SlideShare una empresa de Scribd logo

Terraform in deployment pipeline

Anton Babenko
Anton Babenko

My talk at FullStackFest, 4.9.2017. Become more familiar with managing infrastructure using Terraform, Packer and deployment pipeline. Code repository - https://github.com/antonbabenko/terraform-deployment-pipeline-talk

Tecnología
1 de 18
Descargar para leer sin conexión
Terraform in deployment pipeline by Anton Babenko
Hi! I am Anton Babenko, and I enjoy: ● AWS & DevOps ● AWS User Group Norway and DevOpsDays Oslo organizer ● Solve problems “Getting Started with Terraform”, terraform-community-modules, Terraform modules generator (Terrapin), and more… https://github.com/antonbabenko https://www.linkedin.com/in/antonbabenko
1. Become more familiar with managing infrastructure using CD pipeline 2. See scenarios of integrating Terraform and Packer 3. How to structure infrastructure code? 4. How to version your infrastructure between environments and make it DRY? Goals of this talk
Do you know? What is: ● Infrastructure as code? ● Deployment pipeline? ● Pipeline as code?
Featuring... Write, plan, and create infrastructure as code Build automated machine images
Typical CI/CD pipeline source: https://dzone.com/articles/what-is-continuous-delivery-pipeline
Where are infrastructure changes here?
CI/CD pipeline (CircleCI 2.0)
Structure - all-in-one vs split ~/all-in-one-repo/ ├── packer # Packer configs │ └── app.json ├── terraform # Terraform configs │ ├── main.tf │ └── terraform.tfvars └── web # Application code └── index.html ~/infra-repo/ ├── packer # Packer configs │ └── app.json └── terraform # Terraform configs ├── main.tf └── terraform.tfvars ~/app-repo/ └── web # Application code └── index.html
Structure - evolving infrastructure repository ~/infra-repo/ ├── packer # Packer configs │ └── app.json └── terraform # Terraform configs ├── modules # Terraform modules │ ├── network │ │ └── main.tf │ └── service1 │ └── main.tf ├── main.tf └── terraform.tfvars ~/infra-repo/ ├── packer # Packer configs │ └── app.json └── terraform # Terraform configs ├── modules # Terraform modules │ ├── network │ │ └── main.tf │ └── service1 │ └── main.tf └── environments ├── non-prod │ └── us-east-1 │ ├── main.tf │ └── terraform.tfvars └── prod ├── eu-west-1 │ ├── main.tf │ └── terraform.tfvars └── us-east-1 ├── main.tf └── terraform.tfvars
example1/main.tf resource "random_pet" "bucket" {} resource "aws_s3_bucket" "app" { bucket = "fullstackfest-${ random_pet .bucket. id}" acl = "public-read" website { index_document = "index.html" } } data "template_file" "index" { template = "${file("../../web/index.html")}" vars { BUILD_DETAILS = "${aws_s3_bucket .app.website_endpoint }" } } resource "aws_s3_bucket_object" "object" { bucket = "${aws_s3_bucket .app.id}" key = "index.html" content = "${data. template_file .index.rendered }" etag = "${md5(data. template_file .index.rendered )}" content_type = "text/html" acl = "public-read" } output "app_website_endpoint" { value = "${aws_s3_bucket .app.website_endpoint }" } FullStackFest! ${BUILD_DETAILS} $ terraform init ... $ terraform plan ... $ terraform apply ... Apply complete! Resources: 3 added, 0 changed, 0 destroyed. Outputs: app_website_endpoint = fullstackfest-feasible-basilisk.s3-website-eu-west-1.amazonaws.c om
example2/main.tf variable "subnet_id" { description = "ID of subnet where resources will be created" } variable "security_groups" { description = "ID of security group EC2 instance will use" } variable "instance_type" { description = "Type of EC2 instance to launch" } data "aws_ami" "app" { most_recent = true filter { name = "name" values = ["fullstackfest-demo-*" ] } } resource "aws_instance" "app" { ami = "${data. aws_ami.app.id}" instance_type = "${var.instance_type }" subnet_id = "${var.subnet_id }" vpc_security_group_ids = ["${var.security_groups }"] } output "app_public_ip" { description = "Public IP of EC2 instance running an application" value = "${aws_instance .app.public_ip }" } packer/app.json { "builders" : [ { "ami_name" : "fullstackfest-demo-{{uuid | clean_ami_name}}" , "ami_description" : "FullStackFest demo AMI based on Amazon Linux", "instance_type" : "t2.micro" , "region" : "eu-west-1" , "type": "amazon-ebs" , "ssh_username" : "ec2-user" , "source_ami_filter" : { "filters" : { "virtualization-type" : "hvm", "name": "amzn-ami-hvm-*-x86_64-gp2" , "root-device-type" : "ebs" }, "owners" : [ "137112412989" ], "most_recent" : true } } ], "provisioners" : [ { "type": "shell", "inline" : [ "# Install nginx, copy index.html into web-root" ] } ] }
# Avoid hard-coded values in *.tf files, use data sources or *.tfvars data "aws_ami" "app" { most_recent = true filter { name = "name" values = ["fullstackfest-demo-*" ] } } # Tag and name resources consistently resource "aws_instance" "app" { ami = "${data. aws_ami.app.id}" instance_type = "${var.instance_type }" subnet_id = "${var.subnet_id }" vpc_security_group_ids = ["${var.security_groups }"] tags { Name = "fullstackfest-demo-${var. environment }" } } variable "environment" { description = "Name of environment to create infrastructure (eg, staging, production)" } # terraform.tfvars environment = "non-prod" FTP (Frequent Terraform Problems) ● Avoid hard-coded values => use data sources ● Tag and name resources consistently Next: Terraform modules = reusability
module "sg_web" { source = "git@github.com:terraform-community-modules/tf_aws_sg.git//sg_web?ref=v0.2.3" security_group_name = "fullstackfest-demo-web" vpc_id = "vpc-12345678" source_cidr_block = ["0.0.0.0/0" ] } resource "aws_instance" "app" { # ... vpc_security_group_ids = ["${module. sg_web.security_group_id_web }"] # ... } Terraform modules ● Versioning ● Public/private access ● Local dir or hosted ● Allows: ○ code reuse ○ encapsulate groups of resources ○ testing
Demo - infrastructure as code and deployment pipeline https://github.com/antonbabenko/terraform-deployment-pipeline-talk
Further thoughts… ● Use linters (tflint), coding styles (fmt), pre-commit hooks ● Automate (no excuses) ● Terraform workspaces, Terragrunt, Atlantis by Hootsuite (super!) ● Version & release infrastructure as the app code ● Using pipelines to manage environments with infrastructure as code by Kief Morris
Thank you!

Recomendados

Terraform Introduction
Terraform IntroductionTerraform Introduction
Terraform Introductionsoniasnowfrog
 
A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...
A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...
A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...Alex Cachia
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructuredAmi Mahloof
 
Final terraform
Final terraformFinal terraform
Final terraformGourav Varma
 
Terraform: An Overview & Introduction
Terraform: An Overview & IntroductionTerraform: An Overview & Introduction
Terraform: An Overview & IntroductionLee Trout
 
Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Anton Babenko
 
Terraform
TerraformTerraform
TerraformPhil Wilkins
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 

Recomendados

Terraform Introduction
Terraform IntroductionTerraform Introduction
Terraform Introductionsoniasnowfrog
 
A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...
A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...
A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...Alex Cachia
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructuredAmi Mahloof
 
Final terraform
Final terraformFinal terraform
Final terraformGourav Varma
 
Terraform: An Overview & Introduction
Terraform: An Overview & IntroductionTerraform: An Overview & Introduction
Terraform: An Overview & IntroductionLee Trout
 
Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Anton Babenko
 
Terraform
TerraformTerraform
TerraformPhil Wilkins
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 
Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform TrainingYevgeniy Brikman
 
Terraform on Azure
Terraform on AzureTerraform on Azure
Terraform on AzureMithun Shanbhag
 
Terraform introduction
Terraform introductionTerraform introduction
Terraform introductionJason Vance
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as codeAmazon Web Services
 
Infrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformInfrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformAdin Ermie
 
Terraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeTerraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeMartin Schütte
 
Effective terraform
Effective terraformEffective terraform
Effective terraformCalvin French-Owen
 
Terraform
TerraformTerraform
TerraformPathum Fernando ☁
 
Terraform
TerraformTerraform
TerraformDiego Pacheco
 
Building infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowBuilding infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowAnton Babenko
 
Developing Terraform Modules at Scale - HashiTalks 2021
Developing Terraform Modules at Scale - HashiTalks 2021Developing Terraform Modules at Scale - HashiTalks 2021
Developing Terraform Modules at Scale - HashiTalks 2021TomStraub5
 
Terraform: Infrastructure as Code
Terraform: Infrastructure as CodeTerraform: Infrastructure as Code
Terraform: Infrastructure as CodePradeep Bhadani
 
Best Practices of Infrastructure as Code with Terraform
Best Practices of Infrastructure as Code with TerraformBest Practices of Infrastructure as Code with Terraform
Best Practices of Infrastructure as Code with TerraformDevOps.com
 
Terraform on Azure
Terraform on AzureTerraform on Azure
Terraform on AzureJulien Corioland
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as CodeAlbert Suwandhi
 
Creating AWS infrastructure using Terraform
Creating AWS infrastructure using TerraformCreating AWS infrastructure using Terraform
Creating AWS infrastructure using TerraformKnoldus Inc.
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
An introduction to terraform
An introduction to terraformAn introduction to terraform
An introduction to terraformJulien Pivotto
 
Terraform
TerraformTerraform
TerraformAdam Vincze
 
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...Amazon Web Services
 
London HUG 12/4
London HUG 12/4London HUG 12/4
London HUG 12/4London HashiCorp User Group
 
Declarative Infrastructure Tools
Declarative Infrastructure Tools Declarative Infrastructure Tools
Declarative Infrastructure Tools Yulia Shcherbachova
 

Más contenido relacionado

La actualidad más candente

Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform TrainingYevgeniy Brikman
 
Terraform introduction
Terraform introductionTerraform introduction
Terraform introductionJason Vance
 
Infrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformInfrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformAdin Ermie
 
Terraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeTerraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeMartin Schütte
 
Building infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowBuilding infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowAnton Babenko
 
Developing Terraform Modules at Scale - HashiTalks 2021
Developing Terraform Modules at Scale - HashiTalks 2021Developing Terraform Modules at Scale - HashiTalks 2021
Developing Terraform Modules at Scale - HashiTalks 2021TomStraub5
 
Terraform: Infrastructure as Code
Terraform: Infrastructure as CodeTerraform: Infrastructure as Code
Terraform: Infrastructure as CodePradeep Bhadani
 
Best Practices of Infrastructure as Code with Terraform
Best Practices of Infrastructure as Code with TerraformBest Practices of Infrastructure as Code with Terraform
Best Practices of Infrastructure as Code with TerraformDevOps.com
 
Creating AWS infrastructure using Terraform
Creating AWS infrastructure using TerraformCreating AWS infrastructure using Terraform
Creating AWS infrastructure using TerraformKnoldus Inc.
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
An introduction to terraform
An introduction to terraformAn introduction to terraform
An introduction to terraformJulien Pivotto
 
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...Amazon Web Services
 

La actualidad más candente (20)

Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform Training
 
Terraform on Azure
Terraform on AzureTerraform on Azure
Terraform on Azure
 
Terraform introduction
Terraform introductionTerraform introduction
Terraform introduction
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as code
 
Infrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformInfrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using Terraform
 
Terraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeTerraform -- Infrastructure as Code
Terraform -- Infrastructure as Code
 
Effective terraform
Effective terraformEffective terraform
Effective terraform
 
Terraform
TerraformTerraform
Terraform
 
Terraform
TerraformTerraform
Terraform
 
Building infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowBuilding infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps Krakow
 
Developing Terraform Modules at Scale - HashiTalks 2021
Developing Terraform Modules at Scale - HashiTalks 2021Developing Terraform Modules at Scale - HashiTalks 2021
Developing Terraform Modules at Scale - HashiTalks 2021
 
Terraform: Infrastructure as Code
Terraform: Infrastructure as CodeTerraform: Infrastructure as Code
Terraform: Infrastructure as Code
 
Best Practices of Infrastructure as Code with Terraform
Best Practices of Infrastructure as Code with TerraformBest Practices of Infrastructure as Code with Terraform
Best Practices of Infrastructure as Code with Terraform
 
Terraform on Azure
Terraform on AzureTerraform on Azure
Terraform on Azure
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as Code
 
Creating AWS infrastructure using Terraform
Creating AWS infrastructure using TerraformCreating AWS infrastructure using Terraform
Creating AWS infrastructure using Terraform
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
 
An introduction to terraform
An introduction to terraformAn introduction to terraform
An introduction to terraform
 
Terraform
TerraformTerraform
Terraform
 
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...
 

Similar a Terraform in deployment pipeline

Declarative Infrastructure Tools
Declarative Infrastructure Tools Declarative Infrastructure Tools
Declarative Infrastructure Tools Yulia Shcherbachova
 
Declarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformDeclarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformRadek Simko
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...NETWAYS
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteBram Vogelaar
 
Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Prajal Kulkarni
 
Managing Infrastructure as Code
Managing Infrastructure as CodeManaging Infrastructure as Code
Managing Infrastructure as CodeAllan Shone
 
Aprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps day
Aprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps dayAprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps day
Aprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps dayPlain Concepts
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsMykyta Protsenko
 
May The Nodejs Be With You
May The Nodejs Be With YouMay The Nodejs Be With You
May The Nodejs Be With YouDalibor Gogic
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesLindsay Holmwood
 
Terraform infraestructura como código
Terraform infraestructura como códigoTerraform infraestructura como código
Terraform infraestructura como códigoVictor Adsuar
 
Immutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaImmutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaAOE
 
Easy deployment & management of cloud apps
Easy deployment & management of cloud appsEasy deployment & management of cloud apps
Easy deployment & management of cloud appsDavid Cunningham
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ..."Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ...Anton Babenko
 
Puppet Camp Chicago 2014: Smoothing Troubles With Custom Types and Providers ...
Puppet Camp Chicago 2014: Smoothing Troubles With Custom Types and Providers ...Puppet Camp Chicago 2014: Smoothing Troubles With Custom Types and Providers ...
Puppet Camp Chicago 2014: Smoothing Troubles With Custom Types and Providers ...Puppet
 
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016Zabbix
 
Learning Puppet basic thing
Learning Puppet basic thing Learning Puppet basic thing
Learning Puppet basic thing DaeHyung Lee
 

Similar a Terraform in deployment pipeline (20)

London HUG 12/4
London HUG 12/4London HUG 12/4
London HUG 12/4
 
Declarative Infrastructure Tools
Declarative Infrastructure Tools Declarative Infrastructure Tools
Declarative Infrastructure Tools
 
Declarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformDeclarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with Terraform
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suite
 
Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.Null Bachaav - May 07 Attack Monitoring workshop.
Null Bachaav - May 07 Attack Monitoring workshop.
 
TIAD : Automating the modern datacenter
TIAD : Automating the modern datacenterTIAD : Automating the modern datacenter
TIAD : Automating the modern datacenter
 
Managing Infrastructure as Code
Managing Infrastructure as CodeManaging Infrastructure as Code
Managing Infrastructure as Code
 
Aprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps day
Aprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps dayAprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps day
Aprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps day
 
Infrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and OpsInfrastructure-as-code: bridging the gap between Devs and Ops
Infrastructure-as-code: bridging the gap between Devs and Ops
 
May The Nodejs Be With You
May The Nodejs Be With YouMay The Nodejs Be With You
May The Nodejs Be With You
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websites
 
Terraform infraestructura como código
Terraform infraestructura como códigoTerraform infraestructura como código
Terraform infraestructura como código
 
Immutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaImmutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS Lambda
 
Easy deployment & management of cloud apps
Easy deployment & management of cloud appsEasy deployment & management of cloud apps
Easy deployment & management of cloud apps
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ..."Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ...
 
Puppet Camp Chicago 2014: Smoothing Troubles With Custom Types and Providers ...
Puppet Camp Chicago 2014: Smoothing Troubles With Custom Types and Providers ...Puppet Camp Chicago 2014: Smoothing Troubles With Custom Types and Providers ...
Puppet Camp Chicago 2014: Smoothing Troubles With Custom Types and Providers ...
 
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
Erik Skytthe - Monitoring Mesos, Docker, Containers with Zabbix | ZabConf2016
 
Terraform 101
Terraform 101Terraform 101
Terraform 101
 
Learning Puppet basic thing
Learning Puppet basic thing Learning Puppet basic thing
Learning Puppet basic thing
 

Más de Anton Babenko

Manage any AWS resources with Terraform 0.12 - April 2020
Manage any AWS resources with Terraform 0.12 - April 2020Manage any AWS resources with Terraform 0.12 - April 2020
Manage any AWS resources with Terraform 0.12 - April 2020Anton Babenko
 
Terraform 0.12 + Terragrunt
Terraform 0.12 + TerragruntTerraform 0.12 + Terragrunt
Terraform 0.12 + TerragruntAnton Babenko
 
Terraform Best Practices - DevOps Unicorns 2019
Terraform Best Practices - DevOps Unicorns 2019Terraform Best Practices - DevOps Unicorns 2019
Terraform Best Practices - DevOps Unicorns 2019Anton Babenko
 
Terraform AWS modules and some best practices - September 2019
Terraform AWS modules and some best practices - September 2019Terraform AWS modules and some best practices - September 2019
Terraform AWS modules and some best practices - September 2019Anton Babenko
 
What you see is what you get for AWS infrastructure
What you see is what you get for AWS infrastructureWhat you see is what you get for AWS infrastructure
What you see is what you get for AWS infrastructureAnton Babenko
 
Terraform AWS modules and some best-practices - May 2019
Terraform AWS modules and some best-practices - May 2019Terraform AWS modules and some best-practices - May 2019
Terraform AWS modules and some best-practices - May 2019Anton Babenko
 
Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Anton Babenko
 
What you see is what you get for AWS infrastructure
What you see is what you get for AWS infrastructureWhat you see is what you get for AWS infrastructure
What you see is what you get for AWS infrastructureAnton Babenko
 
Gotchas using Terraform in a secure delivery pipeline
Gotchas using Terraform in a secure delivery pipelineGotchas using Terraform in a secure delivery pipeline
Gotchas using Terraform in a secure delivery pipelineAnton Babenko
 
Описание инфраструктуры с Terraform на будущее
Описание инфраструктуры с Terraform на будущееОписание инфраструктуры с Terraform на будущее
Описание инфраструктуры с Terraform на будущееAnton Babenko
 
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetupPreview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetupAnton Babenko
 
Terraform modules and (some of) best practices
Terraform modules and (some of) best practicesTerraform modules and (some of) best practices
Terraform modules and (some of) best practicesAnton Babenko
 
Terraform modules and (some of) best practices
Terraform modules and (some of) best practicesTerraform modules and (some of) best practices
Terraform modules and (some of) best practicesAnton Babenko
 
Terraform Q&A - HashiCorp User Group Oslo
Terraform Q&A - HashiCorp User Group OsloTerraform Q&A - HashiCorp User Group Oslo
Terraform Q&A - HashiCorp User Group OsloAnton Babenko
 
"I’ve heard you know infrastructure"
"I’ve heard you know infrastructure""I’ve heard you know infrastructure"
"I’ve heard you know infrastructure"Anton Babenko
 
Continuous delivery in AWS
Continuous delivery in AWSContinuous delivery in AWS
Continuous delivery in AWSAnton Babenko
 
Tools exist for a reason
Tools exist for a reasonTools exist for a reason
Tools exist for a reasonAnton Babenko
 
AWS CodeDeploy - basic intro
AWS CodeDeploy - basic introAWS CodeDeploy - basic intro
AWS CodeDeploy - basic introAnton Babenko
 
Managing AWS infrastructure using CloudFormation
Managing AWS infrastructure using CloudFormationManaging AWS infrastructure using CloudFormation
Managing AWS infrastructure using CloudFormationAnton Babenko
 
Designing for elasticity on AWS - 9.11.2015
Designing for elasticity on AWS - 9.11.2015Designing for elasticity on AWS - 9.11.2015
Designing for elasticity on AWS - 9.11.2015Anton Babenko
 

Más de Anton Babenko (20)

Manage any AWS resources with Terraform 0.12 - April 2020
Manage any AWS resources with Terraform 0.12 - April 2020Manage any AWS resources with Terraform 0.12 - April 2020
Manage any AWS resources with Terraform 0.12 - April 2020
 
Terraform 0.12 + Terragrunt
Terraform 0.12 + TerragruntTerraform 0.12 + Terragrunt
Terraform 0.12 + Terragrunt
 
Terraform Best Practices - DevOps Unicorns 2019
Terraform Best Practices - DevOps Unicorns 2019Terraform Best Practices - DevOps Unicorns 2019
Terraform Best Practices - DevOps Unicorns 2019
 
Terraform AWS modules and some best practices - September 2019
Terraform AWS modules and some best practices - September 2019Terraform AWS modules and some best practices - September 2019
Terraform AWS modules and some best practices - September 2019
 
What you see is what you get for AWS infrastructure
What you see is what you get for AWS infrastructureWhat you see is what you get for AWS infrastructure
What you see is what you get for AWS infrastructure
 
Terraform AWS modules and some best-practices - May 2019
Terraform AWS modules and some best-practices - May 2019Terraform AWS modules and some best-practices - May 2019
Terraform AWS modules and some best-practices - May 2019
 
Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019
 
What you see is what you get for AWS infrastructure
What you see is what you get for AWS infrastructureWhat you see is what you get for AWS infrastructure
What you see is what you get for AWS infrastructure
 
Gotchas using Terraform in a secure delivery pipeline
Gotchas using Terraform in a secure delivery pipelineGotchas using Terraform in a secure delivery pipeline
Gotchas using Terraform in a secure delivery pipeline
 
Описание инфраструктуры с Terraform на будущее
Описание инфраструктуры с Terraform на будущееОписание инфраструктуры с Terraform на будущее
Описание инфраструктуры с Terraform на будущее
 
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetupPreview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
 
Terraform modules and (some of) best practices
Terraform modules and (some of) best practicesTerraform modules and (some of) best practices
Terraform modules and (some of) best practices
 
Terraform modules and (some of) best practices
Terraform modules and (some of) best practicesTerraform modules and (some of) best practices
Terraform modules and (some of) best practices
 
Terraform Q&A - HashiCorp User Group Oslo
Terraform Q&A - HashiCorp User Group OsloTerraform Q&A - HashiCorp User Group Oslo
Terraform Q&A - HashiCorp User Group Oslo
 
"I’ve heard you know infrastructure"
"I’ve heard you know infrastructure""I’ve heard you know infrastructure"
"I’ve heard you know infrastructure"
 
Continuous delivery in AWS
Continuous delivery in AWSContinuous delivery in AWS
Continuous delivery in AWS
 
Tools exist for a reason
Tools exist for a reasonTools exist for a reason
Tools exist for a reason
 
AWS CodeDeploy - basic intro
AWS CodeDeploy - basic introAWS CodeDeploy - basic intro
AWS CodeDeploy - basic intro
 
Managing AWS infrastructure using CloudFormation
Managing AWS infrastructure using CloudFormationManaging AWS infrastructure using CloudFormation
Managing AWS infrastructure using CloudFormation
 
Designing for elasticity on AWS - 9.11.2015
Designing for elasticity on AWS - 9.11.2015Designing for elasticity on AWS - 9.11.2015
Designing for elasticity on AWS - 9.11.2015
 

Último

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 

Último (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 

Terraform in deployment pipeline

  • 1. Terraform in deployment pipeline by Anton Babenko
  • 2. Hi! I am Anton Babenko, and I enjoy: ● AWS & DevOps ● AWS User Group Norway and DevOpsDays Oslo organizer ● Solve problems “Getting Started with Terraform”, terraform-community-modules, Terraform modules generator (Terrapin), and more… https://github.com/antonbabenko https://www.linkedin.com/in/antonbabenko
  • 3. 1. Become more familiar with managing infrastructure using CD pipeline 2. See scenarios of integrating Terraform and Packer 3. How to structure infrastructure code? 4. How to version your infrastructure between environments and make it DRY? Goals of this talk
  • 4. Do you know? What is: ● Infrastructure as code? ● Deployment pipeline? ● Pipeline as code?
  • 5. Featuring... Write, plan, and create infrastructure as code Build automated machine images
  • 6.
  • 7. Typical CI/CD pipeline source: https://dzone.com/articles/what-is-continuous-delivery-pipeline
  • 8. Where are infrastructure changes here?
  • 10. Structure - all-in-one vs split ~/all-in-one-repo/ ├── packer # Packer configs │ └── app.json ├── terraform # Terraform configs │ ├── main.tf │ └── terraform.tfvars └── web # Application code └── index.html ~/infra-repo/ ├── packer # Packer configs │ └── app.json └── terraform # Terraform configs ├── main.tf └── terraform.tfvars ~/app-repo/ └── web # Application code └── index.html
  • 11. Structure - evolving infrastructure repository ~/infra-repo/ ├── packer # Packer configs │ └── app.json └── terraform # Terraform configs ├── modules # Terraform modules │ ├── network │ │ └── main.tf │ └── service1 │ └── main.tf ├── main.tf └── terraform.tfvars ~/infra-repo/ ├── packer # Packer configs │ └── app.json └── terraform # Terraform configs ├── modules # Terraform modules │ ├── network │ │ └── main.tf │ └── service1 │ └── main.tf └── environments ├── non-prod │ └── us-east-1 │ ├── main.tf │ └── terraform.tfvars └── prod ├── eu-west-1 │ ├── main.tf │ └── terraform.tfvars └── us-east-1 ├── main.tf └── terraform.tfvars
  • 12. example1/main.tf resource "random_pet" "bucket" {} resource "aws_s3_bucket" "app" { bucket = "fullstackfest-${ random_pet .bucket. id}" acl = "public-read" website { index_document = "index.html" } } data "template_file" "index" { template = "${file("../../web/index.html")}" vars { BUILD_DETAILS = "${aws_s3_bucket .app.website_endpoint }" } } resource "aws_s3_bucket_object" "object" { bucket = "${aws_s3_bucket .app.id}" key = "index.html" content = "${data. template_file .index.rendered }" etag = "${md5(data. template_file .index.rendered )}" content_type = "text/html" acl = "public-read" } output "app_website_endpoint" { value = "${aws_s3_bucket .app.website_endpoint }" } FullStackFest! ${BUILD_DETAILS} $ terraform init ... $ terraform plan ... $ terraform apply ... Apply complete! Resources: 3 added, 0 changed, 0 destroyed. Outputs: app_website_endpoint = fullstackfest-feasible-basilisk.s3-website-eu-west-1.amazonaws.c om
  • 13. example2/main.tf variable "subnet_id" { description = "ID of subnet where resources will be created" } variable "security_groups" { description = "ID of security group EC2 instance will use" } variable "instance_type" { description = "Type of EC2 instance to launch" } data "aws_ami" "app" { most_recent = true filter { name = "name" values = ["fullstackfest-demo-*" ] } } resource "aws_instance" "app" { ami = "${data. aws_ami.app.id}" instance_type = "${var.instance_type }" subnet_id = "${var.subnet_id }" vpc_security_group_ids = ["${var.security_groups }"] } output "app_public_ip" { description = "Public IP of EC2 instance running an application" value = "${aws_instance .app.public_ip }" } packer/app.json { "builders" : [ { "ami_name" : "fullstackfest-demo-{{uuid | clean_ami_name}}" , "ami_description" : "FullStackFest demo AMI based on Amazon Linux", "instance_type" : "t2.micro" , "region" : "eu-west-1" , "type": "amazon-ebs" , "ssh_username" : "ec2-user" , "source_ami_filter" : { "filters" : { "virtualization-type" : "hvm", "name": "amzn-ami-hvm-*-x86_64-gp2" , "root-device-type" : "ebs" }, "owners" : [ "137112412989" ], "most_recent" : true } } ], "provisioners" : [ { "type": "shell", "inline" : [ "# Install nginx, copy index.html into web-root" ] } ] }
  • 14. # Avoid hard-coded values in *.tf files, use data sources or *.tfvars data "aws_ami" "app" { most_recent = true filter { name = "name" values = ["fullstackfest-demo-*" ] } } # Tag and name resources consistently resource "aws_instance" "app" { ami = "${data. aws_ami.app.id}" instance_type = "${var.instance_type }" subnet_id = "${var.subnet_id }" vpc_security_group_ids = ["${var.security_groups }"] tags { Name = "fullstackfest-demo-${var. environment }" } } variable "environment" { description = "Name of environment to create infrastructure (eg, staging, production)" } # terraform.tfvars environment = "non-prod" FTP (Frequent Terraform Problems) ● Avoid hard-coded values => use data sources ● Tag and name resources consistently Next: Terraform modules = reusability
  • 15. module "sg_web" { source = "git@github.com:terraform-community-modules/tf_aws_sg.git//sg_web?ref=v0.2.3" security_group_name = "fullstackfest-demo-web" vpc_id = "vpc-12345678" source_cidr_block = ["0.0.0.0/0" ] } resource "aws_instance" "app" { # ... vpc_security_group_ids = ["${module. sg_web.security_group_id_web }"] # ... } Terraform modules ● Versioning ● Public/private access ● Local dir or hosted ● Allows: ○ code reuse ○ encapsulate groups of resources ○ testing
  • 16. Demo - infrastructure as code and deployment pipeline https://github.com/antonbabenko/terraform-deployment-pipeline-talk
  • 17. Further thoughts… ● Use linters (tflint), coding styles (fmt), pre-commit hooks ● Automate (no excuses) ● Terraform workspaces, Terragrunt, Atlantis by Hootsuite (super!) ● Version & release infrastructure as the app code ● Using pipelines to manage environments with infrastructure as code by Kief Morris