[Radek Simko] Infrastructure as Code in Google Cloud

Transcript

1. Copyright © 2017 HashiCorp Infrastructure as Code in Google Cloud

   @radeksimko

2. Copyright © 2017 HashiCorp Radek Simko @radeksimko

3. ✋ ✋ ✋

4. s Copyright © 2017 HashiCorp 4 Infrastructure as Code

5. None
6. None
7. None
8. None
9. None

10. Copyright © 2017 HashiCorp ▪ Many different things ▪ Different

    ▪ Level of control ▪ Expected knowledge & skills ▪ Automation capabilities 10 What is Infrastructure then?

11. s Copyright © 2017 HashiCorp 11 Infrastructure as Code

12. None

13. Copyright © 2017 HashiCorp #!/bin/sh 13 Shell Script

14. None
15. None

16. AWS Bitbucket CenturyLink Cloud CloudFlare CloudStack Cobbler Consul Datadog DigitalOcean

    DNSMadeEasy DNSimple Docker Dyn GitHub Fastly Google Heroku Librato Microsoft Azure MySQL OpenStack Packet PostgreSQL SoftLayer UltraDNS VMware vSphere and more...

17. AWS Bitbucket CenturyLink Cloud CloudFlare CloudStack Cobbler Consul Datadog DigitalOcean

    DNSMadeEasy DNSimple Docker Dyn GitHub Fastly Google Heroku Librato Microsoft Azure MySQL OpenStack Packet PostgreSQL SoftLayer UltraDNS VMware vSphere and more...

18. AWS Bitbucket CenturyLink Cloud CloudFlare CloudStack Cobbler Consul Datadog DigitalOcean

    DNSMadeEasy DNSimple Docker Dyn GitHub Fastly Google Heroku Librato Microsoft Azure MySQL OpenStack Packet PostgreSQL SoftLayer UltraDNS VMware vSphere and more...

19. Copyright © 2017 HashiCorp 1.HCL 2.Efficiency 3.Full Lifecycle 4.DEMO !!!

    Outline 19

20. s Copyright © 2017 HashiCorp HashiCorp Config Language 20 1.

    HCL

21. high-level language language for data DSL JSON
 {} YAML
 --

    :

22. Copyright © 2017 HashiCorp ▪ github.com/hashicorp/hcl ▪ Used in various

    HashiCorp projects ▪ Consul ▪ Vault ▪ Nomad ▪ Terraform ▪ JSON compatible ▪ Useful for generated code HCL 22

23. github.com/alphagov/govuk-dns

24. s Copyright © 2017 HashiCorp 24 2. Efficiency

25. Terminal #!/bin/sh aws rds create-instance ... aws ec2 run-instance ...

    aws ec2 run-instance ... aws ec2 run-instance ... aws s3 create-bucket ... aws route53 create-recordset ...

26. Copyright © 2017 HashiCorp resource "aws_s3_bucket" "b" { ... }

    data "aws_ami" "ubuntu" { ... } resource "aws_instance" "web" { count = 3 ... } resource "aws_db_instance" "default" { ... } resource "aws_route53_record" "www" { ... } main.tf 26
27. None

28. Terminal $ terraform graph | dot -Tpng > graph.png $

29. Copyright © 2017 HashiCorp ▪ Build a graph ▪ Transform,

    find cycles ▪ Run operations in parallel 29 Applying Graph Theory

30. 1. 2.

31. https://www.youtube.com/watch?v=Ce3RNfRbdZ0

32. s Copyright © 2017 HashiCorp 32 3. Full Lifecycle

33. Terminal Creating resources #!/bin/sh # Creation aws rds create-instance ...

    aws ec2 run-instance ... aws ec2 run-instance ... aws ec2 run-instance ... aws s3 create-bucket ... aws route53 create-recordset ...

34. Terminal Updating resources #!/bin/sh # Renaming DB instance aws rds

    create-instance … # new one aws rds restore-from-snapshot … aws route53 update-recordset … aws rds destroy-instance … # old one

35. Terminal Updating resources #!/bin/sh # Renaming DB instance aws rds

    create-instance … # new one # wait until state == launched aws rds restore-from-snapshot … # wait until restored aws route53 update-recordset … # wait until DNS in sync aws rds destroy-instance … # old one # wait until instance gone

36. Copyright © 2017 HashiCorp "identifier": { Type: schema.TypeString, Optional: true,

    ForceNew: true, ConflictsWith: []string{"identifier_prefix"}, ValidateFunc: validateRdsIdentifier, }, "username": { …
 "password": { … 36 Resource Schema

37. Copyright © 2017 HashiCorp stateConf := &resource.StateChangeConf{ Pending: []string{"creating", "backing-up",

    "modifying", "resetting-master-credentials", "maintenance", "renaming", "rebooting", "upgrading"}, Target: []string{"available"}, Refresh: refreshFunc(d, meta), Timeout: 40 * time.Minute, MinTimeout: 10 * time.Second, Delay: 30 * time.Second, } 37 Resource Schema

38. Copyright © 2017 HashiCorp ▪ More or less mapped to

    API structures ▪ Allows TF make decisions during the lifecycle ▪ Creation ▪ Updates ▪ Destruction ▪ Allows TF to present accurate plan ahead of applying it ▪ Non-updatable fields 38 Resource Schema

39. Terminal Mutable Field Plan $ terraform plan ~ aws_instance.app tags.%:

    "0" => "1" tags.Name: "" => "HelloWorld" Plan: 0 to add, 1 to change, 0 to destroy.

40. Terminal Immutable Field Plan $ terraform plan -/+ aws_instance.app ami:

    “ami-408c7f28" => "ami-4d795c5a" (forces new resource) ebs_block_device.#: "0" => "<computed>" instance_state: "running" => "<computed>" instance_type: "t1.micro" => "t1.micro" key_name: "" => “<computed>" network_interface_id: "eni-8d666460" => "<computed>" ... Plan: 1 to add, 0 to change, 1 to destroy.

41. Schema + DSL + graph theory allow Terraform to make

    the right decisions during the whole lifecycle

42. s Copyright © 2017 HashiCorp 42 4. Demo! OMG !!!

43. // TODO

44. Thank you. @radeksimko