diff --git a/radar/2019-11-01/concourse-ci.md b/radar/2019-11-01/concourse-ci.md new file mode 100644 index 0000000..b133d24 --- /dev/null +++ b/radar/2019-11-01/concourse-ci.md @@ -0,0 +1,10 @@ +--- +title: "Concourse" +ring: trial +quadrant: tools + +--- + +[Concourse](https://concourse-ci.org/) is an open-source continuous "thing-doer". It represents a general approach for automation which can be used for Continuous Integration and Continuous Delivery. Concourse CI follows a strict concept that is based on idempotency, immutability, declarative config, stateless workers, and reproducible builds. Pipelines are built on the mechanics of resources, tasks and jobs, which are all configured in one or multiple YAML files. +Concourse claims to be "simple" but has a steep learning curve in the beginning till it gets simple to use. +Concourse is used in the Congstar Team to automate infrastructure deployments. \ No newline at end of file diff --git a/radar/2019-11-01/eks.md b/radar/2019-11-01/eks.md new file mode 100644 index 0000000..c6ae2ed --- /dev/null +++ b/radar/2019-11-01/eks.md @@ -0,0 +1,17 @@ +--- +title: "Amazon EKS" +ring: trial +quadrant: platforms-and-aoe-services + +--- + +[Amazon Elastic Kubernetes Service](https://aws.amazon.com/de/eks/) (Amazon EKS) is a managed service that makes it easy for you to run Kubernetes on AWS without needing to stand up or maintain your own Kubernetes control plane. +Amazon EKS runs Kubernetes control plane instances across multiple Availability Zones to ensure high availability. +It also provides automated version upgrades and patching for them. + +Amazon EKS is used as part of the infrastructure in the Congstar project. +Different Amazon EKS Clusters are in use on a variety of environments like development, integration, testing and production. +We experienced that Kubernetes version updates are done without major efforts or impact to the running cluster. + +Amazon EKS is fully supported by Terraform which brings the advantage that its configuration is written in code, +which fulfils the infrastructure as code philosophy. \ No newline at end of file diff --git a/radar/2019-11-01/packer.md b/radar/2019-11-01/packer.md index 52811d8..15d6b27 100644 --- a/radar/2019-11-01/packer.md +++ b/radar/2019-11-01/packer.md @@ -5,6 +5,13 @@ quadrant: platforms-and-aoe-services --- -Machine images are important for modern deployment pipelines and fast ramp of of new infrastructure. +[Hashicorp Packer](https://www.packer.io/intro/getting-started/build-image.html) is a lightweight tool which automates the creation of any type of machine images (Machine Image As A Code) for multiple platforms. +Packer is not a replacement of configuration management tools like Ansible. Packer works with tools like ansible to install software while creating images. +Packer uses a configuration file to create a machine image. It uses the concepts of builders to spin up an instance, run provisioners to configure applications or services. +Once setup is done, it shuts the instance down and save new baked machine instance with any needed post-processing. +Packer only builds images. But once you have them you can deploy your infrastructure quickly and even scale by spawning any number of instances without doing extra configuration. +Another benefit is, that machine images can be tested to verify if they are working correctly. +Packer supports multiple cloud providers like AWS, GCP, Digital Ocean etc. -We are using [Packer](https://www.packer.io/intro/getting-started/build-image.html) to build so called "Golden images" that are used in our [Infrastructure as Code](/methods-and-patterns/infrastructure-as-code.html) based provisionings. +Machine images are important for modern deployment pipelines and fast ramp of of new infrastructure. +We are using Packer to build so called "Golden images" that are used in our [Infrastructure as Code](/methods-and-patterns/infrastructure-as-code.html) based provisionings. diff --git a/radar/2019-11-01/terraform.md b/radar/2019-11-01/terraform.md index af73061..6701c9a 100644 --- a/radar/2019-11-01/terraform.md +++ b/radar/2019-11-01/terraform.md @@ -4,6 +4,13 @@ ring: adopt quadrant: platforms-and-aoe-services --- -[Terraform](https://www.terraform.io/) is a tool to manage and provision infrastructure as code. +[Terraform](https://www.terraform.io/) is a tool for building, changing and versioning infrastructure using the infrastructure as code pattern. +Terraform supports popular service providers like AWS, Google Cloud Platform, Azure and many more. + +Infrastructure is described in configuration files trough the HCL (HashiCorp Configuration Language), which brings a set of string interpolations and built-in functions, +including conditionals and loops. Terraform validates configuration files before trying to run updates. It checks not only that all files use the correct syntax, +but also that all parameters are accessible and the configuration as a whole is valid. In Terraform, you can (and should) run a ‘plan’ step before applying any changes. +This step tells you precisely what is going to change and why. +Another feature of Terraform is that it makes it easy to reuse code by using modules. That gives a lot of leeway in structuring projects in the way it makes most sense. Here at AOE we use terraform in multiple teams to provision infrastructure and manage their lifecycle on cloud platforms such as AWS and for platforms such as Kubernetes. diff --git a/radar/2019-11-01/vault.md b/radar/2019-11-01/vault.md new file mode 100644 index 0000000..5e432e7 --- /dev/null +++ b/radar/2019-11-01/vault.md @@ -0,0 +1,10 @@ +--- +title: "Vault" +ring: trial +quadrant: tools + +--- + +[Hashicorp Vault](https://www.vaultproject.io/) is a Go application with a Rest/Cli interface that you can use to securely access secrets. +A secret can be any sensitive data, such as credentials, certificates, access tokens, encryption keys etc. +Vaults key features are a secure secret storage, dynamic secretes (create on-demand secrets), data encryption, secret leasing, renewal and revocation. \ No newline at end of file