September 2021
Beginner to intermediate
392 pages
12h 13m
Chinese
book
Google系统架构解密: 构建安全可靠的系统
by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Content preview from Google系统架构解密: 构建安全可靠的系统
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
适应变化的设计
|
89
在目前的云环境中,你可以通过使用微服务架构、构建安全控制层以及使用服务网格管理
跨服务通信来发挥类似的优势。例如,你可以将请求处理与管理请求处理的配置相分离。
业界将这类有意识的分离操作称为
数据面
(请求)和
控制面
(配置)的分离。在该模型
中,数据面提供系统中的实际数据处理,包括负载均衡、安全性和可观测性。控制面则向
数据面服务提供策略和配置,从而提供可管理和可扩展的控制界面。
7.4
不同的变更
:
不同的速度与不同的时间线
不是所有变更都会在相同的时间线上或者以相同的速度发生。以下几个因素会影响变更的
速度。
严重程度
每天都会发现漏洞,但并不是所有的漏洞都是严重的、正在被攻击者频繁利用或针对你
的特定基础设施。不过当你命中以上三点时,就需要尽快发布补丁。加速了的时间线可
能会引起混乱,甚至有可能破坏系统。虽然有时候速度是必要的,但通常情况下慢速的
变更会更安全,可以确保足够的安全性和可靠性。(理想情况下,你可以单独运行严重
安全漏洞的补丁,这样就可以快速加载应用补丁程序,而无须加速其他按期执行的部署
任务。)
依赖的系统和团队
某些系统变更可能依赖于其他团队,因为在此之前可能需要实施新策略或者启用特定功
能。你的变更还可能取决于外部,例如是否需要从供应商处接收补丁,或者客户端是否
需要在服务器变更之前先打补丁。
敏感度
变更的敏感度会影响到何时才可以将其部署到生产环境中。改善组织整体安全态势的非
必要变更不一定像严重补丁那样紧迫。你可以更缓慢地实施非必要的变更,例如逐个团
队地变更。根据其他因素,做出变更可能不值得冒险,例如你可能不想在关键生产窗口 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.