Merge pull request #11435 from Jamskr/Continuous-infrastructure-The-other-CI

Translated 20171108 Continuous infrastructure- The other CI
This commit is contained in:
Xingyu.Wang 2018-12-01 19:38:18 +08:00 committed by GitHub
commit 2b575030b3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 111 additions and 120 deletions

View File

@ -1,120 +0,0 @@
Translating by Jamskr
Continuous infrastructure: The other CI
======
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/BIZ_darwincloud_520x292_0311LL.png?itok=74DLgd8Q)
Continuous delivery (CD) and continuous integration (CI) are two well-known aspects of DevOps. But the CI in vogue today is missing a critical "I:" infrastructure.
There was a time when "infrastructure" meant headless black boxes, enormous server rooms, and towering racks--not to mention procurement processes that stretched for months and load estimates that erred on the side of surplus. Then came the virtual machine revolution, which made the infrastructure, well, virtual--and the world has never been the same. We no longer need to manage brick-and-mortar boxes. We can create and destroy, start and stop, upgrade and downgrade machines with just a few clicks.
There's a popular story about a bank that went digital and introduced online forms, which customers needed to fill out manually, print, and snail-mail to the bank. That's where we are today with infrastructure: using new technology to do things the same old way.
In this article, we'll look at progressive infrastructure management, treating infrastructure as a versioned artifact and exploring the concept of immutable servers. In a subsequent post, we'll look at how open source tools can be used to achieve continuous infrastructure.
![continuous infrastructure pipeline][2]
The in-practice continuous infrastructure pipeline
This is the familiar CI, release-early, release-often cycle pipeline. This pipeline is missing a key component: infrastructure.
Pop quiz:
* How do you create and upgrade your infrastructure?
* How do you control and track changes to your infrastructure?
* How does your infrastructure scale with your business?
* How do you ensure tests on the right infrastructure configuration?
To answer these questions, introduce continuous infrastructure. Split the CI build pipeline into continuous integration code (CIc) and continuous integration infrastructure (CIi) to develop and build code and infrastructure in parallel, converging the two for unified test and release. Make infrastructure a first-class citizen of the CI pipeline.
![pipeline with infrastructure][4]
CI pipeline with continuous infrastructure
The defining aspects of CIi include:
**1\. Code**
Create infrastructure by code, not by installation. Infrastructure as code (IaC) is the contemporary method used to develop infrastructure from configuration scripts. These scripts follow the typical development life cycle of coding and unit tests (see the Terraform script below for an example).
**2\. Version**
The IaC artifacts are versioned in the source repository. This brings all the advantages of version control to the infrastructure: consistency, traceability, branching, and tagging.
**3\. Manage**
With coded and versioned infrastructure, you can apply the familiar test and release processes to manage infrastructure development.
CIi offers the following advantages:
**1\. Consistency**
Versioned and tagged infrastructure means you unambiguously know the components and configuration of the system you are using. This establishes an excellent DevOps practice to identify and manage infrastructure consistently.
**2\. Reproducibility**
With infrastructure tagged and baselined, recreating infrastructure is easy. Think of how often you've heard this: "But it works on my machine!" Now you can reproduce a production-like environment quickly in a local test bench to remove environment as a variable of your debug cycle.
**3\. Traceability**
How many times have you gone through history to find out who changed the permissions of a folder, or who upgraded the **ssh** package? Coded, versioned, released infrastructure eliminates ad hoc changes, bringing easy traceability and predictability to infrastructure management.
**4\. Automation**
With scriptable infrastructure, automation is the next logical step. Automation lets you create infrastructure on demand and destroy it when you're done, so you can focus your valuable time and energy on more productive tasks.
**5\. Immutability**
CIi brings innovations such as immutable infrastructure. Instead of upgrading, you can simply create new infrastructure components (see the note on immutable infrastructure below).
Continuous infrastructure is about evolving run-environments with run-artifacts. Treat infrastructure like code, and take it through proven DevOps processes. The traditional CI is redefined to include that missing "i," leading to a coherent CD.
**(CIc + CIi) = CI -> CD**
## Infrastructure as code (IaC)
A key enabler for CIi pipeline is infrastructure as code (IaC). IaC is the mechanism for creating and upgrading infrastructure with configuration files. These configuration files are developed like code and versioned in version control system. The files follow the usual code development life cycle: unit test, commit, build, and release. IaC process brings all advantages of version control for infrastructure development, such as tagging, versioning consistency, and change traceability.
Here's a sample Terraform script to create a two-tier infrastructure on AWS, consisting of a virtual private cloud (VPC), an elastic load balancer (ELB), security groups, and an NGINX server. [Terraform][5] is an open source tool to create and change infrastructure through scripts.
![terraform script][7]
Sample Terraform script to create two-tier infrastructure on AWS
The complete script is available on [GitHub][8].
## Immutable infrastructure
You have several VMs running and need to apply a security patch. A common approach is to update all systems individually using a remote push script.
Instead of updating the old systems, how about throwing them away and deploying new systems with a security patch installed? This is immutable infrastructure. Since the previous version of infrastructure is versioned and tagged, installing the patch is simply a matter of updating the script and pushing it through the release pipeline.
Now do you see why infrastructure should be a first-class citizen of the CI pipeline?
--------------------------------------------------------------------------------
via: https://opensource.com/article/17/11/continuous-infrastructure-other-ci
作者:[About The Author;Girish Managoli;With About Years;Experience In The Software It Industry;Girish Presently Holds Chief Architect Capacity At Mindtree;A Global It Services Organization;Based In India. Specialising In Paas;Saas Platforms;Girish Is Architect Of;I Got][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com
[1]:/file/376916
[2]:https://opensource.com/sites/default/files/images/life-uploads/figure1.jpg (continuous infrastructure pipeline in use)
[3]:/file/376921
[4]:https://opensource.com/sites/default/files/images/life-uploads/figure2.jpg (CI pipeline with infrastructure)
[5]:https://github.com/hashicorp/terraform
[6]:/file/376926
[7]:https://opensource.com/sites/default/files/images/life-uploads/figure3_0.png (sample terraform script)
[8]:https://github.com/terraform-providers/terraform-provider-aws/tree/master/examples/two-tier

View File

@ -0,0 +1,111 @@
持续基础设施: 另一个 CI
======
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/BIZ_darwincloud_520x292_0311LL.png?itok=74DLgd8Q)
持续交付CD和持续集成CI是 DevOps 的两个众所周知的方面。但在 CI 大肆流行的今天却忽略了另一个关键性的 "I"基础设施infrastructure
曾经有一段时间 “基础设施”就意味着无头的黑盒子,庞大的服务器,和高耸的机架——更不用说漫长的采购流程和对盈余负载的错误估计。后来到了虚拟机时代,把基础设施处理得很好,虚拟化——以前的世界从未有过这样。我们不再需要管理实体的服务器。仅仅是简单的点击,我们就可以创建和销毁,开始和停止,升级和降级我们的服务器。
有一个关于银行的流行的故事,它们实现了数字化,并且引入了在线表格,用户需要手动填写表格,打印,然后邮寄回银行。这就是我们今天要说的基础设施:使用新技术来做和以前一样的事情。
在这篇文章中,我们会看到在基础设施管理方面的进步,将基础设施视为一个版本化的组件并试着探索服务器一致性的概念。在后面的文章中,我们将了解如何使用开源工具来实现持续的基础设施。
![continuous infrastructure pipeline][2]
实践中的持续集成管道
这是我们熟悉的 CI尽早发布经常发布的循环管道。这个管道缺少一个关键的组件基础设施。
突击小测试:
* 你怎样创建和升级你的基础设施?
* 你怎样控制和追溯基础设施的改变?
* 你的基础设施是如何与你的业务进行匹配的?
* 你是如何确保在正确的基础设施配置上进行测试的?
要回答这些问题,就要了解持续基础设施。把 CI 构建流程分为代码持续集成CIc和基础设施持续集成CIi来并行开发代码和基础设施再将两者融合到一起进行测试 。把基础设施构建视为CI流程中的重要的一环。
![pipeline with infrastructure][4]
包含持续基础设施的 CI 管道流程
关于 CIi 定义的几个方面:
**1\. 代码**
通过代码来创建基础设施架构而不是通过安装。使用配置脚代码是现代最流行的创建基础设施IaC的方法。这些脚本遵循典型的编码和单元测试周期请参阅下面关于 Terraform 脚本的示例)。
**2\. 版本**
IaC 组件在源码仓库中进行版本管理。这让基础设施的拥有了版本控制的所有好处:一致性,可追溯性,分支和标记。
**3\. 管理**
通过编码和版本化的基础设施管理,你可以使用你所熟悉的测试和发布流程来管理基础设施的开发。
CIi 提供了下面的这些优势:
**1\. 一致性**
版本化和标记基础设施意味着你可以清楚的知道你的系统使用了哪些组件和配置。这是建立了一个非常好的 DevOps 实践,用来鉴定和管理基础设施的一致性。
**2\. 可重现性**
通过基础设施的标记和基线,重建基础设施变得非常容易。想想你是否经常听到这个:“但是它在我的机器上可以运行!”现在,你可以在本地的测试平台中快速重现类似生产环境,从而将环境像变量一样在你的调试过程中删除。
**3\. 可追溯性性**
你是否还记得曾经有过多少次寻找到底是谁更改了文件夹权限的经历,或者是谁升级了 `ssh` 包?编码,版本化,发布的基础设施消除了临时的变更,为基础设施的管理带来了可追踪性和可预测性。
**4\. 自动化**
借助脚本化的基础架构,自动化是下一个合乎逻辑的步骤。自动化允许你按需创建基础设施,并在使用完成后删除它,所以你可以将更多宝贵的时间和精力用在更重要的任务上。
**5\. 不变性**
CIi 不可变基础设施等创新。你可以创建一个新的基础设施组件而不是通过升级(请参阅下面有关不可变设施的说明)。
持续基础设施是从运行基础环境到运行基础组件的进化。像处理代码一样,通过认证的 DevOps 流程来完成。对传统的 CI 的重新定义包含了缺少的那个 “i”从而形成了连贯的 CD 。
**(CIc + CIi) = CI -> CD**
## 基础设施代码 IaC
CIi 管道的一个关键推动因素是基础设施代码IaC。IaC 是一种使用配置文件进行基础设施创建和升级的机制。这些配置文件像其他的代码一样进行开发并且使用版本管理系统进行管理。这些文件遵循一般的代码开发流程单元测试提交构建和发布。IaC 流程拥有版本控制带给基础设施开发的所有好处,像标记,版本一致性,和修改可追溯。
这有一个简单的 Terraform 脚本用来用来在 AWS 上创建一个双层基础设施的简单示例包括虚拟私有云VPC,弹性负载ELB安全组和一个 NGINX 服务器。Terraform 是一个通过通过脚本创建和更改基础设施架构和开源工具。
![terraform script][7]
Terraform 脚本创建双层架构设施的简单示例
完整的脚本请参见 [GitHub][8]。
## 基础设施架构的不变性
你有几个正在运行的 VM 需要更新安全补丁。一个常见的做法是推送一个远程脚本单独更新每个系统。
如何更新一个旧系统,如何丢弃它们并布置安装了新安全补丁的新系统?这就是基础设施的不变性。通过之前对基础设施的版本控制和标记,所以安装补丁只需要更新下脚本并将其推送到发布管道即可。
现在你知道为什么要说基础设施在 CI 管道中特别重要了吗?
--------------------------------------------------------------------------------
via: https://opensource.com/article/17/11/continuous-infrastructure-other-ci
作者:[About The Author;Girish Managoli;With About Years;Experience In The Software It Industry;Girish Presently Holds Chief Architect Capacity At Mindtree;A Global It Services Organization;Based In India. Specialising In Paas;Saas Platforms;Girish Is Architect Of;I Got][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[Jamskr](https://github.com/Jamskr)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com
[1]:/file/376916
[2]:https://opensource.com/sites/default/files/images/life-uploads/figure1.jpg (continuous infrastructure pipeline in use)
[3]:/file/376921
[4]:https://opensource.com/sites/default/files/images/life-uploads/figure2.jpg (CI pipeline with infrastructure)
[5]:https://github.com/hashicorp/terraform
[6]:/file/376926
[7]:https://opensource.com/sites/default/files/images/life-uploads/figure3_0.png (sample terraform script)
[8]:https://github.com/terraform-providers/terraform-provider-aws/tree/master/examples/two-tier