Immutability: Recipe for Cloud Migration Success: Strategies for Cloud Migration, IaC Implementation, and the Achievement of DevSecOps Goals
- Length: 238 pages
- Edition: 1
- Language: English
- Publisher: BPB Publications
- Publication Date: 2022-12-19
- ISBN-10: 9355512090
- ISBN-13: 9789355512093
- Sales Rank: #0 (See Top 100 Books)
Cloud Migration is More Than Infrastructure Migration and Crucial to Business Economy
Key Features
- Factors for a successful transition from on-premises to cloud infrastructure, as experienced by various businesses.
- Several strategies to build secure, immutable infrastructure using Infrastructure as Code (IaC).
- Important aspects of pipeline security, multi-tier application migration, disaster recovery, and much more.
Description
When migrating to the cloud, how can you minimize the time and effort spent on technical fixes? Creating a fault-tolerant, secure, automated, and scalable cloud on-demand infrastructure is a costly and time-consuming organizational operation. This book teaches you how to migrate infrastructure to the cloud utilizing programmable infrastructure. This book explains various ways to implement immutable infrastructure for scalable and secure infrastructure.
To begin with, the book educates you on how to spot problems in today’s infrastructure. The book explores how to use programmable infrastructure to provide immutability at each tier level of a multitier application. It also explains how to use the Unified Modeling Language (UML) to create high-level design architecture artifacts since it is the most straightforward tool for depicting the layout of a sophisticated program. Finally, the book discusses a detailed CI/CD workflow for 3-tier custom-developed application infrastructure.
The reader will complete reading this book with a firm grasp of the fundamentals necessary to execute DevSecOps across a whole infrastructure. The book explains how to put into practice the cutting-edge cloud methodology of infrastructure provisioning using CI/CD pipelines in detail. In addition, the book gives a complete understanding of how to set up immutable multitier infrastructure utilizing programmable infrastructure/infrastructure as Code.
What you will learn
- Dos and Don’ts while implementing immutable infrastructure.
- Locating security flaws and incorrect settings across all cloud service providers.
- Applying organization-specific security policies and validation during coding.
- Handling Database Upgrades and Operating System Patches.
- Learning the impact assessment on the infrastructure CI/CD pipeline.
- Learning the ins and outs of public cloud systems like Amazon Web Services.
- Commencing the process of continuous IaC delivery and IaC deployment.
Who this book is for
Professionals in Cloud, DevOps, DevSecOps, and Software development will find several career-enhancing surprises in this book. In addition, reading about the cultural and process-specific challenges will benefit the leadership team, including the CTO, CIO, Enterprise Architect, and Infrastructure Head.
Cover Page
Title Page
Copyright Page
Dedication Page
About the Author
About the Reviewer
Acknowledgement
Preface
Errata
Table of Contents
1. What is Culture Formation?
Introduction
Structure
Objectives
Lessons learned from the past—An example
Public Cloud Service Providers’(CSP) offerings
Infrastructure As A Service and bare metal in the cloud
Platform As A Service
Software As A Service
FaaS (Function As a Service) or Serverless
Major migration strategies
Rehosting
Manual rehosting
Automation using migration tools
Replatforming
Repurchasing
Refactoring or rearchitecting
Retiring
Retaining
Impacts on other aspects of various migration strategies
Workload architectural pattern
The mainstream inhouse application follows monolith architecture
Monolith architecture
Microservices architecture
Commercial Of The Shelf(COTS)/Modified of the Shelf (MOTS) product
Understanding of technical debts
Planning to do budgeting around OS upgrades even in the cloud
Monthly or quarterly operating system patching
IT Ops team handling infrastructure tickets like on-premises
Application team still requests to stand-up upcoming infrastructure components manually
Outage related to the environment-related disparity
Planning to allocate IT operations budget the same as on-premises
Planning about security handling
Conclusion
Points to remember
2. What Past Taught Us?
Introduction
Structure
Objectives
Challenges
Security
Costly patching cycle management
No green computing
Issues only during production
Costly upgrades across environments
Time-consuming capacity exercise
Handcrafted infrastructure
Outages for significant infrastructure changes
Conclusion
Points to remember
3. What is Infrastructure Immutability?
Introduction
Structure
Objectives
Understanding repair versus rebuild or replace
Repair
Rebuild or replace
Implications of immutable infrastructure in the cloud versus on-premises
Cost
Time
Pets versus cattle
Pets service model
Cattle service model
Farmyard expansion—additions to the analogy
History of immutable
Conclusion
Points to remember
4. How to Address Past Concerns?
Introduction
Structure
Objectives
Addressing past security challenges
How does immutable infrastructure address past security concerns?
Avoiding costly patching cycles
How does immutable infrastructure address patching concerns?
Green computing
How does immutable infrastructure address scalability concerns?
Environment disparity
How does immutable infrastructure address disparity concerns?
No more upgrade maintenance across the environment
How does immutable infrastructure address past upgrade related concerns?
No time-consuming capacity exercise
How does immutable infrastructure address past capacity concerns?
Automated infrastructure
How does immutable infrastructure address past handcrafting concerns?
Blue-green deployments
How does immutable infrastructure address past blue-green concerns?
Conclusion
Points to remember
5. How to Implement Web Application Components?
Introduction
Structure
Objectives
Web application components
Typical N-tiered application
Brief understanding of each Web component
Middleware components like Apache ActiveMQ
Distributed caching solution
Virtual machine
Transformed application in the public cloud (AWS)
Network management
Content delivery
Managing public DNS
Load balancing across clusters
Elastic Compute Cloud (EC2) instance
Relational Database Service
Apache Active MQ
Memory DB Redis
Web Application Firewall
Elastic File System
Amazon Simple Storage Service (Amazon S3)
AWS Certificate Manager
Conclusion
Points to remember
6. What are the Prerequisites for Decision-making?
Introduction
Structure
Objectives
Source code repositories
Build tool
Accounts setup
Account per environment
Production environment separation
One account for all environment
Network setup
Application and infrastructure pipeline management
Combining IaC with application code
Separation of IaC from application code
Separation by tiers
Code analyzers
Testing of infrastructure code
Types of testing
Encryption at rest
DB tier change separation
Validation of infrastructure after creation
Governance process
Programming approach
Declarative
Imperative
Conclusion
Points to remember
7. How to Build Foundation Golden Machine Image?
Introduction
Structure
Objectives
What is a machine image?
Lifecycle of machine image management
Base O/S selection
Tightening of base O/S
Component installable and test utility installations
Storage selection and encryption
Validation phase
Continuous scanning
Approval workflow
Distributing the approved AMI
Decommission and deprecate the golden AMI
Conclusion
Points to remember
8. How to do Database Handling in Immutable Infrastructure?
Introduction
Structure
Objectives
Database immutability
Difference between database IaaS versus PaaS offering
Approach for database immutability
Types of changes
Inside Database schema changes
Database level changes
Hybrid approach for database immutability
Termination protection on database
Handling database immutability
Application data storage reattach
Complete immutability
Distributed data replication
Rebuilding snapshots
Data in multi-environment
Conclusion
Points to remember
9. How to Construct the Entire Pipeline?
Introduction
Structure
Objectives
Overall workflow
Database setup
Application code pipeline
Web-tier setup
Automation test setup
Parallel IaC development
Stack error handling
Tearing down environment
Governance and stack
Managing multiple application teams and cost
Releasing newer IaC stack
Conclusion
Points to remember
10. How to Handle Patching and OS releases?
Introduction
Structure
Objectives
Patching internal workflow
Important consideration
Populating machine image variables
Tagging AMIs
Database patching
Database as a service (DaaS) or platform (PaaS) or server (IaaS)
Patching environment deployment
Conclusion
Points to remember
11. How to Plan Disaster Recovery?
Introduction
Structure
Objectives
Business Continuity Plan (BCP) and Disaster Recovery (DR)
Business objectives
Measuring a successful DR plan
Difference between on-premises and cloud
On-premises
Infrastructure in the cloud
Regions
Zones-availability zones
High availability (HA) is different from disaster recovery
Disasters to address
Regional major natural disaster
Minor regional disaster
Advantages of immutable infrastructure in the cloud
Conclusion
Points to remember
12. Inbuilt Infrastructure Security and Standard Enforcement
Introduction
Structure
Objectives
Infrastructure security
Types of security analysis tools
Linting/static analysis tool
Code formatting linter
Security linter/static code analysis
Plan level scans or dynamic or deploy time analysis
Multiple places to introduce those scans
Enforcing organization specific standards or security rules
Custom security rules
Identifying false positives
Suppressing false positives
Conclusion
Points to remember
13. What is Application Incompatibility?
Introduction
Structure
Objectives
Revisiting past understandings
12-factor principles to address for Immutable Infrastructure
Config (3rd principal): storing all the config in the environment
Backing services (4th principle): treat backing services as attached resources
Processes (8th principle) execute the application as one or more stateless processes
Typical Web application
Disposability (9th principle) maximizes robustness with fast start-up and graceful shutdown
Logs (11th principle) treating application logs as event streams
Application data handling
Bonus principles
Conclusion
Points to remember
14. How to Build an Immutable Infrastructure for COTS/MOTS Products?
Introduction
Structure
Objectives
Challenges in COTS/MOTS product installations
Manual installations
In-house SMEs
Manual scaling and configurations
Entire pipeline workflow for COTS and MOTS products
Robotic process automation
Bots
Difference between operating different types of bots
Types of bots
Inside Blue Box
Redressal of concern
Documented as well as the unique configuration
Automated scaling and automated installation
Conclusion
Points to remember
Index
To access the Link, solve the captcha.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.
