AWS DevOps Simplified Build a Solid Foundation in AWS to Deliver Enterprise-Grade Software Solutions at Scale
The complete guide to increasing the DevOps maturity of your organization while adhering to AWS' well-architected principles Key Features Increase your organization's DevOps maturity level from both strategic and tactical standpoint Get hands-on AWS experience with ready-to-deploy code exa...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham, England :
Packt Publishing
[2023]
|
| Edición: | First edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009769035006719 |
Tabla de Contenidos:
- Cover
- Title page
- Copyright and Credits
- Foreword
- Contributors
- Table of Contents
- Preface
- Part 1: Driving Transformation through AWS and DevOps
- Chapter 1: Accelerating Your DevOps Journey with AWS
- AWS and DevOps - a perfect match
- Production-like environments
- Scaling with the cloud
- DevOps methodologies to accelerate software delivery
- Key AWS DevOps services
- CI
- CD and continuous deployment
- IaC
- Summary
- Further reading
- Chapter 2: Choosing the Right Cloud Service
- The three tiers of cloud offerings
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
- What to choose when
- Simplicity versus control
- Cloud skills and resources
- Business requirements
- Security considerations
- Understanding your organization's cloud operating model
- Focusing on sustaining workloads with the traditional approach
- Focusing on optimizing workloads
- Focusing on growth in the cloud
- Key AWS services
- Abstracting the infrastructure
- Accelerating software delivery with platform services
- Fully managed software services
- Summary
- Further reading
- Chapter 3: Leveraging Immutable Infrastructure in the Cloud
- Technical requirements
- Pets versus cattle
- Mutable and immutable infrastructure
- Mutable infrastructure
- Immutable infrastructure
- Getting started with AWS
- Creating a new AWS account
- Securing your root user credentials
- Creating additional users
- Setting up an AWS Cloud9 IDE in your AWS account
- Navigating your Cloud9 environment
- Working with the test application
- Test application
- Building an AMI with Packer
- Deploying our test instance
- Securing incoming traffic with security groups
- Creating the test EC2 instance
- Terminating the test EC2 instance
- Summary
- Further reading.
- Part 2: Faster Software Delivery with Consistent and Reproducible Environments
- Chapter 4: Managing Infrastructure as Code with AWS CloudFormation
- Technical requirements
- What is AWS CloudFormation?
- Key concepts in AWS CloudFormation
- How CloudFormation works
- Permissions delegation for resource management
- API call logging with CloudTrail
- How requests flow over the network
- Best practices for using CloudFormation to define enterprise-grade architectures
- Keep templates small and reusable
- Leverage inputs and outputs for cross-stack dependencies
- Leverage other service integrations
- Leverage StackSets for organization-wide stack rollouts
- Avoid hardcoding parameter values
- Life cycle policies to protect critical resources
- Reusable resource configurations
- Deciding between Terraform and CloudFormation
- Third-party provider ecosystem
- Mapping a resource definition with a deployment
- Support for programming constructs
- State management for deployed resources
- Better integrations offered by cloud-native services
- Modules for code reusability
- Hands-on deployment with CloudFormation
- Network architecture design to support multi-AZ deployments
- Hosting a sample web application with an application load balancer and Auto Scaling groups
- Summary
- Further reading
- Chapter 5: Rolling Out a CI/CD Pipeline
- What is CI/CD?
- How does CI/CD enable faster software delivery?
- Why is continuous deployment hard to implement?
- An effective branching strategy is key
- Working with feature toggles
- Identifying what works best for you
- How to choose the best CI/CD solution for your needs
- Integration with existing tools
- On-premises hosting considerations
- Open source or commercial offerings?
- Enabling continuous integration with CodeCommit and CodeBuild
- Key features offered by CodeCommit.
- Automating builds and tests with CodeBuild
- Using CodeDeploy to orchestrate deployment workflows in compute environments
- Key components in CodeDeploy
- Key features offered by CodeDeploy
- Implementing end-to-end software delivery with CodePipeline
- Key constructs used by CodePipeline
- Triggering actions in other regions
- Rolling out a fully automated CI/CD pipeline in your AWS account
- Creating a base AMI for the application instances
- Deploying infrastructure and application stacks
- Summary
- Further reading
- Chapter 6: Programmatic Approach to IaC with AWS CDK
- Different approaches to managing infrastructure in AWS
- Manual infrastructure management
- Automating infrastructure rollouts with scripts
- Adopting a declarative approach
- Using infrastructure definition generators
- Using frameworks that offer high-level abstractions
- What is AWS CDK?
- Key concepts in CDK
- Development workflow
- Pros and cons of working with CDK
- Deploying a test application with AWS CDK
- Understanding the different components of the image recognition application
- Bootstrapping a new CDK project
- Bootstrapping the AWS account to enable CDK deployments
- Defining CDK constructs for application components
- Defining Lambda code for orchestrating the application workflow
- Synthesizing the template
- Deploying the CDK stack into an AWS account
- Testing the image analysis workflow
- Summary
- Further reading
- Part 3: Security and Observability of Containerized Workloads
- Chapter 7: Running Containers in AWS
- A quick introduction to the container ecosystem
- What are containers and why do we need them?
- Docker as a container platform
- Scaling containerized deployments beyond simple use cases
- Key responsibilities of container platforms
- AWS services that support running containers in the cloud.
- AWS Elastic Compute Cloud (EC2)
- AWS Elastic Kubernetes Service (EKS)
- AWS Elastic Container Service (ECS)
- ECS constructs and security features
- Important constructs used by ECS
- Ensuring a good security posture with ECS
- Deploying a test application on ECS
- Understanding the test application architecture
- Defining the CDK stack constructs
- Preparing the web application code
- Preparing the static HTML template
- Bundling all application dependencies together for deployment on ECS
- Deploying our CDK stack in an AWS account
- Summary
- Further reading
- Chapter 8: Enabling the Observability of Your Workloads
- What is observability?
- Benefits of observability
- Key AWS offerings for monitoring and observability
- Amazon CloudWatch
- Best practices for a solid observability strategy
- Build a hierarchy of dashboards
- Use consistent time zones across all systems
- Propagate trace identifiers
- Ensure that all components of your system emit events
- Defining your observability strategy for workloads hosted in AWS
- Deploying an observability stack for a test application hosted in ECS
- Extending the code base for better observability
- Deploying the stack in an AWS account
- Observing data to understand application behavior
- Summary
- Further reading
- Chapter 9: Implementing DevSecOps with AWS
- Trade-offs and challenges of security
- Lack of ownership
- Last step in software delivery
- The rapid evolution of application architectures
- Outdated security tools
- What is DevSecOps?
- How is it different from DevOps?
- Key benefits of DevSecOps
- What it means for security professionals
- What it means for developers
- What it means for the operations team
- Securing your workloads in AWS
- Security challenges for operating workloads in the cloud
- Test strategies for your AWS workloads.
- Important tools for security assessments
- Rolling out a test CI/CD workflow for DevSecOps
- Understanding the target architecture of the DevSecOps pipeline
- Understanding the code base
- Deploying the CDK stack in an AWS account
- Checking the result of security assessments
- Summary
- Further reading
- Part 4: Taking the Next Steps
- Chapter 10: Setting Up Teams for Success
- Building a collaborative team setup and culture
- Enable your teams to create more value
- Establishing a culture of collaboration and learning
- Measuring the DevOps maturity of your teams
- De-silo Dev and Ops
- Blameless post-mortems and RCAs
- Technology best practices and considerations for success
- Right-size the teams based on the technology cognitive load they can handle
- Invest in building abstractions that promote best practices
- Making injection of failure scenarios a routine practice
- Aligning technology decisions with business expectations
- Resources for continuous learning and enablement
- Driving change from the bottom up
- Structure your ideas well
- Demonstrate commitment
- Find collaborators and share good practices
- Summary
- Further reading
- Chapter 11: Ensuring a Strong AWS Foundation for Multi-Account and Multi-Region Environments
- What is a Landing Zone?
- Key considerations in a Landing Zone
- Defining a structure for organizational units and accounts
- Focus on cross-account and hybrid networking needs
- Securing the Landing Zone with IAM and security services
- DevOps and config management
- Operations
- Best practices for managing multi-account architectures
- Limiting access to the management account
- Adopting solutions that offer the right balance of ease and control
- Invest in building an Account Vending Machine
- Maintain a separate AWS Organizations organization for platform development.
- Avoid provisioning any IAM users.
