-
Notifications
You must be signed in to change notification settings - Fork 1
/
10-infrastructure.slide
412 lines (291 loc) · 10.2 KB
/
10-infrastructure.slide
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
# Infrastructure
Course Go
Tags: golang, go
## Outline
- Linters
- CI/CD
- GitLab CI/CD
- GitHub Actions
- Infrastructure
- Cloud
- GCP
## Linters
## Linters
- Go has a:
- Built-in formatter
- `go fmt`
- Built-in linter
- `go vet`
- Is there anything better?
- More static analysis checks
- Configurable
## golanci-lint
- Go linters runner
- Runs them in parallel
- Configured using YAML
- Using `.golangci.yaml`
- Over a hundred of [linters](https://golangci-lint.run/usage/linters/)
- [Custom CLI](https://golangci-lint.run/welcome/install/)
```
$ golangci-lint run
```
[golangci-lint.run](https://golangci-lint.run)
## Configuring golangci-lint
.code assets/lecture-10/linters/golangci.yaml /CONFIG START OMIT/,/CONFIG END OMIT/
[golang-ci-lint.run configuration](https://golangci-lint.run/usage/configuration/)
## Configuring specific golangci-lint linters
.code assets/lecture-10/linters/golangci.yaml /LINTER CONFIG START OMIT/,/LINTER CONFIG END OMIT/
[golang-ci-lint.run configuration](https://golangci-lint.run/usage/configuration/)
## CI/CD
## CI/CD
.image assets/lecture-10/cicd/cicd.svg 500 _
## CI/CD
- _Continuous integration and continuous delivery/deployment_
- Aims to automate software development process
## CI
- Continuous integration
- Involves:
- Running linters and formatters
- Checking that code is buildable
- And that all tests pass
- Generally always triggered
- On "each" commit
- The CI can be sped up by running just a subset of tests
- Smoke tests
## CD
- Mostly setup on pushes to the _main_ branch
- Releases/tags
- Continuous Delivery
- Shipping update
- Container/package repositories
- Continuous Deployment
- Deploying update to production
- Not always practiced
- Manual trigger
## Semantic versioning
- **Major.Minor.Patch**
- `v1.17.5`
- Major
- Incompatible API changes
- Minor
- New features
- Patch
- Bug fixes
- Release candidates
- Suffixed with `.rc-[NUMBER]`
[Semver](https://semver.org)
## Tags
- Annotated
```
$ git tag -a v1.17.5 -m "Gophers would approve"
```
- Lightweight
```
$ git tag v1.17.5
```
- Specific commit
```
$ git tag v1.17.5 c3d5e1
```
- Tags have to be pushed explicitly
```
$ git push origin --tags
```
[Git Book: Git Basics - Tagging](https://git-scm.com/book/en/v2/Git-Basics-Tagging)
## GitLab CI/CD
- Built into GitLab
- Configured using the `.gitlab-ci.yaml`
- Root of project
[GitLab Docs: CI/CD](https://docs.gitlab.com/ee/topics/build_your_application.html)
## GitLab CI/CD (1/2)
.code assets/lecture-10/cicd/gitlab-ci.yaml /START OMIT/,/MIDDLE OMIT/
## GitLab CI/CD (2/2)
.code assets/lecture-10/cicd/gitlab-ci.yaml /MIDDLE OMIT/,/END OMIT/
## GitHub Actions
- GitHub's CI/CD
- Built into GitHub
- No restrictions for public repositories
- Defined as [worklows](https://docs.github.com/en/actions/learn-github-actions/understanding-github-actions#workflows)
- Configured using YAML
- In `.github/workflows/` directory
- Single workflow can have multiple `jobs`
- [Job](https://docs.github.com/en/actions/learn-github-actions/understanding-github-actions#jobs) is just a set of steps
- The workflows are then run using [runners](https://docs.github.com/en/actions/learn-github-actions/understanding-github-actions#runners) when a specified [event](https://docs.github.com/en/actions/learn-github-actions/understanding-github-actions#events) occurs
[GitHub Docs: GitHub Actions](https://docs.github.com/en/actions)
## GitHub Actions (1/4)
.code assets/lecture-10/cicd/github-workflow.yaml /START OMIT/,/LINT OMIT/
## GitHub Actions (2/4)
.code assets/lecture-10/cicd/github-workflow.yaml /LINT OMIT/,/TEST OMIT/
## GitHub Actions (3/4)
.code assets/lecture-10/cicd/github-workflow.yaml /TEST OMIT/,/DOCKER SETUP OMIT/
## GitHub Actions (4/4)
.code assets/lecture-10/cicd/github-workflow.yaml /DOCKER SETUP OMIT/,/DOCKER PUSH OMIT/
## GitHub Actions
- Pre-prepared worklow steps
- No need to write repeating shell command sequences
- You just use the action
- Regural GitHub repositories
- [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action)
- Simplify usage of frequent tasks
- [Custom actions](https://docs.github.com/en/actions/creating-actions) can be created
[GitHub Marketplace: Actions](https://github.com/marketplace?type=actions)
## GitHub Packages
- Alternative to [Docker Hub](https://hub.docker.com)
- Or [GitLab container registry](https://docs.gitlab.com/ee/user/packages/container_registry/)
- Directly linked with repository
- [course-go/lectures packages](https://github.com/course-go/lectures/pkgs/container/lectures)
[GitHub Docs: GitHub Packages](https://docs.github.com/en/packages)
## Alternatives
- [Jenkins](https://www.jenkins.io)
- [Circle CI](https://circleci.com)
- [TeamCity](https://www.jetbrains.com/teamcity/)
## Deployments
## Deployments
- What do we build apps for?
- Provides a service to customers
- Apps are useless unless used by customers
- Developing them is nice
- But you have to deploy them
## Simple
.image assets/lecture-10/infrastructure/simple.svg 400 _
## Simple
- What if I want to run more services?
- How can I scale service instances?
- Fault tolerance
- Distribute load
- HTTPS?
- Managing certificates
[Sam Rose: Load Balancing](https://samwho.dev/load-balancing/)
## Caddy
- Web server, reverse proxy, load-balancer
- Alternative to NGINX, Apache etc.
- Native config format is JSON
- `Caddyfile`
- More handy
- [Automatic HTTPS](https://caddyserver.com/docs/automatic-https) configuration using [ACME](https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment)
- [ZeroSSL](https://zerossl.com) project
- Supports all HTTP versions
- Extensible using [modules](https://caddyserver.com/docs/modules/)
[Caddy](https://caddyserver.com)
[GitHub: Caddy](https://github.com/caddyserver/caddy)
## Caddyfile
.code assets/lecture-10/infrastructure/Caddyfile
```
$ caddy run
```
## Traefik
- Proxy, edge router (reverse proxy)
- Alternative to NGINX, HAProxy, Envoy etc.
- Also [supports ACME](https://doc.traefik.io/traefik/https/acme/) providers like [Let's Encrypt](https://letsencrypt.org)
- Includes a CLI, API and GUI dashboard
- Static configuration at startup
- [Dynamic configuration](https://doc.traefik.io/traefik/providers/overview) via providers
- Docker, Kubernetes, Consul, Nomad, HTTP, ...
```
labels:
- traefik.http.routers.my-container.rule=Host(`course-go.dev`)
- traefik.http.services.my-service.loadbalancer.server.port=12345
```
[Traefik](https://traefik.io/traefik/)
[GitHub: Traefik](https://github.com/traefik/traefik/)
## Traefik Configuration
.code assets/lecture-10/infrastructure/traefik-docker-compose.yaml
.code assets/lecture-10/infrastructure/traefik.yml
## Advanced
.image assets/lecture-10/infrastructure/advanced.svg 420 _
## Advanced
- Progress
- Single entrypoint
- Multiple services
- Multiple instances
- What if our VM dies?
- Lack of hardware resources
- Network outage
- Datacenters can [caught on fire](https://dgtlinfra.com/data-center-fires/)
## Complex
.image assets/lecture-10/infrastructure/complex.svg 550 _
## Cloud
## Cloud
- Allows access to computer system resource and storage
- Major service providers:
- **Amazon Web Services (AWS)** [~33 %]
- **Microsoft Azure** [~22 %]
- **Google Cloud Platform (GCP)** [~11 %]
- All major providers offer plenty of services
- For only hosting VPSs or dedicated servers, consider smaller providers
- Generally cheaper
- Honorable mentions:
- [Hetzner](https://www.hetzner.com), [netcup](https://www.netcup.eu), [Digital Ocean](https://www.digitalocean.com)
[N-iX: AWS vs Azure vs GCP](https://www.n-ix.com/comparing-big-3-aws-azure-gcp/)
## GCP
## GCP
- Google Cloud Platform
- One of the top three cloud services providers
- Launched in 2008
- Includes plenty of APIs to Google services:
- Machine learning
- Gemini
- Computing
- Storage
- Data anylytics
[GCP: Cloud APIs](https://cloud.google.com/apis?hl=en)
## Artifact Registry
- Google's container registry
- Docker Hub, GitHub Packages, ...
- Allows for easy [CI/CD setup](https://cloud.google.com/docs/application-development#expandable-2)
- Upload containers to AR
- Deploy them right away
- Additional features:
- Vulnerability scanning
- You can setup building of containers in GCP directly
- [Cloud Build](https://cloud.google.com/build/docs)
[GCP: Artifact Registry](https://cloud.google.com/artifact-registry)
## Compute Engine
- Service for setting up VMs
- Alternatives:
- Amazon: Elastic Compute Cloud (EC2)
- Azure: Virtual Machine
[GCP: Compute Engine](https://cloud.google.com/products/compute?hl=en)
## Cloud Run
- Service for running containers
- Serverless
- Allows you to scale to 0
- Cost
- Alternatives:
- Amazon: App Runner
- Azure: Container Apps
[GCP: Cloud Run](https://cloud.google.com/run?hl=en)
## GKE
- Google Kubernetes Engine
- [Autopilot](https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview) can manage your infrastructure
- Serverless
- Alternatives:
- Amazon: Elastic Kubernetes Service (EKS)
- Azure: Azure Kubernetes Service (AKS)
[GCP: GKE](https://cloud.google.com/kubernetes-engine?hl=en)
## VPC
- Virtual Private Cloud
- Network service
- Allows you to setup virtual topology
- Allows network sharing across projects
- Alternatives:
- Amazon: Virtual Private Cloud
- Azure: Virtual Network
[GCP: VPC](https://cloud.google.com/vpc?hl=en)
## Cloud SQL
- Service for running SQL database instances
- Currently supports MySQL, PostgresSQL, and SQL Server
- Alternatives:
- Amazon: Simple Storage Service (S3)
- Azure: Blob Storage
[GCP: Cloud SQL](https://cloud.google.com/sql?hl=en)
## Cloud Storage
- Object storage
- Files, videos, photos, ...
- Structured using buckets
- Directory structure
- Alternatives:
- Amazon: Simple Storage Service (S3)
- Azure: Blob Storage
- Open-source: [Minio](https://github.com/minio/minio)
[GCP: Cloud Storage](https://cloud.google.com/storage?hl=en)