Moment For Technology

Use EventBridge in IaC mode

Posted on June 23, 2022, 8:56 a.m. by Roger Watson
Category: reading Tag: kubernetes

Author: Wang Chuan (Fording)

The introduction

As the infrastructure for building an EDA architecture, EventBridge provides flexible and rich event gathering, processing, and routing capabilities through a number of core concepts and features. For many users, EventBridge should be the quickest way to get started with a handy boot from the console. In addition, many users are faced with a large number of cloud products to manage, using the console to manage every resource becomes a heavy manual burden.

To address this issue, it is now possible to bring EventBridge's capabilities to users quickly and easily through OpenAPI, Terraform, and more. This article focuses on the key concepts and features of EventBridge and IaC, and then demonstrates how to apply IaC concepts to automate the deployment of EventBridge to use those concepts and features.

EventBridge overview

Event-driven architecture

Event-driven architecture is a loosely coupled and distributed driver architecture. After collecting events generated by an application, events are processed in real time and then routed to the downstream system without waiting for system response. EventBridge, an event bus, can be used to build a variety of simple and complex event-driven architectures to connect cloud products and applications, applications and more, using the standardized CloudEvents 1.0 protocol.

Event-driven Architecture Architecture has the following three capabilities: •Event collection: Responsible for collecting the events of various applications, such as new orders, return and exchange orders and other status changes; •The event processing: Desensitization of events, and preliminary filtering and screening of events; •Event routing: Analyzes event content and distributes event routes to downstream products.

Event-driven architecture has the following advantages:

• Reduce coupling: Reduce coupling between event producers and subscribers. Event producers only care about events occurring, not how they are handled or to which subscribers they are distributed; The failure of any link will not affect the normal operation of other services. • Asynchronous execution: The event-driven architecture is suitable for asynchronous scenarios. Even in peak demand, events from various sources are collected and retained in the event bus, and then gradually distributed and transmitted events will not cause system congestion or excessive resources; • Scalability: Routing and filtering capabilities in event-driven architecture support partitioning services for easy scaling and routing distribution; • Agility: Event-driven architecture supports integration with various Aliyun products and applications, supports event routing to any system service, and provides a variety of agile and efficient deployment solutions.

Build the EDA architecture using EventBridge

EventBridge is a serverless event bus service provided by Ali Cloud. EventBridge provides several core concepts that meet the needs of building an EDA architecture.

EventBridge supports the following event sources:

• Official event source of Aliyun • Custom event source

EventBridge's event bus includes the following types:

• Cloud service dedicated event bus: a built-in event bus that does not need to be created and cannot be modified to receive events from your Ali Cloud official event source; Events of the official event source of Ali Cloud can only be published to the cloud service dedicated bus; • Custom event bus: An event bus that needs to be created and managed by you to receive events for custom application or stock message data; Custom applications or events that store message data can only be published to a custom bus.

In EventBridge, an event rule contains the following: • Event mode: used to filter events and route events to event targets; • Event targeting: includes the transformation and processing of events, responsible for consuming events.

EventBridge provides a concise event pattern matching syntax, as well as flexible event conversion capabilities, which will be demonstrated in the following examples.

In addition, EventBridge provides enhancements that make the events flowing through the EDA architecture more transparent, with out-of-the-box observation and analysis capabilities:

• Event tracking: You can view event content and processing tracks published to the event bus EventBridge;• Event analysis: Query, analyze, and visualize all kinds of events published to the event bus in order to discover the intrinsic value of the event.

Introduction of IaC

After covering the basics of EventBridge, let's take a look at IaC. IaC is a very important part of DevOps practice, and by codifying and versioning the infrastructure, It's easy to provide a single source of truth with version control tools, coordinate multi-party changes, implement strict reviews, and automate deployment with some CI/CD pipeline tools (or even GitOps). Software system developers only pay little effort to describe the requirements, they can get the required virtual machine, network and other cloud services in a few minutes, greatly shortening the deployment time, but also ensure the configuration consistency of multiple environments, and reduce the probability of introducing errors by reducing human operations.

IaC code practices generally have two approaches, imperative and declarative.

• Imperative: As the name implies, you need to explicitly issue instructions for each action, describing How, for example, "Create a XX ECS". The code needs to carefully sequence each step, deal with possible errors, and especially deal with the impact of each change on existing resources, otherwise it can cause service interruptions. For example, as a developer, you can use your familiar programming language to call the OpenAPI of the Ali Cloud to manage resources, because these apis are operations like Create, Describe, Delete, etc. This is an mandated IaC practice.

• Declarative: means that the developer only describes What the end state of his requirements will look like, i.e., describe What, e.g. "one ECS of xx size". Those of you who are familiar with Kubernetes should be familiar with this concept. IaC tools can automatically arrange the order by describing the dependencies between resources. If there are existing resources, it compares the difference between the expected state and the actual state and makes updates according to the difference. If no, create one. As you can see, declarative is very developer friendly and greatly reduces the mental burden of developers.

Benefits of IaC: • Cost reduction: Manage resources efficiently and reduce the amount of people involved; • Improved efficiency: Speed up resource delivery and software deployment; • Risk control: • Error reduction; • Improve infrastructure consistency; • Eliminate configuration offset

Terraform, a leader in IaC, offers a powerful automated management infrastructure. The ecosystem is rich, many cloud vendors offer official plug-ins, and terraform is fully supported by most aliyun products (including EventBridge), making it extremely easy to deploy across multi-cloud infrastructure. Since it is IaC, Terraform provides its own hashicorp Configuration Language (HCL), which has a jSON-like concise syntax and allows developers to get started quickly with declarative resource descriptions.

Hands-on practice

The preparatory work

• To install terraform cli, see www.terraform.io/cli. • Create a tf file terraform.tf with the following content (values in need to be replaced)

provider "alicloud" {
  access_key = "your access key"
  secret_key = "your secret key"
  region = "region id"
}
Copy the code

Case 1: Monitoring resource changes on the cloud by using nails

Suppose a user uses a lot of resources in the cloud as a production environment and needs to be aware of changes to online resources. One possible solution is to use EventBridge to post audit events from ActionTrail to the user's pins. First, create a robot according to the official document of the pin, write down the Webhook URL and the signed secret key, which will be used next. Create a tf file 1_actionTrail2dingding.tf with the following content (need to replace values in )

Case #1: Monitoring resource changes on the cloud by using pins # - Be familiar with deploying using EventBridge's Default bus # - Be familiar with EventBridge's event pattern matching # - Be familiar with EventBridge's event transformation configuration # Declare a rule resource on the default bus "Alicloud_event_bridge_rule" "audit_notify" {# default Bus exists by default So you can use event_bus_name = "default" rule_name = "audit_notify" description = "demo" # Filter by means of the suffix matching ActionTrail from all cloud products event source: ApiCall event # other more pattern matching is introduced can refer to the document: https://help.aliyun.com/document_detail/181432.html
  filter_pattern = jsonencode({"type": [{"suffix" : ":ActionTrail:ApiCall"}]}) targets {target_id = "test-target" endpoint = "your dingtalk bot webhook URL " https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/event_bridge_rule#type type ="acs.dingtalk"# each event object has a set of corresponding param_list, specific can consult document: https://help.aliyun.com/document_detail/185887.html # every form of param is related to the events transformation configuration, can refer to the document: https://help.aliyun.com/document_detail/181429.html
    param_list {
      resource_key = "URL"
      form         = "CONSTANT"
      value        = "your dingtalk bot webhook url"
    }
    param_list {
      resource_key = "SecretKey"
      form= "CONSTANT" value = "your dingtalk bot secret key"} Template is the template content, and EventBridge will eventually render the value of this parameter based on the two and the event itself. Param_list {resource_key ="Body"
      form         = "TEMPLATE"
      value        = jsonencode(
        {
          "source": "$.source"."type": "$.type"
          "region": "$.data.acsRegion"."accountId" : "$.data.userIdentity.accountId"."eventName" : "$.data.eventName",
        }
      )
      template = jsonencode(
        {
          "msgtype" : "text"."text" : {
            "content": $${type} audit event from $${source} : $${accountId} performed $${eventName} on $${region}}})}}}Copy the code

Run the following commands in the command line window:

• Initialize TerraForm Init • Preview changes to terraForm Plan • Apply changes to TerraForm apply

Perform operations on the cloud product console, using KMS as an example

Spike received a message notification

View the event trail at the EventBridge console

Case 2: Custom bus firing FunctionCompute

Suppose a user's application generates some events, and one of the links handles these events flexibly through FunctionCompute. This solution can then be implemented by calculating the event target through EventBridge's custom event sources and functions.

Create a Python script file SRC /index.py that simulates event handling as follows:

# -*- coding: utf-8 -*-
import logging
def handler(event, context):
  logger = logging.getLogger()
  logger.info('evt: ' + str(event))
  return str(event)
Copy the code

Create a tf file 2_trigger_function.tf with the following contents (values in need to be replaced)

Case #2: Custom bus trigger FunctionCompute # # - Familiar with deploying custom bus using EventBridge # - Familiar with "custom application" event source configuration # - Familiar with "FunctionCompute" event target configuration # Here we declare a custom bus called demo_event_bus resource "alicloud_event_bridge_event_bus" "demo_event_bus" {event_bus_name = Description = "demo"} # Declare a custom event source on the demo_event_bus, Use the SDK or console to post the event resource "alicloud_event_bridge_event_source" "demo_event_source" {event_bus_name = alicloud_event_bridge_event_bus.demo_event_bus.event_bus_nameEvent_source_name = "demo_event_source" description = "demo" linked_external_source = false} Publish =true means that the uploaded function code is deployed immediately. resource "alicloud_fc_service" "fc_service" { name = "eb-fc-service" description = "demo" publish = true } # Package the Previously prepared Python script file as a zip for deployment to the function to calculate data "archive_file"code" {
  type        = "zip"
  source_file = "${path.module} /src/index.py"
  output_path = "${path.module} /code.zip"} # declare a function in the fc_Service service where filename references the zip package described above and uploads the code package. resource "alicloud_fc_function" "fc_function" { service = alicloud_fc_service.fc_service.name
  name        = "eb-fc-function"
  description = "demo"
  filename    = data.archive_file.code.output_path
  memory_size = "128"
  runtime     = "python3"
  handler     = "index.handler} # declare a rule on the demo_event_bus. Resource "alicloud_event_bridge_rule" "demo_rule" {event_bus_name = alicloud_event_bridge_event_bus.demo_event_bus.event_bus_nameFilter_pattern = jsonencode({"source" : ["${alicloud_event_bridge_event_source.demo_event_source.id}"]}) targets {target_id = "demo-fc-target" # https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/event_bridge_rule#type type ="acs.fc.function"
    endpoint  = "acs:fc:region id:your account id:services/${alicloud_fc_service.fc_service.name}.LATEST/functions/${alicloud_fc_function.fc_function.name}"
    param_list {
      resource_key = "serviceName"
      form         = "CONSTANT"
      value        = alicloud_fc_service.fc_service.name
    }
    param_list {
      resource_key = "functionName"
      form         = "CONSTANT"
      value        = alicloud_fc_function.fc_function.name
    }
    param_list {
      resource_key = "Qualifier"
      form= "CONSTANT" value = "LATEST"} #form=ORIGINAL means that each post event will use the ORIGINAL content of the event as the value of this parameter param_list {resource_key ="Body"
      form         = "ORIGINAL"
    }
  }
}
Copy the code

Execute commands in sequence in the command line window

• Initialize TerraForm Init • Preview changes to terraForm Plan • Apply changes to TerraForm apply

Emulated custom event sources to publish events at the console

View the function call log on the console page of FunctionCompute

View the event trail at the EventBridge console

conclusion

EventBridge, as the EDA infrastructure, provides flexible and rich event gathering, processing, and routing capabilities through core concepts and features, and enables these capabilities to be easily and quickly brought to users through OpenAPI, Terraform, and other means. This article introduced the key concepts and features of EventBridge and IaC, and then demonstrated how to apply IaC concepts to automate the deployment of EventBridge to use those concepts and features.

We look forward to exploring more ideas for rapid EDA architecture based on EventBridge and quickly turning these ideas into reality using Terraform.

A link to the

Ali cloud help.aliyun.com/product/958 terraform document [1]...

[2] terraform registry registry documents. Terraform. IO/will/a...

[3] nailing open.dingtalk.com/document/gr official document...

To learn more about EventBridge, scan the QR code below to join the Studs group

Click here to watch the corresponding video ~ release the latest information of cloud native technology, collect the most complete content of cloud native technology, hold cloud native activities and live broadcast regularly, and release ali products and user best practices. Explore the cloud native technology with you and share the cloud native content you need.

Pay attention to [Alibaba Cloud native] public account, get more cloud native real-time information!

Search
About
mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.