SlideShare a Scribd company logo

實際架構實踐演化與解決方案

CKmates
CKmates

實際架構實踐演化與解決方案

Internet
1 of 98
Download to read offline
Copyright © CKmates. All rights reserved 1 實際架構實踐演化與解決方案 Camel Camel P r o v i d e a l l y o u n e e d
Copyright © CKmates. All rights reserved Agenda 2 • Hello, How about me • Architecture Design • Maintenance • Serverless CI/CD Work on AWS
Copyright © CKmates. All rights reserved About me 3 • Focus on AWS - 2012 • Handled hundreds of customers • Get Professional Certified
Copyright © CKmates. All rights reserved Architecture Think? 4
Copyright © CKmates. All rights reserved 5 Meeting discussion • 團隊認知或程度 • 考量需求、改善或目標 • 架構上共識(階段性) • 角色所負責及無法勝任工作 • 團隊整合及分權劃分
Copyright © CKmates. All rights reserved Architecture Design Metric[1] 6 • 主要客群所在區域- Area • 服務類型- AP/Live Stream • 預算成本/可靠度- Cost • 安全性/網路效能- ACL • 自已維護能力- Ability • 未來擴展延申性- Scalability Service Security Monitor
Copyright © CKmates. All rights reserved Metric got the answer 7 • Region Choose – Region • AWS Service Choose – EC2/RDS/CDN/R53/AS • AWS Service Define – EC2/AZ • Public/Private subnet/CDN/VPN/DC/WAF/Shield – VPC • IAM/CloudTrail/CloudWatch/trusted advisor – Support team • Serverless/AS/ELB/SQS/dynamodb – Loose Coupling
Copyright © CKmates. All rights reserved 88 • 主要客群所在區域(Region Choose)[2] Cloudping
Copyright © CKmates. All rights reserved 99 • 服務類型(AWS Service)[3]
Copyright © CKmates. All rights reserved 1010 • 預算成本- Cost[4]
Copyright © CKmates. All rights reserved 1111 • 進階成本預算- RI
Copyright © CKmates. All rights reserved 1212 • 以秒計費,網內互打不用錢
Copyright © CKmates. All rights reserved 1313 • 安全性/網路效能-ELB
Copyright © CKmates. All rights reserved 1414 • 安全性/網路效能分析對照表-ELB[5]
Copyright © CKmates. All rights reserved 1515 • 安全性/網路效能-VPC
Copyright © CKmates. All rights reserved 1616 • 安全性/網路效能-CDN
Copyright © CKmates. All rights reserved 1717 • 安全性/網路效能-VPN
Copyright © CKmates. All rights reserved 1818 • 安全性/網路效能-Direct Connect
Copyright © CKmates. All rights reserved 1919 • 為何選擇-Direct Connect
Copyright © CKmates. All rights reserved 2020 • 安全性/網路效能-Direct Connect
Copyright © CKmates. All rights reserved 2121 • 未來擴展延申性- Loose Coupling
Copyright © CKmates. All rights reserved 2222 • 我們都知道,永遠都有適合的新服務 • (各司其職)
Copyright © CKmates. All rights reserved 2323
Copyright © CKmates. All rights reserved 2424 經討論後實際架構圖stage 1 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet security group Amazon EC2
Copyright © CKmates. All rights reserved 2525 經討論後實際架構圖stage 1 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet security group Amazon EC2 Performance
Copyright © CKmates. All rights reserved 2626 數據增長實際架構圖stage 2 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS
Copyright © CKmates. All rights reserved 2727 數據增長實際架構圖stage 2 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Loose Coupling
Copyright © CKmates. All rights reserved 2828 活動人數增長實際架構圖stag 3 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Amazon EC2 Elastic Load Balancing S3 bucket
Copyright © CKmates. All rights reserved 2929 活動人數增長實際架構圖stag 3 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Amazon EC2 Elastic Load Balancing S3 bucket Reliability
Copyright © CKmates. All rights reserved 3030 活動指標後實際架構圖stag 4 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Amazon EC2 S3 bucket Amazon RDS multi-az CloudFront distribution Auto Scaling
Copyright © CKmates. All rights reserved 3131 活動指標後實際架構圖stag 4 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Amazon EC2 S3 bucket Failover Amazon RDS multi-az CloudFront distribution Auto Scaling
Copyright © CKmates. All rights reserved 3232 Cost Security DR Serverless CI/CD MA Group
Copyright © CKmates. All rights reserved 運維要件 1.Identity and a ccess man agement(身份和成本管理) 2.Detective controls(檢測控制) 3.Infrastructure protection(基礎設施保護) 4.Data protection(數據保護) 5.Incident response(回應)
Copyright © CKmates. All rights reserved 運維要件 1.Identity and a ccess man agement(身份和成本管理)-IAM 2.Detective controls(檢測控制)-CloudWatch 3.Infrastructure protection(基礎設施保護)-VPC/WAF/-Trusted Advisor 4.Data protection(數據保護)-Private/DC/堡壘/AD-CloudTrail 5.Incident response(回應)-VPC Flow Logs/CLI/CloudWatch-SNS/Slack
Copyright © CKmates. All rights reserved • 身份和成本管理-IAM[6] 隱藏您的 AWS 賬戶根用戶訪問密鑰 創建單獨的 IAM 用戶 盡量使用由 AWS 定義的策略分配權限 使用組向 IAM 用戶分配權限 授予最低權限 使用訪問權限級別查看 IAM 權限 為您的用戶配置強密碼策略 為特權用戶啟用 MFA 針對在 Amazon EC2 實例上運行的應用程序使用角色 通過使用角色而非共享憑證來委託訪問 定期輪換憑證 刪除不需要的憑證 使用策略條件來增強安全性
Copyright © CKmates. All rights reserved • 身份管理-IAM[7]
Copyright © CKmates. All rights reserved • 成本管理-Cost Explorer &CW
Copyright © CKmates. All rights reserved • 系統活動監控- CW&SNS • CloudWatch log • CloudWatch event
Copyright © CKmates. All rights reserved • 說真的CloudWatch好用,不用嗎[8]
Copyright © CKmates. All rights reserved • elasticsearch/ELK
Copyright © CKmates. All rights reserved • 異常資訊管理-VPC F&CWL[9]
Copyright © CKmates. All rights reserved • 凡走過必流痕跡- CloudTrail
Copyright © CKmates. All rights reserved • 監控差異恢復- Config
Copyright © CKmates. All rights reserved • 系統活動監控-NoC • 7 X 24 NoC • SOP
Copyright © CKmates. All rights reserved 4545 • 顧問分析工具- Trusted Advisor
Copyright © CKmates. All rights reserved 4646 • 顧問分析工具- Trusted Advisor 分析四象限:成本最佳化/資源利用率/資訊安全/架構可靠度 Cost Optimization / Performance / Security /Fault Tolerance
Copyright © CKmates. All rights reserved 4747 • 技術&障礙詢問求解- Support 7 x 24hrBusiness Support
Copyright © CKmates. All rights reserved 4848 自已維護能力- Business Support 7 x 24hrBusiness Support • Prewarm • 技術咨詢 • 系統障礙 • 攻擊壓測 • 使用建議 • RI
Copyright © CKmates. All rights reserved 4949 • 在地化服務- Support 每位專業服務人員都擁有AWS的Associate&Professional架構師證照, 並且承諾SLA答覆時間於指定時間內回覆您的問題,為您做專業的解答。 顧問
Copyright © CKmates. All rights reserved 5050 個人能力及管理YouTube-AWS[10]
Copyright © CKmates. All rights reserved 5151 Security Console MFA/CloudTrail/IAM(最低) 架構 DC/VPC/SG(最低) 正常服務,異常行為 CDN/WAF/清洗/BW
Copyright © CKmates. All rights reserved 5252 Security-針對性 異常 CDN/R53 高可靠快速擴展 防禦:WAF/清洗 正常 PTVA 事先預防 Arc Sight Log事件分析
Copyright © CKmates. All rights reserved 5353 WAF
Copyright © CKmates. All rights reserved 5454 Shield&AWS WAF&清洗
Copyright © CKmates. All rights reserved 5555 Security-PTVA 掃描顯示出網站或主機的弱點及潛在隱藏風險。可藉此修復, 避免被有心人士 利用,當完全掃描完畢後,將以報告方式呈現。
Copyright © CKmates. All rights reserved 資訊安全檢測服務項目 56 • 根據弱點掃描結果,對主機的弱點進行模擬攻擊行 為,確認該弱點的有效性與影響範圍 • 建議每年對重要系統至少執行一次滲透測試 • 為基礎弱點掃描的延伸,會根據其掃描結果加入人 工檢測動作來進一步判斷,以減少誤判 • 建議每一季的基礎弱點掃描可提升為進階掃描 • 使用自動工具進行檢測一般常見弱點,例如:未上 Patch的軟體、弱密碼認證和設定錯誤等等項目 • 建議每月執行一次,其結果可用於趨勢分析、偵測 網路上的新增設備,以及發現新的弱點等等 進階弱點掃描 滲透測試 基礎弱點掃描
Copyright © CKmates. All rights reserved 什麼是弱點掃描? • 弱點掃描是針對企業組織資訊系統的弱點,進行偵測、有效性評估,和判定影響程度的一連串過 程 • 弱點掃描服務可分為: - 基礎弱點掃描服務 ‣ 使用自動化掃描工具檢測一般弱點 ‣ 建議每月執行一次 - 進階弱點掃描服務 ‣ 人工進行判讀與檢測相關弱點,降低誤判機率 ‣ 建議每季執行一次 57
Copyright © CKmates. All rights reserved 什麼是滲透測試? • 滲透測試是: - 利用模擬攻擊的方式來檢測資訊系統和網路的安全性 - 主動分析可能導致系統漏洞的潛在弱點 - 利用弱點進行實際驗證 • 滲透測試可以達成 : - 模擬大部分駭客的攻擊方式來檢測系統漏洞 - 試圖找出大部分可被入侵的弱點 • 滲透測試不可以達成: - 在測試期間找出所有的潛在或未知的弱點 • 在現實環境下,我們會假設駭客有無限的時間來試圖攻破系統 • 建議每年執行一次滲透測試 58
Copyright © CKmates. All rights reserved 採用業界資安測試標準 • OSSTMM - 參考公開標準OSSTMM(Open Source Security Testing Methodology Manual)框架進行測試步驟 • SANS Top 20 Internet Vulnerabilities - 參考SANS所列出的前20大資安嚴重弱點,範圍涵蓋Windows、Unix,及其他跨平台軟體和網路設 備的弱點 • OWASP - OWASP(開放Web軟體安全計畫 - Open Web Application Security Project)是一個開放社群、非營利 性組織,長期致力於改善網頁應用程式與網頁服務的安全性,本測試亦參考OWASP定期公布的前 10大Web弱點 59
Copyright © CKmates. All rights reserved 資訊安全檢測服務最佳實務 60 時間軸 (月) n+12n+11n+10n+9n+8n+7n+6n+5n+4n+3n+2n+1n 基礎弱點掃描建議每月執行 進階弱點掃描建議每季執行 滲透測試建議每年執行 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓✓ ✓ ✓ ✓ ✓ ✓✓ ✓
Copyright © CKmates. All rights reserved 6161 Security
Copyright © CKmates. All rights reserved 6262 Security
Copyright © CKmates. All rights reserved 63 剛說的可能是都系統人員或 網管可以處理 那Program??
Copyright © CKmates. All rights reserved 6464 Serverless應用 功能抽離,易於建置維護、去耦和擴展的應用程式元件。 Amazon API Gateway + AWS Lambda ? + AWS Lambda + ?
Copyright © CKmates. All rights reserved 6565 • 未來擴展延申性- Loose Coupling
Copyright © CKmates. All rights reserved 6666 • 未來擴展延申性- Loose Coupling
Copyright © CKmates. All rights reserved 6767 • 未來擴展延申性- Loose Coupling
Copyright © CKmates. All rights reserved 68 Why to do this?
Copyright © CKmates. All rights reserved 69 Why to do this? Find Distinct People in a Video with Amazon Rekognition[11]
Copyright © CKmates. All rights reserved 70 Why to do this?
Copyright © CKmates. All rights reserved 71
Copyright © CKmates. All rights reserved Difficulty 7272 • Version MA & Security • Decentralized version • Deployed a lot… • Rollback ? • Different environment (Test. Dev. Prod.) • Server trouble
Copyright © CKmates. All rights reserved 73 How CI/CD Work on AWS
Copyright © CKmates. All rights reserved 74 Introduction CI/CD Service
Copyright © CKmates. All rights reserved 75 Version RISK
Copyright © CKmates. All rights reserved 76 Introduction CodeCommit (Version) • Fully Managed • Secure store • High Availability • Faster Development Lifecycle • Use Your Existing Tools
Copyright © CKmates. All rights reserved 77 Introduction CodeCommit (IAM by user key or Credentials)
Copyright © CKmates. All rights reserved 78 CodeCommit
Copyright © CKmates. All rights reserved 79 Introduction CodeCommit (Version)
Copyright © CKmates. All rights reserved 80 Environment Confusion
Copyright © CKmates. All rights reserved 81 Introduction CodePipeline (Environment) • Rapid Delivery • Improved Quality • Configurable Workflow • Get Started Fast • Easy to Integrate
Copyright © CKmates. All rights reserved 82 CodePipeline 開發環境repo 驗証環境repo 線上環境repo
Copyright © CKmates. All rights reserved 83 Introduction CodePipeline (Environment)
Copyright © CKmates. All rights reserved 84 Verify integration Slow
Copyright © CKmates. All rights reserved 85 Introduction CodeBuild (Verify integration) • Build and Test Your Code • Configurable Settings • CI and Delivery Workflows • Security and Permissions • Monitoring
Copyright © CKmates. All rights reserved 86 Introduction CodeBuild (Verify integration)
Copyright © CKmates. All rights reserved 87 CodeBuild-YAML格式 Unit Test Support
Copyright © CKmates. All rights reserved 88 Deploy Process
Copyright © CKmates. All rights reserved 89 Introduction CodeDeploy (Deploy) • Automated Deployments • Minimize Downtime • Centralized Control • Easy To Adopt
Copyright © CKmates. All rights reserved 90 CodeDeploy
Copyright © CKmates. All rights reserved 91 Introduction Code Deploy (Deploy)
Copyright © CKmates. All rights reserved 92 CI/CD Work on AWS
Copyright © CKmates. All rights reserved 93 最後最難管理的-團隊間溝通 定義Flow/權責分明
Copyright © CKmates. All rights reserved 94 雲端是一條學無止盡的不歸路
Copyright © CKmates. All rights reserved 95 Architecture Design Metric[1] https://d0.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf 主要客群所在區域(Region Choose)[2] http://www.cloudping.info/ 服務類型(AWS Service)[3] https://aws.amazon.com/tw/architecture/ 預算成本- Cost[4] http://calculator.s3.amazonaws.com/index.html 安全性/網路效能分析對照表-ELB[5] https://aws.amazon.com/tw/elasticloadbalancing/details/
Copyright © CKmates. All rights reserved 96 身份和成本管理-IAM[6] http://docs.aws.amazon.com/zh_cn/IAM/latest/UserGuide/best-practices.html 身份管理-IAM[7] https://www.sumologic.com/blog/amazon-web-services/security-analytics-in-aws/ 說真的CloudWatch好用,不用嗎[8] https://cloudpack.media/20642 異常資訊管理-VPC F&CWL[9] https://www.sumologic.com/blog/amazon-web-services/security-analytics-in-aws/ 個人能力及管理YouTube-AWS[10] https://www.youtube.com/watch?v=1x20FxpiTVE&t=314s Find Distinct People in a Video with Amazon Rekognition[11] https://aws.amazon.com/tw/blogs/ai/find-distinct-people-in-a-video-with-amazon-rekog
Copyright © CKmates. All rights reserved LIKE US NOW! aws@ckmates.com 97
Copyright © CKmates. All rights reserved Thanks Q & A aws@ckmates.com 98

Recommended

Capacity Planning for Web Operations - Web20 Expo 2008
Capacity Planning for Web Operations - Web20 Expo 2008Capacity Planning for Web Operations - Web20 Expo 2008
Capacity Planning for Web Operations - Web20 Expo 2008John Allspaw
 
AWS Data Lake: data analysis @ scale
AWS Data Lake: data analysis @ scaleAWS Data Lake: data analysis @ scale
AWS Data Lake: data analysis @ scaleAmazon Web Services
 
Oracle magazine November December 2018
Oracle magazine November December 2018Oracle magazine November December 2018
Oracle magazine November December 2018Erik Gur
 
VMWare on VMWare - How VMware IT Implemented Micro-Segmentation and Deployed ...
VMWare on VMWare - How VMware IT Implemented Micro-Segmentation and Deployed ...VMWare on VMWare - How VMware IT Implemented Micro-Segmentation and Deployed ...
VMWare on VMWare - How VMware IT Implemented Micro-Segmentation and Deployed ...VMware
 
141106 actifio overview
141106 actifio overview 141106 actifio overview
141106 actifio overview Christopher T.A. Mangakis
 
Compose hardware resources on the fly with openstack valence
Compose hardware resources on the fly with openstack valenceCompose hardware resources on the fly with openstack valence
Compose hardware resources on the fly with openstack valenceShuquan Huang
 
Hybrid Cloud: OpenStack and Other Approaches
Hybrid Cloud: OpenStack and Other Approaches Hybrid Cloud: OpenStack and Other Approaches
Hybrid Cloud: OpenStack and Other ApproachesMirantis
 
Understanding IaaS Requirements & Design Cloud
Understanding IaaS Requirements & Design CloudUnderstanding IaaS Requirements & Design Cloud
Understanding IaaS Requirements & Design CloudJohn Treadway
 

Recommended

Capacity Planning for Web Operations - Web20 Expo 2008
Capacity Planning for Web Operations - Web20 Expo 2008Capacity Planning for Web Operations - Web20 Expo 2008
Capacity Planning for Web Operations - Web20 Expo 2008John Allspaw
 
AWS Data Lake: data analysis @ scale
AWS Data Lake: data analysis @ scaleAWS Data Lake: data analysis @ scale
AWS Data Lake: data analysis @ scaleAmazon Web Services
 
Oracle magazine November December 2018
Oracle magazine November December 2018Oracle magazine November December 2018
Oracle magazine November December 2018Erik Gur
 
VMWare on VMWare - How VMware IT Implemented Micro-Segmentation and Deployed ...
VMWare on VMWare - How VMware IT Implemented Micro-Segmentation and Deployed ...VMWare on VMWare - How VMware IT Implemented Micro-Segmentation and Deployed ...
VMWare on VMWare - How VMware IT Implemented Micro-Segmentation and Deployed ...VMware
 
141106 actifio overview
141106 actifio overview 141106 actifio overview
141106 actifio overview Christopher T.A. Mangakis
 
Compose hardware resources on the fly with openstack valence
Compose hardware resources on the fly with openstack valenceCompose hardware resources on the fly with openstack valence
Compose hardware resources on the fly with openstack valenceShuquan Huang
 
Hybrid Cloud: OpenStack and Other Approaches
Hybrid Cloud: OpenStack and Other Approaches Hybrid Cloud: OpenStack and Other Approaches
Hybrid Cloud: OpenStack and Other ApproachesMirantis
 
Understanding IaaS Requirements & Design Cloud
Understanding IaaS Requirements & Design CloudUnderstanding IaaS Requirements & Design Cloud
Understanding IaaS Requirements & Design CloudJohn Treadway
 
Finanz Informatik Technologie Service
Finanz Informatik Technologie ServiceFinanz Informatik Technologie Service
Finanz Informatik Technologie ServiceCisco Case Studies
 
Citrix cloud platform - Journey to IT-as-a-Service
Citrix cloud platform - Journey to IT-as-a-ServiceCitrix cloud platform - Journey to IT-as-a-Service
Citrix cloud platform - Journey to IT-as-a-ServiceShapeBlue
 
A Technical Deep Dive on Protecting Acropolis Workloads with Rubrik
A Technical Deep Dive on Protecting Acropolis Workloads with RubrikA Technical Deep Dive on Protecting Acropolis Workloads with Rubrik
A Technical Deep Dive on Protecting Acropolis Workloads with RubrikNEXTtour
 
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...HKISPA
 
Data Center Transformation Cisco's Virtualization & Cloud Journey
Data Center Transformation Cisco's Virtualization & Cloud JourneyData Center Transformation Cisco's Virtualization & Cloud Journey
Data Center Transformation Cisco's Virtualization & Cloud JourneyCisco Canada
 
Infographic: Why Businesses are Adopting Network Virtualization
Infographic: Why Businesses are Adopting Network VirtualizationInfographic: Why Businesses are Adopting Network Virtualization
Infographic: Why Businesses are Adopting Network VirtualizationVMware
 
Cisco cloud presentation
Cisco cloud presentationCisco cloud presentation
Cisco cloud presentationAbdelkader YEDDES
 
OpenStack at PayPal
OpenStack at PayPalOpenStack at PayPal
OpenStack at PayPalopenstackindia
 
eNovance Make Your Cloud
eNovance Make Your CloudeNovance Make Your Cloud
eNovance Make Your CloudeNovance
 
Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...Fujitsu Middle East
 
Cloud – from Conception to Completion
Cloud – from Conception to CompletionCloud – from Conception to Completion
Cloud – from Conception to CompletionLogicalis Australia
 
See Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never BeforeSee Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never BeforePLUMgrid
 
IBM Public Cloud Platform Nov 2021
IBM Public Cloud Platform Nov 2021IBM Public Cloud Platform Nov 2021
IBM Public Cloud Platform Nov 2021Nguyen Tai Dzung
 
Webinar: Don't believe the hype, you don't need dedicated storage for VDI
Webinar: Don't believe the hype, you don't need dedicated storage for VDI Webinar: Don't believe the hype, you don't need dedicated storage for VDI
Webinar: Don't believe the hype, you don't need dedicated storage for VDI NetApp
 
Joyent Corporate Overview
Joyent Corporate OverviewJoyent Corporate Overview
Joyent Corporate OverviewCarly Guarcello
 
Cloud Security - I ain’t rocket science @ Club.cloud 20211103
Cloud Security - I ain’t rocket science @ Club.cloud 20211103Cloud Security - I ain’t rocket science @ Club.cloud 20211103
Cloud Security - I ain’t rocket science @ Club.cloud 20211103Edzo Botjes
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at CiscoCisco Canada
 
Open stack @ sierra wireless
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wirelessLINAGORA
 
Dell - The Incredible Shrinking Datacenter
Dell - The Incredible Shrinking DatacenterDell - The Incredible Shrinking Datacenter
Dell - The Incredible Shrinking DatacenterNEXTtour
 
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...Principled Technologies
 
20191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 220191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 2makker_nl
 
The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)Simon Haslam
 

More Related Content

What's hot

Finanz Informatik Technologie Service
Finanz Informatik Technologie ServiceFinanz Informatik Technologie Service
Finanz Informatik Technologie ServiceCisco Case Studies
 
Citrix cloud platform - Journey to IT-as-a-Service
Citrix cloud platform - Journey to IT-as-a-ServiceCitrix cloud platform - Journey to IT-as-a-Service
Citrix cloud platform - Journey to IT-as-a-ServiceShapeBlue
 
A Technical Deep Dive on Protecting Acropolis Workloads with Rubrik
A Technical Deep Dive on Protecting Acropolis Workloads with RubrikA Technical Deep Dive on Protecting Acropolis Workloads with Rubrik
A Technical Deep Dive on Protecting Acropolis Workloads with RubrikNEXTtour
 
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...HKISPA
 
Data Center Transformation Cisco's Virtualization & Cloud Journey
Data Center Transformation Cisco's Virtualization & Cloud JourneyData Center Transformation Cisco's Virtualization & Cloud Journey
Data Center Transformation Cisco's Virtualization & Cloud JourneyCisco Canada
 
Infographic: Why Businesses are Adopting Network Virtualization
Infographic: Why Businesses are Adopting Network VirtualizationInfographic: Why Businesses are Adopting Network Virtualization
Infographic: Why Businesses are Adopting Network VirtualizationVMware
 
eNovance Make Your Cloud
eNovance Make Your CloudeNovance Make Your Cloud
eNovance Make Your CloudeNovance
 
Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...Fujitsu Middle East
 
Cloud – from Conception to Completion
Cloud – from Conception to CompletionCloud – from Conception to Completion
Cloud – from Conception to CompletionLogicalis Australia
 
See Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never BeforeSee Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never BeforePLUMgrid
 
IBM Public Cloud Platform Nov 2021
IBM Public Cloud Platform Nov 2021IBM Public Cloud Platform Nov 2021
IBM Public Cloud Platform Nov 2021Nguyen Tai Dzung
 
Webinar: Don't believe the hype, you don't need dedicated storage for VDI
Webinar: Don't believe the hype, you don't need dedicated storage for VDI Webinar: Don't believe the hype, you don't need dedicated storage for VDI
Webinar: Don't believe the hype, you don't need dedicated storage for VDI NetApp
 
Joyent Corporate Overview
Joyent Corporate OverviewJoyent Corporate Overview
Joyent Corporate OverviewCarly Guarcello
 
Cloud Security - I ain’t rocket science @ Club.cloud 20211103
Cloud Security - I ain’t rocket science @ Club.cloud 20211103Cloud Security - I ain’t rocket science @ Club.cloud 20211103
Cloud Security - I ain’t rocket science @ Club.cloud 20211103Edzo Botjes
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at CiscoCisco Canada
 
Open stack @ sierra wireless
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wirelessLINAGORA
 
Dell - The Incredible Shrinking Datacenter
Dell - The Incredible Shrinking DatacenterDell - The Incredible Shrinking Datacenter
Dell - The Incredible Shrinking DatacenterNEXTtour
 
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...Principled Technologies
 

What's hot (20)

Finanz Informatik Technologie Service
Finanz Informatik Technologie ServiceFinanz Informatik Technologie Service
Finanz Informatik Technologie Service
 
Citrix cloud platform - Journey to IT-as-a-Service
Citrix cloud platform - Journey to IT-as-a-ServiceCitrix cloud platform - Journey to IT-as-a-Service
Citrix cloud platform - Journey to IT-as-a-Service
 
A Technical Deep Dive on Protecting Acropolis Workloads with Rubrik
A Technical Deep Dive on Protecting Acropolis Workloads with RubrikA Technical Deep Dive on Protecting Acropolis Workloads with Rubrik
A Technical Deep Dive on Protecting Acropolis Workloads with Rubrik
 
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
Data center 2.0: The journey to the cloud from the datacenter perspertive by ...
 
Data Center Transformation Cisco's Virtualization & Cloud Journey
Data Center Transformation Cisco's Virtualization & Cloud JourneyData Center Transformation Cisco's Virtualization & Cloud Journey
Data Center Transformation Cisco's Virtualization & Cloud Journey
 
Infographic: Why Businesses are Adopting Network Virtualization
Infographic: Why Businesses are Adopting Network VirtualizationInfographic: Why Businesses are Adopting Network Virtualization
Infographic: Why Businesses are Adopting Network Virtualization
 
Cisco cloud presentation
Cisco cloud presentationCisco cloud presentation
Cisco cloud presentation
 
OpenStack at PayPal
OpenStack at PayPalOpenStack at PayPal
OpenStack at PayPal
 
eNovance Make Your Cloud
eNovance Make Your CloudeNovance Make Your Cloud
eNovance Make Your Cloud
 
Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...Hyper-convergence – The only way to the software-defined data center? - Gerno...
Hyper-convergence – The only way to the software-defined data center? - Gerno...
 
Cloud – from Conception to Completion
Cloud – from Conception to CompletionCloud – from Conception to Completion
Cloud – from Conception to Completion
 
See Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never BeforeSee Your OpenStack Network Like Never Before
See Your OpenStack Network Like Never Before
 
IBM Public Cloud Platform Nov 2021
IBM Public Cloud Platform Nov 2021IBM Public Cloud Platform Nov 2021
IBM Public Cloud Platform Nov 2021
 
Webinar: Don't believe the hype, you don't need dedicated storage for VDI
Webinar: Don't believe the hype, you don't need dedicated storage for VDI Webinar: Don't believe the hype, you don't need dedicated storage for VDI
Webinar: Don't believe the hype, you don't need dedicated storage for VDI
 
Joyent Corporate Overview
Joyent Corporate OverviewJoyent Corporate Overview
Joyent Corporate Overview
 
Cloud Security - I ain’t rocket science @ Club.cloud 20211103
Cloud Security - I ain’t rocket science @ Club.cloud 20211103Cloud Security - I ain’t rocket science @ Club.cloud 20211103
Cloud Security - I ain’t rocket science @ Club.cloud 20211103
 
Cloud Computing at Cisco
Cloud Computing at CiscoCloud Computing at Cisco
Cloud Computing at Cisco
 
Open stack @ sierra wireless
Open stack @ sierra wirelessOpen stack @ sierra wireless
Open stack @ sierra wireless
 
Dell - The Incredible Shrinking Datacenter
Dell - The Incredible Shrinking DatacenterDell - The Incredible Shrinking Datacenter
Dell - The Incredible Shrinking Datacenter
 
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...
Deploying OpenStack Private Cloud on NEC DX1000 MicroServer Chassis - Infogra...
 

Similar to 實際架構實踐演化與解決方案

20191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 220191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 2makker_nl
 
The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)Simon Haslam
 
Big data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartchBig data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartchCloudera, Inc.
 
Creating Polyglot Communication Between Kubernetes Clusters and Legacy System...
Creating Polyglot Communication Between Kubernetes Clusters and Legacy System...Creating Polyglot Communication Between Kubernetes Clusters and Legacy System...
Creating Polyglot Communication Between Kubernetes Clusters and Legacy System...VMware Tanzu
 
Oracle database in cloud, dr in cloud and overview of oracle database 18c
Oracle database in cloud, dr in cloud and overview of oracle database 18cOracle database in cloud, dr in cloud and overview of oracle database 18c
Oracle database in cloud, dr in cloud and overview of oracle database 18cAiougVizagChapter
 
Rightscale webinar-key-design-considerations-private-hybrid-clouds
Rightscale webinar-key-design-considerations-private-hybrid-cloudsRightscale webinar-key-design-considerations-private-hybrid-clouds
Rightscale webinar-key-design-considerations-private-hybrid-cloudsRightScale
 
YARN Containerized Services: Fading The Lines Between On-Prem And Cloud
YARN Containerized Services: Fading The Lines Between On-Prem And CloudYARN Containerized Services: Fading The Lines Between On-Prem And Cloud
YARN Containerized Services: Fading The Lines Between On-Prem And CloudDataWorks Summit
 
Enhancing Data Protection Workflows with Kanister And Argo Workflows
Enhancing Data Protection Workflows with Kanister And Argo WorkflowsEnhancing Data Protection Workflows with Kanister And Argo Workflows
Enhancing Data Protection Workflows with Kanister And Argo WorkflowsLibbySchulze
 
Community Session: Strategic Private Cloud in SKY UK
Community Session: Strategic Private Cloud in SKY UKCommunity Session: Strategic Private Cloud in SKY UK
Community Session: Strategic Private Cloud in SKY UKVMUG IT
 
Trusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate SecurityTrusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate SecurityWeaveworks
 
What’s New in Cloudera Enterprise 6.0: The Inside Scoop 6.14.18
What’s New in Cloudera Enterprise 6.0: The Inside Scoop 6.14.18What’s New in Cloudera Enterprise 6.0: The Inside Scoop 6.14.18
What’s New in Cloudera Enterprise 6.0: The Inside Scoop 6.14.18Cloudera, Inc.
 
MySQL Enterprise Edition Overview
MySQL Enterprise Edition OverviewMySQL Enterprise Edition Overview
MySQL Enterprise Edition OverviewMario Beck
 
Five Tips for Running Cloudera on AWS
Five Tips for Running Cloudera on AWSFive Tips for Running Cloudera on AWS
Five Tips for Running Cloudera on AWSCloudera, Inc.
 
Using Databases and Containers From Development to Deployment
Using Databases and Containers From Development to DeploymentUsing Databases and Containers From Development to Deployment
Using Databases and Containers From Development to DeploymentAerospike, Inc.
 
Kubernetes for the VI Admin
Kubernetes for the VI AdminKubernetes for the VI Admin
Kubernetes for the VI AdminKendrick Coleman
 
Presentation building and running your private cloud
Presentation building and running your private cloudPresentation building and running your private cloud
Presentation building and running your private cloudsolarisyourep
 
Presentation building and running your private cloud
Presentation building and running your private cloudPresentation building and running your private cloud
Presentation building and running your private cloudxKinAnx
 

Similar to 實際架構實踐演化與解決方案 (20)

20191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 220191201 kubernetes managed weblogic revival - part 2
20191201 kubernetes managed weblogic revival - part 2
 
The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)
 
Big data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartchBig data journey to the cloud 5.30.18 asher bartch
Big data journey to the cloud 5.30.18 asher bartch
 
Creating Polyglot Communication Between Kubernetes Clusters and Legacy System...
Creating Polyglot Communication Between Kubernetes Clusters and Legacy System...Creating Polyglot Communication Between Kubernetes Clusters and Legacy System...
Creating Polyglot Communication Between Kubernetes Clusters and Legacy System...
 
Oracle database in cloud, dr in cloud and overview of oracle database 18c
Oracle database in cloud, dr in cloud and overview of oracle database 18cOracle database in cloud, dr in cloud and overview of oracle database 18c
Oracle database in cloud, dr in cloud and overview of oracle database 18c
 
Rightscale webinar-key-design-considerations-private-hybrid-clouds
Rightscale webinar-key-design-considerations-private-hybrid-cloudsRightscale webinar-key-design-considerations-private-hybrid-clouds
Rightscale webinar-key-design-considerations-private-hybrid-clouds
 
YARN Containerized Services: Fading The Lines Between On-Prem And Cloud
YARN Containerized Services: Fading The Lines Between On-Prem And CloudYARN Containerized Services: Fading The Lines Between On-Prem And Cloud
YARN Containerized Services: Fading The Lines Between On-Prem And Cloud
 
Oracle on AWS
Oracle on AWSOracle on AWS
Oracle on AWS
 
Oracle on AWS
Oracle on AWSOracle on AWS
Oracle on AWS
 
Enhancing Data Protection Workflows with Kanister And Argo Workflows
Enhancing Data Protection Workflows with Kanister And Argo WorkflowsEnhancing Data Protection Workflows with Kanister And Argo Workflows
Enhancing Data Protection Workflows with Kanister And Argo Workflows
 
Community Session: Strategic Private Cloud in SKY UK
Community Session: Strategic Private Cloud in SKY UKCommunity Session: Strategic Private Cloud in SKY UK
Community Session: Strategic Private Cloud in SKY UK
 
Oracle NoSQL
Oracle NoSQLOracle NoSQL
Oracle NoSQL
 
Trusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate SecurityTrusted Application Delivery: Achieving Ultimate Security
Trusted Application Delivery: Achieving Ultimate Security
 
What’s New in Cloudera Enterprise 6.0: The Inside Scoop 6.14.18
What’s New in Cloudera Enterprise 6.0: The Inside Scoop 6.14.18What’s New in Cloudera Enterprise 6.0: The Inside Scoop 6.14.18
What’s New in Cloudera Enterprise 6.0: The Inside Scoop 6.14.18
 
MySQL Enterprise Edition Overview
MySQL Enterprise Edition OverviewMySQL Enterprise Edition Overview
MySQL Enterprise Edition Overview
 
Five Tips for Running Cloudera on AWS
Five Tips for Running Cloudera on AWSFive Tips for Running Cloudera on AWS
Five Tips for Running Cloudera on AWS
 
Using Databases and Containers From Development to Deployment
Using Databases and Containers From Development to DeploymentUsing Databases and Containers From Development to Deployment
Using Databases and Containers From Development to Deployment
 
Kubernetes for the VI Admin
Kubernetes for the VI AdminKubernetes for the VI Admin
Kubernetes for the VI Admin
 
Presentation building and running your private cloud
Presentation building and running your private cloudPresentation building and running your private cloud
Presentation building and running your private cloud
 
Presentation building and running your private cloud
Presentation building and running your private cloudPresentation building and running your private cloud
Presentation building and running your private cloud
 

Recently uploaded

Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 

Recently uploaded (20)

Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
 

實際架構實踐演化與解決方案

  • 1. Copyright © CKmates. All rights reserved 1 實際架構實踐演化與解決方案 Camel Camel P r o v i d e a l l y o u n e e d
  • 2. Copyright © CKmates. All rights reserved Agenda 2 • Hello, How about me • Architecture Design • Maintenance • Serverless CI/CD Work on AWS
  • 3. Copyright © CKmates. All rights reserved About me 3 • Focus on AWS - 2012 • Handled hundreds of customers • Get Professional Certified
  • 4. Copyright © CKmates. All rights reserved Architecture Think? 4
  • 5. Copyright © CKmates. All rights reserved 5 Meeting discussion • 團隊認知或程度 • 考量需求、改善或目標 • 架構上共識(階段性) • 角色所負責及無法勝任工作 • 團隊整合及分權劃分
  • 6. Copyright © CKmates. All rights reserved Architecture Design Metric[1] 6 • 主要客群所在區域- Area • 服務類型- AP/Live Stream • 預算成本/可靠度- Cost • 安全性/網路效能- ACL • 自已維護能力- Ability • 未來擴展延申性- Scalability Service Security Monitor
  • 7. Copyright © CKmates. All rights reserved Metric got the answer 7 • Region Choose – Region • AWS Service Choose – EC2/RDS/CDN/R53/AS • AWS Service Define – EC2/AZ • Public/Private subnet/CDN/VPN/DC/WAF/Shield – VPC • IAM/CloudTrail/CloudWatch/trusted advisor – Support team • Serverless/AS/ELB/SQS/dynamodb – Loose Coupling
  • 8. Copyright © CKmates. All rights reserved 88 • 主要客群所在區域(Region Choose)[2] Cloudping
  • 9. Copyright © CKmates. All rights reserved 99 • 服務類型(AWS Service)[3]
  • 10. Copyright © CKmates. All rights reserved 1010 • 預算成本- Cost[4]
  • 11. Copyright © CKmates. All rights reserved 1111 • 進階成本預算- RI
  • 12. Copyright © CKmates. All rights reserved 1212 • 以秒計費,網內互打不用錢
  • 13. Copyright © CKmates. All rights reserved 1313 • 安全性/網路效能-ELB
  • 14. Copyright © CKmates. All rights reserved 1414 • 安全性/網路效能分析對照表-ELB[5]
  • 15. Copyright © CKmates. All rights reserved 1515 • 安全性/網路效能-VPC
  • 16. Copyright © CKmates. All rights reserved 1616 • 安全性/網路效能-CDN
  • 17. Copyright © CKmates. All rights reserved 1717 • 安全性/網路效能-VPN
  • 18. Copyright © CKmates. All rights reserved 1818 • 安全性/網路效能-Direct Connect
  • 19. Copyright © CKmates. All rights reserved 1919 • 為何選擇-Direct Connect
  • 20. Copyright © CKmates. All rights reserved 2020 • 安全性/網路效能-Direct Connect
  • 21. Copyright © CKmates. All rights reserved 2121 • 未來擴展延申性- Loose Coupling
  • 22. Copyright © CKmates. All rights reserved 2222 • 我們都知道,永遠都有適合的新服務 • (各司其職)
  • 23. Copyright © CKmates. All rights reserved 2323
  • 24. Copyright © CKmates. All rights reserved 2424 經討論後實際架構圖stage 1 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet security group Amazon EC2
  • 25. Copyright © CKmates. All rights reserved 2525 經討論後實際架構圖stage 1 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet security group Amazon EC2 Performance
  • 26. Copyright © CKmates. All rights reserved 2626 數據增長實際架構圖stage 2 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS
  • 27. Copyright © CKmates. All rights reserved 2727 數據增長實際架構圖stage 2 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Loose Coupling
  • 28. Copyright © CKmates. All rights reserved 2828 活動人數增長實際架構圖stag 3 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Amazon EC2 Elastic Load Balancing S3 bucket
  • 29. Copyright © CKmates. All rights reserved 2929 活動人數增長實際架構圖stag 3 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Amazon EC2 Elastic Load Balancing S3 bucket Reliability
  • 30. Copyright © CKmates. All rights reserved 3030 活動指標後實際架構圖stag 4 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Amazon EC2 S3 bucket Amazon RDS multi-az CloudFront distribution Auto Scaling
  • 31. Copyright © CKmates. All rights reserved 3131 活動指標後實際架構圖stag 4 region Private subnet Public subnet Availability Zone Availability Zone Private subnet Public subnet Amazon EC2 Amazon RDS Amazon EC2 S3 bucket Failover Amazon RDS multi-az CloudFront distribution Auto Scaling
  • 32. Copyright © CKmates. All rights reserved 3232 Cost Security DR Serverless CI/CD MA Group
  • 33. Copyright © CKmates. All rights reserved 運維要件 1.Identity and a ccess man agement(身份和成本管理) 2.Detective controls(檢測控制) 3.Infrastructure protection(基礎設施保護) 4.Data protection(數據保護) 5.Incident response(回應)
  • 34. Copyright © CKmates. All rights reserved 運維要件 1.Identity and a ccess man agement(身份和成本管理)-IAM 2.Detective controls(檢測控制)-CloudWatch 3.Infrastructure protection(基礎設施保護)-VPC/WAF/-Trusted Advisor 4.Data protection(數據保護)-Private/DC/堡壘/AD-CloudTrail 5.Incident response(回應)-VPC Flow Logs/CLI/CloudWatch-SNS/Slack
  • 35. Copyright © CKmates. All rights reserved • 身份和成本管理-IAM[6] 隱藏您的 AWS 賬戶根用戶訪問密鑰 創建單獨的 IAM 用戶 盡量使用由 AWS 定義的策略分配權限 使用組向 IAM 用戶分配權限 授予最低權限 使用訪問權限級別查看 IAM 權限 為您的用戶配置強密碼策略 為特權用戶啟用 MFA 針對在 Amazon EC2 實例上運行的應用程序使用角色 通過使用角色而非共享憑證來委託訪問 定期輪換憑證 刪除不需要的憑證 使用策略條件來增強安全性
  • 36. Copyright © CKmates. All rights reserved • 身份管理-IAM[7]
  • 37. Copyright © CKmates. All rights reserved • 成本管理-Cost Explorer &CW
  • 38. Copyright © CKmates. All rights reserved • 系統活動監控- CW&SNS • CloudWatch log • CloudWatch event
  • 39. Copyright © CKmates. All rights reserved • 說真的CloudWatch好用,不用嗎[8]
  • 40. Copyright © CKmates. All rights reserved • elasticsearch/ELK
  • 41. Copyright © CKmates. All rights reserved • 異常資訊管理-VPC F&CWL[9]
  • 42. Copyright © CKmates. All rights reserved • 凡走過必流痕跡- CloudTrail
  • 43. Copyright © CKmates. All rights reserved • 監控差異恢復- Config
  • 44. Copyright © CKmates. All rights reserved • 系統活動監控-NoC • 7 X 24 NoC • SOP
  • 45. Copyright © CKmates. All rights reserved 4545 • 顧問分析工具- Trusted Advisor
  • 46. Copyright © CKmates. All rights reserved 4646 • 顧問分析工具- Trusted Advisor 分析四象限:成本最佳化/資源利用率/資訊安全/架構可靠度 Cost Optimization / Performance / Security /Fault Tolerance
  • 47. Copyright © CKmates. All rights reserved 4747 • 技術&障礙詢問求解- Support 7 x 24hrBusiness Support
  • 48. Copyright © CKmates. All rights reserved 4848 自已維護能力- Business Support 7 x 24hrBusiness Support • Prewarm • 技術咨詢 • 系統障礙 • 攻擊壓測 • 使用建議 • RI
  • 49. Copyright © CKmates. All rights reserved 4949 • 在地化服務- Support 每位專業服務人員都擁有AWS的Associate&Professional架構師證照, 並且承諾SLA答覆時間於指定時間內回覆您的問題,為您做專業的解答。 顧問
  • 50. Copyright © CKmates. All rights reserved 5050 個人能力及管理YouTube-AWS[10]
  • 51. Copyright © CKmates. All rights reserved 5151 Security Console MFA/CloudTrail/IAM(最低) 架構 DC/VPC/SG(最低) 正常服務,異常行為 CDN/WAF/清洗/BW
  • 52. Copyright © CKmates. All rights reserved 5252 Security-針對性 異常 CDN/R53 高可靠快速擴展 防禦:WAF/清洗 正常 PTVA 事先預防 Arc Sight Log事件分析
  • 53. Copyright © CKmates. All rights reserved 5353 WAF
  • 54. Copyright © CKmates. All rights reserved 5454 Shield&AWS WAF&清洗
  • 55. Copyright © CKmates. All rights reserved 5555 Security-PTVA 掃描顯示出網站或主機的弱點及潛在隱藏風險。可藉此修復, 避免被有心人士 利用,當完全掃描完畢後,將以報告方式呈現。
  • 56. Copyright © CKmates. All rights reserved 資訊安全檢測服務項目 56 • 根據弱點掃描結果,對主機的弱點進行模擬攻擊行 為,確認該弱點的有效性與影響範圍 • 建議每年對重要系統至少執行一次滲透測試 • 為基礎弱點掃描的延伸,會根據其掃描結果加入人 工檢測動作來進一步判斷,以減少誤判 • 建議每一季的基礎弱點掃描可提升為進階掃描 • 使用自動工具進行檢測一般常見弱點,例如:未上 Patch的軟體、弱密碼認證和設定錯誤等等項目 • 建議每月執行一次,其結果可用於趨勢分析、偵測 網路上的新增設備,以及發現新的弱點等等 進階弱點掃描 滲透測試 基礎弱點掃描
  • 57. Copyright © CKmates. All rights reserved 什麼是弱點掃描? • 弱點掃描是針對企業組織資訊系統的弱點,進行偵測、有效性評估,和判定影響程度的一連串過 程 • 弱點掃描服務可分為: - 基礎弱點掃描服務 ‣ 使用自動化掃描工具檢測一般弱點 ‣ 建議每月執行一次 - 進階弱點掃描服務 ‣ 人工進行判讀與檢測相關弱點,降低誤判機率 ‣ 建議每季執行一次 57
  • 58. Copyright © CKmates. All rights reserved 什麼是滲透測試? • 滲透測試是: - 利用模擬攻擊的方式來檢測資訊系統和網路的安全性 - 主動分析可能導致系統漏洞的潛在弱點 - 利用弱點進行實際驗證 • 滲透測試可以達成 : - 模擬大部分駭客的攻擊方式來檢測系統漏洞 - 試圖找出大部分可被入侵的弱點 • 滲透測試不可以達成: - 在測試期間找出所有的潛在或未知的弱點 • 在現實環境下,我們會假設駭客有無限的時間來試圖攻破系統 • 建議每年執行一次滲透測試 58
  • 59. Copyright © CKmates. All rights reserved 採用業界資安測試標準 • OSSTMM - 參考公開標準OSSTMM(Open Source Security Testing Methodology Manual)框架進行測試步驟 • SANS Top 20 Internet Vulnerabilities - 參考SANS所列出的前20大資安嚴重弱點,範圍涵蓋Windows、Unix,及其他跨平台軟體和網路設 備的弱點 • OWASP - OWASP(開放Web軟體安全計畫 - Open Web Application Security Project)是一個開放社群、非營利 性組織,長期致力於改善網頁應用程式與網頁服務的安全性,本測試亦參考OWASP定期公布的前 10大Web弱點 59
  • 60. Copyright © CKmates. All rights reserved 資訊安全檢測服務最佳實務 60 時間軸 (月) n+12n+11n+10n+9n+8n+7n+6n+5n+4n+3n+2n+1n 基礎弱點掃描建議每月執行 進階弱點掃描建議每季執行 滲透測試建議每年執行 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓✓ ✓ ✓ ✓ ✓ ✓✓ ✓
  • 61. Copyright © CKmates. All rights reserved 6161 Security
  • 62. Copyright © CKmates. All rights reserved 6262 Security
  • 63. Copyright © CKmates. All rights reserved 63 剛說的可能是都系統人員或 網管可以處理 那Program??
  • 64. Copyright © CKmates. All rights reserved 6464 Serverless應用 功能抽離,易於建置維護、去耦和擴展的應用程式元件。 Amazon API Gateway + AWS Lambda ? + AWS Lambda + ?
  • 65. Copyright © CKmates. All rights reserved 6565 • 未來擴展延申性- Loose Coupling
  • 66. Copyright © CKmates. All rights reserved 6666 • 未來擴展延申性- Loose Coupling
  • 67. Copyright © CKmates. All rights reserved 6767 • 未來擴展延申性- Loose Coupling
  • 68. Copyright © CKmates. All rights reserved 68 Why to do this?
  • 69. Copyright © CKmates. All rights reserved 69 Why to do this? Find Distinct People in a Video with Amazon Rekognition[11]
  • 70. Copyright © CKmates. All rights reserved 70 Why to do this?
  • 71. Copyright © CKmates. All rights reserved 71
  • 72. Copyright © CKmates. All rights reserved Difficulty 7272 • Version MA & Security • Decentralized version • Deployed a lot… • Rollback ? • Different environment (Test. Dev. Prod.) • Server trouble
  • 73. Copyright © CKmates. All rights reserved 73 How CI/CD Work on AWS
  • 74. Copyright © CKmates. All rights reserved 74 Introduction CI/CD Service
  • 75. Copyright © CKmates. All rights reserved 75 Version RISK
  • 76. Copyright © CKmates. All rights reserved 76 Introduction CodeCommit (Version) • Fully Managed • Secure store • High Availability • Faster Development Lifecycle • Use Your Existing Tools
  • 77. Copyright © CKmates. All rights reserved 77 Introduction CodeCommit (IAM by user key or Credentials)
  • 78. Copyright © CKmates. All rights reserved 78 CodeCommit
  • 79. Copyright © CKmates. All rights reserved 79 Introduction CodeCommit (Version)
  • 80. Copyright © CKmates. All rights reserved 80 Environment Confusion
  • 81. Copyright © CKmates. All rights reserved 81 Introduction CodePipeline (Environment) • Rapid Delivery • Improved Quality • Configurable Workflow • Get Started Fast • Easy to Integrate
  • 82. Copyright © CKmates. All rights reserved 82 CodePipeline 開發環境repo 驗証環境repo 線上環境repo
  • 83. Copyright © CKmates. All rights reserved 83 Introduction CodePipeline (Environment)
  • 84. Copyright © CKmates. All rights reserved 84 Verify integration Slow
  • 85. Copyright © CKmates. All rights reserved 85 Introduction CodeBuild (Verify integration) • Build and Test Your Code • Configurable Settings • CI and Delivery Workflows • Security and Permissions • Monitoring
  • 86. Copyright © CKmates. All rights reserved 86 Introduction CodeBuild (Verify integration)
  • 87. Copyright © CKmates. All rights reserved 87 CodeBuild-YAML格式 Unit Test Support
  • 88. Copyright © CKmates. All rights reserved 88 Deploy Process
  • 89. Copyright © CKmates. All rights reserved 89 Introduction CodeDeploy (Deploy) • Automated Deployments • Minimize Downtime • Centralized Control • Easy To Adopt
  • 90. Copyright © CKmates. All rights reserved 90 CodeDeploy
  • 91. Copyright © CKmates. All rights reserved 91 Introduction Code Deploy (Deploy)
  • 92. Copyright © CKmates. All rights reserved 92 CI/CD Work on AWS
  • 93. Copyright © CKmates. All rights reserved 93 最後最難管理的-團隊間溝通 定義Flow/權責分明
  • 94. Copyright © CKmates. All rights reserved 94 雲端是一條學無止盡的不歸路
  • 95. Copyright © CKmates. All rights reserved 95 Architecture Design Metric[1] https://d0.awsstatic.com/whitepapers/AWS_Cloud_Best_Practices.pdf 主要客群所在區域(Region Choose)[2] http://www.cloudping.info/ 服務類型(AWS Service)[3] https://aws.amazon.com/tw/architecture/ 預算成本- Cost[4] http://calculator.s3.amazonaws.com/index.html 安全性/網路效能分析對照表-ELB[5] https://aws.amazon.com/tw/elasticloadbalancing/details/
  • 96. Copyright © CKmates. All rights reserved 96 身份和成本管理-IAM[6] http://docs.aws.amazon.com/zh_cn/IAM/latest/UserGuide/best-practices.html 身份管理-IAM[7] https://www.sumologic.com/blog/amazon-web-services/security-analytics-in-aws/ 說真的CloudWatch好用,不用嗎[8] https://cloudpack.media/20642 異常資訊管理-VPC F&CWL[9] https://www.sumologic.com/blog/amazon-web-services/security-analytics-in-aws/ 個人能力及管理YouTube-AWS[10] https://www.youtube.com/watch?v=1x20FxpiTVE&t=314s Find Distinct People in a Video with Amazon Rekognition[11] https://aws.amazon.com/tw/blogs/ai/find-distinct-people-in-a-video-with-amazon-rekog
  • 97. Copyright © CKmates. All rights reserved LIKE US NOW! aws@ckmates.com 97
  • 98. Copyright © CKmates. All rights reserved Thanks Q & A aws@ckmates.com 98