ishenwei/nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b40abbcd473a7093d8261e212e3d6de97c1e516a
nexus/wiki/concepts/Infrastructure-as-Code.md
weishen 111bc65b7b Update nexus wiki content
2026-05-03 05:42:12 +08:00

50 lines
2.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
title: "Infrastructure as Code"
type: concept
tags: [DevOps, AWS, Terraform, Automation]
sources: [ctp-topic-3-deploy-and-maintain-infrastructure, ctp-topic-9-ci-cd-with-gruntwork, ctp-topic-48-terraform-vs-terragrunt, ctp-topic-32-using-atlantis-cicd-for-infrastructure-deployments, ctp-topic-33-an-introduction-to-gitops, ctp-topic-56-automated-infrastructure-testing, learning-sessions-ecs-deployment-using-iac-20230808-183322-meeting-recording, cloud-operating-model-key-strategies-and-best-practices, learning-sessions-cloud-transformation-programme-deploying-rds-via-terraform, engineering-devops-automator]
last_updated: 2026-04-14
---
# Infrastructure as Code
## Definition
基础设施即代码Infrastructure as Code, IaC是一种通过机器可读的定义文件而非物理硬件配置或交互式配置工具管理和配置计算基础设施的方法。
## Core Principles
- **声明式配置**:描述期望的最终状态,而非执行的具体步骤
- **版本控制**:所有基础设施定义文件存储在 Git 中
- **幂等性**:多次执行产生相同结果
- **可重复性**:同一模板可在不同环境快速部署
- **自动化**:与 CI/CD 流水线集成
## Key Tools
- **Terraform**HashiCorp 出品,云厂商无关的 IaC 工具,通过状态文件管理资源
- **Terragrunt**Terraform 轻量封装,贯彻 DRY 原则
- **AWS CloudFormation**AWS 原生 IaC 服务JSON/YAML 模板
- **Pulumi**:编程语言驱动的 IaC 平台
- **Ansible**:配置管理和应用部署工具
## Terraform Ecosystem
- **Gruntwork**:预建 Terraform 模块库,生产级参考架构
- **Atlantis**Git 集成 Terraform 部署PR 评论式协作
- **Terratest**Terraform 代码的 Go 测试框架
- **tfsec**Terraform 静态安全分析工具
- **TFLint**Terraform 代码规范检查
## IaC in CTP Context
CTPCloud Transformation Programme使用 Terraform/Terragrunt 构建 AWS Landing Zone
- [[ctp-topic-3-deploy-and-maintain-infrastructure]]Terragrunt HCL 文件与模块化管理
- [[ctp-topic-9-ci-cd-with-gruntwork]]Gruntwork CI/CD 流水线实践
- [[ctp-topic-48-terraform-vs-terragrunt]]Terraform 与 Terragrunt 对比选型
- [[ctp-topic-32-using-atlantis-cicd-for-infrastructure-deployments]]Atlantis 替代 Jenkins
- [[ctp-topic-56-automated-infrastructure-testing]]TerraTest 自动化测试
- [[learning-sessions-ecs-deployment-using-iac-20230808-183322-meeting-recording]]ECS IaC 部署实践
## Related Concepts
- [[GitOps]]Git 作为 IaC 的单一真相来源
- [[CI/CD Pipeline]]IaC 与 CI/CD 流水线的集成
- [[Policy-as-Code]]IaC 扩展至安全合规策略
- [[Canary-Deployment]]:基于 IaC 的金丝雀部署策略
- [[Atlantis]]GitOps 驱动的 Terraform 协作工具
Reference in New Issue View Git Blame Copy Permalink