DevOps – IT Infrastructure
- Network Infrastructure:
- Network topology.
- Switches and Hubs.
- Load Balancers.
- VPN Point-to-Point and Client-Server.
- Web Proxies.
- Hardware Vendors: Cisco, Fortinet, TP-Link, …
- Microsoft environments:
- Microsoft Active Directory.
- Microsoft Azure.
- Microsoft Exchange.
- Microsoft Office(365).
- Microsoft SharePoint and Microsoft Flow.
- Microsoft SQL Server.
- Microsoft Windows 10.
- Microsoft Windows Server.
- Cloud platforms:
- Digital Ocean: a global cloud server provider with data centers in Western Europe (Germany, The Netherlands and UK).
- AWS Amazon Web Services.
- Google Cloud.
- Microsoft Azure.
- Operating Systems:
- Linux Redhat.
- Linux Ubuntu Server/Desktop.
- Windows Server.
- Application Servers:
- Drupal CMS.
- WordPress CMS.
- Backend services:
- Golang (by Google).
- Node.js & Express.js.
- PHP7 & PHP-FPM.
- RabbitMQ message queue.
- Redis cache and message queue.
- InfluxDB time-series database.
- Microsoft SQL Server.
- MongoDB NoSQL.
- MySQL RDBMS (Oracle) and MariaDB RDBMS (open source).
- Oracle RDBMS.
- Redis Key-Value Store.
- Setting up network firewalls (FortiNet).
- Setting up VPN’s (OpenVPN).
- Setting up web application firewalls for mail servers and web servers (Apache/IIS/Nginx).
- SSL Certificates (Let’s Encrypt, Comodo).
- Using penetration testing tool belts such as Kali Linux and BackTrack Linux.
- Using stress-testing tools such as Siege and Blitz.io
- Using vulnerability scanners such as Nikto and Wapiti.
- Traditional web hosting:
- Web Caching and Reverse Proxies:
- Varnish Cache (including developing custom Varnish Cache VCL scripts).
- Nginx Cache.
- backup & Recovery:
- Microsoft Hyper-V.
- Linux QEMU + KVM.
- Web Servers:
- Apache HTTPD.
- Microsoft ISS.
- Nginx HTTPD.
This section explains my insights and expertise regarding DevOps and operating an IT Infrastructure.
I have written, and applied, numerous SOP’s (Standard Operating Procedures) to setup and operate high performance environments for production servers on various O.S.’s, on both bare-metal servers and cloud servers. A detailed example: a cluster of Ubuntu Servers V14 LTS with an Apache / Nginx / Varnish / Node.js / PHP / Golang / Redis / MySQL stack and various monitoring and security modules. It can and already did handle +-7.5 million hits/month (web, API, etc.) in a fast, stable and secure manner.
This chapter describes a set of related roles and tasks. Note that these can be assigned to one or more persons. The amount of human communication increases exponentially when you split up tasks across multiple team members. And let the level of human communication be the weakest link in a project team.
DevOps is a set of practices that promotes the coexistence or synthesis of development and operations. With IT Infrastructure I mean all roles and tasks that are related to setting up and operating the IT infrastructure. The key insight is that both development and operations should be an integral part of the project team from the start (opposed to having a wall between the software development team and the operations team).
Automating your deployment process and being able to deploy artifacts (almost) continuously is really possible today. It will remove the waste from your processes and shall make smaller, less-risky, incremental changes to production.
Note that monitoring dashboard should not be limited to off-the-shelf server monitoring dashboards. You should also provide unique dashboards for your projects that cover their specific application areas.
The overall objective shall always remain the same: to deliver projects On Time, On Budget and On Specification.
Did you realize that the state (stability, performance, security) of your server infrastructure impacts everything else?
For example: if you do not get the performance right then your project makes no chance to succeed. Nearly half of the web users expect a site or app to load in 2 seconds or less; they tend to abandon a site that isn’t loaded within 3 seconds and they won’t come back! (URL https://blog.kissmetrics.com/loading-time/?wide=1).
- Setting up coding helper tools such as minimizing images, injecting meta data in images and PDF documents for SEO purposes, automated daily W3C Validation of web pages, daily reporting of rankings in Google Search, analyzing web server logs, automatic uptime monitoring of URL’s, … and many more …
- Setting up build pipelines using Grunt and Gulp.
- Setting up testing pipelines using Grunt and Gulp.
- Setting up deployment pipelines using Grunt, Gulp.
- Setting up server configurations (dev-test-qa-prod) using Ansible, Bash and lots of manual steps. The most important task is to document the configuration procedure, and only then start automating the steps where possible and relevant.
- Procurement of all your artifacts.
- Make SOP’s for all your artifacts.
- Assembling and configuring cost-effective bare-metal servers.
- Setting up local networks including firewalls and VPN’s.
- Setting up and operating a cloud infrastructure.
- Setting up secure, fast and cost-effective servers and services.
- Setting up a tight security perimeter for your servers and services.
- Performing performance audits including stress-testing of servers and applications (backend/frontend).
- Performing security audits of servers and applications (backend/frontend).
- Monitoring a server and cloud infrastructure using time-series databases and dashboards.
- Change management of servers and services (web server, app server, databases).
- Server optimization for deploying web applications (e.g. MemcacheD, PHP-FPM, PHP OPCache, migrating from Apache HTTPD to Nginx, reverse proxies).