Инфраструктура как TypeScript · var launchRequest = new RunInstancesRequest()...

Инфраструктуракак TypeScript

План

АвтоматизацияCloud

3

API управления ресурсами

Сервисы HTTP/REST

Content-Type: application/x-www-form-urlencoded; charset=UTF-8X-Amz-Date: 20130813T150211ZHost: ec2.amazonaws.comAuthorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20130813/us-east-1/ec2/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=ced6826de92d2bdeed8f846f0bf508e8559e98e4b0194b84example54174deb456c

http://ec2.amazonaws.com/?Action=RunInstancesImageId=ami-2bb65342&MaxCount=3&MinCount=1&Monitoring.Enabled=true&Placement.AvailabilityZone=us-east-1a&Version=2016-11-15

var launchRequest = new RunInstancesRequest(){

ImageId = amiID,InstanceType = "t1.micro",MinCount = 1,MaxCount = 1,KeyName = keyPairName,SecurityGroupIds = groups

};var launchResponse = ec2Client.RunInstances(launchRequest);var instances = launchResponse.Reservation.Instances;

SDK для вызова REST сервисов

az storage account create \--location westus \--name samplesa \--resource-group myrg \--sku LRS

Командная строка

Сложности со скриптами

Desired State Configuration

6

Описание целевого состояния

Управление графами ресурсов

Характеристики

Инструменты от вендоров

Языки разметки

9

Yet

Another

Markup

Language

Azure ARM Templates: JSON

"resources": [{"apiVersion": "2016-01-01","type": "Microsoft.Storage/storageAccounts","name": "mystorageaccount","location": "westus","sku": {"name": "Standard_LRS"

},"kind": "Storage","properties": {}

}]

AWS CloudFormation: YAML

Resources:S3BucketForURLs:Type: "AWS::S3::Bucket"DeletionPolicy: DeleteProperties:BucketName: !If [ "CreateNewBucket", !Ref "AWS::NoValue", !Ref S3BucketName ]WebsiteConfiguration:IndexDocument: "index.html"

LifecycleConfiguration:Rules:-Id: DisposeShortUrlsExpirationInDays: !Ref URLExpirationPrefix: "u"Status: Enabled

resource "azurerm_storage_account" "sa" {name = "mysa"location = azurerm_resource_group.rg.locationresource_group_name = azurerm_resource_group.rg.nameaccount_tier = "Standard"account_replication_type = "LRS"

}

Terraform:HashiCorp Configuration Language

Языки разметки

Пример: Соотношение кода и разметки

KV Store

Table “URLs”

Function

“Add URL”

Function

“Open URL”

{"Resources": {

"InstanceSecurityGroup": {"Type": "AWS::EC2::SecurityGroup","Properties": {

"SecurityGroupIngress": [ ... ]}

},"EC2Instance": {

"Type": "AWS::EC2::Instance","Properties": {

"InstanceType": "t2.micro","SecurityGroups": [ { "Ref": "InstanceSecurityGroup" } ],"ImageId": "ami-0080e4c5bc078760e"

}}

}}

Ссылки на ресурсы

{"condition": "[equals(parameters('production'), 'Yes')]","type": "Microsoft.Compute/availabilitySets","apiVersion": "2017-03-30","name": "[variables('availabilitySetName')]","location": "[resourceGroup().location]","properties": {

"platformFaultDomainCount": 2,"platformUpdateDomainCount": 3

}}

Условия

locals {files = ["index.php","main.php"]

}

resource "aws_s3_bucket_object" "files" {count = "${length(local.files)}"key = "${local.files[count.index]}"bucket = "${aws_s3_bucket.examplebucket.id}"source = "./src/${local.files[count.index]}"

}

Циклы

Повторное использование

Тестирование

Кажется, мы это

уже когда-то делали?

IDEsCode completion

Unit testsTypes

FunctionsPackage managers

VersioningClasses

Code reviewsContracts

SDKsWorkflows

Refactoring

Pulumi

14

Универсальные языки программирования

•

•

•

•

•

Провайдеры

•

•

•

•

•

const resourceGroup = new azure.core.ResourceGroup("rg");

const storageAccount = new azure.storage.Account("storage", {resourceGroupName: resourceGroup.name,accountReplicationType: "LRS",accountTier: "Standard",

});

Пример TypeScript

const resourceGroup = new azure.core.ResourceGroup("rg");

const storageAccount = new azure.storage.Account("storage", {resourceGroupName: resourceGroup.name,accountReplicationType: "LRS",accountTier: "Standard",

});

DesiredState

Как работает

Pulumi

Static Websiteon AWS

17

N провайдеров, M языков

Сложность O(N*M)

Сложность O(N+M)

Управление состоянием

Serverless Functions

в Azure

22

Ресурсы, нужные для Azure Function

// A resource group to contain our Azure Functionsconst resourceGroup = new azure.core.ResourceGroup("rg");

// A Node.js Azure Functionconst nodeApp = new azure.appservice.ArchiveFunctionApp("http", {

resourceGroup,archive: new pulumi.asset.FileArchive("./javascript"),

});

export const nodeEndpoint = nodeApp.endpoint;

Node.js Azure Function

Запустим pulumi up …

Type Name Plan+ pulumi:pulumi:Stack functions-dev create+ ├─ azure:appservice:ArchiveFunctionApp http create+ │ ├─ azure:storage:Account http create+ │ ├─ azure:appservice:Plan http create+ │ ├─ azure:storage:Container http create+ │ ├─ azure:storage:ZipBlob http create+ │ └─ azure:appservice:FunctionApp http create+ └─ azure:core:ResourceGroup rg create

// A .NET (C#) Azure Functionconst dotnetApp = new azure.appservice.ArchiveFunctionApp("dotnet", {

resourceGroup,archive: new pulumi.asset.FileArchive("./dotnet/publish/"),appSettings: {

runtime: "dotnet",},

});

.NET Azure Function

const linuxResourceGroup = new azure.core.ResourceGroup("linuxrg");

const linuxPlan = new azure.appservice.Plan("linux-asp", {resourceGroupName: linuxResourceGroup.name,kind: "Linux",sku: { tier: "Dynamic", size: "Y1" },reserved: true,

});

const pythonApp = new azure.appservice.ArchiveFunctionApp(...);

Python Azure Function on Linux

const f = new azure.appservice.HttpEventSubscription("greeting", {resourceGroup,callback: async (context, req) => {

return {status: 200,body: `Hello ${req.params.name}!`,

};},

});

Callbacks => Serverless Functions

Containers

27

Crosswalk for AWS

Load-balanced container instances

Load Balancer

Container

Container

const listener = new awsx.elasticloadbalancingv2.NetworkListener("lb",{port: 80 });

const service = new awsx.ecs.FargateService("nginx", {desiredCount: 2,taskDefinitionArgs: {

containers: {nginx: {

image: "jonashackt/spring-boot-vuejs",memory: 512,portMappings: [listener],

}}}});

Nginx + Fargate + Load Balancer

Запустим pulumi up …

Type Name Status+ pulumi:pulumi:Stack pulumi-typescript-aws-fargate-dev created+ ├─ awsx:x:ec2:SecurityGroup nginx created+ │ └─ aws:ec2:SecurityGroup nginx created+ ├─ awsx:x:ec2:Vpc default-vpc-accd9bc5 created+ │ ├─ awsx:x:ec2:Subnet default-vpc-accd9bc5-public-1 created+ │ └─ awsx:x:ec2:Subnet default-vpc-accd9bc5-public-0 created+ ├─ awsx:x:ecs:FargateService spring-boot-vuejs created+ │ └─ aws:ecs:Service spring-boot-vuejs created+ ├─ awsx:x:ecs:FargateTaskDefinition spring-boot-vuejs created+ │ ├─ aws:cloudwatch:LogGroup spring-boot-vuejs created+ │ ├─ aws:iam:Role spring-boot-vuejs-execution created+ │ ├─ aws:iam:Role spring-boot-vuejs-task created+ │ ├─ aws:iam:RolePolicyAttachment spring-boot-vuejs-execution-9a42f520 created+ │ ├─ aws:iam:RolePolicyAttachment spring-boot-vuejs-task-32be53a2 created+ │ ├─ aws:iam:RolePolicyAttachment spring-boot-vuejs-task-fd1a00e5 created+ │ └─ aws:ecs:TaskDefinition spring-boot-vuejs created+ ├─ awsx:x:ecs:Cluster default-cluster created+ │ ├─ awsx:x:ec2:SecurityGroup default-cluster created+ │ │ ├─ awsx:x:ec2:IngressSecurityGroupRule default-cluster-ssh created+ │ │ │ └─ aws:ec2:SecurityGroupRule default-cluster-ssh created+ │ │ ├─ awsx:x:ec2:IngressSecurityGroupRule default-cluster-containers created+ │ │ │ └─ aws:ec2:SecurityGroupRule default-cluster-containers created+ │ │ ├─ awsx:x:ec2:EgressSecurityGroupRule default-cluster-egress created+ │ │ │ └─ aws:ec2:SecurityGroupRule default-cluster-egress created+ │ │ └─ aws:ec2:SecurityGroup default-cluster created+ │ └─ aws:ecs:Cluster default-cluster created+ └─ aws:lb:ApplicationLoadBalancer nginx created+ ├─ awsx:lb:ApplicationTargetGroup nginx created+ │ └─ aws:lb:TargetGroup nginx created+ ├─ awsx:lb:ApplicationListener nginx created+ │ ├─ awsx:x:ec2:IngressSecurityGroupRule nginx-external-0-ingress created+ │ │ └─ aws:ec2:SecurityGroupRule nginx-external-0-ingress created+ │ ├─ awsx:x:ec2:EgressSecurityGroupRule nginx-external-0-egress created+ │ │ └─ aws:ec2:SecurityGroupRule nginx-external-0-egress created+ │ └─ aws:lb:Listener nginx created+ └─ aws:lb:LoadBalancer nginx created

Cosmos App

30

Cosmos App (1)

Cosmos App (2)

Cosmos App (3)

export const functions = new CosmosApp("urls", {resourceGroup,locations: ["WestEurope", "WestUS", "SouthEastAsia"],factory: ({location, cosmosdb}) => {

const app = new azure.appservice.ArchiveFunctionApp("app", {location,archive: new pulumi.asset.FileArchive("./app"),appSettings: {

COSMOSDB_ENDPOINT: cosmosdb.endpoint,},

});

return { id: app.functionApp.id };}});

Глобальные приложения

Kubernetes

33

class AksCluster extends pulumi.ComponentResource {constructor(name: string,

args: AksClusterArgs,opts: pulumi.ComponentResourceOptions = {}) {

super("examples:aks:AksCluster", name, args, opts);

const password = new random.RandomPassword("password"/*, {...}*/);const sshPublicKey = new tls.PrivateKey("key"/*, {...}*/);const adApp = new azuread.Application("aks"/*, {...}*/);const adSp = new azuread.ServicePrincipal("aksSp"/*, {...}*/);const vnet = new azure.network.VirtualNetwork("vnet"/*, {...}*/);const subnet = new azure.network.Subnet("subnet"/*, {...}*/);const cluster = new azure.containerservice.KubernetesCluster("aksCluster"/*, {...}*/)

}}

Managed Clusters

Crosswalkfor

Kubernetes

// Define the application Pod.const appPod = new kx.PodBuilder({

containers: [{image: "app:1.0.0",env: { "APP_CONFIG_PATH": "/app/config" },volumeMounts: [configs.mount("/app/config")],

}],});

// Create a Kubernetes Deployment using the previous Pod definition.const deployment = new kx.Deployment("nginx", {

spec: appPod.asDeploymentSpec({ replicas: 3 }),});

// Expose the Deployment with a load balancer using a Kubernetes Service.const service = deployment.createService({

type: kx.types.ServiceType.LoadBalancer,});

Библиотека Kx

// Find all distinct versions of MySQL running in your cluster.const mySqlVersions = kq

.list("v1", "Pod")

.flatMap(pod => pod.spec.containers)

.map(container => container.image)

.filter(imageName => imageName.includes("mysql"))

.distinct();

mySqlVersions.forEach(console.log);

Запросы

Контроль качества

36

Языки программирования

для инфраструктуры?

Точно?

AWS Cloud Development Kit (CDK)?

39

м

TypeScript

Python

Java

.NET

Транслируется в CloudFormation

const hello = new lambda.Function(this, 'HelloHandler', {runtime: lambda.Runtime.NODEJS_8_10, code: lambda.Code.asset('lambda'), handler: 'hello.handler'

});

new apigw.LambdaRestApi(this, 'Endpoint', {handler: hello

});

Пример AWS CDK

Примеры из моей презентации

✓ ✓

✓

✓ ✓

✓

✓

✓

Выводы

40

Используйте

Инфраструктуру как

кодСоздаёте

приложения для cloud?

Меньшие компоненты

Лучшая автоматизация

Преимущества кода

мИнфраструктура как код

Архитектура как код

Инфраструктура как TypeScript · var launchRequest = new RunInstancesRequest()...

Documents

Transcript of Инфраструктура как TypeScript · var launchRequest = new RunInstancesRequest()...