Vendor Lock-in
EXIT-Strategie
(15 Min.)
%%{init: {'theme': 'base', 'themeVariables': { 'fontSize': '16px'}}}%%
graph TD
S[**SaaS** - Software as a Service] --> P["**PaaS** - Platform as a Service
(managed RDBMS, container srvc,
Monitoring, Logging)"] P--> I["**IaaS** - Computing, Storage, Netze
AWS EC2, S3, VPC (SDN)
EC2 vs. VMware vs. KVM"]
(managed RDBMS, container srvc,
Monitoring, Logging)"] P--> I["**IaaS** - Computing, Storage, Netze
AWS EC2, S3, VPC (SDN)
EC2 vs. VMware vs. KVM"]
Checkliste
- will ich überhaupt Vendor Lock-in vermeiden oder möchte ich gerade die spezifischen Services nutzen?
- nur IaaS oder eine limitierte Liste der managed PaaS Services auswählen - Cloud Governance
- Infrastructure-as-code für ausführbare Dokumentation und ein nachvollziehbares Setup - erleichtert den Umzug
Infrastructure-as-Code
Terraform / ansible / AWS CloudFormation templates
resource "aws_vpc" "main" { # Create a VPC
cidr_block = "10.0.0.0/16"
}
resource "aws_subnet" "main" { # Create a Subnet
vpc_id = aws_vpc.main.id
cidr_block = "10.0.1.0/24"
availability_zone = "us-west-2a"
}
resource "aws_security_group" "allow_ssh" { # Create a Security Group
vpc_id = aws_vpc.main.id
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "example" { # Create an EC2 Instance
ami = "ami-0c55b159cbfafe1f0" # TODO valid AMI ID for your region
instance_type = "t2.micro"
subnet_id = aws_subnet.main.id
vpc_security_group_ids = [aws_security_group.allow_ssh.id]
tags = {
Name = "example-instance"
}
}
Hetzner Beispiel - terraform
resource "hcloud_network" "hc_private" {
name = "hc_private"
ip_range = var.ip_range
}
resource "hcloud_server_network" "web_network" {
count = var.instances
server_id = hcloud_server.web[count.index].id
subnet_id = hcloud_network_subnet.hc_private_subnet.id
}
resource "hcloud_network_subnet" "hc_private_subnet" {
network_id = hcloud_network.hc_private.id
type = "cloud"
network_zone = "eu-central"
ip_range = var.ip_range
}
resource "hcloud_server" "web" {
count = var.instances
name = "web-server-${count.index}"
image = var.os_type
server_type = var.server_type
location = var.location
ssh_keys = [hcloud_ssh_key.default.id]
labels = {
type = "web"
}
user_data = file("user_data.yml")
}
Vielen Dank! Fragen?
Vladimir Dobriakov
infrastructure-as-code.de
vladimir@infrastructure-as-code.de