Main Page: Difference between revisions

From Essential
Jump to navigation Jump to search
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[File:Infocepo-picture.png|thumb|right|Découvrir le cloud et l’IA sur infocepo.com]]
[[File:Infocepo-picture.png|thumb|right|Discover cloud and AI on infocepo.com]]


= infocepo.com – Cloud, IA & Labs =
= infocepo.com – Cloud, AI & Labs =


Bienvenue sur le portail '''infocepo.com'''.
Welcome to the '''infocepo.com''' portal.


Ce wiki s’adresse aux administrateurs système, ingénieurs cloud, développeurs, étudiants et passionnés qui veulent :
This wiki is intended for system administrators, cloud engineers, developers, students, and enthusiasts who want to:


* Comprendre les architectures modernes (Kubernetes, OpenStack, bare-metal, HPC…)
* Understand modern architectures (Kubernetes, OpenStack, bare-metal, HPC…)
* Mettre en place des assistants IA privés et des outils de productivité
* Deploy private AI assistants and productivity tools
* Construire des labs concrets pour apprendre en pratiquant
* Build hands-on labs to learn by doing
* Préparer des audits, migrations et automatisations à grande échelle
* Prepare large-scale audits, migrations, and automations


L’objectif : transformer la théorie en '''scripts, diagrammes et architectures réutilisables'''.
The goal: turn theory into '''reusable scripts, diagrams, and architectures'''.


__TOC__
__TOC__
Line 18: Line 18:
----
----


= Démarrer rapidement =
= Getting started quickly =


== Parcours recommandés ==
== Recommended paths ==


; 1. Monter un assistant IA privé
; 1. Build a private AI assistant
* Déployer un stack type : '''Open WebUI + Ollama + GPU''' (H100 ou GPU grand public)
* Deploy a typical stack: '''Open WebUI + Ollama + GPU''' (H100 or consumer-grade GPU)
* Ajouter un modèle de chat + un modèle de résumé
* Add a chat model and a summarization model
* Intégrer des données internes (RAG, embeddings)
* Integrate internal data (RAG, embeddings)


; 2. Lancer un lab Cloud
; 2. Launch a Cloud lab
* Créer un petit cluster (Kubernetes, OpenStack ou bare-metal)
* Create a small cluster (Kubernetes, OpenStack, or bare-metal)
* Mettre en place un pipeline de déploiement (Helm, Ansible, Terraform…)
* Set up a deployment pipeline (Helm, Ansible, Terraform…)
* Ajouter un service IA (transcription, résumé, chatbot…)
* Add an AI service (transcription, summarization, chatbot…)


; 3. Préparer un audit/migration
; 3. Prepare an audit / migration
* Inventorier les serveurs avec '''ServerDiff.sh'''
* Inventory servers with '''ServerDiff.sh'''
* Dessiner l’architecture cible (diagrammes cloud)
* Design the target architecture (cloud diagrams)
* Automatiser la migration avec des scripts reproductibles
* Automate the migration with reproducible scripts


== Résumé des contenus ==
== Content overview ==


* '''Guides & outils IA''' : assistants, modèles, évaluations, GPU
* '''AI guides & tools''' : assistants, models, evaluations, GPUs
* '''Cloud & infra''' : HA, HPC, web-scale, DevSecOps
* '''Cloud & infrastructure''' : HA, HPC, web-scale, DevSecOps
* '''Labs & scripts''' : audit, migration, automation
* '''Labs & scripts''' : audit, migration, automation
* '''Tableaux comparatifs''' : Kubernetes vs OpenStack vs AWS vs bare-metal, etc.
* '''Comparison tables''' : Kubernetes vs OpenStack vs AWS vs bare-metal, etc.


----
----


= futur =
= future =
[[File:Automation-full-vs-humans.png|thumb|right|Le monde après l'automatisation]]
[[File:Automation-full-vs-humans.png|thumb|right|The world after automation]]


---
= AI Assistants & Cloud Tools =


= Assistants IA & Outils Cloud =
== AI Assistants ==
 
== Assistants IA ==


; '''ChatGPT'''
; '''ChatGPT'''
* [https://chat.openai.com ChatGPT] Assistant conversationnel public, adapté à l’exploration, à la rédaction et à l’expérimentation rapide.
* https://chatgpt.com ChatGPT – Public conversational assistant, suited for exploration, writing, and rapid experimentation.


; '''Assistants IA auto-hébergés'''
; '''Self-hosted AI assistants'''
* [https://github.com/open-webui/open-webui Open WebUI] + [https://www.scaleway.com/en/h100-pcie-try-it-now/ GPU H100] + [https://ollama.com Ollama]  
* https://github.com/open-webui/open-webui Open WebUI + https://www.scaleway.com/en/h100-pcie-try-it-now/ H100 GPU + https://ollama.com Ollama   
: Stack type pour assistants privés, LLMs auto-hébergés et API compatibles OpenAI.
: Typical stack for private assistants, self-hosted LLMs, and OpenAI-compatible APIs.
* [https://github.com/ynotopec/summarize Private summary] Résumeur local, rapide et hors-ligne pour vos propres données.
* https://github.com/ynotopec/summarize Private summary – Local, fast, offline summarizer for your own data.


== Développement, modèles & suivi ==
== Development, models & tracking ==


; '''Découvrir et suivre les modèles'''
; '''Discovering and tracking models'''
* [https://ollama.com/library LLM Trending] Bibliothèque de modèles (chat, code, RAG…) pour déploiement local.
* https://ollama.com/library LLM Trending – Model library (chat, code, RAG…) for local deployment.
* [https://huggingface.co/models Models Trending] Marketplace de modèles, filtrage par tâche, taille, licence.
* https://huggingface.co/models Models Trending – Model marketplace, filterable by task, size, and license.
* [https://huggingface.co/models?pipeline_tag=image-text-to-text&sort=trending Img2txt Trending] Modèles vision-langage (image → texte).
* https://huggingface.co/models?pipeline_tag=image-text-to-text&sort=trending Img2txt Trending – Vision-language models (image → text).
* [https://huggingface.co/spaces/TIGER-Lab/GenAI-Arena Txt2img Evaluation] Comparaison de modèles de génération d’images.
* https://huggingface.co/spaces/TIGER-Lab/GenAI-Arena Txt2img Evaluation – Image generation model comparisons.


; '''Évaluation & benchmarks'''
; '''Evaluation & benchmarks'''
* [https://lmarena.ai/leaderboard ChatBot Evaluation] Classement de chatbots (modèles open-source et propriétaires).
* https://lmarena.ai/leaderboard ChatBot Evaluation – Chatbot rankings (open-source and proprietary models).
* [https://huggingface.co/spaces/mteb/leaderboard Embedding Leaderboard] – Benchmark des modèles d’embedding pour RAG et recherche sémantique.
* https://huggingface.co/spaces/mteb/leaderboard Embedding Leaderboard – Benchmark of embedding models for RAG and semantic search.
* [https://ann-benchmarks.com Vectors DB Ranking] Comparatif de bases vectorielles (latence, mémoire, fonctionnalités).
* https://ann-benchmarks.com Vectors DB Ranking – Vector database comparison (latency, memory, features).
* [https://top500.org/lists/green500/ HPC Efficiency] Classement des supercalculateurs les plus efficaces énergétiquement.
* https://top500.org/lists/green500/ HPC Efficiency – Ranking of the most energy-efficient supercomputers.


; '''Outils de développement & fine-tuning'''
; '''Development & fine-tuning tools'''
* [https://github.com/search?q=stars%3A%3E15000+forks%3A%3E1500+created%3A%3E2022-06-01&type=repositories&s=updated&o=desc Project Trending] Grands projets open source récents, triés par popularité et activité.
* https://github.com/search?q=stars%3A%3E15000+forks%3A%3E1500+created%3A%3E2022-06-01&type=repositories&s=updated&o=desc Project Trending – Major recent open-source projects, sorted by popularity and activity.
* [https://github.com/hiyouga/LLaMA-Factory LLM Fine Tuning] Framework avancé pour fine-tuning de LLMs (instruction-tuning, LoRA, etc.).
* https://github.com/hiyouga/LLaMA-Factory LLM Fine Tuning – Advanced framework for LLM fine-tuning (instruction tuning, LoRA, etc.).
* [https://www.perplexity.ai Perplexity AI] Recherche avancée et synthèse orientée “copilote de recherche”.
* https://www.perplexity.ai Perplexity AI – Advanced research and synthesis oriented as a “research copilot”.


== Matériel IA & GPU ==
== AI Hardware & GPUs ==


; '''GPU & accélérateurs'''
; '''GPUs & accelerators'''
* [https://www.nvidia.com/en-us/data-center/h100/ NVIDIA H100] – GPU datacenter pour clusters Kubernetes et workloads IA intensifs.
* https://www.nvidia.com/en-us/data-center/h100/ NVIDIA H100 – Datacenter GPU for Kubernetes clusters and intensive AI workloads.
* NVIDIA 5080 – GPU grand public pour déploiements privés de LLMs à moindre coût.
* NVIDIA 5080 – Consumer GPU for lower-cost private LLM deployments.
* [https://www.mouser.fr/ProductDetail/BittWare/RS-GQ-GC1-0109?qs=ST9lo4GX8V2eGrFMeVQmFw%3D%3D GROQ LLM accelerator] Accélérateur matériel dédié à l’inférence LLM.
* https://www.mouser.fr/ProductDetail/BittWare/RS-GQ-GC1-0109?qs=ST9lo4GX8V2eGrFMeVQmFw%3D%3D GROQ LLM accelerator – Hardware accelerator dedicated to LLM inference.


----
----


= Modèles ouverts & Endpoints internes =
= Open models & internal endpoints =


''(Dernière mise à jour : 08/12/2025)''
''(Last update: 2026-02-13)''


Les modèles ci-dessous correspondent à des '''endpoints logiques''' (par exemple via un proxy ou une gateway), choisis pour des usages précis.
The models below correspond to '''logical endpoints''' (for example via a proxy or gateway), selected for specific use cases.


{| class="wikitable"
{| class="wikitable"
! Endpoint !! Description / Cas d’usage principal
! Endpoint !! Description / Primary use case
|-
|-
| '''ai-chat''' || Basé sur '''gpt-oss-20b''' – Chat généraliste, bon compromis coût / qualité.
| '''ai-chat''' || Based on '''gpt-oss-20b''' – General-purpose chat, good cost / quality balance.
|-
|-
| '''ai-translate''' || gpt-oss-20b, température = 0 – Traduction déterministe, reproductible (FR, EN, autres langues).
| '''ai-translate''' || gpt-oss-20b, temperature = 0 – Deterministic, reproducible translation (FR, EN, other languages).
|-
|-
| '''ai-summary''' || qwen3 – Modèle optimisé pour la synthèse de textes longs (rapports, docs, transcriptions).
| '''ai-summary''' || qwen3 – Model optimized for summarizing long texts (reports, documents, transcriptions).
|-
|-
| '''ai-code''' || gpt-oss-20b – Raisonnement sur le code, explication et refactorisation.
| '''ai-code''' || gpt-oss-20b – Code reasoning, explanation, and refactoring.
|-
|-
| '''ai-code-completion''' || granite-2b Complétion de code rapide, pensée pour l’auto-complétion IDE.
| '''ai-code-completion''' || gpt-oss-20b Fast code completion, designed for IDE auto-completion.
|-
|-
| '''ai-parse''' || gemma2-simpo Extraction structurée, parsing de logs / JSON / tableaux.
| '''ai-parse''' || qwen3 Structured extraction, log / JSON / table parsing.
|-
|-
| '''ai-RAG-FR''' || qwen3 – Usage RAG en français (connaissance métier, FAQ internes).
| '''ai-RAG-FR''' || qwen3 – RAG usage in French (business knowledge, internal FAQs).
|-
|-
| '''gpt-oss-20b''' || Tâches agentiques.
| '''gpt-oss-20b''' || Agentic tasks.
|}
|}


Idée d’usage : chaque endpoint est associé à un ou plusieurs labs (chat, résumé, parsing, RAG, etc.) dans la section Cloud Lab.
Usage idea: each endpoint is associated with one or more labs (chat, summary, parsing, RAG, etc.) in the Cloud Lab section.


----
----


= Actualités & Tendances =
= News & Trends =


* [https://www.youtube.com/@lev-selector/videos Top AI News] Sélection vidéo des actus IA.
* https://www.youtube.com/@lev-selector/videos Top AI News – Curated AI news videos.
* [https://betterprogramming.pub/color-your-captions-streamlining-live-transcriptions-with-diart-and-openais-whisper-6203350234ef Real-time transcription with Diart + Whisper] Exemple de transcription temps réel avec détection de locuteurs.
* https://betterprogramming.pub/color-your-captions-streamlining-live-transcriptions-with-diart-and-openais-whisper-6203350234ef Real-time transcription with Diart + Whisper – Example of real-time transcription with speaker detection.
* [https://github.com/openai-translator/openai-translator OpenAI Translator] Extension / client moderne pour traduction assistée par LLM.
* https://github.com/openai-translator/openai-translator OpenAI Translator – Modern extension / client for LLM-assisted translation.
* [https://opensearch.org/docs/latest/search-plugins/conversational-search Opensearch with LLM] Recherche conversationnelle basée sur LLMs et OpenSearch.
* https://opensearch.org/docs/latest/search-plugins/conversational-search Opensearch with LLM – Conversational search based on LLMs and OpenSearch.


----
----


= Formation & Apprentissage =
= Training & Learning =


* [https://www.youtube.com/watch?v=4Bdc55j80l8 Transformers Explained] – Introduction aux Transformers, architecture clé des LLMs.
* https://www.youtube.com/watch?v=4Bdc55j80l8 Transformers Explained – Introduction to Transformers, the core architecture of LLMs.
* Labs, scripts et retours d’expérience concrets dans le projet [[LAB project|CLOUD LAB]] ci-dessous.
* Hands-on labs, scripts, and real-world feedback in the [[LAB project|CLOUD LAB]] project below.


----
----


= Cloud Lab & Projets d’Audit =
= Cloud Lab & Audit Projects =


[[File:Infocepo.drawio.png|400px|Diagramme de référence Cloud Lab]]
[[File:Infocepo.drawio.png|400px|Cloud Lab reference diagram]]


Le '''Cloud Lab''' propose des scénarios reproductibles : audit d’infrastructure, migration vers le cloud, automatisation, haute disponibilité.
The '''Cloud Lab''' provides reproducible scenarios: infrastructure audits, cloud migration, automation, high availability.


== Projet d’audit – Cloud Audit ==
== Audit project – Cloud Audit ==


; '''[[ServerDiff.sh]]'''
; '''[[ServerDiff.sh]]'''
Script Bash d’audit de serveurs pour :
Bash audit script to:


* détecter les dérives de configuration,
* detect configuration drift,
* comparer plusieurs environnements,
* compare multiple environments,
* préparer une migration ou un plan de remédiation.
* prepare a migration or remediation plan.


== Exemple de migration Cloud ==
== Example of Cloud migration ==


[[File:Diagram-migration-ORACLE-KVM-v2.drawio.png|400px|Diagramme de migration Cloud]]
[[File:Diagram-migration-ORACLE-KVM-v2.drawio.png|400px|Cloud migration diagram]]


Exemple : migration d’environnements virtuels vers un cloud modernisé, avec audit, design d’architecture et automatisation.
Example: migration of virtual environments to a modernized cloud, including audit, architecture design, and automation.


{| class="wikitable"
{| class="wikitable"
! Tâche !! Description !! Durée (jours)
! Task !! Description !! Duration (days)
|-
|-
| Audit de l’infrastructure || 82 services, audit automatisé via '''ServerDiff.sh''' || 1,5
| Infrastructure audit || 82 services, automated audit via '''ServerDiff.sh''' || 1.5
|-
|-
| Diagramme d’architecture cloud || Conception et documentation visuelle || 1,5
| Cloud architecture diagram || Visual design and documentation || 1.5
|-
|-
| Contrôle de conformité || 2 clouds, 6 hyperviseurs, 6 To de RAM || 1,5
| Compliance checks || 2 clouds, 6 hypervisors, 6 TB of RAM || 1.5
|-
|-
| Installation des plateformes cloud || Déploiement des environnements cibles principaux || 1,0
| Cloud platform installation || Deployment of main target environments || 1.0
|-
|-
| Vérification de stabilité || Tests de fonctionnement précoce || 0,5
| Stability verification || Early functional tests || 0.5
|-
|-
| Étude d’automatisation || Identification et automatisation des tâches répétitives || 1,5
| Automation study || Identification and automation of repetitive tasks || 1.5
|-
|-
| Développement de templates || 6 templates, 8 environnements, 2 clouds / OS || 1,5
| Template development || 6 templates, 8 environments, 2 clouds / OS || 1.5
|-
|-
| Diagramme de migration || Illustration du processus de migration || 1,0
| Migration diagram || Illustration of the migration process || 1.0
|-
|-
| Écriture du code de migration || 138 lignes (voir '''MigrationApp.sh''') || 1,5
| Migration code writing || 138 lines (see '''MigrationApp.sh''') || 1.5
|-
|-
| Stabilisation du process || Validation que la migration est reproductible || 1,5
| Process stabilization || Validation that migration is reproducible || 1.5
|-
|-
| Benchmarking cloud || Comparaison de performance vs infrastructure legacy || 1,5
| Cloud benchmarking || Performance comparison vs legacy infrastructure || 1.5
|-
|-
| Calage du downtime || Calcul du temps de coupure par migration || 0,5
| Downtime tuning || Calculation of outage time per migration || 0.5
|-
|-
| Chargement des VMs || 82 VMs : OS, code, 2 IP par VM || 0,1
| VM loading || 82 VMs: OS, code, 2 IPs per VM || 0.1
|-
|-
! colspan=2 align="right"| '''Total''' !! 15 jours·homme
! colspan=2 align="right"| '''Total''' !! 15 person-days
|}
|}


=== Vérification de stabilité (HA minimale) ===
=== Stability checks (minimal HA) ===


{| class="wikitable"
{| class="wikitable"
! Action !! Résultat attendu
! Action !! Expected result
|-
|-
| Extinction d’un nœud || Tous les services doivent redémarrer automatiquement sur les nœuds restants.
| Shutdown of one node || All services must automatically restart on remaining nodes.
|-
|-
| Extinction / rallumage simultané de tous les nœuds || Tous les services doivent remonter correctement après redémarrage.
| Simultaneous shutdown / restart of all nodes || All services must recover correctly after reboot.
|}
|}


----
----


= Architecture Web & Bonnes Pratiques =
= Web Architecture & Best Practices =


[[File:WebModelDiagram.drawio.png|400px|Architecture Web de référence]]
[[File:WebModelDiagram.drawio.png|400px|Reference web architecture]]


Principes pour concevoir des architectures web scalables et portables :
Principles for designing scalable and portable web architectures:


* Favoriser une infrastructure '''simple, modulaire et flexible'''.
* Favor '''simple, modular, and flexible''' infrastructure.
* Suivre la localisation des clients (GDNS ou équivalent) pour rapprocher les contenus.
* Follow client location (GDNS or equivalent) to bring content closer.
* Utiliser des load balancers réseau (LVS, IPVS) pour la montée en charge.
* Use network load balancers (LVS, IPVS) for scalability.
* Comparer systématiquement les coûts, et se méfier du '''vendor lock-in'''.
* Systematically compare costs and beware of '''vendor lock-in'''.
* TLS :
* TLS:
** HAProxy pour les frontends rapides,
** HAProxy for fast frontends,
** Envoy pour la compatibilité et les cas avancés (mTLS, HTTP/2/3).
** Envoy for compatibility and advanced use cases (mTLS, HTTP/2/3).
* Cache :
* Caching:
** Varnish, Apache Traffic Server pour les gros volumes de contenu.
** Varnish, Apache Traffic Server for large content volumes.
* Privilégier les stacks open source et les caches de base de données (ex. Memcached).
* Favor open-source stacks and database caches (e.g., Memcached).
* Utiliser des files de messages, buffers et quotas pour lisser les pics de charge.
* Use message queues, buffers, and quotas to smooth traffic spikes.
* Pour des architectures complètes :
* For complete architectures:
** [https://wikitech.wikimedia.org/wiki/Wikimedia_infrastructure Wikimedia Cloud Architecture]
** https://wikitech.wikimedia.org/wiki/Wikimedia_infrastructure Wikimedia Cloud Architecture
** [https://github.com/systemdesign42/system-design System Design GitHub]
** https://github.com/systemdesign42/system-design System Design GitHub


----
----


= Comparatif des grandes plateformes Cloud =
= Comparison of major Cloud platforms =


{| class="wikitable"
{| class="wikitable"
! Fonction !! Kubernetes !! OpenStack !! AWS !! Bare-metal !! HPC !! CRM !! oVirt
! Feature !! Kubernetes !! OpenStack !! AWS !! Bare-metal !! HPC !! CRM !! oVirt
|-
|-
| '''Outils de déploiement''' || Helm, YAML, ArgoCD, Juju || Ansible, Terraform, Juju || CloudFormation, Terraform, Juju || Ansible, Shell || xCAT, Clush || Ansible, Shell || Ansible, Python
| '''Deployment tools''' || Helm, YAML, ArgoCD, Juju || Ansible, Terraform, Juju || CloudFormation, Terraform, Juju || Ansible, Shell || xCAT, Clush || Ansible, Shell || Ansible, Python
|-
|-
| '''Méthode de bootstrap''' || API || API, PXE || API || PXE, IPMI || PXE, IPMI || PXE, IPMI || PXE, API
| '''Bootstrap method''' || API || API, PXE || API || PXE, IPMI || PXE, IPMI || PXE, IPMI || PXE, API
|-
|-
| '''Contrôle des routeurs''' || Kube-router || API Routeur/Sous-réseau || Route Table / Subnet API || Linux, OVS || xCAT || Linux || API
| '''Router control''' || Kube-router || Router/Subnet API || Route Table / Subnet API || Linux, OVS || xCAT || Linux || API
|-
|-
| '''Contrôle du pare-feu''' || Istio, NetworkPolicy || Security Groups API || Security Group API || Pare-feu Linux || Pare-feu Linux || Pare-feu Linux || API
| '''Firewall control''' || Istio, NetworkPolicy || Security Groups API || Security Group API || Linux firewall || Linux firewall || Linux firewall || API
|-
|-
| '''Virtualisation réseau''' || VLAN, VxLAN, autres || VPC || VPC || OVS, Linux || xCAT || Linux || API
| '''Network virtualization''' || VLAN, VxLAN, others || VPC || VPC || OVS, Linux || xCAT || Linux || API
|-
|-
| '''DNS''' || CoreDNS || DNS-Nameserver || Route 53 || GDNS || xCAT || Linux || API
| '''DNS''' || CoreDNS || DNS-Nameserver || Route 53 || GDNS || xCAT || Linux || API
Line 244: Line 242:
| '''Load Balancer''' || Kube-proxy, LVS || LVS || Network Load Balancer || LVS || SLURM || Ldirectord || N/A
| '''Load Balancer''' || Kube-proxy, LVS || LVS || Network Load Balancer || LVS || SLURM || Ldirectord || N/A
|-
|-
| '''Options de stockage''' || Local, Cloud, PVC || Swift, Cinder, Nova || S3, EFS, EBS, FSx || Swift, XFS, EXT4, RAID10 || GPFS || SAN || NFS, SAN
| '''Storage options''' || Local, Cloud, PVC || Swift, Cinder, Nova || S3, EFS, EBS, FSx || Swift, XFS, EXT4, RAID10 || GPFS || SAN || NFS, SAN
|}
|}


Ce tableau sert de point de départ pour choisir la bonne pile selon :
This table serves as a starting point for choosing the right stack based on:


* Niveau de contrôle souhaité (API vs bare-metal),
* Desired level of control (API vs bare-metal),
* Contexte (on-prem, cloud public, HPC, CRM…),
* Context (on-prem, public cloud, HPC, CRM…),
* Outillage d’automatisation déjà en place.
* Existing automation tooling.


----
----


= Liens utiles Cloud & IT =
= Useful Cloud & IT links =


* [https://cloud.google.com/free/docs/aws-azure-gcp-service-comparison Cloud Providers Compared] Correspondance des services AWS / Azure / GCP.
* https://cloud.google.com/free/docs/aws-azure-gcp-service-comparison Cloud Providers Compared – AWS / Azure / GCP service mapping.
* [https://global-internet-map-2021.telegeography.com/ Global Internet Topology Map] Cartographie globale de l’Internet.
* https://global-internet-map-2021.telegeography.com/ Global Internet Topology Map – Global Internet mapping.
* [https://landscape.cncf.io/?fullscreen=yes CNCF Official Landscape] Panorama des projets cloud-native (CNCF).
* https://landscape.cncf.io/?fullscreen=yes CNCF Official Landscape – Overview of cloud-native projects (CNCF).
* [https://wikitech.wikimedia.org/wiki/Wikimedia_infrastructure Wikimedia Cloud Wiki] Infrastructure Wikimedia, exemple réel à grande échelle.
* https://wikitech.wikimedia.org/wiki/Wikimedia_infrastructure Wikimedia Cloud Wiki – Wikimedia infrastructure, real large-scale example.
* [https://openapm.io OpenAPM – SRE Tools] Outillage APM / observabilité.
* https://openapm.io OpenAPM – SRE Tools – APM / observability tooling.
* [https://access.redhat.com/downloads/content/package-browser RedHat Package Browser] Recherche de paquets et versions chez Red Hat.
* https://access.redhat.com/downloads/content/package-browser RedHat Package Browser – Package and version search at Red Hat.
* [https://www.silkhom.com/barometre-2021-des-tjm-dans-informatique-digital Baromètre TJM Freelance IT] – Référentiel de tarifs freelances.
* https://www.silkhom.com/barometre-2021-des-tjm-dans-informatique-digital Barometer of IT freelance daily rates.
* [https://www.glassdoor.fr/salaire/Hays-Salaires-E10166.htm IT Salaries (Glassdoor)] Indications de salaires IT.
* https://www.glassdoor.fr/salaire/Hays-Salaires-E10166.htm IT Salaries (Glassdoor) – Salary indicators.


----
----


= Avancé : Haute Disponibilité, HPC & DevSecOps =
= Advanced: High Availability, HPC & DevSecOps =


== Haute Disponibilité avec Corosync & Pacemaker ==
== High Availability with Corosync & Pacemaker ==


[[File:HA-REF.drawio.png|400px|Architecture de cluster HA]]
[[File:HA-REF.drawio.png|400px|HA cluster architecture]]


Principes de base :
Basic principles:


* Clusters multi-nœuds ou bi-sites pour la redondance.
* Multi-node or multi-site clusters for redundancy.
* Utilisation d’IPMI pour le fencing, provisioning via PXE/NTP/DNS/TFTP.
* Use of IPMI for fencing, provisioning via PXE/NTP/DNS/TFTP.
* Pour un cluster 2 nœuds :
* For a 2-node cluster:
   – séquencer le fencing pour éviter les split-brains,
   – carefully sequence fencing to avoid split-brain,
   – 3 nœuds ou plus restent recommandés pour la production.
   – 3 or more nodes remain recommended for production.


=== Pattern de ressources courant ===
=== Common resource patterns ===


* Stockage multipath, LUN, LVM, NFS.
* Multipath storage, LUNs, LVM, NFS.
* Ressources utilisateurs et processus applicatifs.
* User resources and application processes.
* IP virtuelle, enregistrements DNS, listeners réseau.
* Virtual IPs, DNS records, network listeners.


== HPC ==
== HPC ==


[[File:HPC.drawio.png|400px|Vue d’ensemble d’un cluster HPC]]
[[File:HPC.drawio.png|400px|Overview of an HPC cluster]]


* Orchestration de jobs (SLURM ou équivalent).
* Job orchestration (SLURM or equivalent).
* Partage de stockage haute performance (GPFS, Lustre…).
* High-performance shared storage (GPFS, Lustre…).
* Intégration possible avec des workloads IA (entraînement massif, inference sur GPU).
* Possible integration with AI workloads (large-scale training, GPU inference).


== DevSecOps ==
== DevSecOps ==


[[File:DSO-POC-V3.drawio.png|400px|Design de référence DevSecOps]]
[[File:DSO-POC-V3.drawio.png|400px|DevSecOps reference design]]


* Pipelines CI/CD avec contrôles de sécurité intégrés (linting, SAST, DAST, SBOM).
* CI/CD pipelines with built-in security checks (linting, SAST, DAST, SBOM).
* Observabilité (logs, metrics, traces) intégrée dès la conception.
* Observability (logs, metrics, traces) integrated from design time.
* Automatisation des scans de vulnérabilités, gestion des secrets, policy-as-code.
* Automated vulnerability scanning, secret management, policy-as-code.


----
----


= À propos & Contributions =
= About & Contributions =


Pour plus d’exemples, de scripts, de diagrammes et de retours d’expérience, consulter :
For more examples, scripts, diagrams, and feedback, see:


* [https://infocepo.com infocepo.com]
* https://infocepo.com infocepo.com


Les suggestions de correction, d’amélioration de diagrammes, ou de nouveaux labs sont les bienvenues.   
Suggestions for corrections, diagram improvements, or new labs are welcome.   
Ce wiki a vocation à rester un '''laboratoire vivant''' pour l’IA, le cloud et l’automatisation.
This wiki aims to remain a '''living laboratory''' for AI, cloud, and automation.

Latest revision as of 01:24, 13 February 2026

Discover cloud and AI on infocepo.com

infocepo.com – Cloud, AI & Labs

Welcome to the infocepo.com portal.

This wiki is intended for system administrators, cloud engineers, developers, students, and enthusiasts who want to:

  • Understand modern architectures (Kubernetes, OpenStack, bare-metal, HPC…)
  • Deploy private AI assistants and productivity tools
  • Build hands-on labs to learn by doing
  • Prepare large-scale audits, migrations, and automations

The goal: turn theory into reusable scripts, diagrams, and architectures.

Getting started quickly

Recommended paths

1. Build a private AI assistant
  • Deploy a typical stack: Open WebUI + Ollama + GPU (H100 or consumer-grade GPU)
  • Add a chat model and a summarization model
  • Integrate internal data (RAG, embeddings)
2. Launch a Cloud lab
  • Create a small cluster (Kubernetes, OpenStack, or bare-metal)
  • Set up a deployment pipeline (Helm, Ansible, Terraform…)
  • Add an AI service (transcription, summarization, chatbot…)
3. Prepare an audit / migration
  • Inventory servers with ServerDiff.sh
  • Design the target architecture (cloud diagrams)
  • Automate the migration with reproducible scripts

Content overview

  • AI guides & tools : assistants, models, evaluations, GPUs
  • Cloud & infrastructure : HA, HPC, web-scale, DevSecOps
  • Labs & scripts : audit, migration, automation
  • Comparison tables : Kubernetes vs OpenStack vs AWS vs bare-metal, etc.

future

The world after automation

AI Assistants & Cloud Tools

AI Assistants

ChatGPT
  • https://chatgpt.com ChatGPT – Public conversational assistant, suited for exploration, writing, and rapid experimentation.
Self-hosted AI assistants
Typical stack for private assistants, self-hosted LLMs, and OpenAI-compatible APIs.

Development, models & tracking

Discovering and tracking models
Evaluation & benchmarks
Development & fine-tuning tools

AI Hardware & GPUs

GPUs & accelerators

Open models & internal endpoints

(Last update: 2026-02-13)

The models below correspond to logical endpoints (for example via a proxy or gateway), selected for specific use cases.

Endpoint Description / Primary use case
ai-chat Based on gpt-oss-20b – General-purpose chat, good cost / quality balance.
ai-translate gpt-oss-20b, temperature = 0 – Deterministic, reproducible translation (FR, EN, other languages).
ai-summary qwen3 – Model optimized for summarizing long texts (reports, documents, transcriptions).
ai-code gpt-oss-20b – Code reasoning, explanation, and refactoring.
ai-code-completion gpt-oss-20b – Fast code completion, designed for IDE auto-completion.
ai-parse qwen3 – Structured extraction, log / JSON / table parsing.
ai-RAG-FR qwen3 – RAG usage in French (business knowledge, internal FAQs).
gpt-oss-20b Agentic tasks.

Usage idea: each endpoint is associated with one or more labs (chat, summary, parsing, RAG, etc.) in the Cloud Lab section.

News & Trends

Training & Learning

Cloud Lab & Audit Projects

Cloud Lab reference diagram

The Cloud Lab provides reproducible scenarios: infrastructure audits, cloud migration, automation, high availability.

Audit project – Cloud Audit

ServerDiff.sh

Bash audit script to:

  • detect configuration drift,
  • compare multiple environments,
  • prepare a migration or remediation plan.

Example of Cloud migration

Cloud migration diagram

Example: migration of virtual environments to a modernized cloud, including audit, architecture design, and automation.

Task Description Duration (days)
Infrastructure audit 82 services, automated audit via ServerDiff.sh 1.5
Cloud architecture diagram Visual design and documentation 1.5
Compliance checks 2 clouds, 6 hypervisors, 6 TB of RAM 1.5
Cloud platform installation Deployment of main target environments 1.0
Stability verification Early functional tests 0.5
Automation study Identification and automation of repetitive tasks 1.5
Template development 6 templates, 8 environments, 2 clouds / OS 1.5
Migration diagram Illustration of the migration process 1.0
Migration code writing 138 lines (see MigrationApp.sh) 1.5
Process stabilization Validation that migration is reproducible 1.5
Cloud benchmarking Performance comparison vs legacy infrastructure 1.5
Downtime tuning Calculation of outage time per migration 0.5
VM loading 82 VMs: OS, code, 2 IPs per VM 0.1
Total 15 person-days

Stability checks (minimal HA)

Action Expected result
Shutdown of one node All services must automatically restart on remaining nodes.
Simultaneous shutdown / restart of all nodes All services must recover correctly after reboot.

Web Architecture & Best Practices

Reference web architecture

Principles for designing scalable and portable web architectures:

  • Favor simple, modular, and flexible infrastructure.
  • Follow client location (GDNS or equivalent) to bring content closer.
  • Use network load balancers (LVS, IPVS) for scalability.
  • Systematically compare costs and beware of vendor lock-in.
  • TLS:
    • HAProxy for fast frontends,
    • Envoy for compatibility and advanced use cases (mTLS, HTTP/2/3).
  • Caching:
    • Varnish, Apache Traffic Server for large content volumes.
  • Favor open-source stacks and database caches (e.g., Memcached).
  • Use message queues, buffers, and quotas to smooth traffic spikes.
  • For complete architectures:

Comparison of major Cloud platforms

Feature Kubernetes OpenStack AWS Bare-metal HPC CRM oVirt
Deployment tools Helm, YAML, ArgoCD, Juju Ansible, Terraform, Juju CloudFormation, Terraform, Juju Ansible, Shell xCAT, Clush Ansible, Shell Ansible, Python
Bootstrap method API API, PXE API PXE, IPMI PXE, IPMI PXE, IPMI PXE, API
Router control Kube-router Router/Subnet API Route Table / Subnet API Linux, OVS xCAT Linux API
Firewall control Istio, NetworkPolicy Security Groups API Security Group API Linux firewall Linux firewall Linux firewall API
Network virtualization VLAN, VxLAN, others VPC VPC OVS, Linux xCAT Linux API
DNS CoreDNS DNS-Nameserver Route 53 GDNS xCAT Linux API
Load Balancer Kube-proxy, LVS LVS Network Load Balancer LVS SLURM Ldirectord N/A
Storage options Local, Cloud, PVC Swift, Cinder, Nova S3, EFS, EBS, FSx Swift, XFS, EXT4, RAID10 GPFS SAN NFS, SAN

This table serves as a starting point for choosing the right stack based on:

  • Desired level of control (API vs bare-metal),
  • Context (on-prem, public cloud, HPC, CRM…),
  • Existing automation tooling.

Useful Cloud & IT links

Advanced: High Availability, HPC & DevSecOps

High Availability with Corosync & Pacemaker

HA cluster architecture

Basic principles:

  • Multi-node or multi-site clusters for redundancy.
  • Use of IPMI for fencing, provisioning via PXE/NTP/DNS/TFTP.
  • For a 2-node cluster:
 – carefully sequence fencing to avoid split-brain,
 – 3 or more nodes remain recommended for production.

Common resource patterns

  • Multipath storage, LUNs, LVM, NFS.
  • User resources and application processes.
  • Virtual IPs, DNS records, network listeners.

HPC

Overview of an HPC cluster

  • Job orchestration (SLURM or equivalent).
  • High-performance shared storage (GPFS, Lustre…).
  • Possible integration with AI workloads (large-scale training, GPU inference).

DevSecOps

DevSecOps reference design

  • CI/CD pipelines with built-in security checks (linting, SAST, DAST, SBOM).
  • Observability (logs, metrics, traces) integrated from design time.
  • Automated vulnerability scanning, secret management, policy-as-code.

About & Contributions

For more examples, scripts, diagrams, and feedback, see:

Suggestions for corrections, diagram improvements, or new labs are welcome. This wiki aims to remain a living laboratory for AI, cloud, and automation.

Retrieved from "https://infocepo.com/wiki/index.php?title=Main_Page&oldid=1921"