My perspective on modern infrastructure tools

Introduction Link to heading

I recently shared my perspective on modern infrastructure tools in a LinkedIn collaborative article. This article is the combination of those perspectives.

LinkedIn has been inviting everyone to collaborative on different articles generated by AI. Which is a bit annoying, especially since the quality of content on LinkedIn in general is quite questionable. But I decided to give it a try anyway.

LinkedIn collaborative article

LinkedIn collaborative articles structured in a following way:

Main question (which is also a title) - for this article it was “You need to manage your IT infrastructure in a hybrid work environment. What tools can help you do it?”
Topics (with last one normally being extra notes)
- LinkedIn (AI) perspective - I will put it in block quote
- Collaborators perspective

Warning

In no way I consider myself an expert in the following field. All the things in this article are my personal opinions, based on personal experience and experience of others.

Cloud Computing Link to heading

Cloud computing is the foundation of hybrid work, as it allows you to access and store data and applications over the internet, rather than on-premise servers. Cloud computing offers many benefits, such as flexibility, cost-efficiency, and scalability. You can choose from different types of cloud services, such as software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS), depending on your needs and budget. Some of the popular cloud providers are Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

Although SaaS is a popular option, It can lock you with a specific cloud provider. Which sometimes can make migrating to a different cloud provider nearly impossible.

I would look more toward cloud-agnostic ways of provisioning infrastructure such as Terraform or OpenTofu (depending on your views on the HashiCorp license change).

And of course Kubernetes, preferably as a PaaS from a cloud provider. It has tools like Crossplane that allow provisioning of infrastructure and more, with active monitoring and continuous adjustment to maintain the desired state.

As for the cloud provider, there is the big 3 (AWS/Azure/GCP). But for smaller projects I would also take a look at Digital Ocean and Hetzner.

Remote Access Link to heading

Remote access is the ability to connect to your IT infrastructure from anywhere, using any device. Remote access is essential for hybrid work, as it enables your employees to work productively and securely, and your customers to access your services and support. Remote access tools include virtual private networks (VPNs), remote desktop software, and web-based portals. Some of the common remote access tools are Cisco AnyConnect, TeamViewer, and Citrix Workspace.

There are 2 ways of remote access. The first one is hiding all internal services behind a VPN. Second one is provisioning remote desktops in virtual machines with access to infrastructure. I am not a big fan of the second approach, since it complicates things.

First approach is much simpler. I would take a look at a comprehensive solution like Teleport.

However, I would prefer a simpler solution like Tailscale, which is based on WireGuard. It is incredibly easy to set up for users. I like the ability to provision publicly trusted SSL certificates from Let’s Encrypt, while still hiding services behind VPN. If required, you can self-host the control plane. And recently Tailscale can also directly manage ssh connections for you.

Monitoring and Management Link to heading

Monitoring and management are the processes of tracking and controlling the performance, availability, and security of your IT infrastructure. Monitoring and management are crucial for hybrid work, as they help you detect and resolve issues, optimize resources, and enforce policies. Monitoring and management tools include dashboards, alerts, logs, and reports. Some of the popular monitoring and management tools are Nagios, SolarWinds, and Splunk.

For general monitoring a combination of Prometheus and Grafana seems to be the golden standard.

For security monitoring and observability I would strongly recommend considering eBPF based tools. It allows those tools to monitor and observe directly in kernel space, which makes observability much more deep. Good example of such a tool would be Hubble on top of Cilium. There exists a lot of tools for many different use cases.

Automation and Orchestration Link to heading

Automation and orchestration are the techniques of using software to perform tasks and workflows without human intervention. Automation and orchestration are beneficial for hybrid work, as they help you save time, reduce errors, and improve consistency. Automation and orchestration tools include scripts, templates, and APIs. Some of the widely used automation and orchestration tools are Ansible, Terraform, and Kubernetes.

For orchestration Kubernetes takes the lead by far. Its idea of desired state and active monitoring and adjustments to reach desired state make it irreplaceable. And since Kubernetes allows custom resources, there are a lot of tools which integrate directly into Kubernetes, and allow management of things such as infrastructure and others.

As for CI/CD, I would recommend to use different tools for each. For CD, it’s better to use tools which integrate directly with a platform, in Kubernetes ArgoCD is the gold standard.

For CI it’s better to use tools which integrate directly with VCS hosting software. As an example GitHub has Actions, GitLab has CI/CD. For self-hosted solution I would recommend Gitea, which also now has Actions.

Collaboration and Communication Link to heading

Collaboration and communication are the ways of exchanging information and working together among your employees and customers. Collaboration and communication are vital for hybrid work, as they foster engagement, innovation, and satisfaction. Collaboration and communication tools include email, chat, video conferencing, and project management. Some of the best collaboration and communication tools are Slack, Zoom, and Asana.

For email, I would recommend using an existing solution, due to complexity of hosting and supporting a full email server, unless self-hosting is a requirement. For software a simple send-only postfix instance can be used.

For chat Slack is a good option. Open source self-hosted solutions include matrix, rocket chat and mattermost.

For video conferencing, zoom and google meet are popular. Jitsi is a solid open source self-hosted solution.

In the triangle of project management, customer support/feedback and VCS hosting software, I believe that everything has to be tightly integrated with each other. GitHub, GitLab, Atlassian and Azure all have integrated solutions of the above. Gitea is great open source self-hosted solution to this.

Here’s what else to consider Link to heading

Info

This is the part LinkedIn didn’t let me post. Which is weird with flow of the article.

This is a space to share examples, stories, or insights that don’t fit into any of the previous sections. What else would you like to add?

The most important thing is to identify major type of users of the infrastructure.

For less technical users the infrastructure should feature comprehensive solutions that solve a lot of problems out of the box. And set up a great infrastructure support.

For more technical users, infrastructure should focus on flexibility, and on the ease of building things on top of it. Since rigid infrastructure will greatly limit users in things they can build on top of it.

In all cases it is important to use tools which feature great documentation, medium/big non-toxic community around them, ease of use, and simple architecture. In my opinion simplicity always wins in the long run.