From 9eede05f5971a686f7a3fa594265c7ee549d9530 Mon Sep 17 00:00:00 2001 From: depombo Date: Thu, 2 Jun 2022 19:41:50 -0400 Subject: [PATCH 1/9] two way binding blogpost for sync --- blog/2022-06-02-two-way.mdx | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 blog/2022-06-02-two-way.mdx diff --git a/blog/2022-06-02-two-way.mdx b/blog/2022-06-02-two-way.mdx new file mode 100644 index 0000000..5102698 --- /dev/null +++ b/blog/2022-06-02-two-way.mdx @@ -0,0 +1,23 @@ +--- +slug: two-way +title: IaSQL's 2-way binding between a cloud account and a PostgreSQL database +authors: [depombo, dfellis, aguillenv] +--- + +Infrastructure management tools, specifically Infrastructure as Code (IaC) ones, have trained us to think we can only manipulate a cloud account by applying a static infrastructure declaration, or blueprint. But how do we easily manage existing cloud infrastructure? How does a team of application engineers that needs to move quickly create new infrastructure through the cloud UI that depends on infrastructure previously created through an IaC tool? + +[IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. However, it also makes it possible to import all existing cloud resources. IaSQL also allows importing changes done outside IaSQL with the `iasql_sync()` function after the initial 2-way binding is setup. IaC provides a blueprint of your infrastructure, while IaSQL provides the actual representation of your infrastructure. + +### Understand how each infrastructure component plays into the big picture + +The infrastructure of a production system can get complex quickly. Infrastructure components can be used by different resources. A change to a cloud resource can have undesired side effects, or outages, in the application layer when the relationships across infrastructure components is not clear enough. Infrastructure changes are less prone to errors when the complete representation of all the relevant resources is in a relational database. Furthermore, debugging for outliers or misconfiguration can be easily done with SQL. Sometimes the issue under the surface is not misconfiguration, but just configuration drift which can happen when a cloud resource has not been updated in a long time. + +### Freedom to use any cloud tool + +The `sync` command lets teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with static state files to stay up to date with infrastructure changes. Visually understanding infrastructure also makes cost optimization and monitoring much easier. + +### Backups and disaster recovery + +Every production system needs to have contingency plans in case issues arise. Cloud outages and human errors can delete or corrupt infrastructure. IaSQL provides a recovery system plan based on up-to-date database backups. It is trivial to apply a snapshot after an outage and re-deploy the entire production infrastructure in a simple step. + +In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account. Furthermore, SQL can natively and ergonomically encode relations in a way that most configuration-based syntaxes simply cannot. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. SQL is also the lingua franca of data which means that many developers are already familiar with it. All of this opens the door to new opportunities in terms of team collaboration, vendor locking, cost optimization, and disaster recovery strategies. \ No newline at end of file From 0ff27b69223835448b98be7d8e12108445eb04bd Mon Sep 17 00:00:00 2001 From: depombo Date: Fri, 3 Jun 2022 08:01:58 -0400 Subject: [PATCH 2/9] rm sentence that does not flow --- blog/2022-06-02-two-way.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/2022-06-02-two-way.mdx b/blog/2022-06-02-two-way.mdx index 5102698..1557102 100644 --- a/blog/2022-06-02-two-way.mdx +++ b/blog/2022-06-02-two-way.mdx @@ -14,7 +14,7 @@ The infrastructure of a production system can get complex quickly. Infrastructur ### Freedom to use any cloud tool -The `sync` command lets teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with static state files to stay up to date with infrastructure changes. Visually understanding infrastructure also makes cost optimization and monitoring much easier. +The `sync` command lets teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with static state files to stay up to date with infrastructure changes. ### Backups and disaster recovery From 641ec4466f375c5c945c84f5500d4469563ee5e2 Mon Sep 17 00:00:00 2001 From: depombo Date: Fri, 3 Jun 2022 08:17:54 -0400 Subject: [PATCH 3/9] reformat intro --- blog/2022-06-02-two-way.mdx | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/blog/2022-06-02-two-way.mdx b/blog/2022-06-02-two-way.mdx index 1557102..e3ae477 100644 --- a/blog/2022-06-02-two-way.mdx +++ b/blog/2022-06-02-two-way.mdx @@ -4,9 +4,7 @@ title: IaSQL's 2-way binding between a cloud account and a PostgreSQL database authors: [depombo, dfellis, aguillenv] --- -Infrastructure management tools, specifically Infrastructure as Code (IaC) ones, have trained us to think we can only manipulate a cloud account by applying a static infrastructure declaration, or blueprint. But how do we easily manage existing cloud infrastructure? How does a team of application engineers that needs to move quickly create new infrastructure through the cloud UI that depends on infrastructure previously created through an IaC tool? - -[IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. However, it also makes it possible to import all existing cloud resources. IaSQL also allows importing changes done outside IaSQL with the `iasql_sync()` function after the initial 2-way binding is setup. IaC provides a blueprint of your infrastructure, while IaSQL provides the actual representation of your infrastructure. +Infrastructure management tools, specifically Infrastructure as Code (IaC) ones, have trained us to think we can only manipulate a cloud account by applying a static infrastructure declaration, or blueprint, which makes it challenging to manage existing cloud infrastructure and reconcile future changes done outside of the IaC tool of choice. [IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. However, it also makes it possible to import all existing cloud resources. IaSQL also allows importing recent changes done outside IaSQL with the `iasql_sync()` function after the initial 2-way binding is setup. IaC provides a blueprint of your infrastructure, while IaSQL provides the actual representation of your infrastructure. ### Understand how each infrastructure component plays into the big picture @@ -14,7 +12,7 @@ The infrastructure of a production system can get complex quickly. Infrastructur ### Freedom to use any cloud tool -The `sync` command lets teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with static state files to stay up to date with infrastructure changes. +Application engineers often need to move quickly and create new infrastructure through a cloud UI that depends on infrastructure previously created through an IaC tool. However, subsequent changes to the IaC declaration can affect the infrastructure created via the cloud UI. We created the IaSQL `sync` command to let teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with static state files to stay up to date with infrastructure changes. ### Backups and disaster recovery From d90f1c44faa8999b08ad72cfee8c818fa8f5d6df Mon Sep 17 00:00:00 2001 From: depombo Date: Wed, 29 Jun 2022 17:52:11 -0700 Subject: [PATCH 4/9] add image and change title --- ...-06-02-two-way.mdx => 2022-06-02-vs-iac.mdx} | 14 ++++++++------ static/img/comparison.jpg | Bin 0 -> 29632 bytes 2 files changed, 8 insertions(+), 6 deletions(-) rename blog/{2022-06-02-two-way.mdx => 2022-06-02-vs-iac.mdx} (62%) create mode 100644 static/img/comparison.jpg diff --git a/blog/2022-06-02-two-way.mdx b/blog/2022-06-02-vs-iac.mdx similarity index 62% rename from blog/2022-06-02-two-way.mdx rename to blog/2022-06-02-vs-iac.mdx index e3ae477..2206b16 100644 --- a/blog/2022-06-02-two-way.mdx +++ b/blog/2022-06-02-vs-iac.mdx @@ -1,21 +1,23 @@ --- -slug: two-way -title: IaSQL's 2-way binding between a cloud account and a PostgreSQL database +slug: vs-iac +title: IaSQL vs IaC authors: [depombo, dfellis, aguillenv] --- -Infrastructure management tools, specifically Infrastructure as Code (IaC) ones, have trained us to think we can only manipulate a cloud account by applying a static infrastructure declaration, or blueprint, which makes it challenging to manage existing cloud infrastructure and reconcile future changes done outside of the IaC tool of choice. [IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. However, it also makes it possible to import all existing cloud resources. IaSQL also allows importing recent changes done outside IaSQL with the `iasql_sync()` function after the initial 2-way binding is setup. IaC provides a blueprint of your infrastructure, while IaSQL provides the actual representation of your infrastructure. +Infrastructure management tools, specifically Infrastructure as Code (IaC) ones, have trained us to think we can only manipulate a cloud account by applying a static infrastructure declaration, or blueprint, which makes it challenging to manage existing cloud infrastructure and reconcile future changes done outside of the IaC tool of choice. [IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. However, it also makes it possible to import all existing cloud resources. IaSQL also allows importing recent changes done outside IaSQL with the `iasql_sync()` [function](https://docs.iasql.com/functions) after the initial 2-way binding is setup. IaC provides a blueprint of your infrastructure, while IaSQL provides the actual representation of your infrastructure. ### Understand how each infrastructure component plays into the big picture -The infrastructure of a production system can get complex quickly. Infrastructure components can be used by different resources. A change to a cloud resource can have undesired side effects, or outages, in the application layer when the relationships across infrastructure components is not clear enough. Infrastructure changes are less prone to errors when the complete representation of all the relevant resources is in a relational database. Furthermore, debugging for outliers or misconfiguration can be easily done with SQL. Sometimes the issue under the surface is not misconfiguration, but just configuration drift which can happen when a cloud resource has not been updated in a long time. +The infrastructure of a production system can get complex quickly. Infrastructure components can be used by different resources. A change to a cloud resource can have undesired side effects, or outages, in the application layer when the relationships across infrastructure components is not clear enough. Infrastructure changes are less prone to errors when the complete representation of all the relevant resources is in a relational database. Furthermore, debugging for outliers or misconfiguration can be easily done with SQL. Sometimes the issue under the surface is not misconfiguration, but just configuration drift which can happen when a cloud resource has not been updated in a long time or since its creation. ### Freedom to use any cloud tool -Application engineers often need to move quickly and create new infrastructure through a cloud UI that depends on infrastructure previously created through an IaC tool. However, subsequent changes to the IaC declaration can affect the infrastructure created via the cloud UI. We created the IaSQL `sync` command to let teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with static state files to stay up to date with infrastructure changes. +Application engineers often need to move quickly and create new infrastructure through a cloud UI that could also depend on infrastructure previously created through an IaC tool. However, subsequent changes to the IaC declaration can affect the infrastructure created via the cloud UI. We created the IaSQL `sync` command to let teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with static state files to stay up to date with infrastructure changes. + +![](../static/img/comparison.jpg) ### Backups and disaster recovery -Every production system needs to have contingency plans in case issues arise. Cloud outages and human errors can delete or corrupt infrastructure. IaSQL provides a recovery system plan based on up-to-date database backups. It is trivial to apply a snapshot after an outage and re-deploy the entire production infrastructure in a simple step. +Every production system should to have contingency plans in case issues arise. Cloud outages and human errors can delete or corrupt infrastructure. IaSQL provides a recovery system plan based on up-to-date database backups. It is trivial to apply a snapshot after an outage and re-deploy the entire production infrastructure in a simple step. In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account. Furthermore, SQL can natively and ergonomically encode relations in a way that most configuration-based syntaxes simply cannot. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. SQL is also the lingua franca of data which means that many developers are already familiar with it. All of this opens the door to new opportunities in terms of team collaboration, vendor locking, cost optimization, and disaster recovery strategies. \ No newline at end of file diff --git a/static/img/comparison.jpg b/static/img/comparison.jpg new file mode 100644 index 0000000000000000000000000000000000000000..bc9a62eb2358ee24d7147575a10b6d8c33a19172 GIT binary patch literal 29632 zcmeFZ2|ShE`agV2Q4*O#V#^REWR9>?2?>!QbLJ^i=5Z^bjFBO;NJ#9=8F!f@$vh9+ zJcPa3*tR|V?|Pndp6WU88GgUtdEejrzQ^ZtyNA8*YprXoYhCLazUw9plaN52qPLwj z0H~;(0}cZKKmpK`kppDl)wkm$*`e=eUGSRi_iGdIn*aAQ2f%BF1Amma3p@C|JV@~S z-(B$kH#&bgQvkqIO5h;)WGi@pz>6*-ZI{fE{<02W}M!R z_nh2hyyf`56PE$6zdaV_0}I`^w3gAjcK!Dv;GG=b?``q&@)GhA6LP+9BP=2|_{h+P!9ASrGpB4YJdLchK8Gnwn= zAQcHw2~kN2X%TS|DQSs|f7JZ_$DhkBebi=H`0uZ*cTG5n16M z=>IqParr^2f0|+74rb$l%y(gRzOU`!8g+XspMbk;Qw^jf4b{m>Vbc$@PDN1Ki%~&^}xSW_&?J1pYHmXdf;Cw z{C|&h{o%D)If1U47wD6b#(=8;#lb@qhYnIu9HOA4q&Q4j4Uk7 zj3-WwNcoK~vIAb< z7^gdU=(Gq0y@DpCnJWXA=!3(IS7Kk3d^o}_riEfMzu!Z3f=3+5i~h#ich3Gf#vcBc zIQuJOfABR5P?M8^gGWvWKmpvVaQ>_V|9?JWAM2cNK19xw(O;21qp`>AVT!{fk$}tM z0L14`Vc33p-Td0B;dgjqWI6PLOK6Z4+#j>M8OG^9*EDv zM6MvY#eF|z5|C9CMm)%e?IF~^gniL%A^`^&@D3jkKi8D=b31_D%(XRc;=@V^_IT#3 z(#}pS*eF9<{9z3=oZ{zdVt#4F|J#|>b1Xhx6JlMND4p$GgMMoz_l~PU4O_H-2@Cr$ zMO%>`*rqpNQ(YQm%>BHrq;#bYsX#opLp$O?R5lGIRzY#M1p(g*M$OBIen05OyN|sQ zl=xKAL_h1+{z2O$@Ei#h;IwiblObBf0QW4P= zhGrz&fc{W*%nxI1a*PB}=O9gSG^?;QQ@kPs)gjLW3eS4gUJD6mzC~F_0{$=OgtydB zwfx+I%N$!jik|I{5-l-3^>aO%Keqz#>;93`0>KJLnH8(hQDU#1VYZTJ83%z3e&A<$ zd`BDFz*K?KSaWtnuF3nX3%(h=9H$YrR?}Yn8DPKjg>pn(QxRbN_0VfHr6DqqfW|&_ zW@I*Tl-NP+uC?wS@h1Ud{&BP$#UfQxMZOTcs1!kcYEOj(to4&^>o9G?e|!RK;)eCF zk%0J2;>2Z$j;85367a(#a4i09Zx4L(mqMB1LFF+DzlPc!BLU^|pG%>mvY7&&`_gRd z>-Q`!u3m=N_9!v}n&6@9^#nR+JOEqmH6;LpQ8wPsh>8<>#Cl#(Zyf`?rM{|?04|DJ z5@04q0xv}G6{?c7@a@*Q12Pu3_VzoZU5BPmo4|rhQm&EaR;Tx zl}|4;HCQ_`)cy3Ljf@=vh2B=~d#sokw!CZG=}b%@T0E=1P5yQo)8arSn$apD&`R?O zw;qn&CDKX5>hoaJXF=UrkfYQu9yvbJ?dbHeJK0$_u^4*X)u8TtPh87~T8O!($sttE zj8HkQAtBGcN-%$Ucaw$N2ff%heae6K3A4adhFiwKMnyOOyIQeV47c?Z6dASSzm2^Q zeC;#|;8AUXZZ|>+rxG-F48Tdqj6@W56XQGepmwx-Tqa-xis?we(%frU=@9-Y;uygR zhIwTGY}@l^2T}cg$QJ%Qe+#BcNdQ=wIzZ@KVdpg^upYkVshw34kgItcVMPM=P6x8! zj7Y%p&2q98_ivKOAv5SyT{LW)*btcGQgZh5z{=+UV8x-mP7h5(0(7P*QfoTCpr69L zXUBJNw4ZDE&204dYfrt4G?qC!Ilj{$3%SH{>eMNY&~y{p=}tlWL7o1rS{cV!ZuhsG=m;NC3Gu{q8hniBG z^e%KvH6M?1rnKy}?Ip7(Sx~^Csh1>csZVGmEUb>qX%q zL%ClXSh0yyx8py0AX6jqr+lPOE12z7B8?M+Ooe^y_TMo|foQ-}}zc2_X z8*QR}zUgDj;2(B=nB}8f*O@os>#C+gQzYOc`VI*g5+=O$#f3K*BS^rrnG#UmO!x0% zLIV^P8E=t&JM<@cNIIVwqn+f07)|v1>;N0xz}`h-s$qyk&(I<&N`;#OK0q_r))uQWk)idO{2m6DAs zG>2^xTrM6j?(0AL(G}Yl*d|bEz$O8mbld`GPQWQ`(oX!gC#u}a zeTK)_BKIo{#A=t^r)Z`H&_|o@cL{U}k1<^pc~9=(0!-@-4s1F%4Ld`T@~H7D{-LVCV`dsGM3UJm5 zH^B@u31<_F1A8Hx*XnMQ03&V^(DPB71X#hrNyvs9|9ukX2CZDi_1)}=F69I*EvhY3 z2LDq%b&ACk_DMCBHF4vTvy4)HngQ_^5A;`2l#PhZ-hES8(H;q)0=9$QfK~CUL<)g0 zY%==lbu8@Aqnb!JZHNmC`B$)(}Sc(>7{%F8WR0_T_z{7A~S2ZTL+2! zL+j-mv^C155|xSXtUr9Fp%GX%05;*HF+^pJCy2En5^y6sFR+sYY+k{OV5&i@BH0d6 z0l`1bWPpvqi3y781klQz3&C0}yManc^b2JHxGa#(!x$>yCD?EQfic?+@e#pfPSC$jv%oz+Pc%(Ph#$7hO@fU6|n71C5&uVV+X>EB17C8ma`*bIDMRwxS5*@kjA7J6w9 zVx#A-o{sr+$E7GZGRFRmyo7xWu@E`+cx)v|ul%mB=4B31`3u+(5-@<5M3dnXm=>mv z3^rOY~>f#1ih%9L5a|YFIAqu}1PHDz0YE$+9HpT-C&?pabkl%6IC zh^e5$LNTe`m3F=-k{vuo?>NTl2R@>KQgLeuUu&M(mCe~PQ+1dEykoA^-Cl?oIk7;& za+>GKZOYY>Hl&eWllS_DtRoU}a7us?wNU8eak`D=CL;-G51-l{hUc%HFS>`{C>c|r zOh28daqdFx__lSMR)CrUMeM7w6*v0}b~~>2497|*c&JL-FCx>ZW8bg%Q58G3SS)l$ zXqngsN}-*@&eI`g-ki99g>tuQngmSUJf&B=ax(P6G~~##XG;IFbMEW5JZ@RVftW<^ zyJXWL(tI%n+EbRv=q_bDjFK6CHRjj3PaOz#JQWLcZb8M1U*vu#A<96mo+}MR5kk8?J zh*28cB>{F4Y1actfS+g2E@E_hx65tz3M%wL!5+>zem`mKzq56dHFA%mk`ovHmq0;T9ccY>trvn5Bn~u=D9Rl!HD_)Ltsu6Sg^5A7)@F3NQx2p_y*eVRCsos#hr82_S}?J{R#k5E zB;-w;bN8ne^{L{Oftw$jzvAig$HwsrsBy_pRxO)}u|ArcRjliQ3EMjUFHmSPG9m=jk(>@)?{wbb@^b!|&N@H#Q?^)k-rjPZ?~(Owb!?T+Jt73Rwv zhWa_7R~e&2bl&g3jHX4JvU_*FH&_haUfl=d1(GL|!o>>`@Tr}4Bae83LoIhOS+pgN zLU-#bqi1?;7al59^F##;(B4uqNNg~|(z>A~_ut=YLE2#+V+!pu_#4Kf7A&A0_0+?7 zJJ?=?w>|XbL2xkvcBll}XkySWaM))}%fvM}39vAnr0gMbjXD%UBm5QfOqO4;NYvLi z3<^fmxQGN_W+efCXT9lz*+chE%by_uRi=b<;pzLrpgD9D)z-TRR%Vq&dmFSa$sx@$ z+BJ`k?WhpDMcD2HLA@`Xm2>@w?`B%`jfy-;ZSEMT8!5td@$_DXkspS9e5hE*@p|Ks zW`%>_5_igpm10pSA#l6%_Mz()I$EVp6V&H=7xbbRgB;}fYWuk)6CYPfQpRx6-zNbZ zRl3l;3U~QKsOu$y{W6crRCAm2IHP%8mxI3qz_?99UU&;!?{UhQ871dwDUA}DwAeA# zfSdX*`_c%EWSl!5R{DaCJ2d)$y3uy}@NleolqNux1CWJ#FzS)5WWf{GU~_wUI0!+C z3YXoW2ihgi7BZJ$m~npcm2l99IO|}LUK#arVnuIVYj9AECz8VDkhgl?{uPs{5tB)* zK%`5vks01X0W^e*u46ovQ3m__+_2g(5vLbLlNF%(-H}z#@*BDHv$f< z%-`rd5a&2gnJ+LJbV-92uZ4P5@Z!!2!>U2R%Otw0UL~V zh)2mq(4*MZCX;h@DML-T`ikx5vkNlUMozm$5-oLjv1Zc=%g7=zB0hZNi@)#-Y@iB6 zvA5{Fi9*FFOJgF(qc0R)V3-6VLi`Bbl*8Wutz0nN)>Ed}m#_u-`iul{Pc_4FSPcT3 zM1b^VCXb^>1Fno@)kLbWZhs9>STkyAiLTF~ckc}LyC+Sj)=7)TgBICW+v1zoX(a0B zMw8qfZBv&+3brInI<93{a9bXQN^I3cd1`GqXpfi@_5l9R^Fs~BJ=K1;9 z#uJ^}HDe=pzb&ncdwTDBbk?lKGtCZtnX6+(fk8)9e3X1Tb(v}DSBKi9Ene;~?o{$Y zdWMQjsb1nLg2zEUOZ`7!|My3~UeS4PC8xkjkr)nykB%O_Q&($i5h}ZQ&z{j{>72oD zfpXe&gnZC&euPaWPQWm)&v|_X{Wj3efT(_RGg9|8K|OW^Ek&pS-3o2(jS<+lprCxx zZ$ZIyMm;e!l&F#y0sBhl1qM}2f@JIk7B>#(J!Y7OJ#;EJWm|5bD+});_DHOiYdyJB zJu1d`G*W8ONGTkD`weyjDfLJqlYw_&GQ{qU3gu(An}@FToHj0HGP>(1xFi;x48{fD zoetuBNb9N`U0fTRkko%Fd@p$B7~&BI@nB~MjI320fxfLM@|w0m9m^6%U| zo&as{HMZ3?p}+=%o|wr=hS4QA?70PW(Mg+F+38v@d~@0?G&zelKOZhj$N>3|^uA53 zhwga7uVx+iQKJd0g#Q>h$fAAyZD@Wy_F{HG10r@~MvvgnM~q5oNP|Bo0hXD297JB& zP$O(Em-zzx&zdsije#uq>*!ZGsD>#$V|r(1 z`^^=xvC=kiUGt0m)bv-@c9v6eXQ5FkY2X07>@UA0lC@g08u4N>cVQ$XV$Is-^M%V} zk+G|7H@2Whyq{_H$e+Nf_sW^>cK)1fefS$Pfm*?K*1dqo#m|sV z@M!|`2YGoC@Th6cASSf9PI;%%u-(MY@{lS|TqFg}mAOhXYQK{J212(oDT#GM!J9{k z@R?K%2BU*j#Lv(5m8hCcE=M-=(a3w44Xxu&cB9~r@y^JpCo;5Qb(%B$9{a|AH{$k8 zzp9WMwC8s}sM?@SI)%fq>x@pe>?u8KSJ$9P=?l$BS5 zsu$tTND{!foFR`LneIeT%MR({u0N2Ox^$)ev;{*k&9vB-Xk@hXbPBLdJ2Klmiil`n z9$q1yuHCnOalVhcbN;0d)f~-nvcA!`M1BW(p;R!D66(*3bOueyyJIVo3>rKLv+&gg zwZ)6B8CPZ>3M3K|0#AEe4}GYSdc@by>aQTtyf0Yy(<)X?seaRjfe)`-a796 zt5^a3q4i^x=@dyWrOMnkADl&$sE(|FepDZdve}en!dvQ&sBI=HVHKxaEfm){daaB; zyV!q_hsosnMfSFOZ8URhy18j+!?}h&e`)#T8MPB0W%X5wNS+h&ckh-x)T0O9AA7gr z)(#i%^S@eTJ4t~U!0Z09z9^;_=isx3tu2(CtT+^<(M8Q1l! zLJJ9kStpt`@yz2Z27DpO>X~m=JY8hE7|{xJbOMe%_X*mkwubDAkG!fX!-~N!rpy>B z2Xay}7#*;(yrVL{2dr~i&XK18II%_;)AlhRyk?%-^y-)}y{#(`V#LwCxG#+L7Q~jy zhw=prcM3e$-!kQx#+|-82c#i_#&j8HxU$MT8n@W};Nm4^z^R>+)}p<|=bp*=erFHo zNO^hGDLrAQokUIj3AySO+49(jZ|7bYR#lR5mDRE3V||^&1@l)7b_!?IxJ-|zohfk3 ze-r6rvCwuhfwGf4%V^V(Qk-lp<2W|A&>p9_UR#6}+PIDym$_FHZ}6aArEcyrn{6aN zXTnET%z!yv({4WVVdxXu_9!KIjfx*zmL zPRExWQ0CC0_xUU{1P4Rze=nE=1b}A6Z}Hb3&Xk{Er5gAc7(HSY3B}wSz|8x%?Ss+T z_Fc39v4MdET<?U*UI~}8(v(z z$Z6AQx&aIEQIAC$do^#WxTt#Uy-bf*fnPoAR&0M0dG$sUd{?);yog(?a)9pE^MpWa zvt4BjJVw9%o|XHoT8&plcV5#_=z-u!!S337n?<*qYIYwLb5)z8`JMQlM2jss3==uL zGl}$q{CimDr)E~c(b(XstkT(Yl%_9O3kn|;+8&uO z68Hz?vvB~Lx*kOR;&I&BO z#?HPsp~r4b%gM~NH5tfy4i3@pZ3=W*oiPP$&M&@Y>LZlxfDz5iqp;6SBp@6#RrooN zE3i^l_#<|@M@@Ko%rGvHAhW)EzG9uXHA( zuxRXb^rd$%y@v}{-Y^EuK5HU3mH(M~&RS+U0*^H$dP49zK!AecKd9so(W39Y=i&IrhbkZFtD1^5cu4EBP5 zY%Am*A(sR!HcoAUxQ3a0@&Ux(%W`efGTLR9L&L?7cCqRAB2yaIu5?83hSQT%oC<57 zquSL7GT|7I6+mTP>)Bp4Ew$Heg-Jq0Or4hJ%sS#|sc9+e0pDXk3dz5FBoZBOw>D*hq_i3ie>(IO3P$F0=xxNonQ{dRXDy;hvWDi_4 zS~Pd2Mh%JnV4~t9DAM(ve=7ecu72(X9p=VvGQ6sD^p1%rdhjV1O)25kyiHYW;HMtG zk8GJcO5~IEQ@;{@y$~}Cr*bfOqu4Z10^#k6#aNWWJO<>w9O zL}Kc4F3*kfOn~1wQ~UVMw8f{Z4+AT}9;T|gP69HjAiD!T$xf!S z)N*lNdeSA^B|0lxeJWgH=-aAoCx#$T;j-v6c~TK|H)0&fC~hj!)2Pd>_Ck?*wxE6( zoF(FlNB|91^~RSwA8lxCxH%j)r$PeKWld@}=0yxgV0q zR05xb8)WfPCH3#hYtVG6k9llgYP=m!f0K96QYpB7?G}h5P{50Tq7@HH=Aj`Hz?Ma; zlU-LxJV}d;AyDUm`^AJ1*a-;g3yd1JWCg{Nd60nCCGr7VIEX2F^whaV25XdYd3z+-wfT0eol7Ofl5^#(X)kX{jvt~ierg*0y zIo+ss4XFHlHmdgH+{Y67U=@qe*}Q|=>43e*L#kq!?I0JG2?}MBqprc77?`!tT(-Qndeikv9Mq?P166a zr*8>s68Dz{^^7B^=E-TXU{rv*2em~Es1U|eLy;x}ihws9FQ(Mgy|>ekKwSXmD+JXA zrG+kzX@MiuL}Xf{SB{Nr|DaTG@r@%)`(1f7x7G1jQ|V`HLHNRqhBJ&@^Fkqwsi~#1 zO+?llUBO(2#2;bk-4bdOylB1cft6<*L95e_G z`!%H3?gCTLM&v^IoMN1$607b(x;3NvwqRt&Lah61EQ|V#=*^>q#6=+~heY*r2r^ z*Yp!74<~MXmWhl2$h1x$KNZ6HaI*do;3*}OcD!7bB@Q{Sweq%jw%o%xk1O4|V6^Lf zJh#)?3ZicN>WA02Y>OO@<(IwNvH)U$mY;BJ9W!?gY!a^Sz35BDN12?~=t_-Hdi903$9x zfd#g=nfz;EB!I64oZ&`@oexXoKWP?u1?-XOOd4$W3|})pUgMQgK5tQv?bX`i#y-`| z8l^0_J1Bn4s4-%QgEN>ykRk!hCdT`qrue9WO$M=Eh)(^PI^-9^tDiQA{NA{nLcAjct1 zGqkv)MxcUagdmmhLXhLIF9u*r0>}a9s2_vfrRD)ByL}#K<%+FLk=Ao!} z{-C9x;E;(w5R5;k3X5pqO0>E*@ant<*_&yA;KDy=_Q^L1&yNV5!U!0`ruGon8Yof` zF9~XPgE24^-vuu4L$1iwWe;JR<*F*OYeOf{9sAcQX0p7sU^CSRLO5(LX=Q4M1q`uYyK2&crX*eyrU&zLq9D79 z65bnML9Ne&&?NzHn=^4-CjlJAU$TGT`M(zhJvgnYu;h06l+JpN#f+RzIW{luXsVah z0Wc@rX5==;WT)>ha-wbO{?@5!|JNdWTcDL6W9Bm}S=+nKsDJvIKkCq>Dw=olkGApl z^~GfYkjPhk9(VaF63z4DIQNuLv2E%J^F!|oR0i^1PMKmUi@x?JotM0^CdXQ{)WG*x z_TJ#ekq=r@XS?USESD$G_Fy24ipU&Si7rC(1N|J0iRNa@v(hU8Wn&kMwK`i;CX3ME z=4q8P$GATGaK#;-WxH|aYHgYqcXYZ^U?s+s+IAGua@MIL%AR%mQo&rx=RUjf+>g?3 zeHVGiT78GC+0KQq`q__uo`ANu8t_q86vuuQzr|l1-2Lx^Sp5Rd`sah8-$phWY6aap z3uS<=&cT+J3zuv5p6!655cdo%Mr=?bMyE8S{)QNDaQKGo;zB$|e6LpbRMTys5iuo5; z_Nv5w)eEmZlfae3SQ0x-!~FF&HL)VEJZ`krD{4DwT69&hKKZ_TVeQ@Ig-d6BIP!P~ z#gy(bCcHBrp7!zXUNzLRlXvm%Wo7D*8atocL9BRwZ!O0>iP@3*wK5osYsU>-S2r9^ zR^iJ*v=@qA%kt4G%h*$UN3d6uB0^u_2E2evhc3l)(1@gzyaMyh7^nfqd{Io9{}GT~ z6VSdiafK~$RSD3(&)no)f^9D{6CVoPf9sc$l^uST?7=^pNjt)ip_`|@lZYR{tiajA zHkf(l9xtwn5DEqodX9gg{38AXF!fiv*DM(0a|ib zR9&2A=PvRDh{~LdHoWJhbRrLL6>vW0LM1wzuf?;c{Meb+i+R-|CPs%#&VSBIycg+m z!FTbZd<9>aJcm6TEwtM#v)U>+TjNvI*f1-kGJ*jt;L_w3zBJE}g3Ky|!V;=%ywSMj z zE~=s>6Mg8ma}c)qPj7~M_WxHXPg>#~N@2$3vuO<~=EL{?+7)!bn@1cD3)Pc#oF|_=?DV_g~3}#eU*AnM=)p}9? z?o$k&k`D#v!t%ZtUpbkWJ9G9{mtalJdrMiBO9xc=mSE_WjV80~<&Ju_#L0VGBHjh( z!b1cniOLvSDr^V$tSaJYw{+51^y{lGB*52B+uCS<4xF%L@&ii==r>g|(aAH+HR&(I zv>#5l&tuIv@1+qXwqd~@OR_4+Rka(`O-x zmGoEEBC?{X@_A#P%mHL^>KqNv;7n-YpzZn_0lH(K``9$9`z;%^W9O(@;wY3&ulBy? zDQmHLTUDYwh=cMDyDl2u%&mt#4orx%i3n7D$->IgIlWKV*h<+sB2Q;8dfZaRkgm_8 zc@cLThSV^Hd8vFe5kO zq8nb`a$X(vO4U((YAy@m8Mk$jOwmFlI>=OO#c|Gx{dsH~R!s*L1<*R3G!5r61 z3d&~4-tjunzqs28qOk{N5hWV(blEB(UDk34;E2IGE<2bB@eL+Ldf z&5k;%R91dhWa0c>1Oeky93AxE23be#stF!z7bim!*|7*$ivkU+nTt^^H686$BK$PL zuKS%mVd~Fiz2KI;5~^}0jRIXVNWRK=D`UT{n5L(S{w=cz3I}-(#JhKOmBKbWkssZd zKc!`m5tng9)>kk`dl{y@u;TL6YR6Y6V&cL=A-1WZln>>i0C?PA0u^(Tt@6Zr~cwVzDGsre>Q#CYi10JO1&il3ZG_AC;!pK>Ne zKJg=wsl{Int7bP-@~ZpA#F^my;g1cMB5W^T#EY0@f-riG2Z4u|!g7;T_x(b^|S+{;CL`>MS``-d)RaeP;y1@%8ZQN2exY z8S=B>+}#a=-p(xzXVC`;5o*?bf_j#$DI)JO>xKoV9$=W3CaHUiz%-$u0PB1>-?a&` z+92w%L}?r`NKcWcr&VUZ4iEC~{w|Br56NJRhsb=_ZO%iRvyQmTM^H}paG8>B#pw;iLC@vP}o_rn&*_ z8neE%ypya-Pcs9}weL}U-?q;_h2M%G5+SJk#fK{_JPEUpU!OHUn1;sc&T9{FCHhH) z(rrOm`B+%W94+F%((E###_0wpAo|qQj3b z{sx&|+tn}OuLd4Hohq3CW8W7M8%S_1mT&VSv?~$Hp-4kU?Qu`m1MwkDkIw@KqvLV> zFE4;nOHMvRi+^mw3pyfJAi&)oJvE$1R0#yNvDp(S=9# zKsQylo%g9hEuMWki#E&l2LQr<8zBvRG>^6&mDV(7VX`uNs<3hxPJu<_EP2+YCV^w8?#W0HGLqqjolal3MwI4Q5Z+}AD}bcvoRns74I&Idu`N)rRso??zQ=i8 zpMJu{`rh5BiKK1$#ympCIvD$Vl)c&a`PtXjo|l_d?6tvJ6EQ{{6_{h5*6%v{9n|Ce zw)YtLU#%Yq=Z9yo{D@i(&@>eo1zr6u4Ga|L1mZ^&e+bzBWdqwkiOxFwl}SaG%tYzr zN&{zaouV5>nBXUwPmjjNk3R3aXDiw4qV6qFi-zB+t%_bBbny9Ln|mdijPvPrTJBi2 z((;F`pVH#M|9j-S#gEyaQ>EVNV@<%KK?(r*A@5nTeeB3sT9-BzSDa;dLF#B*b&< zRoT70ZWl>4E_0>U1s1c&**#oJ##m#GTz%9;ib2_!F^FnT)O&h?wQZ7*-B0)Rn-fFh zEniY6$5;dTVqr*8)I%q>PgMtLu*cI#fQUW^OP}MXjI#rWUV5F3KN;0MGO9R!E9BrI z%tzVTA`cm_NA8aD3rAD^boZ|vd_Eti7n^iWkJViLf(E;E(WPTDgH3A?%g0JPPYir~ z_}nT*eQ;DsIy~{Pq8r-0d_FJ(4$T}}nT!IY;n8%cM$aHllf8Gv(Y@78=;{fJ`E5SV z$k_@%DhyM1%k&z(z*L2zZ9CC9v&7n!1Hb5%NHe~ek?^H|F#i=sm{zgRAmry5(dx>% zpTg6Fd@9>aKMXxYG_V7heBo=`k~ z=0BxGmZl~vKNf%9M3!-BQ_Zb`AAP0(&Cr54R_+MB(~p9fUsfd> zFNK0c&!Ur_IBitOfuA#b19wjG(~J0&tWH;b@NpPVMjp#dkbFaS9Yd?>i8@oeH`ops zja|yA6v{_)p#nX=y@c%P>JOVc={W~Ea;7p8a$ftZqC;zEy};B=QxV_wr(gbQd`^gaE;^>F?vnSlJZ?y=g+uyv>9Vc~xG1usc&lh_N;g_vB&_PGF{1 zy5yEJj#_LMW*)(gfqQnN-Ph>l6vdMU9Ibmtud?d!IJ(SbwDsjR*pd(D!|AaevzbpC zq)^%^Yta$N=ZUsE!^yny=S$Czv8Pe+YV$jZ#VNgb6JRl88pEK7CWhsYEO};}`SMkF zV@*;+_}QEc{!=pVqi`0ckFCDZ(g2P|h5iC{bUwI2|CD9M!*o+&hm^_+srTK7CcW3& z)CUFwbeq1a3)yV3QmbDplbpVp?)F)FyZBjaCbO)mO_6tp^RZ>$Qz^9Hx@oGi9ATUG zmu_lEUd#pj)|ikDg4lwYzL|Y??hgjKF|O=GVSR>>(L)1I*_$H^0dK&9{MleVC6YE` z9zE4GAXPyV{Tki7|33J^FTjOgz;A!rYex3>C;n?<&qxiO%2f-6%h1$fMS)^6hI95Rd)EX40)c z`d>QeORcM^Jh)TEHF8xv{4m+0)My%&)(hTD1r(_>kR#*%yl7Rdg?_(dc@dZDr7_h@ z=0g{1xyhb?KD$7{v zm+Aww65RfG-zji5rp@^d+B9Vz?Q}$+7A}uD;+=Zq?XxBZMK{R;$1}?tG+yk@8HPd3 z4_%+WlZI;dT!x4l*fv}!A;g!bOWo+(PBqpS%3Mo)dJSz%NE=tab8cEv`JDF(ZLT%e z@PnSHy(v8sHS}nE4WiobFJtyLLi<6_!t?z0^UYD8MlMdY`cmPF!+||#eKoIU=s{UX z&Q&Co&d_wpx8e~)n_NVwhw|Jpt{}0uu8Ev?Q-a%4oF9u9-JYooVGgO7xT0}F!|_bI zhn2l$Rbz?ultBu}0PD7y$&_BZsu)Ly=?8iB{Vru!7xV90&`=!p zvym7M>@u(-#-Q93O9$Q*zj5aFdx$b>?oqBzZtr+|(DFF!BnJ1t&Fa&O@aCSC7+7p7 zgdN8QUu|fpeTPWt5yTul6CV`B-lG3mz8Y=^e=2_pJEVsiYBD`)ixVV-J{?`C@MEm0 zSfPyWx!t))ePwQAqm5$^;6Ti1M2-5xs5bodk%iKEHKAxQ1yeG`7ysq6^33HUOEliH znD#|>ucl>L?=@dp7;V_BasFVQis&MrCu;xW^5!hZ_U5Y>3(!W|$6^xLfop*m^m+Ta zZ=IO7jJb65DLFmuDgP#>9ojHiL(s-%5bs2;fxDh;bxbrJEa)B>v7riBm8w$@R@AjmyW=w#LFYH)1lujRfEPg-tN+5!b%rCqb77$Qahi)wI{s z!OvP0p^q__0?x6k&+7M?_gRDcu|0Q{OQ8G3>azkv8O6Vq4 z?78*vUp^d2AFGV6tue3lMQe%isk+B$6i+b$e7cz%8s zZ4&I4r#ZxvhRstL^+hl?R!RcUH6Vl<*z@}J>Hjy0K}`uS>QoDt45Cvefp<@w1z%Q) z9^vKnDlnSuTx2aC+mR@%F2<Zu4=Ls0-7Jeb^ClgyW{{^v?89{U4tJ`Q}Y===?q0 zfYi_55h!d9q$hqE)q6nXSe9q6{jyQ~s+2x7_~2yI)lOiW5lOp#1IR5Z(69V(!$ogSmL zLcx;h>lBPkKiV|u`o-N*>ZX`Qm!#)M8oUkbD23~@y`cxNCVg8NM$q1Lm%tCgPfEXl zlhL3bv4Oiq*&DCd1^clgDDq7?6nCORc%K+ghROAZJAm2jE-3iQ@;lwUpZIwP3*`_9 zZUy0->F~!zjxQ@hw=D&zBUzKIV%3#rUoWDwXv==xZt(5?pWAXE5RHvOZ7HL_8o+ka zhIYJC{G$YO*B(u3e|Z);{Z#3aUX@v-o&^~6YN=|JJIl~Cb#JgvAzvfgo>J?fUuSNj z3eTlLJ@d4@_KPfXK5y2%ru9NAqI`)&$E!x6otibwRW(M;evU%cl$Vkv7oR;FLa@N^ zWCzLiwLvKAE`czNkf&5_}Hw(*>i|8?heEf0L#6l9X zRsu03$os|IR?u0{De>&6Bu|3pk?6(sARmbp?OT+BsM+^8nE`CeGCGr zo1aC67^#GA%{!8SKrj>j|G0N>yT?G;JV}qhrlS^H zGR{_`rXEzVHTM^%x*6LsYY7d+cEt1R6>qJM)__Pqqf9nXzSCgyH2WYb0{$9Qp$RbL zeSdHpO13NbHJD2q->?GzJ4=^q#|VXk#b6^G(7sbC*4tot%nM;H}_h- zPi4GnsQ=@8Cx7|w$$#m5j%_Ue&6~xVYS&Z8U&Ib$s3=rG?^X>Rx7!M#6E64L*RJX- zrkn4BI8ld(QD*FY5GPyr=zvB!GR%m2D-_K$J6k&q-ivxkzU#VbZ0z0oS~9TTSAj^3 z;UuU5esVvAF#cIt{huhu5r7_2M$^=z*7t9svU5y~N?$(6v=gye0Ejv>h=X{k85k2b z^~#`7szzV=2Gz|$6YZn>ZDYIf8Pkge+wj+^>zTPA=3>&-VHVVuwMAXHFO(%ik=U>~ zLY}Pn)Ku>)NCDg$ejMG9Yh|&2-TTJO%KG7K!y`QtX+Yjv`FOH5%x&}7Gf#M)49vQ) z>Z>bIzRUX)eEoYm?FVQ0-*FH4o=)~aAu0h`aU^vqN7()@0Pei=1!&z0I5x7Wyh-dEUYYNy6#Gi4f zf5DvnThH1j26Zb-)p(1_FVw9y=tdn#W*d0C5?CSk8}R*aK;Zr@&H4D5^J#Rg#wI+B zc+{J=1;T(?yRlBoW`EM9G=b~frs^5O`!v)nyTJO<80>Bmp$}iUfEW%YD#97Sed^<; zII^t62xJ=G7z6?dZ4t4lBp|v61TZenY~ap%W$rdl;XNDDKquD%T-V*uUIfP4?)@2O z;w2@#SY`xbDR&Y!#Q;N(;_iQ2c8RRrEmIh+4d})b1a=LA`Wz?(>ck`;67Veu)8??; z!4G~q2x|jnhV`h{ftyCpfT+@PSd%oimKbilNI-*lGcijLsy-XJ_zBw4@CnXLC`QahPQr%f5yX(o z?C=jy=Bu%qNR?tw1+|yzBILKiT{Ur$@P}KVVX~X8E_C!n#!_hFbJYTlz9v)D1ibL3j`GigA8e8P=qiDDH|ChLyHsZk--ok^s_#yqhHa^-nt+6oqNvS z=kBwSBp#!iBt9t_aCX;K2HpVbxuF^Ahj+Y%+JmX|z+a?v?fd0ZFK8QtJj`W-qqyqP zS@kOw7*fk^iF1RYLChM)xxpKwhWf=Hk_UKk-6&X6XM$PCTH0?r`$OwC2u)m9(9T+2 z2S7p&@-^}ScLept)E_?gWdeZj*+Ol9_$ze%J=l)JOx#xZ6@V$DN&gk&PQJ_7wmR}+ z))Y#M+amu(4VWKl0D$RR!Q09}$Uy;0U4u;t9oaa5ZLgqXIU5hYd1dmf)PGlZp>_q> zj-J_V(3)y9Kq>eLbFN2gq8%FUhaMX8zh^bKmLpazLc{fCh5!OSN(KP+wFyAzl|#4> zr3Z&@SjPy@N?dfnG@IV*nevEI8qn7CLQwPTdd(%JvV~AwVFH%Zxu zm`kohp_p-HCNT~dO*~p+A&@we^fB7x`iI@`c{=23gI@1)V z0lj@S0ty(%fy90DiBJRDJA=UH=D8AFt-=b$d@lA>GV)S9kB5g2 zNa$Hw2Ue7QTl3s7%4Oh@+0XAultm5jDf34BSwy=6(Z&n>_t>TqmIn??U$AaIHKNL) zWC&XZ3dG;B3)pk^eiQ9c&eCeZ1e;)1!m@fo>#8kFqdZGSp!pwu?!I)fJDBJ7Ps+0< zAm4t6OeK~*j)t3`Sg6hO-O9U>YX3fFBDCl$a*AKx_OA1f*|pZpw5ucB~urNuFLQvJf=ty5N}hW^sJxrPj_R9=4;9apaZ2X*f3*WNX!voFx3#NLn zYq$tS5**P~txQ6G&u52^lw(nrk-^H-0R{?yV`|7>ENG0`IIhV8VBp~XEwP7M6k;gK zSPwnzHw=>zafjmWEUKE%ZhRQm^i5YSe%VbDP&rg-p@ZuNh-$eiifIz@7B_fbfZ-XK z$fc%<1J)b5-dwOn56oxn>oL#AT}p|Ux|f=-eSCU?3$4!H%RS7Bs>lmPu&dTc$)W=* zFh5l~_Q?@^r;#LtAaWUZ?^=)y7N{Zu74dGaL#u>(6r!4ptwdBAI1QVAkesg@DMX|8 zX{k9=um@I^{Z;8DtYay1k(C2Is#c}Bi$PSrll70EhS*Eo<%+TC&6KdcLz~twyhLWW zvgK)Sbmrr7jYW)DIqQjhr>|r_23Kc8ly9z*MZ6k#Sq1lXjSI(n3Nghnq;+s>MHNy9 zmccU_$B`anXE18>Sy$3`@Oq^6Z45g&VOG z-vcd9Ub;JU@XNd`?(ymxBQ8-0+``Fz&nn%yGEQ$nUZ0=(<;f>|>wH=gwgj|{FS31$UD*>9r%@O0273~X zGH}FYQOXlWsE+F9ZP&eLU2%g8V)mBOP?6&LQ0H`wBC2DDXkd+CNy98eCB=@B>Fj%)B-E|d{54xMcA<`??tLqn?1Enijg2t7zUa?w5iE5EyXhQ zJQ1YiSvu7*?7cAT1grF^=d%KtU{5xoyo?FKZJIFp1kvOJL2$@E-(6;D<7!70Cw?fA z$5cs5*=^PYrZu9%p&C#j7BU=O@!FbgMtqJQl`1`+^?AL&CI-`JS=h)>6o%-*!2C_r zm9(r_-7B=);I@Xt!z+Am73&_@RAq4c1zY^854JbTRVm8um)-Cv)0BxvHj&GQq}P(@ za`sXcw<0U|40@aul@Q@Ou|G8OPKRD#duvEr1XmVQh*@K}vMzJw69iuK^+%ksPSYhn z2{5Xej05+YDM>Q4!rhsH6x&ecTIMOj%W1T?`^mn%G3Qs24`N(Rm&BQ5q0HX z_Pw@u-kc{^FI$P3C>i(jFD3q)R;sVz5ghR%db};*{gQP~Tl=MUBXFz zNd^4883B_=OD%uN9&J0*THl*lNnMIgM^rj02Fxhi$vovfbiDH>ZXPS(&v$_ zY=^3k;l-9ORuJ31BKNTG;V|($^IF&;oY8$u{cFm*u2TGlrp_JpFdOaV!D4jxPAqN1 z@3s?g{X>2yAp0H7{fXTWusWPEj`|AF?lgd*K-R_U0OW%LMg{m9Qj&rxT~GaZJsOY{-jgB5>W3swK~X0R(&!4CuMxJ72%~)c|)bQf?OjEOi&o z{WhZo1^n7~y#MOX^Os$S@JGJ14`BACg#cVP0N^1A=)U4?k8M3%^035X)(|4aBZKb& zjgkTM*>B9^PmIOC`kMUP GAN~o58bhoA literal 0 HcmV?d00001 From 5e6f699b2091dbcacb898f959a1ec82261b78025 Mon Sep 17 00:00:00 2001 From: depombo Date: Wed, 20 Jul 2022 19:10:49 -0700 Subject: [PATCH 5/9] wip focus on familiarity of databases and include statefiles and drift --- blog/2022-06-02-vs-iac.mdx | 23 ------------------ blog/2022-07-22-vs-iac.mdx | 48 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 23 deletions(-) delete mode 100644 blog/2022-06-02-vs-iac.mdx create mode 100644 blog/2022-07-22-vs-iac.mdx diff --git a/blog/2022-06-02-vs-iac.mdx b/blog/2022-06-02-vs-iac.mdx deleted file mode 100644 index 2206b16..0000000 --- a/blog/2022-06-02-vs-iac.mdx +++ /dev/null @@ -1,23 +0,0 @@ ---- -slug: vs-iac -title: IaSQL vs IaC -authors: [depombo, dfellis, aguillenv] ---- - -Infrastructure management tools, specifically Infrastructure as Code (IaC) ones, have trained us to think we can only manipulate a cloud account by applying a static infrastructure declaration, or blueprint, which makes it challenging to manage existing cloud infrastructure and reconcile future changes done outside of the IaC tool of choice. [IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. However, it also makes it possible to import all existing cloud resources. IaSQL also allows importing recent changes done outside IaSQL with the `iasql_sync()` [function](https://docs.iasql.com/functions) after the initial 2-way binding is setup. IaC provides a blueprint of your infrastructure, while IaSQL provides the actual representation of your infrastructure. - -### Understand how each infrastructure component plays into the big picture - -The infrastructure of a production system can get complex quickly. Infrastructure components can be used by different resources. A change to a cloud resource can have undesired side effects, or outages, in the application layer when the relationships across infrastructure components is not clear enough. Infrastructure changes are less prone to errors when the complete representation of all the relevant resources is in a relational database. Furthermore, debugging for outliers or misconfiguration can be easily done with SQL. Sometimes the issue under the surface is not misconfiguration, but just configuration drift which can happen when a cloud resource has not been updated in a long time or since its creation. - -### Freedom to use any cloud tool - -Application engineers often need to move quickly and create new infrastructure through a cloud UI that could also depend on infrastructure previously created through an IaC tool. However, subsequent changes to the IaC declaration can affect the infrastructure created via the cloud UI. We created the IaSQL `sync` command to let teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with static state files to stay up to date with infrastructure changes. - -![](../static/img/comparison.jpg) - -### Backups and disaster recovery - -Every production system should to have contingency plans in case issues arise. Cloud outages and human errors can delete or corrupt infrastructure. IaSQL provides a recovery system plan based on up-to-date database backups. It is trivial to apply a snapshot after an outage and re-deploy the entire production infrastructure in a simple step. - -In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account. Furthermore, SQL can natively and ergonomically encode relations in a way that most configuration-based syntaxes simply cannot. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. SQL is also the lingua franca of data which means that many developers are already familiar with it. All of this opens the door to new opportunities in terms of team collaboration, vendor locking, cost optimization, and disaster recovery strategies. \ No newline at end of file diff --git a/blog/2022-07-22-vs-iac.mdx b/blog/2022-07-22-vs-iac.mdx new file mode 100644 index 0000000..61b95f7 --- /dev/null +++ b/blog/2022-07-22-vs-iac.mdx @@ -0,0 +1,48 @@ +--- +slug: vs-iac +title: IaSQL vs IaC +authors: [depombo] +--- + +Infrastructure management tools, specifically Infrastructure as Code (IaC) ones, have trained us to think we can only manipulate a cloud account by applying an infrastructure declaration, or blueprint, to a cloud account. However, applying a blueprint to a cloud account brings about several difficulties when importing and managing cloud infrastructure that exists outside of said declaration. + +[IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. IaSQL does this by using the actual representation of the infrastructure instead of a blueprint. This provides several benefits which we will cover, but primordially it allows developer to model cloud infrastructure in the same way the information in most software systems is represented: as data in a database. This means developers can scale the cloud with a familiar set of developer tools that the Postgres ecosystem has built over many decades, and with one of the most well-known programming languages, SQL. + +### Statefiles vs Databases + +IaC tools like Terraform and Pulumi automatically create statefiles to reconcile infrastructure that exists in the cloud, but not in the infrastructure declaration. Statefiles don't use human-readable syntax and are hard to inspect or modify, especially at scale. Terraform has gone through great lengths to make it palatable to manipulate these machine generated files using their CLI tool. However, databases were created to replace files when manipulating a large amount of structured information and developer communities have built a lot of tooling around them. IaSQL sets forth a much more natural and battle-tested way to manage infrastructure data. + +Some organizations prevent the generation of statefiles when using IaC tools by making cloud dashboards read-only for all employees and only allowing infrastructure changes to occur through the declaration. However, this means every single team in an organization that can span thousands of people and software systems has to adhere to this convention. This can be an untenable premise when workflows span multiple clouds, time zones, deployment strategies, dependencies and versions. Application engineers often need to move quickly and create new infrastructure through a cloud UI that could also depend on infrastructure previously created through an IaC tool. To make matters worse, subsequent changes to the IaC declaration can affect the infrastructure created through the cloud UI as it is only represented in the statefile. + +We created the IaSQL `sync` command to let teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with state files to stay up to date with infrastructure changes. + +![](../static/img/comparison.jpg) + +### Importing existing infrastructure (WIP) + +IaSQL automatically imports all existing cloud resources when the initial 2-way binding is setup. + +### Infrastructure drift (WIP) + +The fact is that someone is going to access live cloud systems at some point in order to debug or in the case of an emergency. + +IaSQL's automatic import guarantees there is no drift the moment an IaSQL database, which is a Postgres DB with no bells or whistles, is connected to an AWS account. + +Drift between the infrastructure representation and what is actually in the cloud is squashed with the `iasql_sync()` [function](https://docs.iasql.com/functions). + +### Relations + +IaC tools form DAGs, directed acyclic graphs, under the hood to establish the dependencies between differents parts of the infrastructure in a cloud account. IaSQL sets forth using the relational SQL model to encode relationships between pieces of infrastructure using a syntax that is ergonomic and familiar to most developers. + +The infrastructure of a production system can get complex quickly. Infrastructure components can be used by different resources. A change to a cloud resource can have undesired side effects, or outages, in the application layer when the relationships across infrastructure components is not clear enough. Infrastructure changes are less prone to errors when the complete representation of all the relevant resources is in a relational database. Furthermore, debugging for outliers or misconfiguration can be easily done with SQL. Sometimes the issue under the surface is not misconfiguration, but just configuration drift which can happen when a cloud resource has not been updated in a long time or since its creation. + +### Type Safety (WIP) + +The advent of typed PL have shown the importance of being able to catch a subset of all errors compile-time. IaC tools are akin to scripting languages here since any errors generated in their internal representations DAGs are only surfaced at runtime. + +### Backups and disaster recovery + +Every production system should to have contingency plans in case issues arise. Cloud outages and human errors can delete or corrupt infrastructure. IaSQL provides a recovery system plan based on up-to-date database backups. It is trivial to apply a snapshot after an outage and re-deploy the entire production infrastructure in a simple step. + +(WIP) +In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account. Furthermore, SQL can natively and ergonomically encode relations in a way that most configuration-based syntaxes simply cannot. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. SQL is also the lingua franca of data which means that many developers are already familiar with it. All of this opens the door to new opportunities in terms of team collaboration, vendor locking, cost optimization, and disaster recovery strategies. \ No newline at end of file From 2062d339a9c1282872952beea25ba6f46f0b49e4 Mon Sep 17 00:00:00 2001 From: depombo Date: Sun, 24 Jul 2022 15:35:21 -0700 Subject: [PATCH 6/9] improve introduction --- blog/2022-07-22-vs-iac.mdx | 55 +++++++++++++++++++++++++++----------- 1 file changed, 40 insertions(+), 15 deletions(-) diff --git a/blog/2022-07-22-vs-iac.mdx b/blog/2022-07-22-vs-iac.mdx index 61b95f7..001acec 100644 --- a/blog/2022-07-22-vs-iac.mdx +++ b/blog/2022-07-22-vs-iac.mdx @@ -4,45 +4,70 @@ title: IaSQL vs IaC authors: [depombo] --- -Infrastructure management tools, specifically Infrastructure as Code (IaC) ones, have trained us to think we can only manipulate a cloud account by applying an infrastructure declaration, or blueprint, to a cloud account. However, applying a blueprint to a cloud account brings about several difficulties when importing and managing cloud infrastructure that exists outside of said declaration. +Modern, cloud-native IaC tools like Terraform take inspiration from the ones that came before like Chef and Puppet. However, legacy IaC tools were conceived to configure a (somewhat) fixed number of servers in data centers. Then the cloud came along. Click a button, and get a server. Click a button, and get rid of the server. The commoditization of on-demand, ephemeral servers gave way to a Cambrian explosion of developer tooling at different abstraction (and price) points atop servers in the cloud. However, legacy IaC tooling didn't anticipate the elasticity of the cloud. Cloud-native IaC tools today are not only used to configure servers in the cloud but mostly different compute and data services. AWS alone has over 200 services and counting. Each service with a different API. -[IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. IaSQL does this by using the actual representation of the infrastructure instead of a blueprint. This provides several benefits which we will cover, but primordially it allows developer to model cloud infrastructure in the same way the information in most software systems is represented: as data in a database. This means developers can scale the cloud with a familiar set of developer tools that the Postgres ecosystem has built over many decades, and with one of the most well-known programming languages, SQL. +TODO: +Puppet snippet VM +``` +``` -### Statefiles vs Databases +TF snippet EC2 +``` +``` -IaC tools like Terraform and Pulumi automatically create statefiles to reconcile infrastructure that exists in the cloud, but not in the infrastructure declaration. Statefiles don't use human-readable syntax and are hard to inspect or modify, especially at scale. Terraform has gone through great lengths to make it palatable to manipulate these machine generated files using their CLI tool. However, databases were created to replace files when manipulating a large amount of structured information and developer communities have built a lot of tooling around them. IaSQL sets forth a much more natural and battle-tested way to manage infrastructure data. +One of the biggest assumptions legacy IaC tools make is that the amount of servers in data centers is finite and doesn't change often. As such, creating a declaration or blueprint of the entire infrastructure works well for on-premise machines. However, applying an infrastructure declaration to a cloud account with many different types of interdependent resources makes it difficult to import and manage the cloud infrastructure that exists outside of said declaration. [IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. IaSQL does this by using the actual representation of the infrastructure instead of a blueprint. This allows developers to model cloud infrastructure in the same way the information in most software systems is represented: as data in a database. This means developers can scale the cloud with a familiar set of developer tools that the Postgres ecosystem has built over many decades, and using one of the most well-known programming languages, SQL. -Some organizations prevent the generation of statefiles when using IaC tools by making cloud dashboards read-only for all employees and only allowing infrastructure changes to occur through the declaration. However, this means every single team in an organization that can span thousands of people and software systems has to adhere to this convention. This can be an untenable premise when workflows span multiple clouds, time zones, deployment strategies, dependencies and versions. Application engineers often need to move quickly and create new infrastructure through a cloud UI that could also depend on infrastructure previously created through an IaC tool. To make matters worse, subsequent changes to the IaC declaration can affect the infrastructure created through the cloud UI as it is only represented in the statefile. +TODO: current vs desired state cycle diagram -We created the IaSQL `sync` command to let teams create resources outside of IaSQL while still managing said resources. This flexibility makes it possible to have multiple cloud management tools across different teams without getting locked into a single tool. When using IaSQL's `sync`, there is no need to constantly recreate changes or deal with state files to stay up to date with infrastructure changes. +IaSQL can fully reconcile the current and desired state of infrastructure by providing the familiar `apply` command used in IaC tools like Terraform but also introducing a new input-less `sync` command. We created the IaSQL `sync` command to let different teams create resources outside of IaSQL with any cloud management tool while still inspecting and managing said resources with IaSQL. This eliminates problems that arise with IaC tools when staying up to date with infrastructure that exists in the cloud, but not in the IaC declaration such as infrastructure drift, explicitly importing resources and huge state files. + +TODO: +1. create ec2 instance via IaSQL +2. put an lb in front of it +3. create an ec2 instance via UI +4. iasql_sync +5. put the imported ec2 instance behind the lb and apply + + +### State files vs Databases + +IaC tools like Terraform and Pulumi automatically create state files to reconcile infrastructure that exists in the cloud, but not in the infrastructure declaration. State files don't use human-readable syntax and are hard to inspect or modify, especially at scale. Terraform has gone to great lengths to make it palatable to manipulate these machine-generated files using their CLI tool. However, databases were created to replace files when manipulating a large amount of structured information and developer communities have built a lot of tooling around them. IaSQL sets forth a much more natural and battle-tested way to manage infrastructure data. Let's simply use a database. + +Some organizations prevent the generation of state files when using IaC tools by making cloud dashboards read-only for all employees and only allowing infrastructure changes to occur through the declaration. However, this means every single team in an organization that can span thousands of people (and software systems) has to adhere to this convention. This can be an untenable premise when workflows span multiple clouds, time zones, deployment strategies, dependencies and versions. Application engineers often need to move quickly and use the cloud UI to spin up infrastructure that could depend on infrastructure previously created through an IaC tool. To make matters worse, subsequent changes to the underlying IaC declaration can affect the infrastructure created through the cloud UI as it is only represented in the state file. ![](../static/img/comparison.jpg) -### Importing existing infrastructure (WIP) +### Import piecemeal vs all at once / Import each resource explicitly or any number of them implicitly + +Terraform allows importing existing cloud resources into its state file (not the HCL configuration) one by one with the [`terraform import`](https://www.terraform.io/cli/import/usage) CLI command. + +TODO terraform import example +``` +``` -IaSQL automatically imports all existing cloud resources when the initial 2-way binding is setup. +This piecemeal process makes it very time-consuming to reconcile infrastructure outside the declaration, especially at scale. Pulumi allows [importing](https://www.pulumi.com/docs/guides/adopting/import/) existing resources by identifying each resource via the CLI or calling out each resource via a JSON file or script. Furthermore, importing a resource that is depended on by other pieces of infrastructure often requires a [complex set of steps](https://www.terraform.io/cli/import/usage#complex-imports). On the other hand, IaSQL automatically imports all existing cloud resources as modules representing cloud services are installed without any additional input or steps other than by calling `iasql_sync`. ### Infrastructure drift (WIP) -The fact is that someone is going to access live cloud systems at some point in order to debug or in the case of an emergency. +The fact is that someone is going to access live cloud systems at some point to debug or in the case of an emergency. IaSQL's automatic import guarantees there is no drift the moment an IaSQL database, which is a Postgres DB with no bells or whistles, is connected to an AWS account. -Drift between the infrastructure representation and what is actually in the cloud is squashed with the `iasql_sync()` [function](https://docs.iasql.com/functions). +The drift between the infrastructure representation and what is actually in the cloud is squashed with the `iasql_sync()` [function](https://docs.iasql.com/functions). -### Relations +### Relations and dependencies -IaC tools form DAGs, directed acyclic graphs, under the hood to establish the dependencies between differents parts of the infrastructure in a cloud account. IaSQL sets forth using the relational SQL model to encode relationships between pieces of infrastructure using a syntax that is ergonomic and familiar to most developers. +IaC tools form DAGs, directed acyclic graphs, under the hood to establish the dependencies between different parts of the infrastructure in a cloud account. IaSQL sets forth using the relational SQL model to encode relationships between pieces of infrastructure using a syntax that is ergonomic and familiar to most developers. -The infrastructure of a production system can get complex quickly. Infrastructure components can be used by different resources. A change to a cloud resource can have undesired side effects, or outages, in the application layer when the relationships across infrastructure components is not clear enough. Infrastructure changes are less prone to errors when the complete representation of all the relevant resources is in a relational database. Furthermore, debugging for outliers or misconfiguration can be easily done with SQL. Sometimes the issue under the surface is not misconfiguration, but just configuration drift which can happen when a cloud resource has not been updated in a long time or since its creation. +The infrastructure of a production system can get complex quickly. Infrastructure components can be used by different resources. A change to a cloud resource can have undesired side effects, or outages, in the application layer when the relationships across infrastructure components are not clear enough. Infrastructure changes are less prone to errors when the complete representation of all the relevant resources is in a relational database. Furthermore, debugging for outliers or misconfiguration can be easily done with SQL. Sometimes the issue under the surface is not misconfiguration, but just configuration drift which can happen when a cloud resource has not been updated in a long time or since its creation. ### Type Safety (WIP) -The advent of typed PL have shown the importance of being able to catch a subset of all errors compile-time. IaC tools are akin to scripting languages here since any errors generated in their internal representations DAGs are only surfaced at runtime. +The advent of typed PL has shown the importance of being able to catch a subset of all errors compile-time. IaC tools are akin to scripting languages here since any errors generated in their internal representations DAGs are only surfaced at runtime. ### Backups and disaster recovery -Every production system should to have contingency plans in case issues arise. Cloud outages and human errors can delete or corrupt infrastructure. IaSQL provides a recovery system plan based on up-to-date database backups. It is trivial to apply a snapshot after an outage and re-deploy the entire production infrastructure in a simple step. +Every production system should have contingency plans in case issues arise. Cloud outages and human errors can delete or corrupt infrastructure. IaSQL provides a recovery system plan based on up-to-date database backups. It is trivial to apply a snapshot after an outage and re-deploy the entire production infrastructure in a simple step. (WIP) In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account. Furthermore, SQL can natively and ergonomically encode relations in a way that most configuration-based syntaxes simply cannot. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. SQL is also the lingua franca of data which means that many developers are already familiar with it. All of this opens the door to new opportunities in terms of team collaboration, vendor locking, cost optimization, and disaster recovery strategies. \ No newline at end of file From 1c8115e0937a6411707cb15a81d89725c79205c4 Mon Sep 17 00:00:00 2001 From: depombo Date: Sun, 24 Jul 2022 18:25:44 -0700 Subject: [PATCH 7/9] statefiles vs database and conclusion --- blog/2022-07-22-vs-iac.mdx | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/blog/2022-07-22-vs-iac.mdx b/blog/2022-07-22-vs-iac.mdx index 001acec..be08c8a 100644 --- a/blog/2022-07-22-vs-iac.mdx +++ b/blog/2022-07-22-vs-iac.mdx @@ -1,10 +1,10 @@ --- slug: vs-iac -title: IaSQL vs IaC +title: IaSQL vs IaC / Why IaSQL authors: [depombo] --- -Modern, cloud-native IaC tools like Terraform take inspiration from the ones that came before like Chef and Puppet. However, legacy IaC tools were conceived to configure a (somewhat) fixed number of servers in data centers. Then the cloud came along. Click a button, and get a server. Click a button, and get rid of the server. The commoditization of on-demand, ephemeral servers gave way to a Cambrian explosion of developer tooling at different abstraction (and price) points atop servers in the cloud. However, legacy IaC tooling didn't anticipate the elasticity of the cloud. Cloud-native IaC tools today are not only used to configure servers in the cloud but mostly different compute and data services. AWS alone has over 200 services and counting. Each service with a different API. +Modern, cloud-native IaC tools like Terraform take inspiration from the IaC tools that came before like Chef and Puppet. However, legacy IaC tools were conceived to configure a (somewhat) fixed number of servers in data centers. Then the cloud came along in the early 2010s. Click a button, and get a server. Click a button, and get rid of the server. The commoditization of on-demand, ephemeral servers gave way to a Cambrian explosion of developer tooling at different abstraction (and price) points atop servers in the cloud. However, legacy IaC tooling built for on-premise datacenters didn't anticipate the elasticity of the cloud. Cloud-native IaC tools today are not only used to configure servers in the cloud but many different compute and data services. AWS alone has over 200 services and counting. Each service with a different API. TODO: Puppet snippet VM @@ -15,11 +15,11 @@ TF snippet EC2 ``` ``` -One of the biggest assumptions legacy IaC tools make is that the amount of servers in data centers is finite and doesn't change often. As such, creating a declaration or blueprint of the entire infrastructure works well for on-premise machines. However, applying an infrastructure declaration to a cloud account with many different types of interdependent resources makes it difficult to import and manage the cloud infrastructure that exists outside of said declaration. [IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. IaSQL does this by using the actual representation of the infrastructure instead of a blueprint. This allows developers to model cloud infrastructure in the same way the information in most software systems is represented: as data in a database. This means developers can scale the cloud with a familiar set of developer tools that the Postgres ecosystem has built over many decades, and using one of the most well-known programming languages, SQL. +One of the biggest assumptions legacy IaC tools make is that the number of servers in data centers doesn't change often. As such, creating a declaration or blueprint of the entire infrastructure works well for on-premise machines. However, applying an infrastructure declaration to a cloud account with many different types of interdependent resources makes it difficult to import and manage the cloud infrastructure that exists outside of said declaration. [IaSQL](https://iasql.com), like IaC tools, allows creating, updating or deleting infrastructure in the cloud. IaSQL does this by using the actual representation of the infrastructure instead of a blueprint. Developers can then model cloud infrastructure in the same way the information in most software systems is represented: as data in a database. This means developers can scale the cloud with a familiar set of developer tools that the Postgres ecosystem has built over many decades, and using one of the most well-known programming languages, SQL. -TODO: current vs desired state cycle diagram +IaSQL can fully reconcile the current and desired state of infrastructure by providing the familiar `apply` command used in IaC tools like Terraform but also introducing a new input-less `sync` command. We created the IaSQL `sync` command to let different teams create resources outside of IaSQL with any cloud management tool while still inspecting and managing said resources with IaSQL. Infrastructure drift, identifying resources one by one to import them and untamable state files arise when IaC tools try to model infrastructure that exists in the cloud, but not in the IaC declaration. However, these problems go away when infrastructure is simply data in a database. -IaSQL can fully reconcile the current and desired state of infrastructure by providing the familiar `apply` command used in IaC tools like Terraform but also introducing a new input-less `sync` command. We created the IaSQL `sync` command to let different teams create resources outside of IaSQL with any cloud management tool while still inspecting and managing said resources with IaSQL. This eliminates problems that arise with IaC tools when staying up to date with infrastructure that exists in the cloud, but not in the IaC declaration such as infrastructure drift, explicitly importing resources and huge state files. +TODO: current vs desired state cycle diagram TODO: 1. create ec2 instance via IaSQL @@ -31,9 +31,9 @@ TODO: ### State files vs Databases -IaC tools like Terraform and Pulumi automatically create state files to reconcile infrastructure that exists in the cloud, but not in the infrastructure declaration. State files don't use human-readable syntax and are hard to inspect or modify, especially at scale. Terraform has gone to great lengths to make it palatable to manipulate these machine-generated files using their CLI tool. However, databases were created to replace files when manipulating a large amount of structured information and developer communities have built a lot of tooling around them. IaSQL sets forth a much more natural and battle-tested way to manage infrastructure data. Let's simply use a database. +Cloud-native IaC tools automatically create state files to reconcile infrastructure that exists in the cloud, but not in the infrastructure declaration. State files in [Terraform](https://www.terraform.io/language/state) and [Pulumi](https://www.pulumi.com/docs/intro/concepts/state/) are JSON files with metadata about cloud accounts that have to be stored separately from the infra declarations, typically in some sort of file storage like S3. The fact that state files are JSON makes them hard to inspect and modify, especially at scale. Terraform has been around for longer than Pulumi and has gone to great lengths to make it palatable to manipulate these machine-generated files using their [CLI state subcommand](https://www.terraform.io/cli/commands/state/mv). This begs the question, why are we using files instead of databases to store and manage large amounts of information about complex systems? Databases were created to replace files when manipulating large amounts of structured information efficiently. Most people that know how to code, regardless of their job title, are familiar with databases in some capacity because databases have been around for decades. The ubiquitousness of databases means an abundance of battle-tested developer tools that are used in most large-scale, stateful software systems and using them enables us to “stand on the shoulders of giants”. IaSQL sets forth that infrastructure is just data and the easiest way to manage any significant amount of data is in a database. -Some organizations prevent the generation of state files when using IaC tools by making cloud dashboards read-only for all employees and only allowing infrastructure changes to occur through the declaration. However, this means every single team in an organization that can span thousands of people (and software systems) has to adhere to this convention. This can be an untenable premise when workflows span multiple clouds, time zones, deployment strategies, dependencies and versions. Application engineers often need to move quickly and use the cloud UI to spin up infrastructure that could depend on infrastructure previously created through an IaC tool. To make matters worse, subsequent changes to the underlying IaC declaration can affect the infrastructure created through the cloud UI as it is only represented in the state file. +Some organizations can prevent the generation of state files when using IaC tools by making cloud dashboards read-only for all employees and only allowing infrastructure changes to occur through the declaration. However, this means every single team in an organization that can span thousands of people (and software systems) has to adhere to this convention. This can be an untenable premise when workflows span multiple clouds, time zones, deployment strategies, dependencies and versions. Application engineers often need to move quickly and use the cloud UI to spin up infrastructure that could depend on infrastructure previously created through an IaC tool. ![](../static/img/comparison.jpg) @@ -47,14 +47,16 @@ TODO terraform import example This piecemeal process makes it very time-consuming to reconcile infrastructure outside the declaration, especially at scale. Pulumi allows [importing](https://www.pulumi.com/docs/guides/adopting/import/) existing resources by identifying each resource via the CLI or calling out each resource via a JSON file or script. Furthermore, importing a resource that is depended on by other pieces of infrastructure often requires a [complex set of steps](https://www.terraform.io/cli/import/usage#complex-imports). On the other hand, IaSQL automatically imports all existing cloud resources as modules representing cloud services are installed without any additional input or steps other than by calling `iasql_sync`. +TODO pulumi import example +``` +``` + ### Infrastructure drift (WIP) The fact is that someone is going to access live cloud systems at some point to debug or in the case of an emergency. IaSQL's automatic import guarantees there is no drift the moment an IaSQL database, which is a Postgres DB with no bells or whistles, is connected to an AWS account. -The drift between the infrastructure representation and what is actually in the cloud is squashed with the `iasql_sync()` [function](https://docs.iasql.com/functions). - ### Relations and dependencies IaC tools form DAGs, directed acyclic graphs, under the hood to establish the dependencies between different parts of the infrastructure in a cloud account. IaSQL sets forth using the relational SQL model to encode relationships between pieces of infrastructure using a syntax that is ergonomic and familiar to most developers. @@ -65,9 +67,14 @@ The infrastructure of a production system can get complex quickly. Infrastructur The advent of typed PL has shown the importance of being able to catch a subset of all errors compile-time. IaC tools are akin to scripting languages here since any errors generated in their internal representations DAGs are only surfaced at runtime. -### Backups and disaster recovery +### Backups and disaster recovery (WIP) Every production system should have contingency plans in case issues arise. Cloud outages and human errors can delete or corrupt infrastructure. IaSQL provides a recovery system plan based on up-to-date database backups. It is trivial to apply a snapshot after an outage and re-deploy the entire production infrastructure in a simple step. -(WIP) -In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account. Furthermore, SQL can natively and ergonomically encode relations in a way that most configuration-based syntaxes simply cannot. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. SQL is also the lingua franca of data which means that many developers are already familiar with it. All of this opens the door to new opportunities in terms of team collaboration, vendor locking, cost optimization, and disaster recovery strategies. \ No newline at end of file +### What now? + +In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account without state files, infrastructure drift or time-consuming import migrations. SQL is the lingua franca of data which means that many developers are already familiar with IaSQL. Furthermore, SQL can natively, type-safely and ergonomically encode relations in a way that most configuration-based syntaxes cannot. + +We hope that with IaSQL, developers and DevOps teams alike will bring about a new era for the cloud. Building on the cloud will be more productive, more enjoyable, and more familiar. Modern cloud software will shift from being a black art that only a select few can modify and master, to empowering any developer to create elegant cloud systems managed like all other systems. + +This is the most exciting moment in my career thus far. The proposition is ambitious. IaSQL still has a long way to go. We only support parts of AWS and we are not even at a 0.1 version yet! However, we look forward to a time when we can treat infrastructure like just another database in the backend managed with pure SQL or whatever programming language fits my stack using the same old database management tools. \ No newline at end of file From 74bfdf7e86efcaaf44b8be0133a0a87c6bb0e68a Mon Sep 17 00:00:00 2001 From: depombo Date: Sun, 24 Jul 2022 18:28:06 -0700 Subject: [PATCH 8/9] fix grammar --- blog/2022-07-22-vs-iac.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/2022-07-22-vs-iac.mdx b/blog/2022-07-22-vs-iac.mdx index be08c8a..2eb3080 100644 --- a/blog/2022-07-22-vs-iac.mdx +++ b/blog/2022-07-22-vs-iac.mdx @@ -75,6 +75,6 @@ Every production system should have contingency plans in case issues arise. Clou In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account without state files, infrastructure drift or time-consuming import migrations. SQL is the lingua franca of data which means that many developers are already familiar with IaSQL. Furthermore, SQL can natively, type-safely and ergonomically encode relations in a way that most configuration-based syntaxes cannot. -We hope that with IaSQL, developers and DevOps teams alike will bring about a new era for the cloud. Building on the cloud will be more productive, more enjoyable, and more familiar. Modern cloud software will shift from being a black art that only a select few can modify and master, to empowering any developer to create elegant cloud systems managed like all other systems. +We hope that with IaSQL, developers and DevOps teams alike will bring about a new era for the cloud. Building on the cloud will be more productive, more enjoyable, and more familiar. Modern cloud software will shift from being a black art that only a select few can modify and master, to something just another elegant software system that any developer can manage. This is the most exciting moment in my career thus far. The proposition is ambitious. IaSQL still has a long way to go. We only support parts of AWS and we are not even at a 0.1 version yet! However, we look forward to a time when we can treat infrastructure like just another database in the backend managed with pure SQL or whatever programming language fits my stack using the same old database management tools. \ No newline at end of file From b3cc36c079e84251954a3c149b161da328c16e86 Mon Sep 17 00:00:00 2001 From: depombo Date: Sun, 24 Jul 2022 20:27:43 -0700 Subject: [PATCH 9/9] fix some grammar and spelling mistakes --- blog/2022-07-22-vs-iac.mdx | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/blog/2022-07-22-vs-iac.mdx b/blog/2022-07-22-vs-iac.mdx index 2eb3080..0e73e4f 100644 --- a/blog/2022-07-22-vs-iac.mdx +++ b/blog/2022-07-22-vs-iac.mdx @@ -4,7 +4,7 @@ title: IaSQL vs IaC / Why IaSQL authors: [depombo] --- -Modern, cloud-native IaC tools like Terraform take inspiration from the IaC tools that came before like Chef and Puppet. However, legacy IaC tools were conceived to configure a (somewhat) fixed number of servers in data centers. Then the cloud came along in the early 2010s. Click a button, and get a server. Click a button, and get rid of the server. The commoditization of on-demand, ephemeral servers gave way to a Cambrian explosion of developer tooling at different abstraction (and price) points atop servers in the cloud. However, legacy IaC tooling built for on-premise datacenters didn't anticipate the elasticity of the cloud. Cloud-native IaC tools today are not only used to configure servers in the cloud but many different compute and data services. AWS alone has over 200 services and counting. Each service with a different API. +Modern, cloud-native IaC tools like Terraform take inspiration from the IaC tools that came before like Chef and Puppet. However, legacy IaC tools were conceived to configure a (somewhat) fixed number of servers in data centers. Then the advent of the cloud came around 2010 and changed everything. Click a button, and get a server. Click a button, and get rid of the server. The commoditization of on-demand, ephemeral servers gave way to a Cambrian explosion of developer tooling at different abstraction (and price) points atop servers in the cloud. However, legacy IaC tooling built for on-premise datacenters didn't anticipate the elasticity of the cloud. Cloud-native IaC tools today are not only used to configure servers in the cloud but many different compute and data services. AWS alone has over 200 services and counting. Each service with a different API. TODO: Puppet snippet VM @@ -73,8 +73,8 @@ Every production system should have contingency plans in case issues arise. Clou ### What now? -In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account without state files, infrastructure drift or time-consuming import migrations. SQL is the lingua franca of data which means that many developers are already familiar with IaSQL. Furthermore, SQL can natively, type-safely and ergonomically encode relations in a way that most configuration-based syntaxes cannot. +In IaSQL, cloud infrastructure is data through a 2-way binding between a cloud account and a PostgreSQL database. The ability to represent cloud infrastructure in a PostgreSQL database through a 2-way connection allows making CRUD changes while also tracking changes done elsewhere. Cloud infrastructure declarations are great in theory, but they don't describe what is *actually* in the cloud account without state files, infrastructure drift or time-consuming import migrations. SQL is the lingua franca of data which means that many developers are already familiar with IaSQL. Furthermore, SQL offers a familiar, type-safe and ergonomic way to encode dependencies across infrastructure parts in a way that configuration-based syntaxes cannot. We hope that with IaSQL, developers and DevOps teams alike will bring about a new era for the cloud. Building on the cloud will be more productive, more enjoyable, and more familiar. Modern cloud software will shift from being a black art that only a select few can modify and master, to something just another elegant software system that any developer can manage. -This is the most exciting moment in my career thus far. The proposition is ambitious. IaSQL still has a long way to go. We only support parts of AWS and we are not even at a 0.1 version yet! However, we look forward to a time when we can treat infrastructure like just another database in the backend managed with pure SQL or whatever programming language fits my stack using the same old database management tools. \ No newline at end of file +The proposition is ambitious. IaSQL still has a long way to go. We only support parts of AWS and we are not even at a 0.1 version yet! However, we look forward to a time when we can treat infrastructure like just another database in the backend managed with pure SQL or whatever programming language fits my stack using the same old database management tools. \ No newline at end of file