Main Page: Difference between revisions
Jump to navigation
Jump to search
(no more interesting attacks) |
|||
| Line 31: | Line 31: | ||
|- | |- | ||
| style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | Disable all nodes minus one. (maintenance mode) | | style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | Disable all nodes minus one. (maintenance mode) | ||
| style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | All resources started whitout disruption | | style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | All resources started whitout disruption. | ||
| style="background-color:#d8e4bc;border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | | | style="background-color:#d8e4bc;border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | | ||
|- | |- | ||
| style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | Activate all nodes.Power off all nodes minus one, different from the previous test. | | style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | Activate all nodes. Power off all nodes minus one, different from the previous test. | ||
| style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | All resources started | | style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | All resources started. | ||
| style="background-color:#d8e4bc;border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | | | style="background-color:#d8e4bc;border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | | ||
|- | |- | ||
| style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | Power off simultaneous all | | style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | Power off simultaneous all nodes. Power on simultaneous all nodes. | ||
| style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | All resources started on all nodes | | style="border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | All resources started on all nodes. | ||
| style="background-color:#d8e4bc;border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | | | style="background-color:#d8e4bc;border:0.05pt solid #000000;padding:0.049cm;color:#000000;" | | ||
|- | |- | ||
Revision as of 11:17, 20 March 2022
My name is Antonio DA SILVA PACHECO (CV_PACHECO Website LINKEDIN).
With this site, I want to share my projects.
NEWS
LAB CLOUD
I want to share my LAB project.
Audit servers
I made ServerDiff.sh script to audit servers. You can track configuration drift. You can check if your environments are the same.
Example of my process of migration CLOUD
- 1.5 days: infra audit (82 clustered services) (audit own tool)
- 1.5 days: physical and virtual target CLOUD architecture diagram
- 1.5 days: physical compliance of 2 CLOUD (6 hypervisors, 6TB memory)
- 1 days: installation of the 2 CLOUD
- .5 day: stability check
| ACTION | RESULT | OK/NOK |
| Disable all nodes minus one. (maintenance mode) | All resources started whitout disruption. | |
| Activate all nodes. Power off all nodes minus one, different from the previous test. | All resources started. | |
| Power off simultaneous all nodes. Power on simultaneous all nodes. | All resources started on all nodes. |
- 1.5 days: CLOUD automation study
- 1.5 days: 6 templates (2 CLOUD, 2 OS, 8 environments, 2 versions)
- 1 day: migration diagram
- 1.5 days: 138 lines of industrialization code for migration (migration own code)
- 1.5 days: process stabilization
- 1.5 days: CLOUD benchmark vs old INFRA
- .5 days: calibration of unavailability time per unit migration
- 5 minutes (effective load): 82 VM (env, os, application_code, 2 IP)
Total = 15 man-days
How to improve your application in the cloud
- Formalize your infrastructure as much as possible for more flexibility, low complexity and less technology lock-in.
- Use a name server able to handle the position of your customers like GDNS.
- Use a minimal instance and use a network load balancer like LVS. Monitor the global load of your instances and add/delete dynamically as needed.
- Or, many providers have dynamic computing services. Compare the prices. But take care about the technology lock-in.
- Use a very efficient TLS decoder like the ATS decoder without blocking.
- Use very fast http cache like VARNISH.
- Use a big cache for big files like ATS.
- ...
- Use serverless service for standard runtimes like Java, Python and PHP. But beware of certain incompatibilities and a lack of consistency over time.
- ...
- Each time you need dynamic computing power think about load balancing or native service from the providers (caution about providers services!)
- ...
- Try to use open source STACKs as much as possible
- ...
- Use cache for your databases like MEMCACHED
CLOUD vs HW
| Function | KUBERNETES | OPENSTACK | AWS | Bare-metal | HPC | CRM | OVIRT |
| DEPLOY | HELM/ANSIBLE/SH | HELM/ANSIBLE/SH | TERRAFORM/CLOUDFOUNDATION | ANSIBLE/SH | XCAT/CLUSH | ANSIBLE/SH | ANSIBLE/PYTHON/SH |
| BOOTSTRAP | API/CLI | PXE/API/CLI | API/CLI | PXE/IPMI | PXE/IPMI | PXE/IPMI | PXE/API |
| Router | API/CLI (kube-router) | API/CLI (router/subnet) | API/CLI (Route table/subnet) | LINUX/OVS/external | XCAT/external | LINUX/external | API |
| Firewall | INGRESS/EGRESS/ISTIO | API/CLI (Security groups) | API/CLI (Security group) | LINUX (NFT) | LINUX (NFT) | LINUX (NFT) | API |
| Vlan | DANM | API/CLI (VPC) | API/CLI (VPC) | OVS/LINUX/external | XCAT/external | LINUX/external | API |
| Name server | coredns | dns-nameserver | Amazon Route 53 | GDNS | XCAT | LINUX/external | API/external |
| Load balancer | kube-proxy/LVS(IPVS) | LVS | Network Load Balancer | LVS | SLURM | Ldirectord | |
| Storage | many | SWIFT/CINDER/NOVA | S3/EFS/FSX/EBS | OPENSTACK SWIFT/XFS/EXT4/RAID10 | GPFS | SAN | NFS/SAN |