Shulou(Shulou.com)06/02 Report--

Reprint this article need to indicate the source: Wechat official account EAWorld, violators will be prosecuted.

Introduction:

Infrastructure is Infrastructure-as-Code,IaC is a way to use new technologies to build and manage dynamic infrastructure. It treats infrastructure, tools and services, and the management of infrastructure itself as a software system, and adopts software engineering practices to manage changes to the system in a structured and secure manner.

According to a third-party survey report, Forrester Consulting found in a global survey of 727 cloud technology decision makers in companies with more than 1000 employees that the shift in business priorities is driving companies to adopt multi-cloud strategies. According to the study, the vast majority of respondents described their current cloud computing strategy as a multi-cloud strategy.

According to the study, the vast majority of respondents described their current cloud computing strategy as a multi-cloud strategy, and its performance and innovation have surpassed cost savings as the best measure of success. In addition, 60% of enterprises are now migrating or have migrated mission-critical applications to the public cloud.

Today, most enterprises adopt multi-cloud strategies to optimize performance and achieve business goals. "there is no single cloud platform that can meet all enterprise workload needs," the study said. " As a result, enterprises are taking advantage of multiple common and private clouds to handle different application workloads. When matching workloads to cloud environments, performance is the primary consideration for most enterprises, even exceeding compliance and security.

The IT leaders surveyed showed a variety of use cases for multi-cloud platforms and believe that multi-cloud strategies can bring many benefits, such as improved IT infrastructure management and flexibility (33%), better IT cost management (33%), and improved security and compliance (30%). In addition, the study also found that when choosing cloud service providers, companies prefer suppliers that can provide deeper help and support.

Companies are making greater use of cloud services, leading to negative growth in physical machine sales for the first time in a decade. According to the latest data released by market research firm IDC on June 18, physical machine shipments in China fell 0.7 per cent in the first quarter of 2019, while sales in the global market fell 5.1 per cent. Behind this is the overall shift of enterprises to the cloud, the turning point between the new and old IT, and the cloud computing market continues to grow strongly, with an average growth rate of 40%. Cloud computing can also help enterprises to significantly reduce IT costs, but also has obvious advantages such as flexible expansion, on-demand use, pay-per-use, low cost and so on. Cloud computing has become the infrastructure of enterprise digital transformation. Industries such as the Internet, government, telecoms and finance have moved themselves to the cloud instead of purchasing physical servers independently.

1. How should we deal with the challenge of cloudiness?

Infrastructure is Infrastructure-as-Code,IaC is a way to use new technologies to build and manage dynamic infrastructure. It treats infrastructure, tools and services, and the management of infrastructure itself as a software system, and adopts software engineering practices to manage changes to the system in a structured and secure manner.

From the perspective of development, we advocate that everything is an object, and everything is a file from the perspective of the operating system, so in a cloudy era, we should advocate that all resources are codes, and that we should arrange and manage our basic resources by way of code. only in this way can we meet the needs of the rapid development of enterprise business.

How can we take advantage of the advantages of the cloud to deploy a complex business system?

The traditional manual deployment method roughly completes the deployment of an application through the above eight steps. If we have multiple public cloud environments, it means that the above steps have to be repeated many times, and this is only a simple web environment. If we are deploying a set of business systems, which involves the creation of multiple application systems, how long will it take for our basic platform to be delivered? Obviously, it is unrealistic to do it by hand.

We need to manage our infrastructure and build our own technology platform through infrastructure as code.

Infrastructure is the four key principles of code:

Reproducibility: any element in the environment can be easily copied.

Consistency: the configuration of each element of the environment created is exactly the same at any time.

Quick feedback: the ability to make changes frequently and easily, and quickly know if the changes are correct.

Visibility: all changes to the environment should be easy to understand, auditable, and version-controlled.

Infrastructure is the goal of the code:

Standardization: define the environment by code, and standardize the development environment, test environment and production environment.

Automation: use automation tools to drive the code preparation environment. This includes creating, updating, and destroying the environment.

Visualization: use monitoring to visualize environmental information. The current state of the environment is visible, and the history of environmental change is visible and traceable.

What are the tools for infrastructure as code:

The IaC tool provided by Microsoft for users is: Azure Resource Manager. Users can configure their own infrastructure and deal with various dependencies through different templates of Azure Resource Manager (ARM). You can use resources that have been declared in JSON in the template, or you can declare multiple Azure resources in the same ARM template to build a holistic project environment. ARM templates are idempotent, so you can reuse the same template indefinitely and get the same results. Resource Manager also supports instance grouping of servers and unified management of different groups.

CloudFormation is designed for users who work in the AWS cloud. Currently, 342 AWS resource types have been configured. Allows you to customize various templates to build infrastructure models of varying degrees of complexity using JSON or YAML.

(CDM) is an automated execution tool for configuration files (YAML) and templates (JINJA2 or PYTHON) based on the Google cloud platform. It allows users to define and deploy various system resources synchronously. Google CDM also supports the preview feature. This means that you can directly understand the impact of deployment and changes without committing changes directly. It can not only help users avoid human errors, but also strengthen and stabilize the overall infrastructure.

Terraform is an automated orchestration tool for IT infrastructure that allows you to use code to manage and maintain IT resources. Terraform's command line interface (CLI) provides a simple mechanism for deploying and versioning configuration files to any supported cloud. The configuration file can be used to describe the topological infrastructure of cloud resources.

There are many service providers supported by Terraform

Installing Terraform is easy

Terraform can be deployed on any client as long as it can be connected to the public network (Initializing provider plugins and Call Cloud OpenAPI). Download the executable binary package of the corresponding platform through http://1t.click/vND, extract the Executable Binary and put it in the specified directory. After configuring the corresponding PATH, you can use terraform instructions.

$terraformUsage: terraform [--version] [--help] [args] Common commands: apply Builds or changes infrastructure console Interactive console for Terraform interpolations destroy Destroy Terraform-managed infrastructure fmt Rewrites config files to canonical format get Download and install modules for the configuration graph Create a visual graph of Terraform resources import Import existing infrastructure into Terraform init Initialize a new or existing Terraform configuration output Read an output from a state file plan Generate and show an execution plan providers Prints a tree of the providers used in the configuration push Upload this Terraform module to Terraform Enterprise to run refresh Update local state file against real resources show Inspect Terraform state or plan taint Manually mark a resource for recreation Untaint Manually unmark a resource as tainted validate Validates the Terraform files version Prints the Terraform versionworkspace Workspace management

The construction of the whole infrastructure only needs three steps: terraform init,terraform plan and terraform apply. It only takes terraform destroy to delete the entire environment.

Define ECS (image, instance type), VPC (CIDR, VPC Name), OSS resource (ACL, instance Name) information through a main.tf file (only need to be. Tf file), parse the resource configuration parameters through Terraform, call Ali cloud OpenAPI for resource verification and creation, and change the whole resource creation state to a .tf.state file. Based on this file, you can know all the information of resource creation. Including resource quantity adjustment, specification adjustment, and instance change all depend on this very important document.

Specific use cases of terraform

Define various resources by configuring the main.tf file

Define authentication resources

} # Configure the Alicloud Providerprovider "alicloud" {access_key = "${var.access_key}" secret_key = "${var.secret_key}" region = "${var.region}"

Define CVM resources

# Create a web serverresource "alicloud_instance"web" {# cn-beijing provider = "alicloud" availability_zone = "cn-beijing-a" image_id = "ubuntu_140405_32_40G_cloudinit_20161115.vhd" internet_charge_type = "PayByBandwidth" instance_type = "ecs.n1.medium" io_optimized = "optimized" system_disk_category = "cloud_efficiency" security_groups = ["${alicloud_security_group.default.id}"] instance_name = "web"}

Define security group resources

# Create security groupresource "alicloud_security_group"default" {name = "default" provider = "alicloud" description = "default"} resource "alicloud_security_group_rule"allow_all_tcp" {type = "ingress" ip_protocol = "tcp" nic_type = "intranet" policy = "accept" port_range = "1gamma 65535" Priority = 1 security_group_id = "${alicloud_security_group.default.id}" cidr_ip = "0.0.0.0Lock 0"}

Define output result information

# Output messageoutput "ecs instance name" {value = "${alicloud_instance.web.instance_name}"} output "ecs private ip" {value = "${alicloud_instance.web.private_ip}"}

Terraform init

$terraform initInitializing provider plugins...- Checking for available provider plugins on https://releases.hashicorp.com...- Downloading plugin for provider "alicloud" (0.1.0)... The following providers do not have any version constraints in configuration,so the latest version was installed.To prevent automatic upgrades to new major versions that may contain breakingchanges, it is recommended to add version = "..." Constraints to thecorresponding provider blocks in configuration, with the constraint stringssuggested below.* provider.alicloud: version = "~ > 0.1" Terraform has been successfully initialized you may now begin working with Terraform. Try running "terraform plan" to seeany changes that are required for your infrastructure. All Terraform commandsshould now work.

Execute terraform plan to view the resource creation plan

An execution plan has been generated and is shown below.Resource actions are indicated with the following symbols: + createTerraform will perform the following actions: + alicloud_instance.web id: allocate_public_ip: "false" availability_zone: "cn-beijing-a" host_name: image_id: "ubuntu_140405_32_40G_cloudinit_20161115.vhd "instance_name:" web "instance_type:" ecs.n1.medium "internet_charge_type:" PayByBandwidth "io_optimized:" optimized "private_ip: public_ip: security_groups.#: status: subnet_id: System_disk_category: "cloud_efficiency" system_disk_size: + alicloud_security_group.default id: description: "default" name: "default" Plan: 2 to add 0 to change, 0 to destroy.

Execute terraform apply to create resources in the cloud

$terraform applyalicloud_security_group.default: Creating... Description: "" = > "default" name: "" = > "default" alicloud_security_group.default: Creation complete after 1s (ID: sg-2zec9v8aq2hgb244qrqf) alicloud_instance.web: Creating... Allocate_public_ip: "" = > "false" availability_zone: "" = > "cn-beijing-a" host_name: "" = > "" image_id: "" = > "ubuntu_140405_32_40G_cloudinit_20161115.vhd" instance_name: "" = > "web" instance_type: " "= >" ecs.n1.medium "internet_charge_type:"= >" PayByBandwidth "io_optimized:"= >" optimized "private_ip:"= >" public_ip: "" = > "security_groups.#:"= >" 1 "security_groups.2344301974:" = > "sg-2zec9v8aq2hgb244qrqf" status: "" = > "" subnet_id: "" = > "" system_disk_category: "" = > "cloud_efficiency" system_disk_size: "" = > "" alicloud_instance.web: Still creating... (10s elapsed) alicloud_instance.web: Still creating... (20s elapsed) alicloud_instance.web: Creation complete after 51s (ID: i-2zedvfowy4m39sg1xdig) Apply complete! Resources: 2 added, 0 changed, 0 destroyed.Outputs:ecs instance name = webecs private ip = 10.31.28.932.IaC combined with the use of common cloud

We can package our applications into images and store them in the public cloud through Packer.

Combined with Terraform, when deploying a CVM in the public cloud, pull the custom image file to generate the CVM, and uniformly configure and manage the resources of the public cloud.

Through the combination of Ansible for public cloud applications for unified maintenance and management.

Application of 3.IaC in DevOps

In the process of the whole software development life cycle, the preparation of the basic environment is a very important link, and it is also the link closest to the bottom from development to testing to production deployment. With the help of IaC, we can not only meet the rapid deployment of infrastructure, but also flexibly use private or public cloud resources, make full use of the advantages of public cloud to serve enterprises, while reducing enterprise cost investment. To make a real pay-on-demand.

4. Advantages of basic platform coding

Deploy infrastructure to multiple clouds

Terraform is suitable for multi-cloud scenarios, deploying similar infrastructure to Aliyun, other cloud providers, or local data centers. Developers can use the same tools and similar profiles to manage resources from different cloud providers at the same time.

Automated management infrastructure

Terraform can create templates for configuration files to define, pre-configure, and configure ECS resources in a repeatable and predictable manner, reducing deployment and management errors caused by human factors. You can deploy the same template multiple times and create the same development, test, and production environment.

Infrastructure is Code (Infrastructure as Code)

You can use code to manage maintenance resources. Allows you to save infrastructure state so that you can track changes to different components in the system (infrastructure is code) and share these configurations with others.

Reduce development costs

You can reduce costs by creating a development and deployment environment on demand, allowing companies to pay on demand.

Source: Forrester investigation report, Financial Network, Cloud Youjiao, blog Garden, Aliyun

Selected questions:

Can 1:Terraform complete the migration between different public clouds?

A: terraform only does environmental management, not data migration.

Q2: are there any recommendations for different public cloud migration tools?

A: currently, all public clouds have local data centers to migrate to public clouds to tools, but there is no migration between public clouds for the time being.

Q3: can you tell the difference between Terraform and Terragrunt?

A: terragrunt is a software written by a consulting company that wrap a layer outside terraform.

Ask how the status status of 4:Terraform is managed?

A: the status file can be stored in a file, either locally or remotely on shared storage. Terraform hosts workspaces, and teams can maintain their own status files.

Ask 5:ansible can also do infrastructure management, what is the advantage of terraform compared to it?

A: terraform has mature interfaces for interfacing various cloud providers and mature modules in the community, which can be standardized in use and reduce the complexity of management and use.

About EAWorld: micro services, DevOps, data governance, mobile architecture original technology sharing.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.