How to host services
At MOJ you must use the Cloud Platform to host your service by default, unless you’re advised otherwise by a member of the hosting team. This includes applications that would otherwise sit in your own, or your supplier’s, infrastructure, regardless of who manages it. If you would like to discuss this with the hosting team, please get in touch.
If your team needs to host legacy services, you must use the Modernisation Platform. If you have an existing legacy service, you should plan to migrate it to the Modernisation Platform as soon as you’re able.
The Cloud Platform is a modern hosting platform for digital services:
- It makes it quick and easy to ‘just deploy an app’
- Teams get the features they need to operate their service, such as easy scalability, zero downtime deploys, security scanning, monitoring, logging, and more, all set up for you by default
- When you need the full power of AWS or Kubernetes, it’s all available
- Configuration is all self-service, using Infrastructure as Code with managed CI/CD and GitOps processes
- The Cloud Platform team manage the hosting and provide support for the platform
- You can host GOV.UK Prototype Kit sites quickly and easily
Your team can get started on the Cloud Platform without letting anyone know; just follow the Cloud Platform documentation and get in touch with the Cloud Platform team if you need help.
The Modernisation Platform is a cloud-first hosting platform for legacy applications. It’s currently in development, and you can become an early adopter by following the Modernisation Platform user guide.
- It will make it easy to create non-Kubernetes environments for applications
- It will align with the MOJ Security Guidance
- It will standardise commonalities across applications, such as: application networking, certificate management, CI/CD processes; with infrastructure as code
- It will support you modernising your applications
Other hosting infrastructure
If you think your service might require other hosting, whether in AWS, Azure, or anything else, get in touch with the hosting team and we’ll help identify which of our other hosting options is best for your service, or set up extra accounts if we’ve already identified the right setup for you. This includes:
- LAA AWS and 6Degrees infrastructure
- HMPPS Azure infrastructure
- Self-managed infrastructure, in AWS or Azure
- Retirement infrastructure
Hosting static websites or documentation
Static websites are usually fine to be hosted on GitHub Pages, provided they:
- are simple to setup and maintain, with close integration with the GitHub repo, CDN, HTTPS and custom domain option
- do not break “GitHub Terms for Additional Products and Features” for Pages
We use public cloud hosting by default
We follow the Government Cloud First policy and use public cloud “Platform as a Service” (PaaS) and “Infrastructure as a Service” (IaaS) infrastructure to host our services.
Our choice of platforms:
- are highly scalable and available to meet the needs of service users
- have automated tools for MOJ administrators to manage their environments
- standardise infrastructure across MOJ
- help reduce cost across MOJ
- support building capability across the department rather than in silos
We currently use Amazon Web Services (AWS) by default for scalable computing, storage and deployment services, but we may recommend some services are hosted in Microsoft Azure, based on the needs of the service and its relationship to other services already in Azure.
If your service is currently hosted outside of AWS or Azure, get in touch with the Modernisation Platform team to plan for its future hosting.
We pay for hosting centrally by default
By default, we pay for all use of AWS and Azure services across MOJ (excluding HMCTS) centrally.
As part of this, the hosting team will routinely review your use of hosting to ensure you’re using infrastructure appropriately, keeping it secure and up to date, and making the best use of the money you’re spending.
If your service or services cost more than £30,000 per year to host, we may need to cross-charge you for your use. Cross-charging typically only applies to very large services or teams, and we currently only cross-charge two groups.
If we do need to cross-charge you, we will still work with you to ensure you’re using infrastructure appropriately and safely.