ftyyda/phaten-audio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add

Browse Source
This commit is contained in:
Diro
2025-06-13 13:37:50 +08:00
parent 8cd559b4a2
commit d64db29349
75 changed files with 6001 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
zh/docs/concepts/index.md Normal file
View File

@@ -0,0 +1,18 @@
---
template: overrides/main.html
---
![binbash-logo](/assets/images/logos/binbash-leverage-header.png "binbash"){: style="width:800px"}
# Concepts
## Welcome!
Welcome to Leverage's documentation! Here you will find the concepts you need to understand to work with our stack, the steps to try Leverage by yourself, and the extensive documentation about every aspect of our solution.
## Getting Started
Feel free to explore the following pages to know more about Leverage.
- [x] :books: See [**What is Leverage**](/concepts/what-is-leverage/) to fully understand what Leverage is.
- [x] :books: See [**Why Leverage**](/concepts/why-leverage/) to help you decide whether Leverage is the right tool for you.
- [x] :books: See [**What can Leverage do for you**](/concepts/what-leverage-can-do-for-you/) to understand more about the capabilities of Leverage.
- [x] :books: See [**Our Tech Stack**](/concepts/our-tech-stack/) to learn about our design choices for the technology stack.

9
zh/docs/concepts/next-steps.md Normal file
View File

@@ -0,0 +1,9 @@
# Next Steps
Now that you know the basic concepts about Leverage feel free to [give it a try](/try-leverage/) or check out the [User Guide](/user-guide/) section to go deeper into the implementation details. Links down below:
## Learn More
:books: See [**Try Leverage**](/try-leverage/) to take the tutorial that will help you deploy a basic AWS Landing Zone via Leverage.
:books: See [**User Guide**](/user-guide/) to take the comprehensive route to learn more about Leverage.
:books: See [**Work with us**](/work-with-us/) if you want to join us or know more about the team behind Leverage.

215
zh/docs/concepts/our-tech-stack.md Normal file
View File

@@ -0,0 +1,215 @@
# Our Tech Stack
Leverage was built around the [AWS Well Architected Framework](https://aws.amazon.com/architecture/well-architected/) and it uses a stack that includes [Terraform](https://www.terraform.io/), [Ansible](https://www.ansible.com/), [Helm](https://helm.sh/) and other tools.
We are also adopters and supporters of Kubernetes and the Cloud Native movement, which should become self-evident as you keep exploring our technology stack.
## Why did we choose our tech stack?
??? info "Why AWS❓"
Amazon Web Services (AWS) is the worlds most comprehensive and broadly adopted
cloud platform, offering over 200 fully featured services from data centers globally.
Millions of customers—including the fastest-growing startups, largest enterprises,
and leading government agencies—are using AWS to lower costs, become more agile,
and innovate faster.
Build, Deploy, and Manage Websites, Apps or Processes On AWS' Secure, Reliable Network.
AWS is Secure, Reliable, Scalable Services. HIPAA Compliant.
Easily Manage Clusters. Global Infrastructure. Highly Scalable.
:books: **Read More:** [What is AWS](https://aws.amazon.com/what-is-aws/)
??? info "Why WAF (Well Architected Framework)❓"
AWS Well-Architected helps cloud architects to build secure, high-performing, resilient,
and efficient infrastructure for their applications and workloads. Based on five pillars
— operational excellence, security, reliability, performance efficiency, and cost
optimization — AWS Well-Architected provides a consistent approach for customers and
partners to evaluate architectures, and implement designs that can scale over time.
:books: **Read More:** [AWS Well-architected](https://aws.amazon.com/architecture/well-architected)
??? info "Why Infra as Code (IaC) & Terraform❓"
- [x] **Confidence:** A change breaks the env? Just roll it back. Still not working?
Build a whole new env with a few keystrokes. IaC enables this.
- [x] **Repeatability:** Allows your infra to be automatically instantiated, making it
easy to build multiple identical envs.
- [x] **Troubleshooting:** Check source control and see exactly what changed in the env.
As long as you are diligent and dont make manual envs changes, then IaC can be a game
changer.
- [x] **DR:** Require the ability to set up an alternate env in a different DC or Region.
IaC makes this a much more manageable prospect.
- [x] **Auditability:**
You will need to be able to audit both changes and access to an env, IaC gives you this
right out of the box.
- [x] **Visibility:** As an env expands over time, is challenging to tell what has been
provisioned. In the #cloud this can be a huge #cost issue. IaC allows tracking your
resources.
- [x] **Portability:** Some IaC techs are #multicloud. Also, translating #Terraform from
one cloud provider to another is considerably more simple than recreating your entire
envs in a cloud-specific tool.
- [x] **Security:** See history of changes to your SG rules along with commit messages can
do wonders for being confident about the security configs of your envs.
**Terraform** allows to codify your application infrastructure, reduce human error and
increase automation by provisioning infrastructure as code.
With TF we can manage infrastructure across clouds and provision infrastructure
across 300+ public clouds and services using a single workflow.
Moreover it helps to create reproducible infrastructure and provision consistent testing,
staging, and production environments with the same configuration.
**Terraform** has everything we expect from a IaC framework: open source, cloud-agnostic
provisioning tool that supported immutable infrastructure, a declarative language, and
a client-only architecture.
:books: **Read More**
- [Why Infrastructure as Code](https://www.simplethread.com/why-infrastructure-as-code/)
- [Why Terraform by Gruntwork](https://blog.gruntwork.io/why-we-use-terraform-and-not-chef-puppet-ansible-saltstack-or-cloudformation-7989dad2865c)
??? info "Why Organizations❓"
AWS Organizations helps you centrally manage and govern your environment as you grow
and scale your AWS resources. Using AWS Organizations, you can programmatically create
new AWS accounts and allocate resources, group accounts to organize your workflows,
apply policies to accounts or groups for governance, and simplify billing by using a
single payment method for all of your accounts.
:books: **Read More**
- [How it works: AWS Organizations](/user-guide/organization/organization/)
- [AWS Organizations](https://aws.amazon.com/organizations/)
??? info "Why IAM and roles❓"
AWS Identity and Access Management (IAM) enables you to manage access to AWS services
and resources securely. Using IAM, you can create and manage AWS users and groups,
and use permissions to allow and deny their access to AWS resources.
- Integration and Fine-grained access control with almost every AWS service and
its resources.
- Multi-factor authentication for highly privileged users.
- Analyze, monitor and audit access.
:books: **Read More**
- [How it works: AWS IAM](/user-guide/identities/identities/)
- [AWS Identity and Access Management (IAM)](https://aws.amazon.com/iam/)
??? info "Security | Why Web Application Firewall (WAF), Cloud Trail, Config, Guarduty❓"
Raise your security posture with AWS infrastructure and services.
Using AWS, you will gain the control and confidence you need to securely run your
business with the most flexible and secure cloud computing environment available today.
As an AWS customer, you will benefit from AWS data centers and a network architected
to protect your information, identities, applications, and devices. With AWS, you
can improve your ability to meet core security and compliance requirements, such as
data locality, protection, and confidentiality with our comprehensive services and
features.
:books: **Read More**
- [How it works: AWS Security](/user-guide/security/services/)
- [AWS Cloud Security](https://aws.amazon.com/security/)
??? info "Why VPC❓"
Amazon Virtual Private Cloud (Amazon VPC) is a service that lets you launch AWS
resources in a logically isolated virtual network that you define. You have complete
control over your virtual networking environment, including selection of your own IP
address range, creation of subnets, and configuration of route tables and network
gateways. You can use both IPv4 and IPv6 for most resources in your virtual private
cloud, helping to ensure secure and easy access to resources and applications.
:books: **Read More**
- [How it works: AWS Networking](/user-guide/network/vpc-topology)
- [AWS Virtual Private Cloud](https://aws.amazon.com/vpc)
??? info "Why Kubernetes (K8s) & AWS EKS❓"
**Kubernetes**, also known as K8s, is an open-source system for automating deployment,
scaling, and management of containerized applications.
It groups containers that make up an application into logical units for easy management
and discovery. Kubernetes builds upon 15 years of experience of running production
workloads at Google, combined with best-of-breed ideas and practices from the community.
**Amazon Elastic Kubernetes Service (Amazon EKS)** gives you the flexibility to start,
run, and scale Kubernetes applications in the AWS cloud or on-premises. Amazon EKS
helps you provide highly-available and secure clusters and automates key tasks such
as patching, node provisioning, and updates. Customers such as Intel, Snap, Intuit,
GoDaddy, and Autodesk trust EKS to run their most sensitive and mission critical
applications.
**EKS** runs upstream Kubernetes and is certified Kubernetes conformant for a predictable
experience. You can easily migrate any standard Kubernetes application to EKS without
needing to refactor your code.
:books: **Read More**
- [How it works: AWS EKS](/user-guide/compute/k8s-eks/)
- [AWS EKS](https://aws.amazon.com/eks)
- [Kubernetes](https://kubernetes.io/)
??? info "Why S3❓"
**Amazon Simple Storage Service (Amazon S3)** is an object storage service that offers
industry-leading scalability, data availability, security, and performance.
This means customers of all sizes and industries can use it to store and protect
any amount of data for a range of use cases, such as data lakes, websites, mobile
applications, backup and restore, archive, enterprise applications, IoT devices,
and big data analytics. Amazon S3 provides easy-to-use management features so you
can organize your data and configure finely-tuned access controls to meet your
specific business, organizational, and compliance requirements. Amazon S3 is
designed for 99.999999999% (11 9's) of durability, and stores data for millions
of applications for companies all around the world.
:books: **Read More**
- [How it works: AWS Storage](/user-guide/storage/storage)
- [AWS S3](https://aws.amazon.com/s3)
??? info "Why RDS❓"
**Amazon Relational Database Service (Amazon RDS)** makes it easy to set up, operate,
and scale a relational database in the cloud. It provides cost-efficient and resizable
capacity while automating time-consuming administration tasks such as hardware
provisioning, database setup, patching and backups. It frees you to focus on your
applications so you can give them the fast performance, high availability, security
and compatibility they need.
Amazon RDS is available on several database instance types - optimized for memory,
performance or I/O - and provides you with six familiar database engines to choose from,
including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle Database, and SQL Server.
You can use the AWS Database Migration Service to easily migrate or replicate your
existing databases to Amazon RDS.
:books: **Read More**
- [How it works: AWS Databases](/user-guide/database/database/)
- [AWS RDS](https://aws.amazon.com/rds)
??? info "Why Hashicorp Vault❓"
As many organizations migrate to the public cloud, a major concern has been how to
best secure data, preventing it from unauthorized access or exfiltration.
Deploying a product like HashiCorp Vault gives you better control of your sensitive
credentials and helps you meet cloud security standards.
HashiCorp Vault is designed to help organizations manage access to secrets and
transmit them safely within an organization. Secrets are defined as any form of
sensitive credentials that need to be tightly controlled and monitored and can be
used to unlock sensitive information. Secrets could be in the form of passwords,
API keys, SSH keys, RSA tokens, or OTP.
HashiCorp Vault makes it very easy to control and manage access by providing you
with a unilateral interface to manage every secret in your infrastructure. Not only
that, you can also create detailed audit logs and keep track of who accessed what.
Manage Secrets and Protect Sensitive Data. Secure, store and tightly control access
to tokens, passwords, certificates, encryption keys for protecting secrets and other
sensitive data using a UI, CLI, or HTTP API.
:books: **Read More**
- [How it works: Secrets](/user-guide/secrets/secrets/)
- [Hashicorp Vault Project](https://www.vaultproject.io/)

19
zh/docs/concepts/what-is-leverage.md Normal file
View File

@@ -0,0 +1,19 @@
# What is Leverage?
Leverage was made out of a significant amount of knowledge, acquired through several years of experience, turned into an ecosystem of code, tools, and workflows that enables you to build the AWS infrastructure for your applications and services quickly and securely.
Since all the code and modules are already built, we can get you up and running **up to 10x faster** :rocket:
than a consulting company -- :white_check_mark: *typically in just a few weeks!* -- and on top of code that is thoroughly documented, tested, and has been proven in production at dozens of other project deployments.
## Core Components
Our focus is on creating reusable, high quality ![leverage-aws](/assets/images/icons/aws-emojipack/General_AWScloud.png "AWS"){: style="width:30px"} Cloud Infrastructure code, through our core components:
- [x] [**Reference Architecture**](/user-guide/ref-architecture-aws/overview/): Designed under optimal configs for the most popular modern web and mobile applications needs. Its design is fully based on the
[**AWS Well Architected Framework**](/work-with-us/support/#aws-well-architected-review).
- [x] [**Infrastructure as Code (IaC) Library**](/user-guide/infra-as-code-library/overview/): A collection of reusable, tested, production-ready E2E AWS Cloud infrastructure as code solutions, leveraged by modules written in: *Terraform, Ansible, Helm charts, Dockerfiles and Makefiles*.
- [x] [**Leverage CLI**](/user-guide/leverage-cli/overview/): projects' command line tool. Provides the means to interact and deploy Leverage Reference Architecture on AWS and if needed it allows you to define custom tasks to run.
## Video Presentation
Check out this **intro video** :octicons-video-16: that explains what Leverage is in less than 5 minutes:
<iframe width="560" height="315" src="https://www.youtube.com/embed/-vb9Qtz6mLs" title="Leverage Intro Video" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>

110
zh/docs/concepts/what-leverage-can-do-for-you.md Normal file
View File

@@ -0,0 +1,110 @@
# What can Leverage do for you?
Still not convinced? Check out the following sections which describe what Leverage can bring on the table depending on your role in a company.
## Leverage for CIOs, CTOs and VPs of Engineering
??? question "**Accelerate development and optimize costs**"
Annual cost savings are a new standard and best practice. Profits are being targeted to business development,
regulatory and compliance needs. Resulting in a reduction of pressure on IT and development budgets, granting
the opportunity to focus in new features and boost innovation.
??? question "**Modernize applications architecture (loosely coupled and modular)**"
Strategically decompose the monolith into a fine-grained, loosely coupled modular architecture to increase both
development and business agility. When the system architecture is designed to allow teams to test, deploy and
change systems without relying on other teams, they require little communication to get the job done.
In other words, both the architecture and the teams are loosely coupled.
??? question "**Innovation - Rapidly adopt new technologies and reduce development time**"
Use ***Leverage Reference Architecture and for AWS + our libraries*** to provide a collection of cloud application
architecture components to build and deploy faster in the cloud. Building a cloud Landing Zone is complex,
especially since most companies have little or no expertise in this area. And it can take a significant amount
of time to get it right. ***Leverage*** a reference architecture to give you an AWS Landing Zone that provides a
consistent and solid "foundations" to bootstrap your project in the cloud. The code solution implements the best
AWS Well-Architected Framework practices as well as the battle-tested tech experience and years of knowledge of
our contributors.
??? question "**Hours or days, not weeks or months**"
***Leverage*** implements infrastructure as code at all times. We have rolled this out using Terraform, and has been
fully proven in AWS and other Terraform providers that are part of our reference architecture like Kubernetes,
Helm and Hashicorp Vault. By using the `Leverage CLI`, our binary will help you to quickly bootstrap your AWS
Landing Zone in a matter of hours (or at most a few days).
??? question "**It's not just a pile of scripts**"
It's not just another layer of untested, one time and stand-alone developed scripts. The code is modularized
and well designed under best practices, our `Leverage CLI` has both unit and integration tests. While our
Terraform code has been extensively E2E tested. Moreover, 100% of the code is yours (to modify, extend,
reuse, etc), with no vendor locking and vendor licensing fees. We use the MIT license, so you can take the
code, modify it and use it as your private code. All we ask in return is a friendly greeting and that
(if possible) consider contributing to ***binbash Leverage*** project. Implement ***Leverage*** yourself or we
can deploy it for you!
??? question "**DevOps culture and methodologies**"
Team agility and continuous improvements based on feedback loops are some of the main drivers of cloud adoption,
and IAC's goal of reducing the frequency of deployment of both infrastructure and applications are some of the
most important aspects of DevOps practices. We continue to apply these methodologies to achieve a DevOps first
culture. We have experienced and demonstrated their potential and have practiced them in dozens of projects over
the past 5 years. The ***Leverage reference architecture for AWS*** combines a set of application best practices,
technology patterns and a common CI/CD deployment approach through `Leverage CLI` for all your application
environments. As a result, we are pursuing a world-class software delivery performance through optimized
collaboration, communication, reliability, stability, scalability and security at ever-decreasing cost and effort.
??? question "**Repeatable, composable and extensible immutable infrastructure**"
The best high-performance development teams create and recreate their development and production environments
using infrastructure as code (IaC) as part of their daily development processes.
The `Leverage CLI` allows to build repeatable and immutable infrastructure. So your cloud development, staging and
production environments will consistently be the same.
## Leverage for DevOps Engineers, Cloud Architects and Software Engineers
??? question "**Provisioning infrastructure as code (Iac)**"
Instead of manually provisioning infrastructure, the real benefits of cloud adoption come from orchestrating
infrastructure through code. However, this is really challenging to achieve, there are literally thousands of
tiny things and configs to consider and they all seem to take forever. Our experience is that it can take teams
up to 24 months to achieve a desired infra state in AWS.
By using ***Leverage*** you could get your AWS Landing-Zone in few weeks, or your entire
AWS Well-Architected based cloud solution within 1 to 3 months (depending on your project complexity needs).
??? question "**We've done it before (don't reinvent the wheel)**"
Often, development teams have similar and recurring requests such as: iam, networking, security, storage,
databases, compute and secret management, etc. binbash ***Leverage*** has been proven in dozen of project to create
software-defined (IaC) AWS environments.
??? question "**Best practices baked in the code**"
***Leverage*** provides IaC reference architecture for AWS hosted applications infrastructure. This is baked into the
code as a combination of the best AWS Well-Architected framework practices and the experience of having
successfully orchestrated many customers to AWS cloud.
??? question "**On-demand infra deployment**"
***Leverage*** provides your DevOps, Cloud, SRE and Development teams with the ability to provision on-demand
infrastructure, granting that it will meet the rigorous security requirements of modern cloud native best practices.
It fully implements AWS Well-Architected Framework (WAF) and best DevOps practices, including practices, including
collaboration, version control, CI/CD, continuous testing, cloud infrastructure and losely couple architectures.
??? question "**Easier to support and maintain**"
***Leverage*** IaC approach significantly reduce your AWS infra deployment, config and support burden and reduce risk.
Our code backed provisioning has been rigorously tested many times, eliminating the possibility of manual errors.
Because the entire infrastructure is deployed from the same proven code, the consistency your cloud environments
will simplify your setup and maintenance. Use the versioned code to iterate and improve, extend or compose your
internal processes as your cloud operating model evolves.
??? question "**There is no vendor lock-in. You own the solution**"
With ***Leverage*** you own 100% of the code with no lock-in clauses. If you choose to leave ***Leverage***, you will still
have your entire AWS cloud infrastructure that you can access and manage. If you drop ***Leverage***, you will still
have your entire cloud native infrastructure code (Terraform, Helm, Ansible, Python). Its 100% Open Source
on GitHub and is free to use with no strings attached under [MIT license](https://choosealicense.com/licenses/)
(no licensing fees), and you are free to commercially and privately use, distribute and modify.
??? question "**Consistent environments (Dev/prod parity)**"
Keep development, staging, and production cloud envs parity.
Infrastructure as code allow us to define and provisioning all infrastructure components (think networks, load
balancers, databases, security, compute and storage, etc.) using code. ***Leverage*** uses Terraform as the IaC language,
to deploy and setup all the AWS, Kubernetes and Hashicorp Vault resources (it has support for multiple cloud and
technology providers). Backed by code, your cloud environments are built exactly the identical way all the time.
Finally, this will result in no differences between development, staging and production.
??? question "**Development in production like envs**"
IaC allows your development team to deploy and test the AWS infrastructure as if it were application code.
Your development is always done in production-like environments. Provision your cloud test and sandbox
environments on demand and tear them down when all your testing is complete. ***Leverage*** takes all the pain
out of maintaining production-like environments, with stable infra releases. It eliminates the unpredictability
of wondering if what actually worked in your development envs will work in production.

21
zh/docs/concepts/why-leverage.md Normal file
View File

@@ -0,0 +1,21 @@
# Why Leverage?
By implementing our **Reference Architecture for AWS** and the **Infrastructure as Code (IaC) Library** via Leverage CLI, you will get your entire Cloud Native Application Infrastructure deployed in only a few weeks.
!!! info "Did you know?"
You can roll out Leverage by yourself or we can implement it for you! :muscle:
## The problem and our solution
### What are the problems you might be facing?
![leverage-why](/assets/images/diagrams/leverage-why-problem.png "Leverage"){: style="width:950px"}
<figcaption style="font-size:15px">
<b>Figure:</b> Why Leverage? The problem.
(Source: binbash, "Leverage Presentation: Why you should use Leverage?", accessed June 15th 2021).
</figcaption>
### What is our solution?
![leverage-why](/assets/images/diagrams/leverage-why-solution.png "Leverage"){: style="width:950px"}
<figcaption style="font-size:15px">
<b>Figure:</b> Why Leverage? The solution.
(Source: binbash, "Leverage Presentation: Why you should use Leverage?", accessed June 15th 2021).
</figcaption>