Infrastructure as Code (IAC) Cookbook

Infrastructure as Code (IAC) Cookbook

By : Stephane Jourdan, Pierre Pomès

Buy this Book

Infrastructure as Code (IAC) Cookbook

By: Stephane Jourdan, Pierre Pomès

Buy this Book

Overview of this book

Para 1: Infrastructure as code is transforming the way we solve infrastructural challenges. This book will show you how to make managing servers in the cloud faster, easier and more effective than ever before. With over 90 practical recipes for success, make the very most out of IAC.

Infrastructure as Code (IAC) Cookbook

Credits

About the Authors

About the Reviewer

www.PacktPub.com

Customer Feedback

Preface

Free Chapter

Vagrant Development Environments

Introduction

Adding an Ubuntu Xenial (16.04 LTS) Vagrant box

Using a disposable Ubuntu Xenial (16.04) in seconds

Enabling VirtualBox Guest Additions in Vagrant

Using a disposable CentOS 7.x with VMware in seconds

Extending the VMware VM capabilities

Enabling multiprovider Vagrant environments

Customizing a Vagrant VM

Using Docker with Vagrant

Using Docker in Vagrant for a Ghost blog behind NGINX

Using Vagrant remotely with AWS EC2 and Docker

Simulating dynamic multiple host networking

Simulating a networked three-tier architecture app with Vagrant

Showing your work on the LAN while working with Laravel

Sharing access to your Vagrant environment with the world

Simulating Chef upgrades using Vagrant

Using Ansible with Vagrant to create a Docker host

Using Docker containers on CoreOS with Vagrant

Provisioning IaaS with Terraform

Introduction

Configuring the Terraform AWS provider

Creating and using an SSH key pair to use on AWS

Using AWS security groups with Terraform

Creating an Ubuntu EC2 instance with Terraform

Generating meaningful outputs with Terraform

Using contextual defaults with Terraform

Managing S3 storage with Terraform

Creating private Docker repositories with Terraform

Creating a PostgreSQL RDS database with Terraform

Enabling CloudWatch Logs for Docker with Terraform

Managing IAM users with Terraform

Going Further with Terraform

Introduction

Handling different environments with Terraform

Provisioning a CentOS 7 EC2 instance with Chef using Terraform

Using data sources, templates, and local execution

Executing remote commands at bootstrap using Terraform

Using Docker with Terraform

Simulating infrastructure changes using Terraform

Teamwork – sharing Terraform infrastructure state

Maintaining a clean and standardized Terraform code

One Makefile to rule them all

Team workflow example

Managing GitHub with Terraform

External monitoring integration with StatusCake

Automating Complete Infrastructures with Terraform

Introduction

Provisioning a complete CoreOS infrastructure on Digital Ocean with Terraform

Provisioning a three-tier infrastructure on Google Compute Engine

Provisioning a GitLab CE + CI runners on OpenStack

Managing Heroku apps and add-ons using Terraform

Creating a scalable Docker Swarm cluster on bare metal with Packet

Provisioning the Last Mile with Cloud-Init

Introduction

Using cloud-init on AWS, Digital Ocean, or OpenStack

Handling files using cloud-init

Configuring the server's time zone using cloud-init

Managing users, keys, and credentials using cloud-init

Managing repositories and packages using cloud-init

Running commands during boot using cloud-init

Configuring CoreOS using cloud-init

Deploying Chef Client from start to finish using cloud-init

Deploying a remote Docker server using cloud-init

Fundamentals of Managing Servers with Chef and Puppet

Introduction

Getting started (notions and tools)

Installing the Chef Development kit and Puppet Collections

Creating a free hosted server Chef account and a Puppet server

Automatically bootstrapping a Chef client and a Puppet agent

Installing packages

Managing services

Managing files, directories, and templates

Handling dependencies

More dynamic code using notifications

Centrally sharing data using a Chef data bag and Hiera with Puppet

Creating functional roles

Managing external Chef cookbooks and Puppet modules

Testing and Writing Better Infrastructure Code with Chef and Puppet

Introduction

Linting Chef code with Foodcritic and Puppet code with puppet-lint

Unit testing with ChefSpec and rspec-puppet

Testing infrastructure with Test Kitchen for Chef and Beaker for Puppet

Integration testing with ServerSpec

Maintaining Systems Using Chef and Puppet

Introduction

Maintaining consistent systems using scheduled convergence

Creating environments

Using Chef encrypted data bags and Hiera-eyaml with Puppet

Using Chef Vault encryption

Accessing and manipulating system information with Ohai

Automating application deployment (a WordPress example)

Using a TDD workflow

Planning for the worse – train to rebuild working systems

Working with Docker

Introduction

Docker usage overview

Choosing the right Docker base image

Optimizing the Docker image size

Versioning Docker images with tags

Deploying a Ruby-on-Rails web application in Docker

Building and using Golang applications with Docker

Networking with Docker

Creating more dynamic containers

Auto-configuring dynamic containers

Better security with unprivileged users

Orchestrating with Docker Compose

Linting a Dockerfile

Deploying a private Docker registry with S3 storage

Maintaining Docker Containers

Introduction

Testing Docker containers with BATS

Test-Driven Development (TDD) with Docker and ServerSpec

The workflow for creating automated Docker builds from Git

The workflow for connecting the Continuous Integration (CI) system

Scanning for vulnerabilities with Quay.io and Docker Cloud

Sending Docker logs to AWS CloudWatch logs

Monitoring and getting information out of Docker

Debugging containers using sysdig

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Scanning for vulnerabilities with Quay.io and Docker Cloud

One major issue when working with containers is their deprecation and maintenance costs. Too often, containers are built one day, shipped to production because they work, and forgotten there until the next rebuild (which may not happen anytime soon). Libraries are still libraries, and security fixes are pushed every day into distributions package repositories. Sysadmins are used to patch the systems; however, now it's a total anti-pattern to update a running container. Containers need to be rebuilt, exactly like developers are used to rebuilding applications with updated libraries to get rid of bugged code. The exception is that we are lucky enough to have tools that monitor each and every layer of our Docker images and tell us how and when they are vulnerable, allowing us to simply rebuild and redeploy them.

Getting ready

To step through this recipe, you will need:

A working Docker installation
A free account at Quay.io and/or a paid...

Infrastructure as Code (IAC) Cookbook

By : Stephane Jourdan, Pierre Pomès

Infrastructure as Code (IAC) Cookbook

By: Stephane Jourdan, Pierre Pomès

Overview of this book

Related Content you might be interested in

Current Title:

Infrastructure as Code (IAC) Cookbook

Chef Cookbook

Getting Started with Terraform

Docker Orchestration

Scanning for vulnerabilities with Quay.io and Docker Cloud

Getting ready