ref: https://faun.pub/the-best-infrastructure-as-code-tools-for-2021-b37c323e89f0
這篇文章是一個 IaC (Infrastructure as Code) 的推廣文,文章分成幾個部分,從 IaC 的基本概念與應用談起,接者分析了幾個常見的 IaC 工具,最後探討了實際的使用案例
文章偏長,對於 IaC 概念很熟悉的讀者應該可以很快速地看完,以下針對部分進行一些摘要
The need for Infrastructure as Code
作者先描述過去幫機房部署新伺服器時的各種流程,機器少量時能夠透過人力慢慢處理,但是這類型的操作繁瑣,重複且惱人
為了讓這些流程處理得更佳順遂與一致,會有各式各樣的 scripts 等相關工具被開發出來,而這些流程慢慢的會往自動化的方式去發展。
IaC 文化的興起會使得有愈來愈多獲得共識的工具被開發出來,這使得 IaC 的使用門檻會有機會降低,愈來愈多的使用者能夠更簡易的透過 IaC 的方式來管理與維護自身的架構
Benefits and reasons to implement IaC
IaC 帶來的好處是非常顯著的,譬如
1. 將 Config 檔案當作整個環境的 sing source of truth
2. 每次的部署都是基於上述的 Config 來部署,能夠確保每次部署都獲得一樣的結果,避免人為的反覆長期操作帶來的錯誤
3. 透過程式化的方式去建置環境能夠更快速的去應變各種環境需求,對於 testing, developing, production 等各種變化都可以透過 config 的差異來快速搭建
4. Config 也可以透過 Git 的方式去管理來獲得更好的可稽核性與管理性。
Principles and best practices of Infrastructure as code
作者這邊列出了幾個實作上的推薦方式
1. 透過版本控制的方式來管理 IaC 的設定檔案,能夠讓維運人員使用開發者常見的開發合作流程來管理 IaC
2. 將 IaC 的工具整合到 pipeline 的 CI/CD 流程,讓 CI 流程去檢查 IaC 的設定是否符合預期以及 CD 流程來幫忙自動部署修改架構
Infrastructure as code tools
這個區塊作者列出了幾個常見的工具,包含 Terraform, CloudFormation, Puppet, Pulumi 等,接者又透過一張大表格來比較 Terraform/Pulumi/CloudFormation 三者的差異
Pulumi 這工具這一兩年開始聲勢比較多,跟 Terraform 一個最大的差異我想就是撰寫的方式,可以透過 Js, Go, Python...等程式語言來描述架構而並非使用 Terraform 自定義的 DSL 來管理。
最後面作者也列舉了六七個適合 IaC 的使用場景,有興趣的歡迎閱讀全文
infrastructure as code tools 在 矽谷牛的耕田筆記 Facebook 的最佳貼文
本篇文章著重於 Terraform 的實戰使用,將 Terraform 這種 IaC 的工具給整合到 Pipeline 系統中,透過 CI/CD 的概念讓 Terraform 來幫基礎建設達到自動更新。
作者使用 Azure 雲端環境作為範例,搭配 Azure DevOps 與 Terraform 來搭建出基於 Infrastructure 的 CI/CD 實作範例。
以下節錄自文章結論
1. 除了 Terraform 之外,其他的 IaC 工具譬如 Ansible, Pulumi 等也都可以搭建出這種 IaC x CI/CD 的模式,當然大部分的雲端服務商也都沒有問題。作者列出了這種模式下帶來的好處
2. 針對 Infrastructure 的改變,可以更輕鬆的再測試環境測試,而且整個架構也相對於彈性,可以加入更多的測試來確保架構改變後,整體服務不受影響
3. 透過測試的步驟,可以確保任何失敗的修改都只會停留在 Testing 的環境,而不會直接更新正式生產環境。
4. 透過 pipeline 的架構,更容易實現 Singe source of truth 的精神,所有 Infrastructure 的修改都要從程式碼著手,並且經由 Review 來確保品質,同時當正式生產環境有出現問題時,也更容易地去發覺到底是什麼修改造成問題。
5. 程式化的執行減少的人員操作的失誤,同時也提供了運行結果的一致性,未來有問題發生時都可以重複執行pipeline來除錯與驗證。
https://blog.ardanis.com/ci-cd-for-infrastructure-7d9553b32be0
infrastructure as code tools 在 陳星合 Facebook 的最讚貼文
麻煩大家幫忙
留下優秀的一家人
他們來自波多黎各
父母親都是名校約翰霍普金大學的電腦碩士
(Master Degree in Computer Science - Johns Hopkins University at Laurel, MD)
他們著五個孩子,到全世界學習
Diego 17歲 Paula 13 歲 Alonzo 12 歲
Felizi 8 歲 Matteo 6 歲
八月,他們到了台灣
發覺這是一個非常適合的生活環境
有好的醫療、中文學習環境、電腦產業、和超好吃的水果
九月,Diego , Paula, Alonzo進入惠文高中寄讀
他們來了之後,學校形成一個很棒的英語學習情境
台灣學生都被迫用英文跟他們互動
星期五與台北歌德學院簽訂德國「PASCH夥伴學校」時
他們三個和學校弦樂社一起合奏卡農(見影片)
非常非常有教養的一家人
然而他們11月就必須離開台灣
因為他們來台灣的第五天
得到美國總公司的通知
他們收掉波多黎各的公司
爸爸Tommy失業了
所以這幾天,他在台中接一個英文家教
但經濟仍是問題
如果台中的朋友可以提供11月4日前的短期英文、西班牙文家教工作
或是提供長期電腦工程師的工作
麻煩和Tommy聯絡
以下是他的聯絡方式及完整資歷
(願意幫他們申請工作簽證更好)
他們很願意把台灣當成第二個家
PS
覺得政府說要把英文變成第二語言
最棒的方式是吸引國外的學生進入我們的校園
在人才即國力的年代
讓優秀的國際人才留在台灣
如果在台灣就有很好的英語學習環境
我們就不用一窩蜂跑到國外
聯絡TOMMY IRIZARRY-SIKES
Contact Information
Postal: Lane 400, Unit 11, Section 2, Nantun Road, Nantun District, Taichung City, Taiwan 408
Email: tirizar@gmail.com
Phone number: 0908 979 417
LinkedIn Profile: http://pr.linkedin.com/pub/tommy-irizarry/25/16/815
孩子的影片
Diego violin in a quartet:
https://youtu.be/ArkvU8Czmk8?t=37s
Diego violin Doble de Bach:
https://youtu.be/LYvnKwEueyA
Diego plays piano Clair de Lune:
https://youtu.be/CWCQMo5XJEY?t=14s
You can see some other videos in this YouTube channel:
https://www.youtube.com/user/tirizar/videos?reload=9
履歷
Summary of qualifications
Software developer for private industries and government agencies. Proficient web developer using classic ASP code, standard html, CSS and SQL Server for data storage. Web server administrator and SharePoint Power User.
Android developer
Certified Ethical Hacker
Programming / Markup languages: HTML, XML, ASP, PHP, CSS, JavaScript/AJAX/JQuery, experience with Java, C++ and C.
Mobile development: Java, Android, Android Studio.
Technologies / Tools: IIS 6.0/7.5, SQL Server, Dreamweaver, Fireworks, Microsoft SharePoint 2007/2010, Microsoft Office suite including InfoPath, Access, Excel, Google Analytics, Google AdSense, Facebook Advertising, Microsoft SharePoint Designer, Inquisite Surveys.
Experience
Since November 2016-current
Enterprise Iron
Principal consultant – Web Developer
Worked on the redesign efforts of the secure site for an international financial client. Applied responsive design principles using the Bootstrap framework while creating modular, reusable components of the code. Analyzed web page dependencies and identified legacy unused pages in the system.
Since November 2015-current
e-Nabler Corporation
Android developer – Professional Services Contract
Developed Java code for the eMobilePOS and Tupyx apps for their Android versions.
Since October 2013-November 2014 TEK Systems
Web Developer / Web Master for the Department of Veterans Affairs in DC
Continued supporting Veteran’s Affairs IT systems, including managing SharePoint 2010 systems and supporting databases. We identified issues with several databases including the management of IIS and SharePoint logs which were consuming many recourses and in a couple of occasions made the systems unavailable.
Enabled and configured space monitoring tools in the SharePoint server farms.
Since November 2011-September 2013 Centuria Corporation
Web Developer / Web Master for the Department of Veterans Affairs in DC
Developed a training registration web site that has been tweaked and used multiple times for different registration purposes, including new telephone system training, and scheduling software upgrades of encryption on laptops and upgrades to Apple Mac OS. The system uses a web front end and a SQL back end.
Performed a routine web server maintenance tasks including monitoring traffic logs, identifying and archiving sites no longer in use, evaluating tools to assist in the management of the web server.
Administered and migrated the FTP server from Windows 2003 Server / IIS 6 into Windows 2008 R2 Server / IIS 7.5. Configured new sites to support general operations within the VA Intranet.
Maintained and enhanced legacy sites, modifying forms and reports in needs to be updated. This includes modification and creation of site in the Enterprise Content Management System used at the VA.
Assisted other team members in various tasks including the creating or modification of surveys in the Inquisite system, and also the migration of some surveys into SharePoint, the modification of an Access application.
December 2001 – August 2011
Systems & System Software Solutions
Web Developer / Web Master for the Department of Veterans Affairs in DC
Mr. Irizarry developed a web based application for the State Home Per Diem Office, which manages millions of dollars in payments to the state homes, to replace an Access database. The Access database was converted to MS SQL Server database and all data was migrated successfully. He created a web based interface using the standard VA intranet look and feel. He also developed a custom interface for each of the 3 roles (CBO, VAMC and VISN). Tools were built for the administrator to view current reports, view missing reports lists, and configure many parameters in the application. The VAMC report form was heavily automated using jQuery to perform auto calculations, increasing data validation and saving time to the users. After the application was launched users commented frequently about how user friendly is the new interface and about the time savings. Tasks that will take 2 hours to be completed now take 15 minutes. We have close to 12,000 reports in the system.
There were various requests to the IT office for a web based training registration system of different types. Mr. Irizarry developed a registration system which was later used for the following projects: Take your child to work day, New Telephone system training registration, Laptop Hard Drive encryption software upgrade among others.
Developed an alternate cascading style sheet for SharePoint 2007, converting the out of the box look and feel to the Department of Veterans Affairs standard website look and feel.
After one of the VA’s laptops was stolen Mr. Irizarry worked to develop a Risk Assessment web based application. He created an Excel template which management will upload to an FTP server with information and details about remote employee access and the sensibility of the data accessed by those users. He also created VB Scripts to validate those Excel files an upload that information into an MS SQL database. Reports for upper management in Central Office were then created which prompted management to enforce stronger security measures, like hard drives encryption. In total more than 500,000 records were processed for the reports.
Administration of IIS 6.0 web server and MS SQL Server databases used in our websites.
Wrote migration scripts to move IIS 6.0 sites into a new IIS 7.5 server
Designed, developed and maintained multi-tier applications for the Veterans Health Administration. Most of the sites access a MS-SQL Server database, use cascade style sheets and ASP server side processing. The sites were developed using Adobe/Macromedia tools like Fireworks, and Dreamweaver.
Installed BlackBerry wireless email devices and trained users on the basic device usage.
Web developer for the Department of Veterans Affairs. Redesigned and modified web pages to make them compliant with the Section 508 guidelines. Tested validation tools that verify if web pages are “Section 508” compliant. Section 508 are guidelines that must be followed by all government agencies and points to which government resources must be make accessible to people with disabilities, i.e. blind, deaf, etc.
November 1999 - December 2001
Compaq Computer Corporation
Consulting Associate II
Design and develop the XOOB (Xevo out of the box) Web user interface. XOOB uses COM+, ASP, XML, XSL and JavaScript to provide a web user interface to the Xevo Workbench Platform based on the role associated with the user. Development was done using Visual Studio tools, IIS and XMLSpy.
Develop Active Server Pages for the Helpdesk solution for the PrimusASP project.
Design and code an ActiveX component that serves as the bridge between the Compaq ASP Framework and the Infranet billing system for Primus. Supported integration with other components of our framework.
Design, code and troubleshoot software for the Primus ASP (Application Service Provider) project. Software includes a DLL and various VB programs that run as NT Services, which are key components of the Compaq ASP framework.
June 1998 – October 1999
National Security Agency
Computer Scientist
Mr. Irizarry worked for as a software developer for the TOKENEER project. TOKENEER is a test platform for the integration of smart cards, biometrics (fingerprint, hand, iris and facial recognition) and a public key infrastructure. Development was done on Windows NT workstations using Visual C++ and Visual SourceSafe for source control. Mr. Irizarry used an SDK to capture and match fingerprints against a database of fingerprints. He also created software to created some statistics of “False Accepts and False Reject Rates” of the fingerprint. He also worked with other team members to identify which fingerprints characteristics could affect those rates. He then added error detection functions to the fingerprint recognition software to identify corrupted files of fingerprint images
Conducted research for methods to add security services to an off-the-shelf computer.
Developed C code to process fax data on an UltraSparc/SunOS station.
Wrote software to generate a daily report of traffic load in a telephone switch by analyzing the switch logs.
Education
Certifications:
Certified Ethical Hacker – 03/28/2014
Master Degree in Computer Science - May, 2001 Johns Hopkin