mirror of
https://github.com/MichaelCade/90DaysOfDevOps.git
synced 2025-01-05 13:07:58 +07:00
commit
8657e7f413
@ -80,3 +80,4 @@ Also please add any additional resources.
|
|||||||
|
|
||||||
- [Introducing the InfoSec colour wheel — blending developers with red and blue security teams.](https://hackernoon.com/introducing-the-infosec-colour-wheel-blending-developers-with-red-and-blue-security-teams-6437c1a07700)
|
- [Introducing the InfoSec colour wheel — blending developers with red and blue security teams.](https://hackernoon.com/introducing-the-infosec-colour-wheel-blending-developers-with-red-and-blue-security-teams-6437c1a07700)
|
||||||
|
|
||||||
|
See you on [Day 5](day05.md).
|
||||||
|
@ -53,3 +53,4 @@ The reason I am raising this is that security never stops, the growth of Open-So
|
|||||||
- [IBM - The 3 A's of Open Source Security](https://www.youtube.com/watch?v=baZH6CX6Zno)
|
- [IBM - The 3 A's of Open Source Security](https://www.youtube.com/watch?v=baZH6CX6Zno)
|
||||||
- [Log4j (CVE-2021-44228) RCE Vulnerability Explained](https://www.youtube.com/watch?v=0-abhd-CLwQ)
|
- [Log4j (CVE-2021-44228) RCE Vulnerability Explained](https://www.youtube.com/watch?v=0-abhd-CLwQ)
|
||||||
|
|
||||||
|
See you on [Day 6](day06.md).
|
||||||
|
@ -92,3 +92,5 @@ It contains the example I used in this article + a fuzz test that triggers a fai
|
|||||||
- <https://en.wikipedia.org/wiki/Fuzzing>
|
- <https://en.wikipedia.org/wiki/Fuzzing>
|
||||||
- [Fuzzing in Go by Valentin Deleplace, Devoxx Belgium 2022](https://www.youtube.com/watch?v=Zlf3s4EjnFU)
|
- [Fuzzing in Go by Valentin Deleplace, Devoxx Belgium 2022](https://www.youtube.com/watch?v=Zlf3s4EjnFU)
|
||||||
- [Write applications faster and securely with Go by Cody Oss, Go Day 2022](https://www.youtube.com/watch?v=aw7lFSFGKZs)
|
- [Write applications faster and securely with Go by Cody Oss, Go Day 2022](https://www.youtube.com/watch?v=aw7lFSFGKZs)
|
||||||
|
|
||||||
|
See you on [Day 17](day17.md).
|
||||||
|
@ -240,3 +240,5 @@ There are many tools that can help us in fuzzy testing our web applications, bot
|
|||||||
[Fuzzing Session: Finding Bugs and Vulnerabilities Automatically](https://youtu.be/DSJePjhBN5E)
|
[Fuzzing Session: Finding Bugs and Vulnerabilities Automatically](https://youtu.be/DSJePjhBN5E)
|
||||||
|
|
||||||
[Fuzzing the CNCF Landscape](https://youtu.be/zIyIZxAZLzo)
|
[Fuzzing the CNCF Landscape](https://youtu.be/zIyIZxAZLzo)
|
||||||
|
|
||||||
|
See you on [Day 18](day18.md).
|
||||||
|
@ -24,3 +24,5 @@ As with all other tools part of DevSecOps pipeline DAST should not be the only s
|
|||||||
- https://github.com/zaproxy/zaproxy
|
- https://github.com/zaproxy/zaproxy
|
||||||
- https://www.arachni-scanner.com/
|
- https://www.arachni-scanner.com/
|
||||||
- https://owasp.org/www-project-devsecops-guideline/latest/02b-Dynamic-Application-Security-Testing
|
- https://owasp.org/www-project-devsecops-guideline/latest/02b-Dynamic-Application-Security-Testing
|
||||||
|
|
||||||
|
See you on [Day 19](day19.md).
|
||||||
|
@ -6,21 +6,26 @@ IAST works through software instrumentation, or the use of instruments to monito
|
|||||||
IAST agent is running inside the application and monitoring for known attack patterns. As it is part of the application, it can monitor traffic between different components (either as classic MVC deployments and in microservices deployment).
|
IAST agent is running inside the application and monitoring for known attack patterns. As it is part of the application, it can monitor traffic between different components (either as classic MVC deployments and in microservices deployment).
|
||||||
|
|
||||||
## For IAST to be used, there are few prerequisites.
|
## For IAST to be used, there are few prerequisites.
|
||||||
|
|
||||||
- Application should be instrumented (inject the agent).
|
- Application should be instrumented (inject the agent).
|
||||||
- Traffic should be generated - via manual or automated tests. Another possible approach is via DAST tools (OWASP ZAP can be used for example).
|
- Traffic should be generated - via manual or automated tests. Another possible approach is via DAST tools (OWASP ZAP can be used for example).
|
||||||
|
|
||||||
## Advantages
|
## Advantages
|
||||||
|
|
||||||
One of the main advantages of IAST tools is that they can provide detailed and accurate information about vulnerabilities and how to fix them. This can save developers a lot of time and effort, as they don't have to manually search for vulnerabilities or try to reproduce them in a testing environment. IAST tools can also identify vulnerabilities that might be missed by other testing methods, such as those that require user interaction or are triggered under certain conditions. Testing time depends on the tests used (as IAST is not a standalone system) and with faster tests (automated tests) can be included into CI/CD pipelines. It can be used to detect different kind of vulnerabilities and due to the nature of the tools (it looks for “real traffic only) false positives/negatives findings are relatively rear compared to other testing types.
|
One of the main advantages of IAST tools is that they can provide detailed and accurate information about vulnerabilities and how to fix them. This can save developers a lot of time and effort, as they don't have to manually search for vulnerabilities or try to reproduce them in a testing environment. IAST tools can also identify vulnerabilities that might be missed by other testing methods, such as those that require user interaction or are triggered under certain conditions. Testing time depends on the tests used (as IAST is not a standalone system) and with faster tests (automated tests) can be included into CI/CD pipelines. It can be used to detect different kind of vulnerabilities and due to the nature of the tools (it looks for “real traffic only) false positives/negatives findings are relatively rear compared to other testing types.
|
||||||
IAST can be used in two flavours - as a typical testing tool and as real-time protection (it is called RAST in this case). Both work at the same principles and can be used together.
|
IAST can be used in two flavours - as a typical testing tool and as real-time protection (it is called RAST in this case). Both work at the same principles and can be used together.
|
||||||
|
|
||||||
## There are several disadvantages of the technology as well:
|
## There are several disadvantages of the technology as well:
|
||||||
|
|
||||||
- It is relatively new technology so there is not a lot of knowledge and experience both for the security teams and for the tools builders (open-source or commercial).
|
- It is relatively new technology so there is not a lot of knowledge and experience both for the security teams and for the tools builders (open-source or commercial).
|
||||||
- The solution cannot be used alone - something (or someone) should generate traffic patterns. It is important that all possible endpoints are queried during the tests.
|
- The solution cannot be used alone - something (or someone) should generate traffic patterns. It is important that all possible endpoints are queried during the tests.
|
||||||
- Findings are based on traffic. This is especially true if used for testing alone - if there is no traffic to a portion of the app / site it would not be tested so no findings are going to be generated.
|
- Findings are based on traffic. This is especially true if used for testing alone - if there is no traffic to a portion of the app / site it would not be tested so no findings are going to be generated.
|
||||||
- Due to need of instrumentation of the app, it can be fairly complex, especially compared to the source scanning tools (SAST or SCA).
|
- Due to need of instrumentation of the app, it can be fairly complex, especially compared to the source scanning tools (SAST or SCA).
|
||||||
|
|
||||||
There are several different IAST tools available, each with its own features and capabilities.
|
There are several different IAST tools available, each with its own features and capabilities.
|
||||||
|
|
||||||
## Some common features of IAST tools include:
|
## Some common features of IAST tools include:
|
||||||
|
|
||||||
- Real-time monitoring: IAST tools monitor the application's behaviour in real-time, allowing them to identify vulnerabilities as they occur.
|
- Real-time monitoring: IAST tools monitor the application's behaviour in real-time, allowing them to identify vulnerabilities as they occur.
|
||||||
- Vulnerability identification: IAST tools can identify a wide range of vulnerabilities, including injection attacks, cross-site scripting (XSS), and cross-site request forgery (CSRF).
|
- Vulnerability identification: IAST tools can identify a wide range of vulnerabilities, including injection attacks, cross-site scripting (XSS), and cross-site request forgery (CSRF).
|
||||||
- Remediation guidance: IAST tools often provide detailed information about how to fix identified vulnerabilities, including code snippets and recommendations for secure coding practices.
|
- Remediation guidance: IAST tools often provide detailed information about how to fix identified vulnerabilities, including code snippets and recommendations for secure coding practices.
|
||||||
@ -29,5 +34,8 @@ There are several different IAST tools available, each with its own features and
|
|||||||
IAST tools can be a valuable addition to a developer's toolkit, as they can help identify and fix vulnerabilities in real-time, saving time and effort. If you are a developer and are interested in using an IAST tool, there are many options available, so it is important to research and compare different tools to find the one that best fits your needs.
|
IAST tools can be a valuable addition to a developer's toolkit, as they can help identify and fix vulnerabilities in real-time, saving time and effort. If you are a developer and are interested in using an IAST tool, there are many options available, so it is important to research and compare different tools to find the one that best fits your needs.
|
||||||
|
|
||||||
## Tool example
|
## Tool example
|
||||||
|
|
||||||
There are almost no open-source tools on the market. Example is the commercial tool: Contrast Community Edition (CE) - Fully featured version for 1 app and up to 5 users (some Enterprise features disabled). Contrast CE supports Java and .NET only.
|
There are almost no open-source tools on the market. Example is the commercial tool: Contrast Community Edition (CE) - Fully featured version for 1 app and up to 5 users (some Enterprise features disabled). Contrast CE supports Java and .NET only.
|
||||||
Can be found here - https://www.contrastsecurity.com/contrast-community-edition
|
Can be found here - https://www.contrastsecurity.com/contrast-community-edition
|
||||||
|
|
||||||
|
See you on [Day 20](day20.md).
|
||||||
|
@ -151,3 +151,5 @@ Container Image Scanning can help us find vulnerabilities in our application bas
|
|||||||
|
|
||||||
Image Scanning and IAST/DAST are not mutually-exclusive.
|
Image Scanning and IAST/DAST are not mutually-exclusive.
|
||||||
They both have their place in a Secure SDLC and can help us find different problems before the attackers do.
|
They both have their place in a Secure SDLC and can help us find different problems before the attackers do.
|
||||||
|
|
||||||
|
See you on [Day 21](day21.md).
|
||||||
|
@ -75,3 +75,4 @@ Another place is your container registry (as seen today).
|
|||||||
|
|
||||||
Both are good options, both have their pros and cons.
|
Both are good options, both have their pros and cons.
|
||||||
It is up to the DevSecOps architect to decide which approach works better for them and their thread model.
|
It is up to the DevSecOps architect to decide which approach works better for them and their thread model.
|
||||||
|
See you on [Day 23](day23.md).
|
||||||
|
@ -159,3 +159,4 @@ A Secure SDLC would include scanning of all artifacts that end up in our product
|
|||||||
|
|
||||||
Today we learned how to scan non-container artifacts like Kubernetes manifests, Helm charts and Terraform code.
|
Today we learned how to scan non-container artifacts like Kubernetes manifests, Helm charts and Terraform code.
|
||||||
The tools we looked at are free and open-source and can be integrated into any workflow or CI pipeline.
|
The tools we looked at are free and open-source and can be integrated into any workflow or CI pipeline.
|
||||||
|
See you on [Day 24](day24.md).
|
||||||
|
@ -145,3 +145,4 @@ However, integrating signing into your workflow adds yet another layer of defenc
|
|||||||
Signing artifacts prevents supply-chain and man-in-the-middle attacks, by allowing you to verify the integrity of your artifacts.
|
Signing artifacts prevents supply-chain and man-in-the-middle attacks, by allowing you to verify the integrity of your artifacts.
|
||||||
|
|
||||||
[Sigstore](https://sigstore.dev/) and [cosign](https://docs.sigstore.dev/cosign/overview/) are useful tools to sign your artifacts and they come with many integrations to choose from.
|
[Sigstore](https://sigstore.dev/) and [cosign](https://docs.sigstore.dev/cosign/overview/) are useful tools to sign your artifacts and they come with many integrations to choose from.
|
||||||
|
See you on [Day 25](day25.md).
|
||||||
|
@ -82,3 +82,4 @@ A scan can detect something that is vulnerability, but it cannot be actively exp
|
|||||||
This makes the vulnerability a low priority one, because why fix something that presents no danger to you.
|
This makes the vulnerability a low priority one, because why fix something that presents no danger to you.
|
||||||
|
|
||||||
If an issue comes up in penetration testing then that means that this issue is exploitable, and probably a high priority - in the penetation testers managed to exploit it, so will the hackers.
|
If an issue comes up in penetration testing then that means that this issue is exploitable, and probably a high priority - in the penetation testers managed to exploit it, so will the hackers.
|
||||||
|
See you on [Day 26](day26.md).
|
||||||
|
@ -127,3 +127,4 @@ More on VM security:
|
|||||||
<https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security.html>
|
<https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security.html>
|
||||||
|
|
||||||
<https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-60025A18-8FCF-42D4-8E7A-BB6E14708787.html>
|
<https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-60025A18-8FCF-42D4-8E7A-BB6E14708787.html>
|
||||||
|
See you on [Day 27](day27.md).
|
||||||
|
@ -82,3 +82,5 @@ That will be done by either patching up the system, closing a hole that is not n
|
|||||||
<https://www.comparitech.com/net-admin/free-network-vulnerability-scanners/>
|
<https://www.comparitech.com/net-admin/free-network-vulnerability-scanners/>
|
||||||
|
|
||||||
<https://www.rapid7.com/solutions/network-vulnerability-scanner/>
|
<https://www.rapid7.com/solutions/network-vulnerability-scanner/>
|
||||||
|
|
||||||
|
See you on [Day 28](day28.md).
|
||||||
|
@ -39,7 +39,6 @@ Elaborating on this, here are the key reasons why monitoring is important for ru
|
|||||||
|
|
||||||
* Gaining visibility: Monitoring provides insight into system activity, which can be used to optimize performance, troubleshoot issues, and identify opportunities for improvement.
|
* Gaining visibility: Monitoring provides insight into system activity, which can be used to optimize performance, troubleshoot issues, and identify opportunities for improvement.
|
||||||
|
|
||||||
|
|
||||||
## What to monitor and record?
|
## What to monitor and record?
|
||||||
|
|
||||||
In theory, the ideal solution would be to log everything that is happening in the system and keep the data forever.
|
In theory, the ideal solution would be to log everything that is happening in the system and keep the data forever.
|
||||||
@ -63,6 +62,7 @@ Security configurations: Monitor security configurations, such as firewall rules
|
|||||||
Backup and disaster recovery systems: Monitor backup and disaster recovery systems to ensure that they are operating correctly and data can be recovered in the event of a failure or disaster.
|
Backup and disaster recovery systems: Monitor backup and disaster recovery systems to ensure that they are operating correctly and data can be recovered in the event of a failure or disaster.
|
||||||
|
|
||||||
## A practical implementation
|
## A practical implementation
|
||||||
|
|
||||||
In this part, we move from theory to practice.
|
In this part, we move from theory to practice.
|
||||||
|
|
||||||
There isn't a silver bullet here, every system has its tools. We will work on Kubernetes as infrastructure with [Microservices demo](https://github.com/GoogleCloudPlatform/microservices-demo) application.
|
There isn't a silver bullet here, every system has its tools. We will work on Kubernetes as infrastructure with [Microservices demo](https://github.com/GoogleCloudPlatform/microservices-demo) application.
|
||||||
@ -145,3 +145,4 @@ Browse Grafana for more dashboards [here](https://grafana.com/grafana/dashboards
|
|||||||
# Next...
|
# Next...
|
||||||
|
|
||||||
Tomorrow we will continue to the application level. Application logs and behavior monitoring will be in focue. We will continue to use the same setup and go deeper into the rabbit hole 😄
|
Tomorrow we will continue to the application level. Application logs and behavior monitoring will be in focue. We will continue to use the same setup and go deeper into the rabbit hole 😄
|
||||||
|
See you on [Day 29](day29.md).
|
||||||
|
@ -129,6 +129,5 @@ Now you should see Falco events in your Grafana! 😎
|
|||||||
|
|
||||||
# Next...
|
# Next...
|
||||||
|
|
||||||
Next day we will look into how to detect attacks in runtime. See you tomorrow 😃
|
Next day we will look into how to detect attacks in runtime.
|
||||||
|
See you tomorrow 😃 [Day 30](day30.md).
|
||||||
|
|
||||||
|
@ -113,4 +113,4 @@ I hope this part gave you an insight into how this system works.
|
|||||||
# Next
|
# Next
|
||||||
|
|
||||||
Tomorrow we will move away from the world of applications and go to the network layer, see you then!
|
Tomorrow we will move away from the world of applications and go to the network layer, see you then!
|
||||||
|
Unto [Day 31](day31.md).
|
||||||
|
@ -89,3 +89,4 @@ There are several tools available to monitor network traffic in Kubernetes, each
|
|||||||
|
|
||||||
These are just a few examples of the many tools available for monitoring network traffic in Kubernetes. When selecting a tool, consider the specific needs of your application and infrastructure, and choose a tool that provides the features and capabilities that best fit your requirements.
|
These are just a few examples of the many tools available for monitoring network traffic in Kubernetes. When selecting a tool, consider the specific needs of your application and infrastructure, and choose a tool that provides the features and capabilities that best fit your requirements.
|
||||||
|
|
||||||
|
See you on [Day 32](day32.md).
|
@ -102,3 +102,5 @@ After the installation you can access the vulnerabilities via CRD with kubectl:
|
|||||||
kubectl get vulnerabilityreports --all-namespaces -o wide
|
kubectl get vulnerabilityreports --all-namespaces -o wide
|
||||||
```
|
```
|
||||||
![](images/day32-2.png)
|
![](images/day32-2.png)
|
||||||
|
|
||||||
|
[Day 33](day33.md).
|
||||||
|
@ -295,5 +295,4 @@ status: {}
|
|||||||
### Summary
|
### Summary
|
||||||
These were examples of how to turn behavior to policy! Good stuff 😃
|
These were examples of how to turn behavior to policy! Good stuff 😃
|
||||||
|
|
||||||
|
See you on [Day 34](day34.md).
|
||||||
|
|
||||||
|
@ -216,4 +216,4 @@ no-privileged-containers:
|
|||||||
```
|
```
|
||||||
|
|
||||||
I hope this short intro gave a little taste of how admission controllers can help you to enforce runtime rules over a Kubernetes cluster!.
|
I hope this short intro gave a little taste of how admission controllers can help you to enforce runtime rules over a Kubernetes cluster!.
|
||||||
|
See you on [Day 35](day35.md).
|
||||||
|
@ -45,3 +45,5 @@ In a DevOps and automated world, secrets management solutions must be centered a
|
|||||||
* Azure Key Vault
|
* Azure Key Vault
|
||||||
* GCP Secret Manager
|
* GCP Secret Manager
|
||||||
* Thycotic Secret Server
|
* Thycotic Secret Server
|
||||||
|
|
||||||
|
See you on [Day 36](day36.md).
|
@ -71,3 +71,5 @@ The print argument is a string, which is one of Python's basic data types for st
|
|||||||
- [Learn Python - Full course by freeCodeCamp](https://youtu.be/rfscVS0vtbw)
|
- [Learn Python - Full course by freeCodeCamp](https://youtu.be/rfscVS0vtbw)
|
||||||
- [Python tutorial for beginners by Nana](https://youtu.be/t8pPdKYpowI)
|
- [Python tutorial for beginners by Nana](https://youtu.be/t8pPdKYpowI)
|
||||||
- [Python Crash Course book](https://amzn.to/40NfY45)
|
- [Python Crash Course book](https://amzn.to/40NfY45)
|
||||||
|
|
||||||
|
See you on [Day 43](day43.md).
|
@ -111,4 +111,4 @@ try:
|
|||||||
|
|
||||||
## Conclusion
|
## Conclusion
|
||||||
|
|
||||||
That is it for today, I will see you tomorrow in Day 3 of Python!
|
That is it for today, I will see you tomorrow in [Day 44 | Day 3 of Python!](day44.md).
|
||||||
|
@ -123,3 +123,4 @@ student = Student("John", "Canada", "Computer Science")
|
|||||||
person.speak() # "Hello, my name is Rishab and I am from Canada."
|
person.speak() # "Hello, my name is Rishab and I am from Canada."
|
||||||
student.speak() # "Hello, my name is John and I am a Computer Science major."
|
student.speak() # "Hello, my name is John and I am a Computer Science major."
|
||||||
```
|
```
|
||||||
|
See you tomorrow in [Day 45](day45.md).
|
@ -122,3 +122,6 @@ Output:
|
|||||||
- [pdb - The Python Debugger](https://docs.python.org/3/library/pdb.html)
|
- [pdb - The Python Debugger](https://docs.python.org/3/library/pdb.html)
|
||||||
- [re - Regular expressions operations](https://docs.python.org/3/library/re.html)
|
- [re - Regular expressions operations](https://docs.python.org/3/library/re.html)
|
||||||
- [datetime - Basic date and time types](https://docs.python.org/3/library/datetime.html)
|
- [datetime - Basic date and time types](https://docs.python.org/3/library/datetime.html)
|
||||||
|
|
||||||
|
See you tomorrow in [Day 46](day46.md).
|
||||||
|
|
@ -45,3 +45,4 @@ Having a good understanding of how these web apps work, will help you with autom
|
|||||||
You can dive deeper into how you can build APIs using Python and serverless technologies like AWS Lambda, Azure Functions etc.
|
You can dive deeper into how you can build APIs using Python and serverless technologies like AWS Lambda, Azure Functions etc.
|
||||||
|
|
||||||
I have a demo on [how I built a serverless resume API](https://github.com/rishabkumar7/AzureResumeAPI).
|
I have a demo on [how I built a serverless resume API](https://github.com/rishabkumar7/AzureResumeAPI).
|
||||||
|
See you tomorrow in [Day 47](day47.md).
|
||||||
|
@ -60,3 +60,5 @@ In this example, we're using the Pulumi Python SDK to define an EC2 instance on
|
|||||||
- [Learn more about Fabric](https://docs.fabfile.org/en/stable/index.html)
|
- [Learn more about Fabric](https://docs.fabfile.org/en/stable/index.html)
|
||||||
- [PyWinRM](https://github.com/diyan/pywinrm)
|
- [PyWinRM](https://github.com/diyan/pywinrm)
|
||||||
- [Pulumi - IaC Tool](https://www.pulumi.com/docs/reference/pkg/python/pulumi/)
|
- [Pulumi - IaC Tool](https://www.pulumi.com/docs/reference/pkg/python/pulumi/)
|
||||||
|
|
||||||
|
See you tomorrow in [Day 48](day48.md).
|
||||||
|
@ -153,3 +153,5 @@ Here is how it would look, I have 2 blog posts and have some gifs in my blog pos
|
|||||||
If we click on the `hello` blog post:
|
If we click on the `hello` blog post:
|
||||||
|
|
||||||
![Hello blog post](/2023/images/day48-2.png)
|
![Hello blog post](/2023/images/day48-2.png)
|
||||||
|
|
||||||
|
See you tomorrow in [Day 49](day49.md).
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
# Day 49: AWS Cloud Overview
|
# Day 49: AWS Cloud Overview
|
||||||
|
|
||||||
Welcome to the AWS section of the 90 Days of DevOps! Picking 7 items to learn about is difficult for several reasons:
|
Welcome to the AWS section of the 90 Days of DevOps! Picking 7 items to learn about is difficult for several reasons:
|
||||||
|
|
||||||
1. At last count, there were 250+ AWS services
|
1. At last count, there were 250+ AWS services
|
||||||
2. Each service could get it's own multi-day deep dive 😅
|
2. Each service could get it's own multi-day deep dive 😅
|
||||||
|
|
||||||
@ -44,3 +45,4 @@ Overall, AWS Cloud is a powerful and flexible cloud computing platform that offe
|
|||||||
|
|
||||||
## Resources
|
## Resources
|
||||||
|
|
||||||
|
See you tomorrow in [Day 50](day50.md).
|
||||||
|
@ -42,3 +42,4 @@ Once you have access to your free tier account, there are a few additional steps
|
|||||||
[Create your free AWS account](https://youtu.be/uZT8dA3G-S4)
|
[Create your free AWS account](https://youtu.be/uZT8dA3G-S4)
|
||||||
|
|
||||||
[Generate credentials, budget, and billing alarms via CLI](https://youtu.be/OdUnNuKylHg)
|
[Generate credentials, budget, and billing alarms via CLI](https://youtu.be/OdUnNuKylHg)
|
||||||
|
See you in [Day 52](day52.md).
|
||||||
|
@ -23,3 +23,5 @@ In addition to these benefits, CloudFormation also offers a range of other featu
|
|||||||
[AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html)
|
[AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html)
|
||||||
|
|
||||||
[AWS CloudFormation Getting Started step-by-step guides](https://aws.amazon.com/cloudformation/getting-started/)
|
[AWS CloudFormation Getting Started step-by-step guides](https://aws.amazon.com/cloudformation/getting-started/)
|
||||||
|
|
||||||
|
See you in [Day 52](day52.md).
|
@ -54,3 +54,4 @@ After you've assigned permissions to the IAM group, you can test the IAM user to
|
|||||||
|
|
||||||
[IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html)
|
[IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html)
|
||||||
|
|
||||||
|
See you in [Day 53](day53.md).
|
||||||
|
@ -47,3 +47,4 @@ Once you have created a resource group, you can view and manage your resources f
|
|||||||
|
|
||||||
[Getting started with AWS System Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-launch-managed-instance.html)
|
[Getting started with AWS System Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-launch-managed-instance.html)
|
||||||
|
|
||||||
|
See you in [Day 54](day54.md).
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
![](images/day54-01.png)
|
![](images/day54-01.png)
|
||||||
|
|
||||||
|
|
||||||
AWS CodeCommit is a fully managed source control service provided by Amazon Web Services (AWS) that makes it easy for developers to host and manage private Git repositories. Think "GitHub but with less features" 🤣 (j/k, see the resource "CodeCommit vs GitHub" for a breakdown) It allows teams to collaborate on code and keep their code securely stored in the cloud, with support for secure access control, encryption, and automatic backups.
|
AWS CodeCommit is a fully managed source control service provided by Amazon Web Services (AWS) that makes it easy for developers to host and manage private Git repositories. Think "GitHub but with less features" 🤣 (j/k, see the resource "CodeCommit vs GitHub" for a breakdown) It allows teams to collaborate on code and keep their code securely stored in the cloud, with support for secure access control, encryption, and automatic backups.
|
||||||
|
|
||||||
With AWS CodeCommit, developers can easily create, manage, and collaborate on Git repositories with powerful code review and workflow tools. It integrates seamlessly with other AWS services like AWS CodePipeline and AWS CodeBuild, making it easier to build and deploy applications in a fully automated manner.
|
With AWS CodeCommit, developers can easily create, manage, and collaborate on Git repositories with powerful code review and workflow tools. It integrates seamlessly with other AWS services like AWS CodePipeline and AWS CodeBuild, making it easier to build and deploy applications in a fully automated manner.
|
||||||
@ -19,8 +18,6 @@ In order to effectively leverage CodeCommit, you of course need to know how to u
|
|||||||
|
|
||||||
Overall, AWS CodeCommit is a powerful tool for teams that need to collaborate on code, manage their repositories securely, and streamline their development workflows.
|
Overall, AWS CodeCommit is a powerful tool for teams that need to collaborate on code, manage their repositories securely, and streamline their development workflows.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## Resources:
|
## Resources:
|
||||||
|
|
||||||
[AWS CodeCommit User Guide](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html)
|
[AWS CodeCommit User Guide](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html)
|
||||||
@ -30,3 +27,5 @@ Overall, AWS CodeCommit is a powerful tool for teams that need to collaborate on
|
|||||||
[AWS CodeCommit tutorial: your first Repo, Commit and Push](https://youtu.be/t7M8pHCh5Xs)
|
[AWS CodeCommit tutorial: your first Repo, Commit and Push](https://youtu.be/t7M8pHCh5Xs)
|
||||||
|
|
||||||
[AWS CodeCommit vs GitHub: Which will Shine in 2023?](https://appwrk.com/aws-codecommit-vs-github)
|
[AWS CodeCommit vs GitHub: Which will Shine in 2023?](https://appwrk.com/aws-codecommit-vs-github)
|
||||||
|
|
||||||
|
See you in [Day 55](day55.md).
|
||||||
|
@ -9,6 +9,7 @@
|
|||||||
With CodePipeline, you can create pipelines that automate your build, test, and deployment workflows, ensuring that your code changes are reliably deployed to your target environments. It enables you to achieve faster release cycles, improve collaboration among development and operations teams, and improve the overall quality and reliability of your software releases.
|
With CodePipeline, you can create pipelines that automate your build, test, and deployment workflows, ensuring that your code changes are reliably deployed to your target environments. It enables you to achieve faster release cycles, improve collaboration among development and operations teams, and improve the overall quality and reliability of your software releases.
|
||||||
|
|
||||||
AWS CodePipeline integrates with other AWS services:
|
AWS CodePipeline integrates with other AWS services:
|
||||||
|
|
||||||
- [Source Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-source)
|
- [Source Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-source)
|
||||||
- [Build Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-build)
|
- [Build Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-build)
|
||||||
- [Test Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-test)
|
- [Test Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-test)
|
||||||
@ -16,7 +17,6 @@ AWS CodePipeline integrates with other AWS services:
|
|||||||
- [Approval Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-approval)
|
- [Approval Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-approval)
|
||||||
- [Invoke Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-invoke)
|
- [Invoke Action Integrations](https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action-type.html#integrations-invoke)
|
||||||
|
|
||||||
|
|
||||||
It also integrates with third-party tools such as GitHub, Jenkins, and Bitbucket. You can use AWS CodePipeline to manage your application updates across multiple AWS accounts and regions.
|
It also integrates with third-party tools such as GitHub, Jenkins, and Bitbucket. You can use AWS CodePipeline to manage your application updates across multiple AWS accounts and regions.
|
||||||
|
|
||||||
## Getting started with AWS CodePipeline
|
## Getting started with AWS CodePipeline
|
||||||
@ -36,14 +36,15 @@ To create a CodePipeline pipeline, go to the AWS CodePipeline console, click on
|
|||||||
Once you have created your CodePipeline pipeline, you can test and deploy your code changes. AWS CodePipeline will automatically build, test, and deploy your code changes to your target environments. You can monitor the progress of your pipeline in the AWS CodePipeline console.
|
Once you have created your CodePipeline pipeline, you can test and deploy your code changes. AWS CodePipeline will automatically build, test, and deploy your code changes to your target environments. You can monitor the progress of your pipeline in the AWS CodePipeline console.
|
||||||
|
|
||||||
## Capstone Project
|
## Capstone Project
|
||||||
|
|
||||||
To tie up this AWS section of the 90 Days of DevOps, I recommend that you go through Adrian Cantrill's excellent mini-project, the [CatPipeline](https://www.youtube.com/playlist?list=PLTk5ZYSbd9MgARTJHbAaRcGSn7EMfxRHm). In it you will be exposed to CodeCommit, CodeBuild, CodeDeploy, and CodePipeline in a fun little project that will give you a taste of a day in the life of a DevOps engineer.
|
To tie up this AWS section of the 90 Days of DevOps, I recommend that you go through Adrian Cantrill's excellent mini-project, the [CatPipeline](https://www.youtube.com/playlist?list=PLTk5ZYSbd9MgARTJHbAaRcGSn7EMfxRHm). In it you will be exposed to CodeCommit, CodeBuild, CodeDeploy, and CodePipeline in a fun little project that will give you a taste of a day in the life of a DevOps engineer.
|
||||||
|
|
||||||
- [YouTube CatPipeline Playlist](https://www.youtube.com/playlist?list=PLTk5ZYSbd9MgARTJHbAaRcGSn7EMfxRHm)
|
- [YouTube CatPipeline Playlist](https://www.youtube.com/playlist?list=PLTk5ZYSbd9MgARTJHbAaRcGSn7EMfxRHm)
|
||||||
- [GitHub CatPipeline Repo](https://github.com/acantril/learn-cantrill-io-labs/tree/master/aws-codepipeline-catpipeline)
|
- [GitHub CatPipeline Repo](https://github.com/acantril/learn-cantrill-io-labs/tree/master/aws-codepipeline-catpipeline)
|
||||||
|
|
||||||
|
## Resources (Free)
|
||||||
|
|
||||||
## Resources (Free):
|
[AWS: Real-world CodePipeline CI/CD Examples](https://youtu.be/MNt2HGxClZ0)
|
||||||
|
|
||||||
[AWS: Real-world CodePipeline CI/CD Examples ](https://youtu.be/MNt2HGxClZ0)
|
|
||||||
|
|
||||||
[AWS CodePipeline User Guide](https://docs.aws.amazon.com/codepipeline/latest/userguide/welcome.html)
|
[AWS CodePipeline User Guide](https://docs.aws.amazon.com/codepipeline/latest/userguide/welcome.html)
|
||||||
|
|
||||||
@ -53,10 +54,13 @@ To tie up this AWS section of the 90 Days of DevOps, I recommend that you go thr
|
|||||||
|
|
||||||
[AWS CodeCommit vs GitHub: Which will Shine in 2023?](https://appwrk.com/aws-codecommit-vs-github)
|
[AWS CodeCommit vs GitHub: Which will Shine in 2023?](https://appwrk.com/aws-codecommit-vs-github)
|
||||||
|
|
||||||
## Resources (Paid):
|
## Resources (Paid)
|
||||||
|
|
||||||
There are a number of <i>excellent</i> instructors out there and picking 2-3 is always hard, but [Adrian Cantrill](https://learn.cantrill.io/), [Andrew Brown](https://www.exampro.co/), and [Stephane Maarek](https://www.udemy.com/user/stephane-maarek/) always come to mind when discussing fantastic content out there.
|
There are a number of <i>excellent</i> instructors out there and picking 2-3 is always hard, but [Adrian Cantrill](https://learn.cantrill.io/), [Andrew Brown](https://www.exampro.co/), and [Stephane Maarek](https://www.udemy.com/user/stephane-maarek/) always come to mind when discussing fantastic content out there.
|
||||||
|
|
||||||
## Final Thoughts
|
## Final Thoughts
|
||||||
|
|
||||||
I hope that this section of the 90 Days of DevOps has given you a taste of what is available in the AWS ecosystem.
|
I hope that this section of the 90 Days of DevOps has given you a taste of what is available in the AWS ecosystem.
|
||||||
|
|
||||||
Good luck in your studies! Up next is Red Hat OpenShift!
|
Good luck in your studies! Up next is Red Hat OpenShift!
|
||||||
|
See you in [Day 56](day56.md).
|
||||||
|
@ -108,3 +108,4 @@ In [day 57](/day57.md) we will dive into the Architecture and components of Open
|
|||||||
- [OKD](https://www.okd.io/)
|
- [OKD](https://www.okd.io/)
|
||||||
- [Official Red Hat OpenShift product page](https://www.redhat.com/en/technologies/cloud-computing/openshift)
|
- [Official Red Hat OpenShift product page](https://www.redhat.com/en/technologies/cloud-computing/openshift)
|
||||||
- [Red Hat Hybrid Cloud Learning Hub](https://cloud.redhat.com/learn)
|
- [Red Hat Hybrid Cloud Learning Hub](https://cloud.redhat.com/learn)
|
||||||
|
|
||||||
|
@ -132,3 +132,5 @@ The great thing about databases is that there are so many choices to choose from
|
|||||||
Join us tommorrow when we'll be talking about querying databases.
|
Join us tommorrow when we'll be talking about querying databases.
|
||||||
|
|
||||||
Thanks for reading!
|
Thanks for reading!
|
||||||
|
|
||||||
|
See you in [Day 64](day64.md).
|
||||||
|
@ -288,3 +288,5 @@ So that’s how to retrieve, update, and delete data from a database. We also lo
|
|||||||
Join us tommorrow where we will be looking at backing up and restoring databases.
|
Join us tommorrow where we will be looking at backing up and restoring databases.
|
||||||
|
|
||||||
Thank you for reading!
|
Thank you for reading!
|
||||||
|
|
||||||
|
See you in [Day 65](day65.md).
|
||||||
|
@ -251,3 +251,5 @@ The data is back! We have successfully performed a point in time restore of our
|
|||||||
Join us tomorrow where we will be talking about high availability and disaster recovery.
|
Join us tomorrow where we will be talking about high availability and disaster recovery.
|
||||||
|
|
||||||
Thanks for reading!
|
Thanks for reading!
|
||||||
|
|
||||||
|
See you in [Day 66](day66.md).
|
||||||
|
@ -1,6 +1,5 @@
|
|||||||
# High availability and disaster recovery
|
# High availability and disaster recovery
|
||||||
|
|
||||||
|
|
||||||
Hello and welcome to the fourth post in the database part of the 90 Days of DevOps blog series! Today we’ll be talking about high availability and disaster recovery.
|
Hello and welcome to the fourth post in the database part of the 90 Days of DevOps blog series! Today we’ll be talking about high availability and disaster recovery.
|
||||||
|
|
||||||
One of the main jobs of a database administrator is to configure and maintain disaster recovery and high availability strategies for the databases that they look after. In a nutshell they boil down to: -
|
One of the main jobs of a database administrator is to configure and maintain disaster recovery and high availability strategies for the databases that they look after. In a nutshell they boil down to: -
|
||||||
@ -207,3 +206,4 @@ Join us tomorrow where we'll be talking about performance tuning.
|
|||||||
|
|
||||||
Thanks for reading!
|
Thanks for reading!
|
||||||
|
|
||||||
|
See you in [Day 67](day67.md).
|
||||||
|
@ -136,3 +136,5 @@ And there we have it! Our query now has a supporting index!
|
|||||||
Join us tommorrow where we'll be talking about database security.
|
Join us tommorrow where we'll be talking about database security.
|
||||||
|
|
||||||
Thanks for reading!
|
Thanks for reading!
|
||||||
|
|
||||||
|
See you in [Day 68](day68.md).
|
@ -205,3 +205,4 @@ So if we have sensitive data within our database, this is one method of encrypti
|
|||||||
Join us tomorrow for the final post in the database series of 90DaysOfDevOps where we'll be talking about monitoring and troubleshooting.
|
Join us tomorrow for the final post in the database series of 90DaysOfDevOps where we'll be talking about monitoring and troubleshooting.
|
||||||
|
|
||||||
Thanks for reading!
|
Thanks for reading!
|
||||||
|
See you in [Day 69](day69.md).
|
||||||
|
@ -162,3 +162,5 @@ Caution does need to be taken with some of these tools as they can have a negati
|
|||||||
So having the correct monitoring, log collection, and query tracking tools are vital when it comes to not only preventing issues from arising but allowing for quick resolution when they do occur.
|
So having the correct monitoring, log collection, and query tracking tools are vital when it comes to not only preventing issues from arising but allowing for quick resolution when they do occur.
|
||||||
|
|
||||||
And that’s it for the database part of the 90DaysOfDevOps blog series. We hope this has been useful…thanks for reading!
|
And that’s it for the database part of the 90DaysOfDevOps blog series. We hope this has been useful…thanks for reading!
|
||||||
|
|
||||||
|
See you in [Day 70](day70.md).
|
||||||
|
@ -15,3 +15,5 @@ I am a large proponent of serverless, and I believe these are huge benefits to a
|
|||||||
That being said, I hope to provide you with a strong starting point for the land of serverless. Over the next few days, we will be exploring serverless resources and services, from compute, to storage, to API design, and more. We will keep our discussions high-level, but I'll be sure to include relevant examples, resources, and further reading from other leading industry experts. No prerequisites are necessary, I just ask you approach each and every article with an open mind, continue to ask questions & provide feedback, and let's dive in!*
|
That being said, I hope to provide you with a strong starting point for the land of serverless. Over the next few days, we will be exploring serverless resources and services, from compute, to storage, to API design, and more. We will keep our discussions high-level, but I'll be sure to include relevant examples, resources, and further reading from other leading industry experts. No prerequisites are necessary, I just ask you approach each and every article with an open mind, continue to ask questions & provide feedback, and let's dive in!*
|
||||||
|
|
||||||
*As a quick disclaimer - as I am an AWS Serverless Hero, most of the examples and explanations I give will reference the AWS ecosystem since that is where my expertise is. Many of the AWS services and tools we will discuss have equivalents across Azure, GCP, or other tooling. I will do my best to call these out going forward. This is part of a series that will be covered here, but I also encourage you to follow along on [Medium](https://kristiperreault.medium.com/what-is-serverless-1b46a5ffa7b3) or [Dev.to](https://dev.to/aws-heroes/what-is-serverless-4d4p) for more.
|
*As a quick disclaimer - as I am an AWS Serverless Hero, most of the examples and explanations I give will reference the AWS ecosystem since that is where my expertise is. Many of the AWS services and tools we will discuss have equivalents across Azure, GCP, or other tooling. I will do my best to call these out going forward. This is part of a series that will be covered here, but I also encourage you to follow along on [Medium](https://kristiperreault.medium.com/what-is-serverless-1b46a5ffa7b3) or [Dev.to](https://dev.to/aws-heroes/what-is-serverless-4d4p) for more.
|
||||||
|
|
||||||
|
See you in [Day 71](day71.md).
|
||||||
|
@ -25,3 +25,5 @@ Fargate stands sort of in the middle as a container service that offers many of
|
|||||||
These two options pretty much sum up serverless compute, believe it or not. When it comes to your business logic code in AWS or other cloud provider, these two services cover most, if not all, serverless application needs. As we continue on in this series, you'll realize there are a ton of other 'supporting' serverless services for storage, APIs, orchestration, and more to dive into. I hope this has given you a good preview on serverless compute and what's to come, tune in tomorrow where we'll discuss the various serverless storage solutions available to us. See you then!
|
These two options pretty much sum up serverless compute, believe it or not. When it comes to your business logic code in AWS or other cloud provider, these two services cover most, if not all, serverless application needs. As we continue on in this series, you'll realize there are a ton of other 'supporting' serverless services for storage, APIs, orchestration, and more to dive into. I hope this has given you a good preview on serverless compute and what's to come, tune in tomorrow where we'll discuss the various serverless storage solutions available to us. See you then!
|
||||||
|
|
||||||
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-compute-b19df2ea0935) or [Dev.to](https://dev.to/aws-heroes/serverless-compute-3bgo).
|
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-compute-b19df2ea0935) or [Dev.to](https://dev.to/aws-heroes/serverless-compute-3bgo).
|
||||||
|
|
||||||
|
See you in [Day 72](day72.md).
|
||||||
|
@ -31,3 +31,5 @@ This is my serverless database catch-all section. In my opinion, S3 and DynamoDB
|
|||||||
Well, this about sums up the serverless storage solutions available. As always, there are definitely equivalents of these resources in your cloud provider of choice, and you can't go wrong with any service you choose, as long as you're evaluating based on your specific application needs. Join me tomorrow, as we take another step further into serverless with API design.*
|
Well, this about sums up the serverless storage solutions available. As always, there are definitely equivalents of these resources in your cloud provider of choice, and you can't go wrong with any service you choose, as long as you're evaluating based on your specific application needs. Join me tomorrow, as we take another step further into serverless with API design.*
|
||||||
|
|
||||||
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-storage-4b7974683d3d) or [Dev.to](https://dev.to/aws-heroes/serverless-storage-50i3).
|
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-storage-4b7974683d3d) or [Dev.to](https://dev.to/aws-heroes/serverless-storage-50i3).
|
||||||
|
|
||||||
|
See you in [Day 73](day73.md).
|
||||||
|
@ -19,3 +19,5 @@ I'm keeping this section a bit shorter for you all, since [AppSync](https://aws.
|
|||||||
As with all of these short, daily articles, there is so much more that I could dive into here, but my purpose this week is to provide you with a little taste of what the serverless space has to offer, and get you started as a newbie to serverless. I'd highly encourage you to read up even more on [effective API Design](https://thenewstack.io/werner-vogels-6-rules-for-good-api-design/), and even get started with a tutorial, workshop, or even your own project (feel free to try out the travel website and let me know how it goes!) Believe it or not, there is still more to explore in the serverless space, so in my next post we will continue on with some really helpful integration & orchestration services.*
|
As with all of these short, daily articles, there is so much more that I could dive into here, but my purpose this week is to provide you with a little taste of what the serverless space has to offer, and get you started as a newbie to serverless. I'd highly encourage you to read up even more on [effective API Design](https://thenewstack.io/werner-vogels-6-rules-for-good-api-design/), and even get started with a tutorial, workshop, or even your own project (feel free to try out the travel website and let me know how it goes!) Believe it or not, there is still more to explore in the serverless space, so in my next post we will continue on with some really helpful integration & orchestration services.*
|
||||||
|
|
||||||
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-apis-4c852f0955ef) or [Dev.to](https://dev.to/aws-heroes/serverless-apis-5bdp).
|
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-apis-4c852f0955ef) or [Dev.to](https://dev.to/aws-heroes/serverless-apis-5bdp).
|
||||||
|
|
||||||
|
See you in [Day 74](day74.md).
|
||||||
|
@ -39,3 +39,5 @@ Similar to other services, you can define and configure your EventBridge instanc
|
|||||||
Although not what I would consider 'core' cloud services, the orchestration and communication services are key to event driven development and robust application design. If you are structuring your application to take advantage of event flow, these are tools you are going to want to be familiar with, and will be instrumental in your success by saving you time, money, complexity, and management overhead. This about wraps up what I want to cover with [serverless cloud services](https://aws.amazon.com/serverless/), though there is so much out there to explore. Tune in tomorrow as we start to put all of this together with best practices.*
|
Although not what I would consider 'core' cloud services, the orchestration and communication services are key to event driven development and robust application design. If you are structuring your application to take advantage of event flow, these are tools you are going to want to be familiar with, and will be instrumental in your success by saving you time, money, complexity, and management overhead. This about wraps up what I want to cover with [serverless cloud services](https://aws.amazon.com/serverless/), though there is so much out there to explore. Tune in tomorrow as we start to put all of this together with best practices.*
|
||||||
|
|
||||||
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-orchestration-d012aa7cae38) or [Dev.to](https://dev.to/aws-heroes/serverless-orchestration-3879).
|
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-orchestration-d012aa7cae38) or [Dev.to](https://dev.to/aws-heroes/serverless-orchestration-3879).
|
||||||
|
|
||||||
|
See you in [Day 75](day75.md).
|
@ -48,3 +48,5 @@ In addition to the six pillars, AWS Well Architected has this concept of [Well A
|
|||||||
|
|
||||||
If you'd like to learn more about Well Architected or hear about it in practice, I have actually given a [recent talk on the subject with Build On at AWS Re:Invent](https://www.twitch.tv/videos/1674539542?collection=T1passDrLhdY6Q). This is an area of technology I have been very passionate about, and I truly believe these pillars and Well Architected Reviews are well worth the time and effort. We're coming up to end of our team together this week (I know, already?!) so for our last day tomorrow, I'm excited to summarize what we've learned so far, and present you with some next steps for going beyond the serverless basics.*
|
If you'd like to learn more about Well Architected or hear about it in practice, I have actually given a [recent talk on the subject with Build On at AWS Re:Invent](https://www.twitch.tv/videos/1674539542?collection=T1passDrLhdY6Q). This is an area of technology I have been very passionate about, and I truly believe these pillars and Well Architected Reviews are well worth the time and effort. We're coming up to end of our team together this week (I know, already?!) so for our last day tomorrow, I'm excited to summarize what we've learned so far, and present you with some next steps for going beyond the serverless basics.*
|
||||||
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-well-architected-b379d5be10ad) or [Dev.to](https://dev.to/aws-heroes/serverless-well-architected-40jn).
|
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-well-architected-b379d5be10ad) or [Dev.to](https://dev.to/aws-heroes/serverless-well-architected-40jn).
|
||||||
|
|
||||||
|
See you in [Day 76](day76.md).
|
||||||
|
@ -29,3 +29,5 @@ Thanks again for taking this serverless journey with me this week, and please en
|
|||||||
….and so much more out there for you to explore!
|
….and so much more out there for you to explore!
|
||||||
|
|
||||||
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-beyond-the-basics-22ba22733dd1) or [Dev.to](https://dev.to/aws-heroes/serverless-beyond-the-basics-kom).
|
*This is part of a series that will be covered here, but I also encourage you to follow along with the rest of the series on [Medium](https://kristiperreault.medium.com/serverless-beyond-the-basics-22ba22733dd1) or [Dev.to](https://dev.to/aws-heroes/serverless-beyond-the-basics-kom).
|
||||||
|
|
||||||
|
See you in [Day 77](day77.md).
|
||||||
|
@ -66,3 +66,5 @@ Cilium is a Container Networking Interface that leverages eBPF to optimize packe
|
|||||||
|
|
||||||
### Conclusion
|
### Conclusion
|
||||||
A serivce mesh is a power application networking layer that provides traffic management, observability, and security. We will explore more in the next 6 days of #90DayofDevOps!
|
A serivce mesh is a power application networking layer that provides traffic management, observability, and security. We will explore more in the next 6 days of #90DayofDevOps!
|
||||||
|
|
||||||
|
See you in [Day 78](day78.md).
|
||||||
|
@ -229,4 +229,4 @@ Let's label our default namespace with the *istio-injection=enabled* label. This
|
|||||||
### Conclusion
|
### Conclusion
|
||||||
I decided to jump into getting a service mesh up and online. It's easy enough if you have the right pieces in place, like a Kubernetes cluster and a load-balancer service. Using the demo profile, you can have Istiod, and the Ingress/Egress gateway deployed. Deploy a sample app with a service definition, and you can expose it via the Ingress-Gateway and route to it using a virtual service.
|
I decided to jump into getting a service mesh up and online. It's easy enough if you have the right pieces in place, like a Kubernetes cluster and a load-balancer service. Using the demo profile, you can have Istiod, and the Ingress/Egress gateway deployed. Deploy a sample app with a service definition, and you can expose it via the Ingress-Gateway and route to it using a virtual service.
|
||||||
|
|
||||||
See you on Day 79 and beyond of #90DaysofServiceMesh
|
See you on [Day 79](day79.md) and beyond of #90DaysofServiceMesh
|
||||||
|
@ -66,4 +66,4 @@ Governance and Oversight | Istio Community | Linkered Community | AWS | Hashicor
|
|||||||
### Conclusion
|
### Conclusion
|
||||||
Service Meshes have come a long way in terms of capabilities and the environments they support. Istio appears to be the most feature-complete service mesh, providing a balance of platform support, customizability, extensibility, and is most production ready. Linkered trails right behind with a lighter-weight approach, and is mostly complete as a service mesh. AppMesh is mostly feature-filled but specific to the AWS Ecosystem. Consul is a great contender to Istio and Linkered. The Cilium CNI is taking the approach of using eBPF and climbing up the networking stack to address Service Mesh capabilities, but it has a lot of catching up to do.
|
Service Meshes have come a long way in terms of capabilities and the environments they support. Istio appears to be the most feature-complete service mesh, providing a balance of platform support, customizability, extensibility, and is most production ready. Linkered trails right behind with a lighter-weight approach, and is mostly complete as a service mesh. AppMesh is mostly feature-filled but specific to the AWS Ecosystem. Consul is a great contender to Istio and Linkered. The Cilium CNI is taking the approach of using eBPF and climbing up the networking stack to address Service Mesh capabilities, but it has a lot of catching up to do.
|
||||||
|
|
||||||
See you on Day 4 of #70DaysOfServiceMesh!
|
See you on [Day 80](day80.md) of #70DaysOfServiceMesh!
|
@ -334,4 +334,4 @@ I briefly covered several traffic management components that allow requests to f
|
|||||||
|
|
||||||
And I got to show you all of this in action!
|
And I got to show you all of this in action!
|
||||||
|
|
||||||
See you on Day 5 and beyond! :smile:!
|
See you on [Day 81](day81.md) and beyond! :smile:!
|
||||||
|
@ -200,3 +200,5 @@ Go ahead and end the Kiali dashboard process with *ctrl+c*.
|
|||||||
|
|
||||||
### Conclusion
|
### Conclusion
|
||||||
I've explored a few of the tools to be able to understand how we can observe services in our mesh and better understand how our applications are performing, or, if there are any issues.
|
I've explored a few of the tools to be able to understand how we can observe services in our mesh and better understand how our applications are performing, or, if there are any issues.
|
||||||
|
|
||||||
|
See you on [Day 82](day82.md)
|
||||||
|
Loading…
Reference in New Issue
Block a user