services
  • Primary AI/ML team workspace
  • Contains Spark Analytics instance
  • Highest resource utilization

Development Account: pixlr-development-main (852003208338)

Purpose: Development environment with focus on AI/ML experimentation

Key Features:

  • AI/ML team development and testing
  • GPU instances for model training
  • Spark Analytics infrastructure
  • Metabase analytics (currently stopped)
  • Dagster data orchestration (currently stopped)

Designs.AI Migration Strategy

Migration Details:

  • New Infrastructure: Terraform/Terragrunt IaC implementation complete in development-revamp
  • Status: Development revamp ready, production revamp environment empty (not launched)
  • Action: Migrate from legacy accounts to new IaC-managed accounts

Regional Strategy

Region Distribution

RegionCodeUsageRationale
US East (N. Virginia)us-east-1Primary Production & DevelopmentCheapest region, significant USA user base
Singaporeap-southeast-1Development & Other ServicesRegional development, APAC services

Regional Lock Policy

Note: Infrastructure is region-locked. We primarily use:

  • us-east-1 (North Virginia) for production and pricing optimization
  • ap-southeast-1 (Singapore) for development and regional services

Production Infrastructure (395785058010)

Region: US East (N. Virginia) - us-east-1

Load Balancers (26 Active)

NameTypeCreatedPurposeDNS Name
pixlr-opsviewApplication2019-05-15Operations monitoringpixlr-opsview-1416411079.us-east-1.elb.amazonaws.com
pixlr-stag-nodeApplication2019-10-03Staging Node.jspixlr-stag-node-1317397879.us-east-1.elb.amazonaws.com
pixlr-stag-rails-webappsApplication2019-10-04Staging Rails appspixlr-stag-rails-webapps-1064302491.us-east-1.elb.amazonaws.com
pixlr-prod-blogApplication2019-10-14Production blogpixlr-prod-blog-571140488.us-east-1.elb.amazonaws.com
pixlr-prod-nodejsApplication2019-11-05Production Node.jspixlr-prod-nodejs-952523080.us-east-1.elb.amazonaws.com
pixlr-prod-rails-webapps-APIApplication2020-03-12Production Rails APIpixlr-prod-rails-webapps-API-839241104.us-east-1.elb.amazonaws.com
pixlr-prod-learnApplication2020-04-14Learning platformpixlr-prod-learn-2060154673.us-east-1.elb.amazonaws.com
pixlr-ai-nsfw-detectApplication2023-12-20NSFW detection AIpixlr-ai-nsfw-detect-93725725.us-east-1.elb.amazonaws.com
LCMLor-LoadB-nNi59jkPcHykApplication2024-01-16LCM LoRA SD serviceLCMLor-LoadB-nNi59jkPcHyk-2015341052.us-east-1.elb.amazonaws.com
SDM-MU-LoadB-qkNzYXugbQrKApplication2024-03-06SD Multi-ModelSDM-MU-LoadB-qkNzYXugbQrK-334789914.us-east-1.elb.amazonaws.com
pixlrgroup-devices-albApplication2024-07-11Device managementpixlrgroup-devices-alb-1065696789.us-east-1.elb.amazonaws.com
pixlrgroup-corporate-site-albApplication2024-08-26Corporate websitepixlrgroup-corporate-site-alb-395997703.us-east-1.elb.amazonaws.com
pixlrgroup-vpn-albApplication2024-08-27VPN gatewaypixlrgroup-vpn-alb-387892135.us-east-1.elb.amazonaws.com
Backgr-LoadB-wUCs7l3Z49YUApplication2024-08-29Background removalBackgr-LoadB-wUCs7l3Z49YU-147138851.us-east-1.elb.amazonaws.com
SDInpa-LoadB-knBK7EHGaDYvApplication2024-08-30SD InpaintingSDInpa-LoadB-knBK7EHGaDYv-1728719762.us-east-1.elb.amazonaws.com
pixlr-prod-ai-indexApplication2024-09-03AI indexing servicepixlr-prod-ai-index-982411823.us-east-1.elb.amazonaws.com
SAMV2S-LoadB-u8lkU9auOHHOApplication2024-09-26SAM V2 serviceSAMV2S-LoadB-u8lkU9auOHHO-188005787.us-east-1.elb.amazonaws.com
SuperR-LoadB-VB4zUs7N2TR2Application2024-11-06Super ResolutionSuperR-LoadB-VB4zUs7N2TR2-848334755.us-east-1.elb.amazonaws.com
SM-2-V-LoadB-QDFscuoYTfkcApplication2024-12-02Voice serviceSM-2-V-LoadB-QDFscuoYTfkc-1954731547.us-east-1.elb.amazonaws.com
SM-2-S-LoadB-wF7NsVObYO7LApplication2024-12-02Speech serviceSM-2-S-LoadB-wF7NsVObYO7L-1493395956.us-east-1.elb.amazonaws.com
SAM2Gr-LoadB-teb9KwSD1ZHKApplication2025-01-08SAM2 Grounded APISAM2Gr-LoadB-teb9KwSD1ZHK-2007268694.us-east-1.elb.amazonaws.com
SDM-MU-LoadB-JmobyMb8tsPAApplication2025-01-14SD Multi-Model v2SDM-MU-LoadB-JmobyMb8tsPA-1496303920.us-east-1.elb.amazonaws.com
pixlrgroup-locust-albApplication2025-03-17Load testing (Locust)pixlrgroup-locust-alb-1373853472.us-east-1.elb.amazonaws.com
Deblur-LoadB-TpYfg1LGhvSYApplication2025-05-26Deblur serviceDeblur-LoadB-TpYfg1LGhvSY-1508290333.us-east-1.elb.amazonaws.com
SDM-MU-LoadB-DPJRbUiO3iEcApplication2025-07-03SD Multi-Model v3SDM-MU-LoadB-DPJRbUiO3iEc-1805199816.us-east-1.elb.amazonaws.com
SDM-MU-LoadB-EO9JGS0vQGzdApplication2025-07-04SD Multi-Model v4SDM-MU-LoadB-EO9JGS0vQGzd-578200423.us-east-1.elb.amazonaws.com

AI/ML Services Architecture

EC2 Instances (35 Active)

Critical Production Instances
NameInstance IDTypeStateAZPurposeIP
pixlr-prod-bastioni-01ee4bf58b27129c7t3a.mediumRunningus-east-1aProduction bastion3.233.0.199 (Elastic)
pixlr-prod-bastion-developeri-0ee43fe8d759a7b4ft3a.nanoRunningus-east-1dDeveloper bastion3.233.65.175 (Elastic)
pixlr-prod-bastion-newi-036edef128b9d0306t4g.mediumRunningus-east-1aNew bastion100.25.202.135 (Elastic)
pixlr-prod-bastion-border0i-056f0f2e6a49d02f8t3.smallRunningus-east-1dBorder0 bastion34.239.121.154
pixlr-ai-sdm-builder-bastioni-08eb3eb7a396797f6t3a.largeRunningus-east-1dAI/SDM builder bastion52.55.119.18 (Elastic)
MongoDB Cluster (Production)
NameInstance IDTypeStateAZPrivate UseLaunch Date
pixlr-prod-mongodb-101i-04abec6a2a83c785em5.4xlargeRunningus-east-1aPrimary/Arbiter2021-12-28
pixlr-prod-mongodb-149i-06795c3dba2680f33m5a.4xlargeRunningus-east-1bSecondary2020-07-15
pixlr-prod-mongodb-170i-0881914a9af1fd1d8m5a.4xlargeRunningus-east-1dSecondary2020-06-08

MongoDB Replica Set Configuration:

  • 3-node replica set for high availability
  • m5/m5a.4xlarge instances (16 vCPU, 64GB RAM each)
  • Cross-AZ deployment (us-east-1a, 1b, 1d)
Application Servers
NameInstance IDTypeStatePurpose
pixlr-stag-nodejs-ubi-0b405da8be80a8a2ft3a.mediumRunningStaging Node.js
pixlr-prod-rails-ub-APIi-041da9e855d75b2bdt3a.mediumRunningProduction Rails API
pixlr-prod-blog-dockeri-0199c93a49ca78b4dt3a.largeRunningProduction blog
pixlr-prod-nodejs-paymenti-04907f267ca9683a6c6a.12xlargeRunningPayment processing
pixlrgroup-corporate-sitei-0e3258e10a1f60dbdt3a.mediumRunningCorporate website
pixlrgroup-devices-snipeiti-048d3cdbb2e626299t3a.microRunningDevice management
pixlrgroup-vpn-wireguardi-08e086f7535759eb1t3a.mediumRunningVPN (WireGuard)
pixlrgroup-locusti-082f8f7c68a659ba7t3.largeRunningLoad testing
AI/ML Production Instances
NameInstance IDTypeStatePurposeMonitoring
pixlr-ai-prod-designplaygroundi-0c7913e44d18d6e55c6a.xlargeRunningDesign playgroundStandard
pixlr-ai-prod-transcribei-0c6b450ebdf450e97t4g.largeRunningTranscription serviceStandard
NudenetServiceStack/OnDemandASGi-092337b64f9709f33m7i.xlargeRunningNSFW detectionStandard
LCMLoraSDServiceStack/OnDemandASGi-01bab5f1fa2ff6336g5.xlargeRunningLCM LoRA SDStandard
DeblurServiceStackv2/OnDemandASGi-06d54cb7cba9d36b6g4dn.xlargeRunningDeblur serviceEnhanced
SDM-MULTI-MODEL-ServiceStack-v3/OnDemandASGi-066494690c93be124g5.xlargeRunningSD Multi-Model v3Enhanced
SDM-MULTI-MODEL-ServiceStack-Dc/OnDemandASGi-0f17b346a0f27e975g5.xlargeRunningSD Multi-Model DCEnhanced
SM-2-Speech2SpeechAPIStack/OnDemandASGi-02a448423b9c08b3fg4dn.xlargeRunningSpeech-to-SpeechEnhanced
SM-2-VoiceCloneAPIStack/OnDemandASGi-03993f2e58754e8f7g4dn.xlargeRunningVoice cloningEnhanced
SDInpaintingStackNew/OnDemandASGi-0a5abcd13184eca9cg5.2xlargeRunningSD Inpainting (1)Enhanced
SDInpaintingStackNew/OnDemandASGi-084157080497f3d53g5.2xlargeRunningSD Inpainting (2)Enhanced
SAM2GroundedAPIStack/OnDemandASGi-01b1106c9ce5e1473g4dn.xlargeRunningSAM2 Grounded APIEnhanced
SuperResolutionStack/OnDemandASGi-0ca588506cabbbd7bg4dn.xlargeRunningSuper ResolutionEnhanced
SDM-MULTI-MODEL-ServiceStack/OnDemandASGi-063fd0323defe852eg5.xlargeRunningSD Multi-ModelEnhanced
MongoDB Instances (Additional - Likely Staging/Dev)
Instance IDTypeStateAZ
i-03564ab69e8690826m7a.largeRunningus-east-1d
i-07da5b4c7fa6a6726m7a.largeRunningus-east-1a
i-03bfb1a8281a12a53m7a.largeRunningus-east-1b
Stopped/Inactive Instances
NameInstance IDTypePurposeNote
pixlr-prod-web-typesensei-0956ffd2a1b407783t3.xlargeSearch serviceConsider cleanup
pixlr-ai-stag-designplaygroundi-0b972ed927fc312e3t4g.mediumStaging AIStopped

Security Groups (43 Total)

Core Security Groups
SG IDNamePurposeInbound RulesUse Case
sg-cc6735a9open-webPublic web traffic4HTTP/HTTPS from internet
sg-05eb7536e004345f1pixlr-developer-whitelist-sgDeveloper access5Whitelisted dev IPs
sg-0762162793d332f7fpixlr-bastion-ssh-sgBastion SSH3SSH to bastion hosts
sg-2b145c4einternal-sshInternal SSH4SSH from bastion only
sg-0829ffc592124e302pixlr-internal-ssh-sgInternal SSH extended2SSH + custom ports
sg-f2145c97internal-httpInternal HTTP5HTTP from ELB/internal
sg-0e4cb730d08d1942cpixlr-internal-http-sgInternal HTTP extended9Internal HTTP access
Database Security Groups
SG IDNamePurposeInbound Rules
sg-be5d32damongodb-inboundMongoDB access13
sg-0dacd9dc1c4cb5bc6pixlr-internal-mongodb-sgInternal MongoDB2
sg-0941978e6edccfd64pixlr-mongodb-inbound-vpc-peering-sgMongoDB VPC peering5
sg-0e9002b8d322cfc48pixlr-internal-redis-sgElastiCache access2
Payment & External Services
SG IDNamePurposeInbound Rules
sg-0867ceb0207ba78c1pixlr-allow-paypal-sgPayPal IPs10
sg-0692e2d00f0d9d5ecpixlr-allow-cloudfront-prefix-lists-http-sgCloudFront access1
sg-08c461f926540be93pixlr-allow-cloudfront-prefix-lists-sgCloudFront (legacy)1
AI/ML Auto-Scaling Groups Security Groups
SG IDStack NamePurpose
sg-0b19163d19cadeb77SDM-MULTI-MODEL-ServiceStack-without-jwtSD Multi-Model (no JWT)
sg-0fca92d23a4e18b43NudenetServiceStackNSFW detection
sg-0e325dda7e0872a1eBackgroundRemovalStackBackground removal
sg-030b470dec1d77697SDM-MULTI-MODEL-ServiceStack-DcSD Multi-Model DC
sg-099016e92706f5413LCMLoraSDServiceStackLCM LoRA SD
sg-01567aff19f9f7801SAM2GroundedAPIStackSAM2 Grounded
sg-0c0496ff3d5e85f61SDM-MULTI-MODEL-ServiceStackSD Multi-Model
sg-0966dc3559ba9b33fSM-2-VoiceCloneAPIStackVoice cloning
sg-0322329dcb40d82a4SDM-MULTI-MODEL-ServiceStack-v2SD Multi-Model v2
sg-0644b222e726966b7SDInpaintingStackNewSD Inpainting
sg-09bb49983e830d34aSDM-MULTI-MODEL-ServiceStack-v3SD Multi-Model v3
sg-0cee453174e9c6488SAMV2StackSAM V2
sg-0943863b31ba9ce89SuperResolutionStackSuper Resolution
sg-064ff5fb288e55974DeblurServiceStackv2Deblur service v2
sg-0df8d201f9790bbdfSM-2-Speech2SpeechAPIStackSpeech-to-Speech
RDS Security Groups
SG IDNamePurpose
sg-03da45cbc378453a8rds-ec2-2RDS to EC2 (Strapi)
sg-04f2a731fde8a0ecards-ec2-1RDS to EC2 (Strapi)
sg-0712be85e93982d6bec2-rds-2EC2 to RDS (Strapi)
sg-0e9d5d20e0781cbdeec2-rds-1EC2 to RDS (Strapi)
Utility Security Groups
SG IDNamePurpose
sg-0c4f61b903d1524e7pixlr-typesense-portTypesense search
sg-008b0b9c385c0642bpixlr-ai-tcp-sgAI model ports
sg-0b4c69f031d6d8332wireguard-temporaryWireGuard VPN
sg-0618f7c32e752607bpixlr-web-dev-whitelisted-ipWeb dev whitelist

Region: Singapore (ap-southeast-1)

EC2 Instances (9 Total)

Development MongoDB Cluster
NameInstance IDTypeStatePurposePublic IP
pixlr-dev-mongodb-primaryi-0ee0f5386bb17c3d7t3a.smallRunningPrimary node18.142.122.45
pixlr-dev-mongodb-secondary-onei-0c3faedbebaad2853t3a.smallRunningSecondary node13.215.251.244
pixlr-dev-mongodb-secondary-twoi-036afa87fcd4792cdt3a.smallRunningSecondary node18.141.161.171
Sandbox MongoDB Cluster (Recent)
NameInstance IDTypeStatePurposeCreated
pixlr-sandbox-mongodb-templatei-06bad38a96b81aea3t3.microRunningPrimary2025-10-28
pixlr-sandbox-mongodb-secondary-onei-031bc4e7ed392d70dt3.smallRunningSecondary2025-10-28
pixlr-sandbox-mongodb-secondary-twoi-021f94bdfdee44430t3.smallRunningSecondary2025-10-28
Utility & Access Instances
NameInstance IDTypeStatePurposePublic IP
pixlr-dev-bastion-border0i-079193e31f2400842t3.microRunningBorder0 bastion18.143.176.67
pixlr-beta-dev-croni-04f5d9b2b3bf67ca6t3.mediumRunningCron jobs (beta)47.129.248.12
pixlr-dev-typesensei-08623e65fbc2eefb0t3a.mediumStoppedSearch service-

Load Balancers (5 Active)

NameDNS NameCreatedPurpose
pixlr-dev-nodejspixlr-dev-nodejs-634757519.ap-southeast-1.elb.amazonaws.com2019-10-11Development Node.js
pixlr-dev-nodejs-publicpixlr-dev-nodejs-public-1971701585.ap-southeast-1.elb.amazonaws.com2021-01-06Public Node.js dev
pixlr-dev-nodejs-mintpixlr-dev-nodejs-mint-247746718.ap-southeast-1.elb.amazonaws.com2022-03-14Mint Node.js dev
pixlr-web-ecs-developmentpixlr-web-ecs-development-1296138164.ap-southeast-1.elb.amazonaws.com2023-08-29ECS development
pixlr-web-ecs-development-betapixlr-web-ecs-development-beta-1600833606.ap-southeast-1.elb.amazonaws.com2023-09-01ECS beta

Security Groups (22 Total)

Core Security Groups
SG IDNamePurposeInbound Rules
sg-0ffd455b2a34fd5e5pixlr-devDevelopment access9
sg-0842978243216c1bfpixlr-dev-open-publicPublic access5
sg-052beb2aa0fe97573pixlr-dev-jpJapan access (Michael Noma)3
sg-02a0f250ec004b9aapixlr-dev-bastion-border0Border0 bastion2
Payment Gateway Security Groups
SG IDNamePurposeInbound Rules
sg-060af4e4eef233b4apaypal-allowPayPal IPs48
sg-0ffaca18343ba7563adyen-allowAdyen payment IPs24
Network Access Security Groups
SG IDNamePurposeInbound Rules
sg-03548317bd81253d0allow-sgmy-sqlSG/MY SQL access2
sg-05b6334fe9b88d922allow-sgmy-commonSG/MY common ports2
sg-01ca4c61fd1036a19allow-pixlr-www-devPixlr WWW dev servers8
sg-07a585542f9302526pixlr-market-open-webMarket site HTTP/HTTPS5
sg-00b9e4c43d39f4337pixlr-market-devMarket development10
CI/CD & Webhooks
SG IDNamePurposeInbound Rules
sg-0bde60a05a3103f36bitbucket-webhook-ip (vpc-38e60b5d)Bitbucket webhooks18
sg-0dc690196c86c9085allow-bitbucket (vpc-0ff5f1775b3065e60)Bitbucket access3
Database & Cache
SG IDNamePurposeInbound Rules
sg-847f42e2postgres-staging-inboundPostgreSQL staging1
sg-0f9620b934a9a5c34pixlr-internal-redis-apElastiCache access2

Development Infrastructure (852003208338)

Region: US East (N. Virginia) - us-east-1

EC2 Instances (8 Total)

Analytics Infrastructure
NameInstance IDTypeStatePurposePublic IPNotes
Spark - Analyticsi-02be9f2b30893846ar5a.2xlargeRunningSpark analytics54.152.154.123Active
Metabase - Analyticsi-0fa62191354d0f314r5a.largeStoppedBI/Visualization-Consider restarting
Dagster - Analyticsi-059b2597d6515debbr5a.2xlargeStoppedData orchestration-Consider restarting

Analytics Stack:

  • Spark instance running 24/7 for data processing
  • Metabase and Dagster currently stopped (cost optimization)
AI/ML Development Instances
NameInstance IDTypeStatePurposePublic IP
bhav_2i-07089d29d5d98c21cg4dn.xlargeRunningAI development54.164.99.13
masoob_gpu_1i-05f7d67afb1c77393g4dn.xlargeStoppedAI development-
bhav_3-gpu-intensivei-05d2ec9bfff9f4f2eg5.12xlargeStoppedHigh-end GPU work-

GPU Instances:

  • g4dn.xlarge: 4 vCPU, 16GB RAM, 1x NVIDIA T4 GPU
  • g5.12xlarge: 48 vCPU, 192GB RAM, 4x NVIDIA A10G GPUs (expensive!)
Other Instances
NameInstance IDTypeStatePurpose
pixlr-ai-meetscribei-0293d239f38cc93cac6a.largeStoppedMeeting transcription demo
Web-Server-stage-fvcti-0fb0c36a755c8d7a4t3.microStoppedStaging web server

Security Groups (37 Total)

Note: Mostly launch-wizard security groups (31 out of 37), indicating ad-hoc instance launches without standardized infrastructure.

Notable Security Groups
SG IDNamePurposeInbound Rules
sg-06e50786afba2227bdemo-http-sgHTTP demo access17
sg-0f960bb13925a8d9ademo-https-sgHTTPS demo access4
sg-02af99d97d54a2701pixlr-dev-bastion-sgBorder0 bastion1
sg-096ef82102dfb89aeweb-dmz-stage-fvctWeb server DMZ3
sg-0817413d6f078163flaunch-wizard-32Analytics instances7

Recommendation: Consolidate launch-wizard security groups into standardized, named security groups for better management.

Designs.AI Infrastructure

Current State Architecture

Account Details

Production Accounts

AccountIDStatusDetails
designsai-production-main438260820662ActiveCurrent production, running live traffic
designsai-production-revamp570082719261EmptyPrepared for migration, not yet launched

Development Accounts

AccountIDStatusDetails
designsai-development-main842551319943ActiveLegacy development, to be migrated
designsai-development-revamp301262837942ActiveIaC Ready - Terraform/Terragrunt infrastructure complete
designsai-development-designmaker938715747800TemporaryTO BE DELETED

Infrastructure as Code (IaC) Implementation

Completed:

  • ✅ designsai-development-revamp: Full Terraform/Terragrunt implementation
  • ✅ Infrastructure templates ready for production deployment

Pending:

  • ⏳ Migration from legacy development to revamp development
  • ⏳ Deployment to production-revamp account
  • ⏳ Production traffic cutover

Benefits of IaC Implementation:

  • Version-controlled infrastructure
  • Reproducible environments
  • Faster disaster recovery
  • Easier environment replication
  • Better documentation through code

Network Architecture

VPC Configuration

Production VPC (395785058010 - us-east-1)

Access Patterns

Production Access

User Traffic Flow

Security Architecture

Multi-Layer Security

Bastion Host Strategy

Production Bastion Hosts (us-east-1):

PurposeInstanceTypeIPUse Case
Primarypixlr-prod-bastiont3a.medium3.233.0.199Main production access
Developerpixlr-prod-bastion-developert3a.nano3.233.65.175Developer-specific access
Newpixlr-prod-bastion-newt4g.medium100.25.202.135Newer bastion (ARM)
Border0pixlr-prod-bastion-border0t3.small34.239.121.154Border0 integration
AI/SDMpixlr-ai-sdm-builder-bastiont3a.large52.55.119.18AI model building

VPN Access:

  • WireGuard VPN: 107.22.222.188 (t3a.medium)
  • Provides secure network-level access for developers

Availability Zones Strategy

Production Distribution (us-east-1)

High Availability Configuration:

  • MongoDB: 3-node replica set across 3 AZs (us-east-1a, 1b, 1d)
  • Web/App Servers: Distributed across 3 AZs
  • AI/ML Services: Distributed across 4 AZs (1a, 1b, 1c, 1d, 1f)
  • Load Balancers: Cross-AZ distribution (2-4 AZs per ALB)

AI/ML Infrastructure Deep Dive

Service Catalog

ServiceInstance TypePortTechnologyPurpose
NSFW Detectionm7i.xlarge-NudenetContent moderation
LCM LoRA SDg5.xlarge-Stable DiffusionFast image generation
SD Multi-Modelg5.xlarge-Stable DiffusionMulti-model inference
Background Removalg4dn.xlarge-U2-Net/SimilarBackground removal
SD Inpaintingg5.2xlarge-Stable DiffusionImage inpainting
SAM V2g4dn.xlarge-Segment AnythingImage segmentation
SAM2 Groundedg4dn.xlarge-Grounded SAMObject detection + segmentation
Super Resolutiong4dn.xlarge-ESRGAN/SimilarImage upscaling
Deblurg4dn.xlarge-Custom modelImage deblurring
Voice Cloneg4dn.xlarge-Speech AIVoice cloning
Speech2Speechg4dn.xlarge-Speech AISpeech translation
Transcriptiont4g.large-Whisper/SimilarAudio transcription
Design Playgroundc6a.xlarge-Mixed AIDesign tools

GPU Instance Types

Instance TypevCPURAMGPUGPU MemoryUse CaseCost/hr*
g4dn.xlarge416 GB1x T416 GBGeneral AI workloads~$0.526
g5.xlarge416 GB1x A10G24 GBStable Diffusion, faster inference~$1.006
g5.2xlarge832 GB1x A10G24 GBLarger models, inpainting~$1.212
g5.12xlarge48192 GB4x A10G96 GBTraining, large batches~$5.672

*Approximate on-demand pricing in us-east-1

Auto Scaling Configuration

AI Service Architecture