modern provisioning and ci cd with terraform terratest
play

Modern Provisioning and CI/CD with Terraform, Terratest & - PowerPoint PPT Presentation

Sep 07, 2022 •445 likes •946 views

Modern Provisioning and CI/CD with Terraform, Terratest & Jenkins Duncan Hutty Overview 1. Introduction: Context, Philosophy 2. Provisioning Exercises 1. MVP 2. Testing 3. CI/CD 4. Refactoring 3. Coping with complexity & scale

  1. Modern Provisioning and CI/CD with Terraform, Terratest & Jenkins Duncan Hutty

  2. Overview 1. Introduction: Context, Philosophy 2. Provisioning Exercises 1. MVP 2. Testing 3. CI/CD 4. Refactoring 3. Coping with complexity & scale http://gitlab.com/dhutty/modern-provisioning_code

  3. Introduction Context Philosophy

  4. Context Infrastructure Con�guration [Management] Orchestration Provisioning CI/CD Pipelines

  5. Philosophy

  6. "Everything As Code" Use Code for Everything Test Review Lifecycle Engineer All The Code

  7. Infrastructure As Code Treating the tooling that provisions and manages your infrastructure with the same respect as other code.

  8. "Engineering Services" Engineering Engineering

  9. Bene�ts of "As Code" Easier to: Consistently regenerate Test Review Grok Audit Iteratively improve Reuse, compose and hide complexity

  10. Tech VCS: git+ github Scheduler: Jenkins PaaS, IaaS: AWS Provisioning, making somewhere to deploy to : Terraform Testing: Jenkins�les, simple scripts, Terratest And with all that said, let’s get on to making things happen, showing some code.

  11. Provisioning Exercises 1. MVP 2. Terratest 3. Containerization 4. CI/CD 5. Refactoring

  12. Setup

  13. Clone the Repository $ git clone https://gitlab.com/dhutty/modern-provisioning_code

  14. Terraform installation Hashicorp provides installation instructions for Terraform. install the binary as terraform-<version> ln -s ~/bin/terraform-<version> ~/bin/terraform alias tf=terraform Install jq

  15. Terratest Install terratest for M in $(cat ../terratest_modules.txt); do go get github.com/gruntwork-io/terratest/modules/${M}; done for P in $(cat ../go_packages.txt); do go get ${P}; done

  16. AWS

  17. Install CLI tooling $ virtualenv -p python3 --no-site-packages venv $ source venv/bin/activate $ pip install awscli

  18. AWS provider for Terraform Terraform ships a provider for AWS, all you need is to con�gure: provider "aws" { region = "us-east-1" # the only required argument version = "~> 1.36" }

  19. terraform init $ cd tf $ terraform init Initializing provider plugins... Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.

  20. AWS account Create a API key to interact with AWS itself

  21. Environment variables $ export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE $ export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY $ export AWS_DEFAULT_REGION=us-east-1

  22. Con�guration �les ~/.aws/config ~/.aws/credentials

  23. Proof aws --output table ec2 describe-regions ---------------------------------------------------------- | DescribeRegions | +--------------------------------------------------------+ || Regions || |+-----------------------------------+------------------+| || Endpoint | RegionName || |+-----------------------------------+------------------+| || ec2.ap-south-1.amazonaws.com | ap-south-1 || || ec2.eu-west-3.amazonaws.com | eu-west-3 || || ec2.eu-west-2.amazonaws.com | eu-west-2 || || ec2.eu-west-1.amazonaws.com | eu-west-1 || || ec2.ap-northeast-2.amazonaws.com | ap-northeast-2 || || ec2.ap-northeast-1.amazonaws.com | ap-northeast-1 || || ec2.sa-east-1.amazonaws.com | sa-east-1 || || ec2 ca-central-1 amazonaws com | ca-central-1 ||

  24. MVP an instance a security group a key_pair so it can be reached lots of networking-fu that can be ignored if you have a Default VPC

  25. Provider Con�guration

  26. Variables

  27. Outputs

  28. Proof source local.sh.example tf plan ssh ec2-user@${PUBLIC_IP} 'echo $(hostname --fqdn)'

  29. Provisioning

  30. Con�gure with user_data Pass a shell script and it will be run upon launch Proof: curl -v http://<public_ip_of_new_instance>:8080 EC2 Docs on user_data

  31. Con�guring with Ansible resource "null_resource" "install-python" { provisioner "remote-exec" { inline = [ "sudo yum install -y python-virtualenv", ] } connection { type = "ssh" private_key = "${file(var.ssh_private_key_path)}" user = "${var.ssh_user}" host = "${aws_instance.mvp.public_ip}" } } provisioner "local-exec" { command = "ansible-playbook -vD -i ansible/hosts playbook.yml" }

  32. Templated output for Ansible Inventory

  33. Proof curl -v http://$(awk -F'=' '/ansible_host/ {print $2}' ansible/hosts):8080 curl -v http://$(awk -F'=' '/ansible_host/ {print $2}' ansible/hosts):8081 ansible -i ansible/hosts -m shell -a 'hostname --fqdn && uptime' all ansible-playbook -vD -i ansible/hosts playbook.yml

  34. Terratest Go testing: write �les *_test.go , run go test

  35. Containers

  36. Containerize pythonhttp

  37. Containerize Jenkins

  38. CI/CD

  39. Refactoring

  40. Terraform Modules Modules are encapsulated Terraform con�guration that are used to: better organize TF code make TF code more easily resuable https://www.terraform.io/docs/modules/create.html#standard-module-structure

  41. Terraform State

  42. The End

  43. Repositories http://gitlab.com/dhutty/modern-provisioning_code http://gitlab.com/dhutty/pythonhttp

  44. Extras https://registry.terraform.io/ https://github.com/segmentio/terraform-docs

  45. Further Work Port to OCI, Azure, GCP Add support for other infrastructure resource types, including non-IaaS

  46. Colophon This repository contains both the class (presentation) and the demonstration code.

  47. The Presentation written in asciidoc uses asciidoctor and revealjs for slideshow functionality needs nodejs/npm to run a local server for speaker notes.

  48. Software Setup Install asciidoctor-revealjs . I used rvm and: $ rm -f Gemfile.lock bundle config --local github.https true bundle --path=.bundle/gems --binstubs=.bundle/.bin Clone this repository. From the root of this repo, clone revealjs repository with: git clone https://github.com/hakimel/reveal.js.git Point revealjs app at this presentation with: ln -sf ../index.html index.html Install all the node-fu and start the webserver with: npm install && npm start -- --port=5000

  49. Usage From the top repo, generate the presentation with: $ bundle exec asciidoctor-revealjs -a revealjsdir=. presentation/index.adoc Visit http://localhost:5000 Exporting Slides to PDF $ docker run --rm -v `pwd`:/home/user astefanutti/decktape /home/user/index.html /home/user/slides.pdf

Recommend

The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to

The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to

The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to automate NSX to provide virtualized networking and security services using both ESXi and KVM based hypervisor hosts as well as container networking and

1.68k views • 150 slides
Falconieri: Remote Provisioning Service as a Service A new, modern, open source and cloud native

Falconieri: Remote Provisioning Service as a Service A new, modern, open source and cloud native

Falconieri: Remote Provisioning Service as a Service A new, modern, open source and cloud native remote provisioning service gateway. Matteo Valentini @_Amygos Intro: Remote Provisioning Service Theory Intro: What is it a Remote

476 views • 29 slides
Migrating HealthCare.gov to Terraform: Lessons Learned Christian Monaghan @monaghan_a_gram

Migrating HealthCare.gov to Terraform: Lessons Learned Christian Monaghan @monaghan_a_gram

Migrating HealthCare.gov to Terraform: Lessons Learned Christian Monaghan @monaghan_a_gram Cofounder, Nava PBC What is Terraform? A tool for building , changing , and versioning infrastructure Manage cloud providers Infrastructure as Code

958 views • 56 slides
Day 7 Economic-based Cloud Resource Provisioning Introduction The performance of a

Day 7 Economic-based Cloud Resource Provisioning Introduction The performance of a

2/6/2018 Day 7 Economic-based Cloud Resource Provisioning Introduction The performance of a distributed system often depends on the maximum load of any of the machines. Modern datacenters employ server virtualization and consolidation

388 views • 15 slides
Brookfield and TerraForm Power: New Sponsor Transaction March 7, 2017 Risk Factors &amp;

Brookfield and TerraForm Power: New Sponsor Transaction March 7, 2017 Risk Factors &amp;

Brookfield and TerraForm Power: New Sponsor Transaction March 7, 2017 Risk Factors &amp; Additional Information This presentation provides certain information relating to a new sponsor transaction between TerraForm Power, Inc. (TerraForm

160 views • 14 slides
Resource provisioning requirements are very diverse Existing resource provisioning solutions

Resource provisioning requirements are very diverse Existing resource provisioning solutions

Resource provisioning requirements are very diverse Existing resource provisioning solutions tend to be specialized for specific scenarios. There is no resource provisioning model that supports all of these usage scenarios simultaneously

397 views • 14 slides
The QoE Provisioning-Delivery- g y -- Hysteresis and its Importance for Service Provisioning

The QoE Provisioning-Delivery- g y -- Hysteresis and its Importance for Service Provisioning

NGI 2011 The QoE Provisioning-Delivery- g y -- Hysteresis and its Importance for Service Provisioning in the F t Future Internet I t t Tobias Hofeld, Markus Fiedler and Thomas Zinner Hysteresis Hysteresis Hysteresis refers to

251 views • 10 slides
Terraform Earth Secure Infrastructure for Developers Chase Evans Timeline 1. Where we were

Terraform Earth Secure Infrastructure for Developers Chase Evans Timeline 1. Where we were

Terraform Earth Secure Infrastructure for Developers Chase Evans Timeline 1. Where we were before May 2. Where we are today 3. Where we are going Timeline 1. Where we were before May GeoEngineer Builds Terraform state files by

754 views • 57 slides
TERENA TERENA End-to-End (E2E) Provisioning Workshop End to End (E2E) Provisioning Workshop

TERENA TERENA End-to-End (E2E) Provisioning Workshop End to End (E2E) Provisioning Workshop

GLIF Tech Winter meeting Hong-Kong, China 24 February, 2011 Peter Szegedi, PDO szegedi@terena.org www terena org www.terena.org TERENA TERENA End-to-End (E2E) Provisioning Workshop End to End (E2E) Provisioning Workshop series About

587 views • 25 slides
AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology

AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology

AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology Services Yoon Lee, Technology Services Topics AWS Authentication AWS Authorization About Roles &amp; Policies Best practices Terraform

1.92k views • 33 slides
Terraform Colonise the cloud! Stefan Magnus Landr, BEKK Consulting AS ApacheCon North America

Terraform Colonise the cloud! Stefan Magnus Landr, BEKK Consulting AS ApacheCon North America

Terraform Colonise the cloud! Stefan Magnus Landr, BEKK Consulting AS ApacheCon North America 2017 - 17. May 2017 1 Terraform Commandline tool (go) (OS X, Windows, Linux, ) Developed by Hashicorp (Vagrant, Packer, Consul, Nomad)

1.07k views • 17 slides
Provisioning Hardware for Cluster Applications 2 Friday, February 17, 12 Provisioning Hardware

Provisioning Hardware for Cluster Applications 2 Friday, February 17, 12 Provisioning Hardware

scc : Cluster Storage Provisioning Informed by Application Characteristics and SLAs Harsha V. Madhyastha*, John C. McCullough , George Porter, Rishi Kapoor, Stefan Savage, Alex C. Snoeren, and Amin Vahdat UC Riverside* and UC San Diego Bourns

1.26k views • 96 slides
Vault Provider The Vault provider allows Terraform to read from, write to, and congure

Vault Provider The Vault provider allows Terraform to read from, write to, and congure

Vault Provider The Vault provider allows Terraform to read from, write to, and congure Hashicorp Vault (https://vaultproject.io/). Important Interacting with Vault from Terraform causes any secrets that you read and write to be persisted in both

1.82k views • 159 slides
MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise

MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise

MODERN 1 MODERN 2 MODERN 3 MODERN 4 MODERN A peep at some distant orb has power to raise and purify our thoughts like a strain picture, or a passage from the grander poets. It always does one good. 5 MODERN 6 MODERN 7 MODERN 8

524 views • 24 slides
Black Hat Europe 2009 Hijacking Mobile Data Connections 1 Mobile Security Lab Provisioning

Black Hat Europe 2009 Hijacking Mobile Data Connections 1 Mobile Security Lab Provisioning

Black Hat Europe 2009 Hijacking Mobile Data Connections 1 Mobile Security Lab Provisioning &amp; WAP primer Forging Messages Demo: Remote provisioning Provisioning: Process and Issues Attack scenario and exploiting Final

713 views • 59 slides
Deployment automation for an AWS Serverless project: SAM vs CloudFormation vs Terraform vs

Deployment automation for an AWS Serverless project: SAM vs CloudFormation vs Terraform vs

Deployment automation for an AWS Serverless project: SAM vs CloudFormation vs Terraform vs ServerlessFramework Bruno Amaro Almeida | 9 Sept 2019 @bruno_amaro Community Day 2019 Sponsors FUTURE. CO-CREATED. Nordic Roots, Global Mindset

238 views • 23 slides
How to Automated testing for: terraform test docker packer infrastructure

How to Automated testing for: terraform test docker packer infrastructure

How to Automated testing for: terraform test docker packer infrastructure kubernetes and more code Passed: 5. Failed: 0. Skipped: 0. Test run successful. The DevOps world is full of Fear Fear of outages Fear of security

2.33k views • 200 slides
IAC WITH TERRAFORM Based in Toronto, Canada Goal: Build software that dramatically reduces

IAC WITH TERRAFORM Based in Toronto, Canada Goal: Build software that dramatically reduces

ARTURO PIE @arturo_pie IAC WITH TERRAFORM Based in Toronto, Canada Goal: Build software that dramatically reduces waste in the global supply chain We serve Kelloggs, P&amp;G, DHL, LOreal and others Software Craftsmanship

621 views • 38 slides
StatusCake Provider The StatusCake provider allows Terraform to create and congure tests in

StatusCake Provider The StatusCake provider allows Terraform to create and congure tests in

StatusCake Provider The StatusCake provider allows Terraform to create and congure tests in StatusCake (https://www.statuscake.com/). StatusCake is a tool that helps to monitor the uptime of your service via a network of monitoring centers

466 views • 3 slides
End-to-End Provisioning Workshop - Establishing Lightpaths - Scope and Objectives NRENs Local

End-to-End Provisioning Workshop - Establishing Lightpaths - Scope and Objectives NRENs Local

E2E Provisioning Workshop Amsterdam, The Netherlands 1-2 December, 2008 Peter Szegedi Project Development Officer szegedi@terena.org www.terena.org End-to-End Provisioning Workshop - Establishing Lightpaths - Scope and Objectives NRENs

94 views • 6 slides
E2E Provisioning Workshop Dr. Jan Gruntord CEO CESNET, Czech Republic, Member of GN3 Executive

E2E Provisioning Workshop Dr. Jan Gruntord CEO CESNET, Czech Republic, Member of GN3 Executive

E2E Provisioning Workshop Dr. Jan Gruntord CEO CESNET, Czech Republic, Member of GN3 Executive Committee jan.gruntorad@cesnet.cz E2E Provisioning Workshop Prague, November 29 - 30, 2010 Presentation Overview 1. CESNET Basic Data 2.

648 views • 15 slides
UltraDNS Provider This provider is unmaintained , read more details in the README

UltraDNS Provider This provider is unmaintained , read more details in the README

UltraDNS Provider This provider is unmaintained , read more details in the README (https://github.com/terraform-providers/terraform- provider-ultradns/blob/master/README.md). The UltraDNS provider is used to interact with the resources supported

429 views • 12 slides
Day 4 Cloud Resource Provisioning Plans Agenda for Today Cloud service providers offer cloud

Day 4 Cloud Resource Provisioning Plans Agenda for Today Cloud service providers offer cloud

Day 4 Cloud Resource Provisioning Plans Agenda for Today Cloud service providers offer cloud consumers a variety of service provisioning plans for computing resources. Today, we will look at these service provisioning plans that include

596 views • 34 slides
Orchestra)ng Containers with Consul and Terraform Mitchell Hashimoto @mitchellh

Orchestra)ng Containers with Consul and Terraform Mitchell Hashimoto @mitchellh

Orchestra)ng Containers with Consul and Terraform Mitchell Hashimoto @mitchellh ORCHESTRATION? Why is it needed? What is it? ORCHESTRATION Do some set of ac)ons, to a set of things, in a

1.47k views • 70 slides

More recommend