Terraform: Cloud Configuration Management [PDF]

Terraform: Cloud Configuration Management. Martin Schütte. 18 April 2017 .... Terraform Process. *.tf override.tf. Modu
3 downloads 5 Views 3MB Size
Report
Download PDF
PNG Network

Recommend Stories

TERRAform
What you seek is seeking you. Rumi
infinias CLOUD Configuration Guide
Sorrow prepares you for joy. It violently sweeps everything out of your house, so that new joy can find
Alibaba Cloud Officially Supports HashiCorp Packer and Terraform
When you talk, you are only repeating what you already know. But if you listen, you may learn something
How to Terraform Mars
If you are irritated by every rub, how will your mirror be polished? Rumi
Configuration Change Management
Suffering is a gift. In it is hidden mercy. Rumi
Device Management, HART, Configuration
Your big opportunity may be right where you are now. Napoleon Hill
Ebook Ansible Configuration Management
We can't help everyone, but everyone can help someone. Ronald Reagan
Configuration Management secondo l'ISO
The only limits you see are the ones you impose on yourself. Dr. Wayne Dyer
Security Configuration Management SME
You miss 100% of the shots you don’t take. Wayne Gretzky
terraform® openhole packer system
Kindness, like a boomerang, always returns. Unknown

Idea Transcript

Terraform: Cloud Configuration Management

Martin Schütte 18 April 2017

Concepts

From Servers …

by Rodzilla at Wikimedia Commons (CC-BY-SA-3.0) Martin Schütte | Terraform | Azure Meetup HH

2/40

…to Services

Martin Schütte | Terraform | Azure Meetup HH

3/40

Services also need Configuration Management

• Replace “click paths” with source code in VCS • Lifecycle awareness, not just a setup.sh • Reproducible environments • Specification, documentation, policy enforcement ⇒ Infrastructure as Code

Martin Schütte | Terraform | Azure Meetup HH

4/40

TERRAFORM Build,  Combine,  and  Launch  Infrastructure

Example: Simple Webservice (part 1) ### AWS Setup provider ”aws” { profile = ”${var.aws_profile}” region = ”${var.aws_region}” } # Queue resource ”aws_sqs_queue” ”importqueue” { name = ”${var.app_name}-${var.aws_region}-importqueue” } # Storage resource ”aws_s3_bucket” ”importdisk” { bucket = ”${var.app_name}-${var.aws_region}-importdisk” acl = ”private” } Martin Schütte | Terraform | Azure Meetup HH

6/40

Example: Simple Webservice (part 2) ### Heroku Setup provider ”heroku” { ... } # Importer resource ”heroku_app” ”importer” { name = ”${var.app_name}-${var.aws_region}-import” region = ”eu” config_vars { SQS_QUEUE_URL = ”${aws_sqs_queue.importqueue.id}” S3_BUCKET = ”${aws_s3_bucket.importdisk.id}” } } resource ”heroku_addon” ”mongolab” { app = ”${heroku_app.importer.name}” plan = ”mongolab:sandbox” } Martin Schütte | Terraform | Azure Meetup HH

7/40

Core Ideas in Terraform

• Simple model of resource entities with attributes • Stateful lifecycle with CRUD operations • Declarative configuration • Dependencies by inference • Parallel execution

Martin Schütte | Terraform | Azure Meetup HH

8/40

Core Concepts in Terraform

• Provider: a source of resources (usually with an API endpoint & authentication) • Resource: every thing “that has a set of configurable attributes and a lifecycle (create, read, update, delete)” – implies ID and state • Data Source: information read from provider (e. g. lookup own account ID or AMI-ID) • Provisioner: initialize a resource with local or remote scripts

Martin Schütte | Terraform | Azure Meetup HH

9/40

Design Choices in Terraform

• Order: directed acyclic graph of all resources • Plan: generate an execution plan for review before applying a configuration • State: execution result is kept in state file (local or remote) • Lightweight: little provider knowledge, no error handling

Martin Schütte | Terraform | Azure Meetup HH

10/40

Available services

Providers:

Resources:

Provisioners:

• AWS

• azurerm_lb

• chef

• Azure

• azurerm_subnet

• file

• Google Cloud

• azurerm_dns_zone

• local-exec

• Heroku

• azure_instance

• remote-exec

• DNSMadeEasy

• aws_iam_user

• OpenStack

• heroku_app

• Docker

• postgresql_schema

• …

• …

Martin Schütte | Terraform | Azure Meetup HH

11/40

DSL Syntax

• Hashicorp Configuration Language (HCL), think “JSON-like but human-friendly” • Variables • Interpolation, e. g. ”number ${count.index + 1}” • Attribute access with resource_type.resource_name • Few build-in functions, e. g. base64encode(string), format(format, args…)

Martin Schütte | Terraform | Azure Meetup HH

12/40

HCL vs. JSON # An AMI variable ”ami” { description = ”custom AMI” }

{ ”variable”: { ”ami”: { ”description”: ”custom AMI” } }, ”resource”: { ”aws_instance”: { ”web”: { ”ami”: ”${var.ami}”, ”count”: 2, ”source_dest_check”: false,

/* A multi line comment. */ resource ”aws_instance” ”web” { ami = ”${var.ami}” count = 2 source_dest_check = false connection { user = ”root” }

”connection”: { ”user”: ”root” }

} } } } Martin Schütte | Terraform | Azure Meetup HH

}

13/40

terraform graph | dot -Tpdf

heroku_addon.mongolab

heroku_app.importer

aws_s3_bucket.importdisk

aws_sqs_queue.importqueue

provider.heroku

provider.aws

Martin Schütte | Terraform | Azure Meetup HH

14/40

Terraform Process Modules

*.tf

override.tf

“source”

terraform.tfvars

get

plan

plan apply

state destroy

Martin Schütte | Terraform | Azure Meetup HH

15/40

Example: Add Provisioning

# Importer resource ”heroku_app” ”importer” { name = ”${var.app_name}-${var.aws_region}-import” region = ”eu” config_vars { ... } provisioner ”local-exec” { command =

Helpful Links

Smile Life

When life gives you a hundred reasons to cry, show life that you have a thousand reasons to smile

Get in touch

© Copyright 2015 - 2024 PDFFOX.COM - All rights reserved.