migrating healthcare gov to terraform lessons learned
play

Migrating HealthCare.gov to Terraform: Lessons Learned Christian - PowerPoint PPT Presentation

Dec 03, 2022 •386 likes •958 views

Migrating HealthCare.gov to Terraform: Lessons Learned Christian Monaghan @monaghan_a_gram Cofounder, Nava PBC What is Terraform? A tool for building , changing , and versioning infrastructure Manage cloud providers Infrastructure as Code

  1. Migrating HealthCare.gov to Terraform: Lessons Learned Christian Monaghan @monaghan_a_gram Cofounder, Nava PBC

  2. What is Terraform?

  3. A tool for building , changing , and versioning infrastructure

  4. Manage cloud providers

  5. Infrastructure as Code Declarative syntax ● Source control ● Variable support ●

  6. Execution plans Developer reviews ● plan before proceeding

  7. Resource graph Resources created in ● dependency order

  8. Resource graph Resources created in ● dependency order

  9. Our project history

  10. AWS Cloudformation JSON interface 3,000+ lines for 1 Virtual Private Cloud (VPC) Managing dozens of VPCs

  11. Custom tooling to interact with Cloudformation YAML Custom AWS Config script Cloudformation

  12. Challenges we faced with our existing tooling

  13. Maintaining custom code :( Complex ● Not unit tested ● Limited documentation, quickly out of date ● Increasing bloat ● Hard to understand ● Hard to debug ●

  14. Unable to incorporate manual changes Past examples: Horizontally scale NATs (Network Address Translation) ● Adding a temporary second Elastic Load Balancer ● Scaling down from 3 availability zones to 1 availability zone ● Swap in new Elastic IPs ●

  15. Uncertain client demands Must build atop partially provisioned ● vpc infrastructure Client frequently requesting custom ● architecture changes Client might make manual changes ● that would be unrecoverable in Cloudformation

  16. Proliferating use cases Load testing resources ● Continuous Integration clusters ● Custom monitoring ● Graphite/Graphana ● Nessus scanning clusters ●

  17. We were trying to shoehorn all these new use cases into our existing tooling

  18. Engineering goal

  19. Manage all infrastructure with a single tool that is flexible , extensible , fast , and well-supported

  20. Choosing the right tool

  21. Tools we considered

  22. Chef, Puppet, Ansible, SaltStack These are configuration management tools ● Install and manage software on existing machines ●

  23. Why we chose Terraform Incorporate manual changes ● Declarative syntax, easy to read, understand, extend ● Supports multiple providers ● Separates planning and execution ● Well-supported, open-source ● Modular ●

  24. Some Terraform basics

  25. How it knows what to provision Changes Desired state Actual state required

  26. Desired state looks like this

  27. Actual state looks like this

  28. Prototyping

  29. Greenfield approach State Define Diff Apply Updated

  30. Reverse engineering approach Import Define Diff Apply State

  31. Refactor to use variables Hardcoded Variables

  32. Testing 1. Successfully provision a new VPC 2. Application functional a. Passes health checks b. Passes smoke testing 3. Infrastructure security scan a. AWS Trusted Advisor

  33. End result A configuration file (.tf) that ● represents one complete vpc configuration A state file (.tfstate) that ● represents one existing vpc

  34. Design

  35. How can we design this for reuse? ... AppA Test AppB Test ... AppA Staging AppB Staging ... AppA Prod AppB Prod ... AppA ... AppB ...

  36. Existing design Variable inputs Assemble building blocks Building blocks

  37. Implementation

  38. Build new VPC's & cutover traffic

  39. Learnings

  40. Use shared modules sparingly

  41. Use shared modules sparingly Sharing modules within applications worked well

  42. Use shared modules sparingly Sharing modules across applications did not work well

  43. Use shared modules sparingly Change the Elastic Load Balancer module

  44. Use shared modules sparingly

  45. Use shared modules sparingly co��t���s

  46. Migrating infrastructure in place It's possible, but time consuming

  47. Importing existing state Native terraform import CLI utility ● Only imports one resource at a time ○ Requires manually finding each resource id relevant to a particular vpc ○ Third party open source terraforming CLI ● Imports all resources in a region ○ Cannot narrow scope to a specific vpc ○

  48. Lock resources to a particular terraform version

  49. Terraform needs to be managed in CI/CD Otherwise: Risk losing internet connection in mid-apply ● No record of who changed what when ● Developers bump versions unintentionally ●

  50. Semantically version modules with git tags Good Bad

  51. Terraform utilities

  52. terraforming Export existing AWS resources to Terraform

  53. tfenv Terraform version manager inspired by rbenv TODO: screenshot

  54. terraform fmt Before After

  55. terraform-docs Generate docs from terraform modules

  56. Thank you @monaghan_a_gram

Recommend

Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From

Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From

Protg 2006, July 26th, Stanford I R I S A C 1 R E C Saint-Cyr Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From Ontology Ontology Design Design Ontology Ontology Design Design Jean Andr B

371 views • 12 slides
The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to

The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to

The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to automate NSX to provide virtualized networking and security services using both ESXi and KVM based hypervisor hosts as well as container networking and

1.68k views • 150 slides
Migrating to Vitess at (Slack) Scale Michael Demmer Percona Live - April 2018 This is a

Migrating to Vitess at (Slack) Scale Michael Demmer Percona Live - April 2018 This is a

Migrating to Vitess at (Slack) Scale Michael Demmer Percona Live - April 2018 This is a (brief) story of how Slack's databases work today, why we're migrating to Vitess, and some lessons we've learned along the way. Michael Demmer Senior

1.18k views • 58 slides
Migrating to Vitess at (Slack) Scale Michael Demmer Percona Live Europe 2017 This is a (brief)

Migrating to Vitess at (Slack) Scale Michael Demmer Percona Live Europe 2017 This is a (brief)

Migrating to Vitess at (Slack) Scale Michael Demmer Percona Live Europe 2017 This is a (brief) story of how Slack's databases work today, why we're migrating to Vitess, and some lessons we've learned along the way. Michael Demmer Senior

526 views • 51 slides
Healthcare Fraud and Abuse in a Tougher Enforcement Environment presents Lessons Learned From

Healthcare Fraud and Abuse in a Tougher Enforcement Environment presents Lessons Learned From

Healthcare Fraud and Abuse in a Tougher Enforcement Environment presents Lessons Learned From Recent DOJ/HHS Fraud Investigations, presents L L d F R t DOJ/HHS F d I ti ti Prosecutions and Settlements A Live 90-Minute

822 views • 65 slides
Top 10 Lessons Learned From First to Second Generation Transactions Involving Physicians and

Top 10 Lessons Learned From First to Second Generation Transactions Involving Physicians and

Top 10 Lessons Learned From First to Second Generation Transactions Involving Physicians and Health Systems AHLA Healthcare Transactions Conference Nashville, TN May 10-11, 2018 Max Reiboldt, CPA R. Michael Barry, Esq. Coker Group Arnall

735 views • 57 slides
Hospital Cultural Competency as a Systematic Organizational Intervention: Lessons Learned from

Hospital Cultural Competency as a Systematic Organizational Intervention: Lessons Learned from

Hospital Cultural Competency as a Systematic Organizational Intervention: Lessons Learned from the National Center for Healthcare Leadership (NCHL) Diversity Demonstration Project Robert Weech-Maldonado Department of Health Services

396 views • 12 slides
Scale-Up, Spread, and Sustainment of Tele-Collaborative Care: Lessons Learned from a

Scale-Up, Spread, and Sustainment of Tele-Collaborative Care: Lessons Learned from a

Scale-Up, Spread, and Sustainment of Tele-Collaborative Care: Lessons Learned from a Model-Guided, Mixed Methods Analysis Mark S. Bauer, MD VA Center for Healthcare Organization & Implementation Research (CHOIR) & the VA QUERI for

422 views • 17 slides
On Moving Mountains: Lessons for Migrating Data and Content for your Next Drupal Project

On Moving Mountains: Lessons for Migrating Data and Content for your Next Drupal Project

On Moving Mountains: Lessons for Migrating Data and Content for your Next Drupal Project Drupalcamp NJ February 2, 2019 We build better websites for the greater good. Message Agency is a social enterprise that helps nonprofits use

340 views • 18 slides
Digital I&C Lessons learned across industries Dr. John Thomas MIT Experiences across

Digital I&C Lessons learned across industries Dr. John Thomas MIT Experiences across

Digital I&C Lessons learned across industries Dr. John Thomas MIT Experiences across industries (Automotive, Aviation, Space Systems, Chemical, Oil & Gas, Nuclear Power, Defense, Healthcare, Medical Devices, Weapon Systems, etc.)

245 views • 11 slides
Institutionalizing Lessons Learned October 25, 2006 Loren Plisco Region II Background

Institutionalizing Lessons Learned October 25, 2006 Loren Plisco Region II Background

Institutionalizing Lessons Learned October 25, 2006 Loren Plisco Region II Background SEP 2002 Davis-Besse Lessons Learned Task Force AUG 2004 - Effectiveness Review Lessons Learned Task Force JAN 2005 - EDO Charters

269 views • 22 slides
Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com Case Study Migrating Legacy.com Jordan Ryan Product Owner Ankur Gupta Lead Developer Bassam Ismail Front-end Lakshmi Narasimhan RESTful

458 views • 45 slides
OSHA Lessons Learned Adam Fries OSHA Compliance Officer February 13, 2018 OSHA Lessons Learned

OSHA Lessons Learned Adam Fries OSHA Compliance Officer February 13, 2018 OSHA Lessons Learned

OSHA Lessons Learned Adam Fries OSHA Compliance Officer February 13, 2018 OSHA Lessons Learned Jobsite Safety and Health Inspections/Audits better known as; PAPER WORK You hate it, Your safety director requires it, OSHA loves it, Does it

926 views • 35 slides
3/8/2019 Epidemiology, Risk Factors, and Outcomes of Pediatric PVD: LESSONS learned from the

3/8/2019 Epidemiology, Risk Factors, and Outcomes of Pediatric PVD: LESSONS learned from the

3/8/2019 Epidemiology, Risk Factors, and Outcomes of Pediatric PVD: LESSONS learned from the Spanish Registry: Lessons Learned from the Registries o Is It possible (and worthy) to do a national registry? Lessons learned from the o

1.16k views • 43 slides
DEBUGGING LESSONS LEARNED WHILE DEBUGGING LESSONS LEARNED WHILE FIXING NETBSD FIXING NETBSD

DEBUGGING LESSONS LEARNED WHILE DEBUGGING LESSONS LEARNED WHILE FIXING NETBSD FIXING NETBSD

DEBUGGING LESSONS LEARNED WHILE DEBUGGING LESSONS LEARNED WHILE FIXING NETBSD FIXING NETBSD ABOUT ME ABOUT ME maya@NetBSD.org coypu@sdf.org NetBSD/pkgsrc for the last 3 years THIS TALK THIS TALK Mix of a bunch of bugs Not solo work

695 views • 31 slides
A Campus-wide Committee on Disability and Access: Accomplishments and Lessons Learned Jessica

A Campus-wide Committee on Disability and Access: Accomplishments and Lessons Learned Jessica

A Campus-wide Committee on Disability and Access: Accomplishments and Lessons Learned Jessica Sniatecki (Healthcare Studies) Algernon Kelley (Chemistry) The College at Brockport, SUNY CDA Origins Disability Studies Faculty Learning

177 views • 17 slides
Lessons Learned A Value Added Product of the Project Life Cycle R Gilman April 19, 2006 Agenda

Lessons Learned A Value Added Product of the Project Life Cycle R Gilman April 19, 2006 Agenda

Lessons Learned A Value Added Product of the Project Life Cycle R Gilman April 19, 2006 Agenda Introduction What are Lessons Learned? Value to the Project Process and Organization Keanes Approach to Lessons Learned Keys to

261 views • 24 slides
Lessons Learned in Developing an Effective Regional Ebola CONOPS August 10, 2016 Click here to

Lessons Learned in Developing an Effective Regional Ebola CONOPS August 10, 2016 Click here to

Lessons Learned in Developing an Effective Regional Ebola CONOPS August 10, 2016 Click here to access the pre-recorded webinar. Welcome Message and Webinar Intent Melissa Harvey, RN, MSPH Director, Division of National Healthcare

505 views • 29 slides
Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud:

Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud:

Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud: Migrating from Grid to Cloud: Case Study from GEO Grid Case Study from GEO Grid Kyoung-Sook Kim Data Science Research Group Information Technology

541 views • 18 slides
Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native

Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native

Teaching an old DAG new tricks Migrating a decade old pipeline to Airflow Outline Cloud native deployment Cloud native deployment Multi-repo DAG management Manage Airflow Variables with code through Terraform Airflow monitoring

478 views • 30 slides
Four Major Events in Our History and the Lessons Learned Coleen Reiswig, Isobel McDonald, Ted

Four Major Events in Our History and the Lessons Learned Coleen Reiswig, Isobel McDonald, Ted

Four Major Events in Our History and the Lessons Learned Coleen Reiswig, Isobel McDonald, Ted Pincock, Carolyn Bouchard Joanne Archer Outline: 1) Common Themes 2) The Event and lessons learned: Spanish Influenza 1918 SARS

417 views • 38 slides
Lessons Learned from Japans NPL Experience Ladies and gentlemen, today I would like to discuss

Lessons Learned from Japans NPL Experience Ladies and gentlemen, today I would like to discuss

Beijing International Finance Forum Chairman Junichi Ujiie 2004/05/19 Lessons Learned from Japans NPL Experience Ladies and gentlemen, today I would like to discuss the lessons to be learned from Japans NPL problems: first, the disposal

344 views • 3 slides
The Value of Commissioning in Healthcare Facilities Al Rodgers, LEED AP, G|PRO Todays Goals

The Value of Commissioning in Healthcare Facilities Al Rodgers, LEED AP, G|PRO Todays Goals

The Value of Commissioning in Healthcare Facilities Al Rodgers, LEED AP, G|PRO Todays Goals What is Cx? Cx in Healthcare Lessons Learned Value What is Cx? A quality-oriented process to verify and document performance

463 views • 28 slides
Some lessons learned from Team Science Some lessons learned from Team Science Lewis Cantley Weill

Some lessons learned from Team Science Some lessons learned from Team Science Lewis Cantley Weill

Some lessons learned from Team Science Some lessons learned from Team Science Lewis Cantley Weill Cornell Medical College, New York Presbyterian Hospital Past participation in Team Science Period Period Type of grant Type of grant Role in Grant

380 views • 20 slides

More recommend