Cloud Infrastructure as Code

Terraform is a declarative infrastructure-as-code tool designed to manage the lifecycle of cloud and on-premises resources. It functions as a workflow engine that reconciles a defined desired state against real-world infrastructure, using a persistent state-tracking layer to maintain consistency and visibility across distributed environments. By mapping infrastructure components into a directed acyclic graph, the system calculates the optimal order for provisioning, updating, or destroying resources. The platform is distinguished by its extensible plugin-based architecture, which decouples core orchestration logic from vendor-specific service APIs. This allows users to manage diverse infrastructure across multiple providers through a unified workflow. The system enforces predictability by separating operations into a three-stage lifecycle—planning, applying, and state-updating—and supports policy-as-code evaluation to validate changes against security and compliance rules before any modifications are executed. Beyond core orchestration, the tool provides robust support for collaborative management, including workspace isolation for environment separation and module sharing for distributing standardized infrastructure patterns. It integrates into broader development ecosystems through support for programmatic definition in various languages, external system hooks, and comprehensive tooling for configuration debugging and editor assistance.

Awesome Compose is a collection of resources designed to demonstrate the orchestration of multi-container applications. It serves as a practical reference for using declarative configuration files to define, manage, and deploy complex software stacks, ensuring that services run consistently across development, testing, and production environments. The project highlights the capabilities of container lifecycle management by providing examples of how to bundle software with its dependencies into isolated, portable units. It emphasizes the use of multi-stage build pipelines to optimize image sizes and the integration of environment variables to decouple application logic from host-specific settings. By leveraging these patterns, users can standardize development workspaces and automate the maintenance of interconnected service architectures. Beyond basic orchestration, the repository covers the broader surface of container infrastructure, including the management of image registries, network configurations, and storage drivers. It also demonstrates how to execute build-time commands and embed complex scripts directly into configuration files to streamline the assembly of containerized environments.

This project is a comprehensive educational curriculum designed to build proficiency across modern infrastructure, cloud-native technologies, and systems administration. It functions as a reference library and interview preparation resource, offering a structured collection of conceptual questions, practical coding challenges, and hands-on scenarios that cover the full spectrum of software delivery and operational workflows. The repository distinguishes itself through a modular, domain-specific structure that links instructional problem statements with verified implementation examples. By employing a standardized documentation schema, it provides a predictable learning path for mastering complex technical concepts, ranging from infrastructure-as-code patterns and container orchestration to cloud platform administration and security best practices. The content spans a wide array of technical domains, including automated configuration management, distributed system monitoring, database operations, and version control. It provides deep dives into specific tooling for cloud provisioning, container networking, and service deployment, ensuring that learners can validate their technical skills through isolated, practical exercises. All instructional materials are organized into a unified taxonomy of markdown-based documents, allowing users to navigate and study specific technical topics at their own pace.

OpenTofu is a declarative infrastructure orchestrator that automates the provisioning and management of cloud resources. It functions as a platform-agnostic interface, allowing users to define their desired environment state in configuration files, which the system then reconciles against live infrastructure to calculate and execute necessary updates. The project utilizes a graph-based execution engine to determine the optimal sequence for resource operations, enabling the parallel processing of independent components to reduce deployment times. To support complex, multi-platform environments, it employs a provider-based plugin architecture that translates generic configuration definitions into specific API calls for various cloud services and third-party providers. Beyond core provisioning, the system facilitates infrastructure lifecycle management through reusable configuration modules that standardize deployments and enforce consistent patterns. It also provides a synchronization layer for state metadata, enabling distributed teams to coordinate changes and maintain consistent environment status across collaborative workflows.

manage k8s using c# blazor enhance by chatgpt ,try something new ！使用blazor技术开发的内置OpenAI GPT的k8s 管理界面

LocalStack is an infrastructure development environment that provides a local simulation of cloud services. By leveraging container-orchestrated service lifecycles, it allows developers to build, test, and debug cloud-native applications on their local machines without requiring remote connectivity or incurring cloud provider costs. The platform distinguishes itself through sophisticated traffic redirection and request routing, which intercept cloud service calls at the network layer and redirect them to local handlers. This enables seamless integration with existing development workflows, allowing users to mock cloud resources, replicate infrastructure states, and execute ephemeral testing environments within continuous integration pipelines. Beyond core emulation, the platform includes a comprehensive suite of developer tools for managing service lifecycles, monitoring activity, and configuring runtime environments. It supports complex distributed architectures through event-driven simulation, persistent storage mapping, and dynamic configuration injection, ensuring that local environments accurately mirror production requirements. The system is designed for integration into automated build and deployment workflows, providing visual dashboards and terminal-based interfaces for real-time resource management and infrastructure troubleshooting.

The Serverless Framework is a declarative infrastructure-as-code tool designed to automate the deployment, scaling, and lifecycle management of cloud-native applications. It provides a unified command-line interface that translates high-level configuration files into provider-specific resource templates, enabling developers to orchestrate complex architectures, event-driven functions, and cloud resources within a single project structure. What distinguishes this framework is its focus on developer experience and multi-environment parity. It supports local function invocation and event proxying, allowing developers to test and debug code locally against live cloud events without requiring constant redeployments. The framework also features a modular plugin system for extensibility and advanced service composition, which allows teams to manage related services as a single unit, share outputs between components, and coordinate deployments across multiple cloud accounts and stages. The platform covers a broad capability surface, including integrated secret management, dynamic variable resolution, and comprehensive observability tools that aggregate logs, metrics, and traces. It also provides specialized support for configuring API infrastructure, managing GraphQL schemas, and exposing business logic to AI agents through secure gateway controls and standardized interface definitions. The framework is managed through configuration files that define infrastructure, event triggers, and environment-specific settings, with installation and operation handled via a standard command-line interface.

Steampipe is a cloud infrastructure query engine and API-to-SQL mapper that translates REST and GraphQL API responses into relational rows and columns. It allows for the retrieval and joining of real-time data from multiple cloud service providers using a relational database interface. The project functions as a PostgreSQL foreign data wrapper and an SQLite API extension, mapping external API endpoints to virtual tables. This enables the use of standard SQL to query live cloud services and aggregate data from different providers and service accounts into a single unified dataset. The system includes capabilities for cloud resource monitoring, configuration visualization, and log data analysis. It provides an interactive SQL shell and supports the integration of new data sources through a gRPC-based plugin architecture. The engine can be run as a standalone binary with an embedded database or integrated into existing Postgres and SQLite installations.

Sherlock is a command-line automation tool designed to orchestrate software build, execution, and deployment workflows. It functions as an ephemeral runtime orchestrator that executes applications directly from source code, bypassing the need for persistent system-wide installations or manual dependency management. By providing a unified, containerized development environment, it ensures that application dependencies and infrastructure configurations remain consistent across diverse host operating systems. The project distinguishes itself through its ability to synthesize container images declaratively, translating source code and configuration manifests into immutable artifacts. It utilizes documentation-driven discovery to parse technical guides and reference materials, allowing it to map command-line interfaces to automated execution routines. This approach enables the provisioning of short-lived, reproducible environments that maintain consistent behavior throughout the application lifecycle. Beyond its core orchestration capabilities, the tool provides a comprehensive infrastructure-as-code workflow for managing service dependencies and build processes. It abstracts low-level container runtime operations to handle networking, resource constraints, and lifecycle management, while offering integrated access to project documentation to assist with operational requirements.

Cloudtopolis is a tool that facilitates the installation and provisioning of Hashtopolis on the Google Cloud Shell platform, quickly and completely unattended (and also, free!). Together with Google Collaboratory, it allows us to break hashes without the need for dedicated hardware from any browser.

Swift is a high-performance, general-purpose programming language designed for safety and speed. It features a modular compiler front-end that transforms source code into optimized machine binaries, utilizing a value-oriented type system that prioritizes predictable state management through value and reference types. The language is built on a task-based concurrency model that schedules asynchronous operations across multicore hardware to ensure data race safety. The project distinguishes itself through a native, bi-directional interoperability mechanism that allows for direct integration with existing codebases and external APIs without requiring complex foreign function interfaces. This capability is supported by a declarative, manifest-based build system that manages dependencies and cross-platform toolchain orchestration. Furthermore, the language provides a standardized language server protocol implementation, enabling real-time diagnostics, code completion, and refactoring across a wide range of development environments. The ecosystem covers a broad capability surface, including support for static binary compilation to ensure portability across diverse system environments and specialized tooling for cloud-native backend development. It provides comprehensive infrastructure for multi-platform application development, including cross-compilation support for Android, Linux, and WebAssembly targets. Developers can also leverage integrated debugging, testing, and interactive playground environments to streamline the software validation process. The project maintains its compiler, standard library, and evolution proposals through a primary source code repository, which includes extensive documentation and guided references for developers.

The AWS SAM Command Line Interface is a development toolkit used to define, emulate, and manage the lifecycle of serverless infrastructure. It serves as an infrastructure as code tool and a wrapper for AWS CloudFormation, allowing users to describe cloud resources through declarative templates. The project differentiates itself by providing a local serverless emulator that uses containers to execute and debug functions before they are deployed. It also enables rapid cloud iteration through real-time synchronization, which monitors local source code for changes and automatically pushes updates to the cloud environment. The tool covers the full serverless lifecycle, including application artifact building, packaging, and automated deployment pipelines. It also includes capabilities for simulating event sources with mock JSON files, managing resource permissions, and converting existing cloud assets into versioned infrastructure templates.

This project is a command-line tool and template-based scaffolding engine that transforms API interface specifications into functional client libraries and server stubs. By automating the creation of type-safe SDKs and boilerplate code, it bridges the gap between service definitions and implementation, allowing developers to maintain synchronized codebases across many programming languages. The tool distinguishes itself through a portable execution model that utilizes containerized build isolation to ensure identical output regardless of the host environment. It features a modular, plugin-based architecture that allows for the registration of custom logic, alongside a schema-to-model mapping engine that enables precise control over how abstract API data types are translated into native language structures. The platform supports a wide range of integration workflows, including the ability to trigger code generation directly within standard build lifecycles or through a remote HTTP-based service. Users can further tailor the output through declarative configuration overrides, custom template injection, and specific type mapping rules to align generated code with internal project standards and naming conventions. The software is distributed as a command-line utility and can be executed via container images or integrated into build pipelines using standard package managers.

Rook automates the creation of AWS p3 instances for use in GPU-based password cracking. AWS p3 instances use the NVIDIA V100 GPUs, which provide the best password cracking H/s per GPU we've found. Rook is a Python wrapper around a Terraform base, automating the creation, mounting of wordlists…

Ansible is an agentless infrastructure automation engine designed to manage remote servers and network devices. It functions as a cross-platform orchestration tool that coordinates system updates, software installations, and service configurations from a centralized management workstation. By utilizing a declarative approach, it allows users to define desired system states through human-readable configuration files, ensuring consistency across distributed environments. The platform operates by establishing secure shell connections to target nodes, eliminating the need for persistent agent software or complex bootstrapping processes on managed hosts. It employs an inventory-driven model to organize infrastructure into logical groups, while its module-based execution system dispatches idempotent scripts to verify and maintain state. This architecture is supported by a plugin-based framework that enables custom interfaces for connection methods, inventory sources, and task processing logic. Beyond core orchestration, the project provides capabilities for automated application deployment and infrastructure as code, allowing for version-controlled management of data center environments. It also includes template rendering functionality to dynamically inject variables and logic into configuration files before deployment. The software is distributed as a comprehensive package with extensive documentation available for installation and configuration.

A Docker image for serving fastai models, mimicking the API of Tensorflow Serving. It is designed for running batch inference at scale. It is not optimized for performance (but it's not that slow).

Zig is a general-purpose systems programming language designed for high-performance applications that require manual memory management and direct control over hardware resources. It prioritizes predictable execution by enforcing explicit control flow and requiring functions to accept explicit memory allocators, ensuring that all heap operations and logic paths remain visible to the developer. The language distinguishes itself through a powerful compile-time metaprogramming engine that allows for arbitrary code execution during the build process, enabling advanced reflection and the generation of specialized types. It features a unified, target-agnostic toolchain that treats cross-compilation as a first-class capability, allowing developers to produce binaries for any supported architecture without external dependencies. Furthermore, it provides a native integration layer that imports C header files directly, facilitating interaction with existing C codebases without the need for manual binding generation. The project includes a programmatic build system that manages dependency graphs and compilation steps through a language-specific API, removing the need for static configuration files. It also supports flexible development workflows, including the ability to build applications without a standard library for resource-constrained environments and the integration of language servers for real-time code analysis. The compiler is available for installation via direct downloads, package managers, or source builds, and includes built-in tooling for orchestrating unit tests and managing project dependencies.

Encore is a distributed systems framework designed to unify backend development, infrastructure provisioning, and observability. It functions as an infrastructure-as-code platform that allows developers to define cloud resources, databases, and messaging topics directly within their application code. By analyzing these declarations at compile-time, the system automatically manages the deployment of cloud resources and security policies, ensuring parity between local development and production environments. The platform distinguishes itself through its integrated development experience, which includes a local workspace that mirrors production infrastructure to facilitate testing and debugging. It provides automated AI-assisted development tools that leverage application metadata and runtime telemetry to aid in code generation and performance analysis. Furthermore, the framework enforces architectural standards and automates the creation of ephemeral, production-like environments for every pull request, streamlining the validation process before deployment. Beyond its core orchestration capabilities, the framework includes a comprehensive suite for building type-safe APIs and event-driven services. It handles the complexities of service communication, including automated client library generation, request validation, and distributed tracing instrumentation. The system also incorporates robust security primitives, such as identity token validation, secret management, and automated traffic control, to support the development of secure, scalable backend architectures.

PowerShell is a cross-platform task automation and configuration management framework. It functions as an object-oriented shell environment and a dynamic scripting language, enabling users to interact with system interfaces and manage infrastructure through a unified command-line interface. By executing as a managed application on the common language runtime, it provides direct access to native libraries and system APIs. The system is distinguished by its object-based pipeline, which processes structured data objects rather than raw text, allowing for precise property manipulation across command chains. It utilizes a modular command architecture based on a standard verb-noun naming convention, alongside a provider-based abstraction layer that maps disparate data stores into a consistent, drive-like structure for uniform navigation. Beyond interactive command execution, the project includes a declarative configuration engine designed to define and enforce desired system states across local and remote environments. This capability supports the creation of portable scripts and the automation of complex administrative workflows, ensuring consistent environment setups across large-scale deployments.