I code. I architect systems: usually in the cloud. I teach. I lead teams. I showcase the awesomeness I see in others.
From Scratch: An API Gateway
I tried to think of the best way to describe building an app from scratch in the cloud, but there are so many different ways you can easily get lost in all the options. So I decided I would start by showcasing what is arguably the easiest app you can make from a computing perspective. It offers the least amount of operational overhead, but at the same time, it's the most expensive option on paper.
From Scratch: DevOps Deployment
With our OIDC provider configured, we can start setting up our DevOps build process. This will ensure that everyone on the team follows the same process when deploying infrastructure for anything built into our account.
From Scratch: OIDC Providers
It's time to divert our attention to what will soon become our infrastructure deployment process. This will feel a lot like application deployments, but there will be some stark differences we'll be going over. Our applications will incorporate infrastructure in the future, but not everything we do with our IaC will be related to an application.
From Scratch: Permissions
Once we have our groups and users set up from our external identity provider we can move on to defining what permissions they should have. This is mostly straightforward, but we'll have to take a few detours along the way because of how groups work with the Google Workspace IDP.
From Scratch: IaC
It occurred to me recently that it might not be obvious when someone should start using IaC. This can be daunting because there are things you can't do, and some things you shouldn't do with IaC. There are also situations where you could use it, but it doesn't lead to any benefit.
How to Cloud: Virtual Machines
Ok at this point we are now ready to get into deploying your app into some kind of compute solution in your cloud provider. In order to make the best decisions when it comes to choosing said compute solution, we need to start with the foundations of almost all of them: virtual machines.
How to Cloud: Fencing
Before you can dive into deploying your application you need to create a safe environment for your application to be deployed in. This starts with understanding some basics around making good security decisions, so this next topic is about how to make a good “fence”.
How to Cloud: IaC
In my last post I intentionally jumped the gun a little bit when it came to deploying containers into your cloud account. It should be your first priority to get your team to learn containerization, but deploying to the cloud requires allocating container registry infrastructure. That brings us to our next topic which is Infrastructure as Code, and it’s a very close second in priority.
How to Cloud: Containerization
I have kind of a standard approach on building out a cloud presence that I’ve developed over the last decade or so. I’ve used it extensively with multiple teams to create a highly mature DevOps culture within groups again and again. Today I’m beginning a series that explains some of the basics. Hopefully it can be of some use to those trying to understand good ways to leverage cloud technologies.