Practical GitOps
62,99 €
Sofort verfügbar, Lieferzeit: Sofort lieferbar
Practical GitOps, Apress
Infrastructure Management Using Terraform, AWS, and GitHub Actions
Von Rohit Salecha, im heise Shop in digitaler Fassung erhältlich
Produktinformationen "Practical GitOps"
Infrastructure as Code (IaC) is gaining popularity and developers today are deploying their application environments through IaC tools to the cloud. However, it can become extremely difficult and time-consuming to manage the state of the infrastructure that has been deployed. This book will provide a complete walkthrough of deploying a SpringBoot application on AWS with multiple environments like production, staging and development. Everything is orchestrated through GitHub Actions and executed through Terraform Cloud to monitor changes in your infrastructure and manage its state.
You'll start by reviewing how your infrastructure can be stored in code by spinning up an EC2 server first through the console, then AWS CLI and then using Terraform. You'll then be presented with a practical scenario of setting up a simple EC2 server in a multi-environment (production, staging and development) using GitHub Actions and Terraform Cloud. In the advanced section that follows, this simple EC2 server is expanded into an application that is deployed on an AWS EKS (Elastic Kubernetes Service) using AWS RDS (Relational Database Service) exposed through an AWS ALB (Application Load Balancer) protected using AWS ACM (AWS Certificate Manager), and accessible by setting the AWS Route53.
The book then builds up on this infrastructure and demonstrates how it can be deployed in a multi-environment scenario by implementing accounts through AWS organizations. You'll see how to put in restrictions through Service Control Policies, how to protect secrets using AWS Secrets Manager, and how to work with least privileges using IRSA (IAM Roles for Service Accounts). Finally, you'll make the infrastructure more observable using Graphana, Prometheus, and AWS OpenSearch, run security tools, host Route53 zones dynamically based on environments, and implement CloudWatch Alarms for various use cases.
ROHIT SALECHA is a technology enthusiast with over 11 years of experience in IT and the Cybersecurity industry. He loves to find security flaws in the web applications and api's, automate boring tasks and tinker around with new tech and help design secure by default systems. Lately, he has become quite smitten by the DevOps technologies and techniques and loves tinkering around with them.
PART I - SETTING UP GITOPS
CHAPTER 1: WHAT IS GITOPS?
1. The Era of DevOps
2. Infrastructure as Code
3. What is GitOps?
CHAPTER 2: INTRODUCTION TO AWS
1. Introduction to AWS
2. Creating an EC2 machine from AWS Console
3. Creating an EC2 machine using aws-cli
CHAPTER 3: INTRODUCTION TO TERRAFORM
1. Introduction to Terraform
2. Basic Syntaxes
3. Creating an EC2 machine using Terraform
CHAPTER 4: INTRODUCTION TO TERRAFORM CLOUD AND WORKSPACES
1. Preparing for Multi-environment
2. Introduction to Terraform Workspaces
3. Introduction to Terraform Cloud
4. Attaching Github Repo to Terraform Cloud
CHAPTER 5: INTRODUCTION TO GITHUB ACTIONS
1. Drawbacks of connecting to Github Repository
2. Introducing Github Actions
3. Deploying EC2 terraform code using Github Actions
4. Multi-environment strategy
CHAPTER 6: WORDPRESS ON AWS EKS
1. AWS EKS,EFS,RDS Architecture
2. Walkthrough of Terraform Code
3. Walkthrough of Kubernetes Manifest Files
4. Deploying Wordpress in Dev and Prod.
PART II - OPERATING WITH GITOPS
CHAPTER 7: AUTHENTICATION AND AUTHORIZATION
1. Kubernetes Provider Authentication in Terraform
2. Exploring the aws-auth ConfigMap
3. Understanding IRSA(IAM Roles and Service Accounts)
4. Connect AWS IAM Role with Kubernetes Service Account
5. AWS User access in Kubernetes
CHAPTER 8: SECURITY AND SECRET MANAGEMENT
1. Implementing HTTPS using AWS ACM
2. Storing Database Password in AWS Secrets Manager
3. Integrating Security tools in GitOps pipeline
CHAPTER 9: BACKUP AND DISASTER RECOVERY
1. Database Snapshot in AWS SSM Parameter Store
2. Deploying in Another AWS Region
CHAPTER 10: OBSERVABILITY
1. Collecting Metrics and Logs
2. Performance Monitoring using Graphana/Prometheus
3. Log Collection using EFK (Elastic Filebeat and Kibana)
You'll start by reviewing how your infrastructure can be stored in code by spinning up an EC2 server first through the console, then AWS CLI and then using Terraform. You'll then be presented with a practical scenario of setting up a simple EC2 server in a multi-environment (production, staging and development) using GitHub Actions and Terraform Cloud. In the advanced section that follows, this simple EC2 server is expanded into an application that is deployed on an AWS EKS (Elastic Kubernetes Service) using AWS RDS (Relational Database Service) exposed through an AWS ALB (Application Load Balancer) protected using AWS ACM (AWS Certificate Manager), and accessible by setting the AWS Route53.
The book then builds up on this infrastructure and demonstrates how it can be deployed in a multi-environment scenario by implementing accounts through AWS organizations. You'll see how to put in restrictions through Service Control Policies, how to protect secrets using AWS Secrets Manager, and how to work with least privileges using IRSA (IAM Roles for Service Accounts). Finally, you'll make the infrastructure more observable using Graphana, Prometheus, and AWS OpenSearch, run security tools, host Route53 zones dynamically based on environments, and implement CloudWatch Alarms for various use cases.
ROHIT SALECHA is a technology enthusiast with over 11 years of experience in IT and the Cybersecurity industry. He loves to find security flaws in the web applications and api's, automate boring tasks and tinker around with new tech and help design secure by default systems. Lately, he has become quite smitten by the DevOps technologies and techniques and loves tinkering around with them.
PART I - SETTING UP GITOPS
CHAPTER 1: WHAT IS GITOPS?
1. The Era of DevOps
2. Infrastructure as Code
3. What is GitOps?
CHAPTER 2: INTRODUCTION TO AWS
1. Introduction to AWS
2. Creating an EC2 machine from AWS Console
3. Creating an EC2 machine using aws-cli
CHAPTER 3: INTRODUCTION TO TERRAFORM
1. Introduction to Terraform
2. Basic Syntaxes
3. Creating an EC2 machine using Terraform
CHAPTER 4: INTRODUCTION TO TERRAFORM CLOUD AND WORKSPACES
1. Preparing for Multi-environment
2. Introduction to Terraform Workspaces
3. Introduction to Terraform Cloud
4. Attaching Github Repo to Terraform Cloud
CHAPTER 5: INTRODUCTION TO GITHUB ACTIONS
1. Drawbacks of connecting to Github Repository
2. Introducing Github Actions
3. Deploying EC2 terraform code using Github Actions
4. Multi-environment strategy
CHAPTER 6: WORDPRESS ON AWS EKS
1. AWS EKS,EFS,RDS Architecture
2. Walkthrough of Terraform Code
3. Walkthrough of Kubernetes Manifest Files
4. Deploying Wordpress in Dev and Prod.
PART II - OPERATING WITH GITOPS
CHAPTER 7: AUTHENTICATION AND AUTHORIZATION
1. Kubernetes Provider Authentication in Terraform
2. Exploring the aws-auth ConfigMap
3. Understanding IRSA(IAM Roles and Service Accounts)
4. Connect AWS IAM Role with Kubernetes Service Account
5. AWS User access in Kubernetes
CHAPTER 8: SECURITY AND SECRET MANAGEMENT
1. Implementing HTTPS using AWS ACM
2. Storing Database Password in AWS Secrets Manager
3. Integrating Security tools in GitOps pipeline
CHAPTER 9: BACKUP AND DISASTER RECOVERY
1. Database Snapshot in AWS SSM Parameter Store
2. Deploying in Another AWS Region
CHAPTER 10: OBSERVABILITY
1. Collecting Metrics and Logs
2. Performance Monitoring using Graphana/Prometheus
3. Log Collection using EFK (Elastic Filebeat and Kibana)
Artikel-Details
- Anbieter:
- Apress
- Autor:
- Rohit Salecha
- Artikelnummer:
- 9781484286739
- Veröffentlicht:
- 24.12.22