GithubAction_Any_Cloud

Transcript

1. GitHub Action with Any Cloud Env (Praparn Lueangphoonlap)

2. Agenda • Trend of public cloud adoption • Problem and

   Solution • The Project ◦ Purpose of project ◦ Architecture design ◦ How can it help ? • AWS Cloud (Example) ◦ Credential as prerequisites ◦ Procedure to operate • Q&A

3. Git Resource • https://github.com/praparn/github-action-any-cloud-env Github Action for any cloud env

4. Reference • Azure AKS Cluster • AWS EKS Cluster •

   Google GKE Cluster • Huawei Cloud Container Service • GitHub Action with Terraform • Etc. Github Action for any cloud env

5. Trend of Public Cloud Adoption

6. Trend of Cloud Adoption Github Action for any cloud env

   Ref: https://blogs.microsoft.com/blog/2022/01/27/cloud-trends-show-customers-increasing-investments-in-hybrid-and-multicloud/

7. Trend of Cloud Adoption Github Action for any cloud env

   Ref: https://www.i-scoop.eu/cloud-computing/public-cloud-spending/

8. Trend of Cloud Adoption Github Action for any cloud env

   Ref: https://www.veritis.com/news/top-10-public-private-and-hybrid-cloud-adoption-statistics-for-2020-and-beyond/

9. Trend of Public Cloud Adoption • All IT department have

   their strategic to move application/workload from on-prem to cloud • COVID-19 is very effective factor to make cloud adoption growth as exponential rate • As capability in public cloud. Business have more agility to launch new application/workload or change within few minute • So IT will facing dramatical change request for create/delete/change workload in every minute for this purpose • Each cloud provider have their strength and weakness point • This make organization provide “multiple cloud strategic” for combine all cloud provider strength and fit with the business Github Action for any cloud env

10. Problem and Solution

11. Problem and Solution Problem: • From this mega trend make

    huge of problem in IT operation • Each cloud provider have their architecture and well-architect for setup environment. So that mean we need to have well knowledge/skill set on that cloud provider • With “multi cloud strategic”. We need many skill set need for handle this • As business need application/workload up and running within minute and may change in everytime that need. • How can we provide resource for support this ? • How can we support 24 x 7 requirement ? Github Action for any cloud env

12. Problem and Solution Solution: • For fitting this operation. We

    cannot handle the process by manual • “Automation” is the key solution. We need to design solution for handle this and make it provision all element when need • We select IaC (Infrastructure as Code) for developer the “template” for all element that we need to full-lifecycle with it (create/modify/delete) etc. • On this we can develop all script for support this task on any cloud environment • Next we need some automation flow to receive requirement from user (developer/po/pm/ba/devops etc.) and run IaC to operate • With this combination. We can set up automation flow to support this task and maintain all template when new requirement is come Github Action for any cloud env

13. Problem and Solution Github Action for any cloud env

14. The Project

15. Purpose of Project • For our project have main purpose

    for reduce this complicate for each cloud provider and make all contribute to leverage any “element” with simple standard • Project is integrated with “Terraform” framework for operate IaC (infrastructure as code) and make same standard on project • For make it automation part. To make this project help for provision element from scratch automatically. We choose “Github Action” as build-in on repository. So this will effort less for operation • All credential was keep in “GitHub Secret” and run via github action. So we not leak any credential to outside Github Action for any cloud env

16. Purpose of Project • Project will target for handle all

    cloud provider and more in future Github Action for any cloud env

17. Purpose of Project Contributor https://github.com/praparn/github-action-any-cloud-env Master Repo Step1: Git clone

    (private repository) AWS AliCloud Gcloud Azure etc. Step2: Configure properties and Credential Step3: Commit and Push with specific “Tags/Commit” Cloud Provider Step4: Github Action will run terraform to create Env Step5: Create Env Developer/Applicati on Owner Step6: Access Env and operate Github Action for any cloud env

18. Architecture Design Step1: Create “env” for housing terraform “state file”

    Step2: Create “foundation” for basic element (network element, dns etc) Step3: Create/Delete/Modify element as required Step4: Destroy “foundation” for terminate environment Step5: Destroy “env” for remove statefile Developer/ Application Owner GitHub Secret <credential>…… Cloud Provider State File Runner will active with “Tag” • “xxx-init-env**” (create state file location) • “xxx-init-foundation**” (create foundation) • “xxx-init-element**” (create element) • “xxx-modify-element**” (modify element) • “xxx-destroy-element**” (destroy element) • “xxx-destroy-foundation**” (destroy foundation) AWS AliCloud Gcloud Azure etc. Github Action for any cloud env

19. Architecture Design Ref:https://medium.com/devops-mojo/terraform-remote-states-overview-what-is-terraform-remote-state-storage-i ntroduction-936223a0e9d0 Github Action for any cloud env

20. How can it help? • With this solution. Contributor can

    git clone repository for create their initial project on each cloud provider • With automation concept. Organization is effortless for create element on cloud and never even need to create server/compute to provision element as request. • Contributor also can improved and add more template as “terraform” script for extend capability more and more • As all automation and code had been housed on “Github”. So we can support 24 x 7 days on this. Github Action for any cloud env

21. AWS Cloud

22. Credential as prerequisites • {AWS_ACCESSKEY}: Store access key. Please follow

    this KB AWS • {AWS_SECRET}: Store secret key. Please follow this KB AWS • {AWS_REGION}: Regional for housing AWS environment • {AWS_BUCKETNAME}: AWS bucket name for housing "statefile". This name need very unique in region of AWS. Github Action for any cloud env

23. Credential as prerequisites Github Action for any cloud env

24. Keypair as prerequisites • AWS cloud need to have ssh-key

    for operate with EC2. So we need to create ssh-key and place on folder “1.Environment/02_InitialParameter” to operate (*Remark: In case this ssh-key never create. System will generate by itself. Please copy the private key to your machine and remove from repository as security reason) Github Action for any cloud env

25. AWS Cloud • Init-Environment: ◦ Create “S3 bucket” for housing

    “tfstate” for terraform ◦ Commit: ▪ aws-init-env-yyyymmddhhmmss ◦ Tag: ▪ aws-init-env-yyyymmddhhmmss Github Action for any cloud env

26. AWS Cloud • Init-Foundation: (This process will sync configuration of

    element to use later) ◦ Commit: ▪ aws-init-foundation-yyyymmddhhmmss ◦ Tag: ▪ aws-init-foundation-yyyymmddhhmmss ◦ Create “VPC” (Virtual Private Cloud) ◦ Create “Route53” (DNS) ◦ Create “Internet Gateway” and “NAT Gateway” ◦ Create “Subnet” and “Route Table” under “VPC” ◦ Create “EIP” (Elastic IP Address) ◦ Create “VPN Gateway” for support establish vpn connection Github Action for any cloud env

27. AWS Cloud • Init-Foundation: (This process will sync configuration of

    element to use later) Github Action for any cloud env

28. AWS Cloud • Create Element: ◦ Copy folder “template” on

    each element group (2.Instance/3.Database/4.Cache/5.Bucket/6.Queue/7.Other) to create new element ◦ Edit properties on file “terraform.tfvars” (Reference on file: variables.tf) ◦ Commit: ▪ < element group >-< folder name >-yyyymmddhhmmss ◦ Tag: ▪ aws-init-element-yyyymmddhhmmss Github Action for any cloud env

29. AWS Cloud • Create Element: Github Action for any cloud

    env

30. AWS Cloud • Modify Element: ◦ Edit properties on file

    “terraform.tfvars” (Reference on file: variables.tf) ◦ Commit: ▪ < element group >-< folder name >-yyyymmddhhmmss ◦ Tag: ▪ aws-modify-element-yyyymmddhhmmss Github Action for any cloud env

31. AWS Cloud • Destroy Element: ◦ Commit: ▪ < element

    group >-< folder name >-yyyymmddhhmmss ◦ Tag: ▪ aws-modify-element-yyyymmddhhmmss Github Action for any cloud env

32. AWS Cloud • Destroy Foundation: ◦ Delete all network foundation

    ◦ Commit: ▪ aws-destroy-foundation-yyyymmddhhmmss ◦ Tag: ▪ aws-destroy-foundation-yyyymmddhhmmss Github Action for any cloud env

33. AWS Cloud • Destroy Environment: ◦ Delete S3 bucket (*Remark:

    you need to “empty” bucket before run this process ◦ Commit: ▪ aws-destroy-env-yyyymmddhhmmss ◦ Tag: ▪ aws-destroy-env-yyyymmddhhmmss Github Action for any cloud env

34. Q&A K8S Lifecycle with Github Action

35. Thanks You (Praparn Lueangphoonlap)