This video introduces the capabilities provided by Alibaba Cloud in conjunction with real-world enterprise scenarios to help businesses implement automation in the cloud. Through this video, you can learn about automation implementation scenarios and the solutions to address specific problems.
You can refer to the following transcript:
Hello everyone, welcome back to Auto Talk, the Alibaba Cloud Open Platform automation series. In this episode, we bring you cloud automation solutions.
I'm Tao Fei, a solutions architect from Alibaba Cloud Open Platform.
Today, I will introduce the capabilities that Alibaba Cloud provides to help enterprises implement automation in the cloud based on real-world enterprise scenarios.
After enterprises migrate to the cloud, automation is involved in various areas of cloud management and usage. These areas include the basic IT environment, including cloud accounts and identity permissions, automated provisioning and management of IAAS resources in the cloud, and application deployment, daily operations, and cost management at the business layer.
These areas involve collaboration between different teams within an enterprise. A systematic and platform-based approach is required to integrate and connect the capabilities and needs of different teams to achieve enterprise-level automation. After migrating to the cloud, enterprises should consider at least five key components in their automation workflows:
The first component is the automation of the IT environment, including automated creation and management of accounts, identity and permission management, the creation and management of control policy baselines, and the creation and management of compliance and audit rules. The second component is automated resource provisioning, where business teams can apply for cloud resources while meeting the standards of the operations team. The third component is automated resource operations, where cloud resources can be managed systematically, such as scaling, restarting, and vulnerability scanning and patching. The fourth component is automated application deployment, where enterprises have a unified CI/CD process for business teams to complete application integration and deployment, and the operations team can enforce unified rule management. The fifth component is observability, where enterprises have unified IT resource observability capabilities, enabling real-time monitoring of resources and applications, anomaly detection, and timely alerts. The last component is FinOps, which means understanding which business consumes how many cloud resources, the usage trend, resource utilization rate, and who is responsible for the application, achieving visibility, manageability, and control over cloud usage. To meet the requirements of enterprises integrating with Alibaba Cloud for automation, Alibaba Cloud provides numerous tools and services to enable automation.
Different cloud services provide standardized integration capabilities through Alibaba Cloud Open Platform, allowing enterprises to easily integrate with Alibaba Cloud via these tools and services.
These tools and services include atomic developer tools such as APIs, SDKs, and CLIs, which help enterprises integrate flexibly with Alibaba Cloud.
The second category involves support for open source tools, with Terraform being one of the most common. For enterprises with orchestration and multi-cloud management needs, tools like Terraform can facilitate easy integration and management of cloud resources. Additionally, Alibaba Cloud offers rich out-of-the-box automation tools and services, such as CADT for visualized cloud architecture building and management, and ROS, a native cloud resource orchestration tool. These tools allow enterprises to integrate with Alibaba Cloud in different ways and achieve cloud automation.
Even with all these tools and services available, many enterprises still face significant challenges in building their cloud automation capabilities. Why? Although the cloud provides abundant tools, companies often struggle to choose the right technical solution or tools to build automation capabilities and processes effectively. They also want to know how other companies in the industry handle similar situations to avoid common pitfalls.
For example, we frequently encounter the following questions from enterprises: We want to use Terraform for Infrastructure as Code (IaC) to manage and orchestrate multi-cloud resources. How should we build the entire automation workflow? How do we solve issues related to multi-person collaboration? What are the best practices for managing Terraform templates? How do we resolve inconsistencies between cloud resources and local state files?
Through this case, we can see that although Alibaba Cloud provides atomic tools, what enterprises need are systematic solutions tailored to specific scenarios to build automation capabilities. Therefore, drawing from our experience serving leading enterprises across various industries in their cloud migrations, Alibaba Cloud has developed automation solutions tailored to different enterprise scenarios, accelerating the development of cloud automation capabilities aligned with industry best practices.
Let's take a look at the scenarios covered by cloud automation solutions across various areas:
The first and most fundamental layer is the cloud environment layer. At the cloud environment level, we need to consider how to automatically allocate secure and compliant cloud accounts for different business units and how to allow business teams to apply for cloud accounts used to create resources. When a cloud account is no longer in use, how can it be securely released? Once business teams have cloud accounts, how do employees log on to and manage these accounts? If an enterprise already has its own employee identity system, how does it integrate with Alibaba Cloud accounts? How are minimal permissions assigned to employees with different roles, and when an employee temporarily needs certain permissions, how can they apply for these permissions and have those permissions automatically revoked upon expiration? Additionally, how does the cloud management team set unified security, compliance, backup, and other baselines for multiple business teams to ensure that all businesses comply with unified governance standards?
These are the scenarios at the environment level. After building the cloud environment, we move on to the resource layer. How do we build unified resource provisioning capabilities to automatically provision cloud resources? Once business teams acquire cloud resources, how does the management team perform unified O&M management of all cloud resources, including unified image management, vulnerability detection, and vulnerability patching? As the business goes live, how can scaling be automated to meet business demands? These are the questions that need to be addressed at the resource management layer. After solving these issues, as cloud-based applications are deployed, we need to ensure that different applications conform to unified standards. This brings us to the application layer. We need to provide business teams with a unified development and CI/CD process. Once the business goes live, we must support the operations team in conveniently performing unified O&M on the online resources used by the business. Additionally, after the business goes live, how do we provide a unified observability capability for the business team, enabling unified monitoring and alerting, and ensuring stability of the online environment? As the business grows more complex, the management team needs to clearly understand how much each business unit is spending on the cloud, which applications correspond to the spending, who the responsible person is, and how actual spending trends compare to planned budgets. All of this needs to be achieved through automation to improve efficiency.
Finally, we arrive at the process management layer: If the enterprise already has its own ITSM management system, how can it be integrated with Alibaba Cloud for automation? If the enterprise is building a unified cloud management system, how can it integrate with Alibaba Cloud? We can see that these are specific scenario-based needs within the enterprise that require systematic solutions. This is precisely what the automation solutions of Alibaba Cloud aim to solve.
Let's look at a specific scenario. When a new business is about to go live in an enterprise, how can we quickly and automatically create a secure and compliant cloud account using IaC, while integrating with the internal workflows? Here's our solution: We can standardize the configuration process of cloud accounts using Terraform. Each time a cloud account is created, the same Terraform code is used, ensuring consistent permissions across all member accounts. Additionally, we use Git and Jenkins pipelines to manage Terraform code,
enabling version-controlled infrastructure management. Finally, this solution provides APIs to integrate with the internal cloud management system. What tools and materials would such a solution offer? Let's continue.
For a cloud automation solution, we provide the following materials: First, a solution handbook to guide enterprises step-by-step in implementation.
In addition to the solution handbook, we also provide the code involved in the solution. The code will be open-sourced and made available to enterprises. For scenarios involving GUI-based operations, we will also provide open source demo source code for the GUI. These materials help enterprises quickly implement automation. During the implementation phase, enterprises can choose to build the solution themselves using the provided documentation and open source code or engage third-party partners to implement the solution.
In addition to providing atomic tools and services to achieve cloud automation, we also offer one-stop solutions based on real-world enterprise scenarios to accelerate the goal of achieving cloud automation.
That concludes the content of this episode. If you have any questions or thoughts about cloud automation, feel free to scan the QR code below the screen to join our DingTalk group and communicate with us. We look forward to connecting with you. See you in the next episode.