Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Taming Terraform Workflow Using Terraform Modules and Github

Anubhav Mishra
August 03, 2017
Technology
2
1.6k

Taming Terraform Workflow Using Terraform Modules and Github

Abstract

Today’s cloud infrastructure is really complex. What if you could truly make this infrastructure a black box?
What if you could mutate this infrastructure safely and easily? See how to use Terraform efficiently across
hundreds of developers while leveraging a simple Github workflow and Terraform modules.

Additional info

Hootsuite was one of the early adopters of Terraform and faced some challenges early on with Terraform workflow.
* This session will cover how Hootsuite uses Terraform modules and leverages them to bridge the gap between devs and
operations.
* We will discuss how we came up with our own state management system that helps us safely mutate the state of our
infrastructure from one state to the other. How you can organize your Terraform states across multiple tiers of your
infrastructure. We will also talk about our own HTTP remote state store on top of S3 that enables us to edit states
and rollback.
* Most importantly, we came up with our own Terraform workflow that uses github pull requests to do approvals and
state locking so we don’t corrupt Terraform states for our infrastructure.

Proposal: https://github.com/cfgmgmtcamp/2017-pdx-cfp/blob/master/presentations/taming-terraform-workflow.md

Anubhav Mishra

August 03, 2017
Tweet

More Decks by Anubhav Mishra

See All by Anubhav Mishra
Service Mesh - Beyond the Hype (Distributed Systems Meetup)
anubhavmishra
0
34
Collaborative Application and Infrastructure workflow using GitHub Actions and HashiCorp Terraform
anubhavmishra
1
770
Service Mesh - Beyond the Hype
anubhavmishra
1
160
Taming Infrastructure Workflow at Scale (RootConf Hyderabad)
anubhavmishra
0
1.1k
HCL: A human-friendly language for developers and operators
anubhavmishra
0
1.6k
Intro: Virtual Kubelet
anubhavmishra
0
1.5k
Introduction into Virtual Kubelet
anubhavmishra
1
89
Scheduling Applications at Scale with Nomad
anubhavmishra
0
1.3k
Building a Serverless Continuous Integration and Delivery Pipeline
anubhavmishra
5
7.1k

Other Decks in Technology

See All in Technology
TrivyでAWSセキュリティをシフトレフトしよう
bitkey
PRO
1
540
Semantic KernelでGPTと外部ツールを連携する
takashi1029
1
830
点群SegmentationのためのTransformerサーベイ
takmin
1
500
ChatGPTをどう使うか?(JJUGナイトセミナー5/23)
shin_higuchi
0
510
AI in Action
charmichokshi
0
170
とあるQAエンジニアが、マイクロサービスの開発チームと、出会ったーー / Scrum Fest Niigata 2023
yoyakoba
0
130
時系列データをChatGPTで読み解いてみる【IoT-Tech Meetup】
soracom
PRO
0
510
これから始める継続的インテグレーション - GitHub Actions編
devops_vtj
0
150
1人目QA奮闘記-2023年ver-/QA Engineer's Struggle 2023
mii3king
1
250
個人データの利用に対する許容度に関する社会調査
hiroshinakagawa
0
140
新リリース:microCMSテンプレート
microcms
1
500
Антихрупкость в IT или как полюбить изменения
alexanderbyndyu
0
230

Featured

See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
0
1.4k
Streamline your AJAX requests with AmplifyJS and jQuery
dougneiner
130
8.9k
Statistics for Hackers
jakevdp
787
210k
Pencils Down: Stop Designing & Start Developing
hursman
115
10k
Making the Leap to Tech Lead
cromwellryan
118
7.8k
Why Our Code Smells
bkeepers
PRO
327
55k
Creatively Recalculating Your Daily Design Routine
revolveconf
207
11k
Clear Off the Table
cherdarchuk
81
300k
Imperfection Machines: The Place of Print at Facebook
scottboms
255
12k
From Idea to $5000 a Month in 5 Months
shpigford
374
45k
A Philosophy of Restraint
colly
195
15k
Art, The Web, and Tiny UX
lynnandtonic
285
18k

Transcript

  1. Senior Developer - Production Operations and Delivery
    @anubhavm
    Taming Terraform
    Workflow
    Anubhav Mishra
    Using Terraform Modules and Github

    View Slide

  2. Anubhav Mishra
    @anubhavm

    View Slide

  3. View Slide

  4. View Slide

  5. Talk
    ● Terraform at Hootsuite
    ● Use of Terraform Modules (Dev <--> Ops)
    ● Atlantis - Hootsuite’s Terraform Workflow
    ● Live Demo

    View Slide

  6. Terraform at Hootsuite

    View Slide

  7. Numbers
    ● 100+ developers
    ● 20+ microservices
    ● 2 cluster schedulers
    ● 1000+ servers
    ● 1000s of AWS resources

    View Slide

  8. Timeline
    ● Mid 2015 - First Terraform Repo (v1)
    ● Starting 2016 - Terraform (v2)
    ● End of 2016 - Terraform “Advanced” Workflow

    View Slide

  9. Before Terraform

    View Slide

  10. View Slide

  11. View Slide

  12. View Slide

  13. What is Terraform?
    ● Terraform allows you to manage, build and visualize
    your infrastructure as code

    View Slide

  14. View Slide

  15. View Slide

  16. View Slide

  17. First Attempt

    View Slide

  18. First Attempt

    View Slide

  19. First Attempt

    View Slide

  20. First Attempt
    staging != production

    View Slide

  21. Terraform State

    View Slide

  22. First Attempt

    View Slide

  23. View Slide

  24. Problems with our first attempt
    ● Environment drift
    ● One massive state for every environment
    ● Hard to collaborate on infrastructure

    View Slide

  25. Problems with our first attempt
    ● Environment drift
    ● One massive state for every environment
    ● Hard to collaborate on infrastructure

    View Slide

  26. Terraform Version 2 (Second Attempt)

    View Slide

  27. Terraform Version 2 (Second Attempt)

    View Slide

  28. Terraform Version 2 (Second Attempt)

    View Slide

  29. Problems with our first attempt
    ● Environment drift
    ● One massive state for every environment
    ● Hard to collaborate on infrastructure

    View Slide

  30. Problems with our first attempt
    ● Environment drift
    ● One massive state for every environment
    ● Hard to collaborate on infrastructure

    View Slide

  31. Terraform Version 2 (Second Attempt)
    terraform.tfstate
    {
    "version": 3,
    "terraform_version": "0.8.8",
    "serial": 175,
    "lineage":
    "2cb11085-2e4e-40ff-bf81-e4ddf8bc8d5d",
    "modules": [
    {
    "path": [
    "root"
    ],
    "outputs": {},
    "resources": {
    ....

    View Slide

  32. Terraform Version 2 (Second Attempt)
    terraform.tfstate
    {
    "version": 3,
    "terraform_version": "0.8.8",
    "serial": 175,
    "lineage":
    "2cb11085-2e4e-40ff-bf81-e4ddf8bc8d5d",
    "modules": [
    {
    "path": [
    "root"
    ],
    "outputs": {},
    "resources": {
    ....

    View Slide

  33. Terraform Version 2 (Second Attempt)
    terraform.tfstate

    View Slide

  34. Terraform Version 2 (Second Attempt)

    View Slide

  35. Terraform Version 2 (Second Attempt)

    View Slide

  36. Terraform Version 2 (Second Attempt)

    View Slide

  37. View Slide

  38. terraform.tfstate
    {
    "version": 3,
    "terraform_version": "0.8.8",
    "serial": 1,
    "lineage": "9e42c0ac-9e73-4910-8859-504934f2b499",
    "backend": {
    "type": "s3",
    "config": {
    "bucket": "terraform",
    "key": "foo-bar",
    "region": "us-east-1"
    },
    ....
    "outputs": {},
    "resources": {
    "null_resource.hello": {
    "type": "null_resource",
    "depends_on": [],
    "primary": {
    "id": "792399369485920658",
    "attributes": {
    "id": "792399369485920658"
    },
    "meta": {},
    ....

    View Slide

  39. stash

    View Slide

  40. View Slide

  41. View Slide

  42. View Slide

  43. Problems with our first attempt
    ● Environment drift
    ● One massive state for every environment
    ● Hard to collaborate on infrastructure

    View Slide

  44. Problems with our first attempt
    ● Environment drift
    ● One massive state for every environment
    ● Hard to collaborate on infrastructure

    View Slide

  45. View Slide

  46. View Slide

  47. View Slide

  48. module.server
    Let me make a
    generic server
    module
    I need 2 servers.
    Now!
    Terraform Version 2 (Second Attempt)

    View Slide

  49. View Slide

  50. Terraform Version 2 (Second Attempt)

    View Slide

  51. Terraform Version 2 (Second Attempt)

    View Slide

  52. Inputs Output

    View Slide

  53. Terraform Version 2 (Second Attempt)

    View Slide

  54. Terraform Version 2 (Second Attempt)

    View Slide

  55. Terraform Version 2 (Second Attempt)

    View Slide

  56. Terraform Version 2 (Second Attempt)

    View Slide

  57. Terraform Version 2 (Second Attempt)
    139 Repositories

    View Slide

  58. ● Multi Environment Terraform Projects
    ● Isolated Terraform States for Services
    ○ Smaller Failure Domain
    ○ Rapid Iteration on Infrastructure
    ● Use of Terraform Modules
    ○ Environment Parity
    ○ Increased Collaboration Between Ops and Dev

    View Slide

  59. Are we all done?

    View Slide

  60. View Slide

  61. View Slide

  62. View Slide

  63. How do we continue to move
    fast while we add people?

    View Slide

  64. View Slide

  65. atlantis
    A unified workflow for collaborating on Terraform through GitHub.
    https://github.com/hootsuite/atlantis

    View Slide

  66. Demo

    View Slide

  67. ● atlantis - https://github.com/hootsuite/atlantis
    ● cfgmgmtcamp-atlantis-demo -
    https://github.com/anubhavmishra/cfgmgmtcamp-atlantis-demo
    Links

    View Slide

  68. Thank You!
    Senior Developer - Production Operations and Delivery
    @anubhavm
    Anubhav Mishra

    View Slide