Back to Details

cloud-platforms

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Cloud Platforms

云平台

AWS Services and Best Practices

AWS服务及最佳实践

Compute Services

计算服务

  • EC2 (Elastic Compute Cloud): Virtual servers in the cloud
    • Use instance types appropriate for workload requirements
    • Implement Auto Scaling Groups for elasticity
    • Use Spot Instances for fault-tolerant, interruptible workloads
    • Leverage EC2 Fleet for diverse instance strategies
  • Lambda: Serverless compute service
    • Ideal for event-driven architectures
    • Use for short-lived, stateless functions
    • Implement dead-letter queues for failed invocations
    • Monitor with CloudWatch metrics and logs
  • ECS (Elastic Container Service): Container orchestration
    • Use Fargate for serverless container execution
    • Implement task definitions with resource limits
    • Use service auto-scaling based on metrics
    • Configure load balancing with ALB/NLB
  • EKS (Elastic Kubernetes Service): Managed Kubernetes
    • Use managed node groups for simplified operations
    • Implement pod autoscaling (HPA, VPA)
    • Use AWS VPC CNI for networking
    • Integrate with IAM for service accounts
  • EC2 (Elastic Compute Cloud):云中的虚拟服务器
    • 根据工作负载需求选择合适的实例类型
    • 实现Auto Scaling Groups以提升弹性
    • 针对容错型、可中断工作负载使用Spot Instances
    • 利用EC2 Fleet实现多样化实例策略
  • Lambda:无服务器计算服务
    • 非常适合事件驱动型架构
    • 用于短生命周期、无状态函数
    • 为失败的调用配置死信队列
    • 使用CloudWatch指标和日志进行监控
  • ECS (Elastic Container Service):容器编排服务
    • 使用Fargate实现无服务器容器执行
    • 定义带有资源限制的任务定义
    • 基于指标实现服务自动扩缩容
    • 配置ALB/NLB进行负载均衡
  • EKS (Elastic Kubernetes Service):托管式Kubernetes服务
    • 使用托管节点组简化运维操作
    • 实现Pod自动扩缩容(HPA、VPA)
    • 使用AWS VPC CNI进行网络配置
    • 与IAM集成实现服务账号管理

Storage Services

存储服务

  • S3 (Simple Storage Service): Object storage
    • Use lifecycle policies for cost optimization
    • Implement versioning for data protection
    • Use S3 Transfer Acceleration for faster uploads
    • Configure CORS for cross-origin access
    • Enable S3 Event Notifications for automation
  • EBS (Elastic Block Store): Block storage
    • Choose volume type based on workload (gp3, io2, etc.)
    • Use multi-attach for high availability
    • Implement snapshots for backup
    • Monitor volume metrics for performance
  • S3 (Simple Storage Service):对象存储服务
    • 使用生命周期策略优化成本
    • 启用版本控制以保护数据
    • 使用S3 Transfer Acceleration加速上传
    • 配置CORS实现跨源访问
    • 启用S3 Event Notifications实现自动化
  • EBS (Elastic Block Store):块存储服务
    • 根据工作负载选择卷类型(gp3、io2等)
    • 使用多挂载功能提升高可用性
    • 实现快照进行备份
    • 监控卷指标以掌握性能情况

Database Services

数据库服务

  • RDS (Relational Database Service): Managed relational databases
    • Use Multi-AZ deployments for high availability
    • Enable read replicas for scaling reads
    • Use automated backups and point-in-time recovery
    • Implement parameter groups for configuration
  • DynamoDB: NoSQL database
    • Design partition keys for even distribution
    • Use on-demand mode for unpredictable workloads
    • Implement TTL for automatic data expiration
    • Use DynamoDB Accelerator (DAX) for caching
  • RDS (Relational Database Service):托管式关系型数据库
    • 使用多可用区部署提升高可用性
    • 启用只读副本扩展读能力
    • 使用自动备份和时间点恢复功能
    • 实现参数组进行配置管理
  • DynamoDB:NoSQL数据库
    • 设计分区键实现数据均匀分布
    • 针对不可预测工作负载使用按需模式
    • 实现TTL自动过期数据
    • 使用DynamoDB Accelerator (DAX)进行缓存

Infrastructure as Code

基础设施即代码

  • CloudFormation: AWS native IaC
    • Use stacks for resource organization
    • Implement nested stacks for modularity
    • Use change sets for safe updates
    • Leverage CloudFormation exports for cross-stack references
  • CloudFormation:AWS原生IaC
    • 使用堆栈组织资源
    • 实现嵌套堆栈提升模块化
    • 使用变更集实现安全更新
    • 利用CloudFormation导出实现跨堆栈引用

Networking

网络

  • VPC (Virtual Private Cloud): Isolated network environment
    • Use public and private subnets for tiered architecture
    • Implement NAT Gateways for private subnet outbound access
    • Use VPC endpoints for private connectivity to AWS services
    • Configure route tables and security groups properly
  • VPC (Virtual Private Cloud):隔离的网络环境
    • 使用公有子网和私有子网构建分层架构
    • 实现NAT网关为私有子网提供出站访问
    • 使用VPC端点实现与AWS服务的私有连接
    • 正确配置路由表和安全组

Azure Services and Best Practices

Azure服务及最佳实践

Compute Services

计算服务

  • Azure Virtual Machines: Virtual servers
    • Use managed disks for storage
    • Implement availability sets for high availability
    • Use Azure Spot VMs for cost savings
    • Configure extensions for monitoring and management
  • Azure Functions: Serverless compute
    • Use Consumption plan for event-driven workloads
    • Implement Durable Functions for stateful orchestrations
    • Use Application Insights for monitoring
    • Configure function app scaling
  • Azure Kubernetes Service (AKS): Managed Kubernetes
    • Use Azure CNI for advanced networking
    • Implement cluster autoscaler
    • Use Azure AD integration for authentication
    • Configure pod identity for secure access to Azure resources
  • Azure Virtual Machines:虚拟服务器
    • 使用托管磁盘进行存储
    • 实现可用性集提升高可用性
    • 使用Azure Spot VMs节省成本
    • 配置扩展进行监控和管理
  • Azure Functions:无服务器计算服务
    • 针对事件驱动型工作负载使用消耗计划
    • 实现Durable Functions进行有状态编排
    • 使用Application Insights进行监控
    • 配置函数应用扩缩容
  • Azure Kubernetes Service (AKS):托管式Kubernetes服务
    • 使用Azure CNI实现高级网络配置
    • 实现集群自动扩缩容
    • 集成Azure AD实现身份认证
    • 配置Pod身份以安全访问Azure资源

Storage Services

存储服务

  • Azure Blob Storage: Object storage
    • Use access tiers (Hot, Cool, Archive) for cost optimization
    • Implement lifecycle management policies
    • Use blob versioning for data protection
    • Configure CORS and shared access signatures
  • Azure Disk Storage: Block storage
    • Choose disk type based on workload (Premium SSD, Ultra Disk)
    • Use Azure Disk Encryption for data at rest
    • Implement snapshots for backup
    • Monitor disk performance metrics
  • Azure Blob Storage:对象存储服务
    • 使用访问层(热层、冷层、归档层)优化成本
    • 实现生命周期管理策略
    • 启用Blob版本控制保护数据
    • 配置CORS和共享访问签名
  • Azure Disk Storage:块存储服务
    • 根据工作负载选择磁盘类型(高级SSD、超级磁盘)
    • 使用Azure磁盘加密保护静态数据
    • 实现快照进行备份
    • 监控磁盘性能指标

Database Services

数据库服务

  • Azure SQL Database: Managed SQL database
    • Use vCore-based or DTU-based purchasing models
    • Implement geo-replication for disaster recovery
    • Use transparent data encryption
    • Configure automatic backups
  • Azure Cosmos DB: Globally distributed NoSQL database
    • Choose appropriate API (SQL, MongoDB, Cassandra, etc.)
    • Use multi-master replication for global availability
    • Implement consistency levels based on requirements
    • Use throughput provisioning with RU/s
  • Azure SQL Database:托管式SQL数据库
    • 使用基于vCore或DTU的购买模式
    • 实现异地复制进行灾难恢复
    • 使用透明数据加密
    • 配置自动备份
  • Azure Cosmos DB:全球分布式NoSQL数据库
    • 选择合适的API(SQL、MongoDB、Cassandra等)
    • 使用多主复制实现全球可用性
    • 根据需求选择一致性级别
    • 使用RU/s配置吞吐量

Infrastructure as Code

基础设施即代码

  • Azure Resource Manager (ARM) Templates: Azure native IaC
    • Use parameter files for environment-specific configurations
    • Implement linked templates for modularity
    • Use deployment scripts for post-deployment actions
    • Leverage template specs for reusability
  • Azure Resource Manager (ARM) Templates:Azure原生IaC
    • 使用参数文件实现环境特定配置
    • 实现链接模板提升模块化
    • 使用部署脚本完成部署后操作
    • 利用模板规格提升可复用性

Networking

网络

  • Azure Virtual Network (VNet): Isolated network
    • Use subnets for network segmentation
    • Implement NSGs for security rules
    • Use Azure Firewall for network protection
    • Configure VNet peering for connectivity
  • Azure Virtual Network (VNet):隔离的网络环境
    • 使用子网进行网络分段
    • 实现NSG(网络安全组)配置安全规则
    • 使用Azure Firewall进行网络保护
    • 配置VNet对等连接实现网络互通

GCP Services and Best Practices

GCP服务及最佳实践

Compute Services

计算服务

  • Compute Engine: Virtual machines
    • Use custom machine types for optimized workloads
    • Implement instance groups for auto-scaling
    • Use preemptible VMs for cost savings
    • Configure startup and shutdown scripts
  • Cloud Functions: Serverless compute
    • Use 2nd generation functions for better performance
    • Implement event triggers for automation
    • Use Cloud Logging and Cloud Monitoring
    • Configure function deployment settings
  • Google Kubernetes Engine (GKE): Managed Kubernetes
    • Use Autopilot for fully managed clusters
    • Implement node auto-provisioning
    • Use Workload Identity for secure access
    • Configure network policies for pod security
  • Compute Engine:虚拟服务器
    • 使用自定义机器类型优化工作负载
    • 实现实例组进行自动扩缩容
    • 使用抢占式VM节省成本
    • 配置启动和关闭脚本
  • Cloud Functions:无服务器计算服务
    • 使用第二代函数提升性能
    • 实现事件触发器自动化
    • 使用Cloud Logging和Cloud Monitoring进行监控
    • 配置函数部署设置
  • Google Kubernetes Engine (GKE):托管式Kubernetes服务
    • 使用Autopilot实现全托管集群
    • 实现节点自动配置
    • 使用Workload Identity实现安全访问
    • 配置网络策略保障Pod安全

Storage Services

存储服务

  • Cloud Storage: Object storage
    • Use storage classes (Standard, Nearline, Coldline, Archive)
    • Implement lifecycle management rules
    • Use object versioning for data protection
    • Configure signed URLs and ACLs
  • Persistent Disks: Block storage
    • Choose disk type (Standard, Balanced, Extreme)
    • Use regional disks for high availability
    • Implement snapshots for backup
    • Monitor disk I/O and throughput
  • Cloud Storage:对象存储服务
    • 使用存储类别(标准、近线、冷线、归档)
    • 实现生命周期管理规则
    • 启用对象版本控制保护数据
    • 配置签名URL和ACL
  • Persistent Disks:块存储服务
    • 选择磁盘类型(标准、均衡、极致)
    • 使用区域磁盘提升高可用性
    • 实现快照进行备份
    • 监控磁盘I/O和吞吐量

Database Services

数据库服务

  • Cloud SQL: Managed relational databases
    • Use high availability configuration
    • Implement read replicas for scaling
    • Use automated backups and point-in-time recovery
    • Configure SSL/TLS connections
  • Cloud Spanner: Globally distributed SQL database
    • Use multi-region configuration for global availability
    • Design schema for optimal performance
    • Implement instance sizing and scaling
    • Use database roles for access control
  • Cloud SQL:托管式关系型数据库
    • 使用高可用性配置
    • 实现只读副本扩展读能力
    • 使用自动备份和时间点恢复
    • 配置SSL/TLS连接
  • Cloud Spanner:全球分布式SQL数据库
    • 使用多区域配置实现全球可用性
    • 设计最优性能的架构
    • 实现实例规格调整和扩缩容
    • 使用数据库角色进行访问控制

Infrastructure as Code

基础设施即代码

  • Deployment Manager: GCP native IaC
    • Use Jinja or Python templates
    • Implement composite types for reusability
    • Use deployment manifests for organization
    • Configure preview deployments
  • Deployment Manager:GCP原生IaC
    • 使用Jinja或Python模板
    • 实现复合类型提升可复用性
    • 使用部署清单进行资源组织
    • 配置预览部署

Networking

网络

  • Virtual Private Cloud (VPC): Isolated network
    • Use subnets for network segmentation
    • Implement VPC peering for connectivity
    • Use Cloud NAT for private subnet outbound access
    • Configure firewall rules for security
  • Virtual Private Cloud (VPC):隔离的网络环境
    • 使用子网进行网络分段
    • 实现VPC对等连接实现网络互通
    • 使用Cloud NAT为私有子网提供出站访问
    • 配置防火墙规则保障安全

Multi-Cloud Strategies and Considerations

多云策略与考量

Multi-Cloud Approaches

多云方案

  • Multi-Cloud for Resilience: Distribute workloads across providers for disaster recovery
  • Best-of-Breed Services: Use specific services from each provider based on strengths
  • Vendor Lockout Mitigation: Avoid single-provider dependencies
  • Cost Optimization: Leverage competitive pricing and spot markets
  • 多云弹性:跨厂商分布工作负载实现灾难恢复
  • 优中选优:基于各厂商优势选择特定服务
  • 避免厂商锁定:减少对单一厂商的依赖
  • 成本优化:利用竞争性定价和闲置实例市场

Multi-Cloud Challenges

多云挑战

  • Complexity: Increased operational complexity and management overhead
  • Consistency: Maintaining consistency across different platforms
  • Networking: Cross-cloud connectivity and latency considerations
  • Identity and Access Management: Unified identity across providers
  • 复杂度:运维复杂度和管理开销增加
  • 一致性:在不同平台间保持一致性
  • 网络:跨云连接和延迟考量
  • 身份与访问管理:实现跨厂商统一身份管理

Multi-Cloud Best Practices

多云最佳实践

  • Abstraction Layers: Use abstraction layers (Terraform, Pulumi) for multi-cloud deployments
  • Standardization: Standardize on common tools and practices
  • Observability: Implement unified monitoring and logging across clouds
  • Security: Implement consistent security policies across all platforms
  • 抽象层:使用抽象层(Terraform、Pulumi)实现多云部署
  • 标准化:统一工具和实践标准
  • 可观测性:实现跨云统一监控和日志
  • 安全性:在所有平台上实施一致的安全策略