Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build Your Cloud Infrastructure as Code With .Net Core - NDC Porto 2020

Build Your Cloud Infrastructure as Code With .Net Core - NDC Porto 2020

Hossam Barakat

April 19, 2020
Tweet

More Decks by Hossam Barakat

Other Decks in Programming

Transcript

  1. Build Your Cloud Infrastructure as Code With .Net Core Hossam

    Barakat Technical Lead at Willow @hossambarakat_ | www.hossambarakat.net
  2. @hossambarakat_ • Intro to Infrastructure as code • Your First

    Pulumi Program • Pulumi Fundamentals • Serverless Application • Continuous Delivery • Testing Agenda
  3. @hossambarakat_ Data Centers

  4. @hossambarakat_ Rise of Cloud Computing

  5. @hossambarakat_ How to provision cloud resources?

  6. @hossambarakat_ Manual AKA Point and Click

  7. @hossambarakat_ Manual AKA Point and Click

  8. @hossambarakat_ Snowflake Servers

  9. @hossambarakat_ Infrastructure as Code

  10. @hossambarakat_ • Managing and provisioning cloud resources using code. Infrastructure

    as Code
  11. @hossambarakat_ Imperative: CLI commands and scripts

  12. @hossambarakat_ Idempotency and error handling

  13. @hossambarakat_ Declarative Infrastructure as Code

  14. @hossambarakat_ Tool Declarative Infrastructure as Code Desired State Actual Resources

  15. @hossambarakat_ • Azure Resource Manager • AWS CloudFormation • Google

    Deployment Manager • Terraform • … Declarative Infrastructure as Code tools
  16. @hossambarakat_ • YAML, domain specific languages (DSLs),… Infrastructure as Code

    tools
  17. @hossambarakat_ https://noyaml.com/

  18. @hossambarakat_

  19. @hossambarakat_ Enter Pulumi

  20. @hossambarakat_ • Pulumi is an open source infrastructure as code

    tool the lets you use real languages – C#, TypeScript, Go,… – to provision and manage cloud resources. What is Pulumi?
  21. @hossambarakat_ • Control flow with loops and if conditions •

    Abstraction with functions, classes, packages,… • Code sharing with package management (Nuget, npm,…) • Authoring with favourite IDEs, refactoring, code completion, static type checking • Testing with existing frameworks and tools Benefits
  22. @hossambarakat_

  23. @hossambarakat_ Terraform vs Pulumi var resourceGroup = new ResourceGroup("pulumi-resources", new

    ResourceGroupArgs { Location = "West Europe" }); ); var environments = new string[]{"dev", "uat", "prod"}; foreach (var environment in environments) { var storageAccount = new Account($"storage{environment}", new AccountArgs { Name = $"iacpulumi{environment}", ResourceGroupName = resourceGroup.Name, Location = resourceGroup.Location, AccountReplicationType = "LRS", AccountTier = "Standard", }); } resource "azurerm_resource_group" "rg" { name = "terraform-resources" location = "West Europe" } variable "environments" { description = "storage account regions" type = list(string) default = ["dev", "uat", "prod"] } resource "azurerm_storage_account" "sa" { name = "iacpulumi${var.environments[count.index]}" resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location account_tier = "Standard" account_replication_type = "LRS" count = length(var.environments) }
  24. @hossambarakat_ Pulumi Fundamentals

  25. @hossambarakat_ Projects & Stacks web-app (Pulumi.yaml) Project $ pulumi new

    Stacks $ pulumi stack init stackName Pulumi.<stack-name>.yaml Pulumi.yaml
  26. @hossambarakat_ Configurations $ pulumi config set dbPassword S3cr37 config: serverless-app:dbPassword:

    S3cr37 Pulumi.<stack-name>.yaml var config = new Pulumi.Config(); var password = config.Require("dbPassword"); Pulumi.cs
  27. @hossambarakat_ Secrets $ pulumi config set --secret dbPassword S3cr37 var

    config = new Pulumi.Config(); var password = config.Require("dbPassword"); Pulumi.cs Pulumi.<stack-name>.yaml config: serverless-app:dbPassword: secure: AAABAELDrCQE+rQbzTxN43iAD6iGDXTYQ90AzpILkfEY3uwtc+g=
  28. @hossambarakat_ But that would be imperative and not declarative?

  29. @hossambarakat_ How Pulumi Works State CLI and Engine AWS Azure

    Kubernetes Providers Code Plan Apply new Resource()
  30. @hossambarakat_ Application architecture on Azure

  31. @hossambarakat_ Cosmos DB Resources Cosmos Account Sql Database Container

  32. @hossambarakat_ Function App Resources Storage account App Service Plan Function

    App Container Blob
  33. @hossambarakat_

  34. @hossambarakat_ Architecture as {Code} https://aws.amazon.com/blogs/containers/containers-and-infrastructure-as-code-like-peanut-butter-and-jelly/ Static website Function App Cosmos

    DB
  35. @hossambarakat_ Continuous Deployment Infrastructure as Code Manual Review

  36. @hossambarakat_ Testing Unit Testing Integration Testing

  37. @hossambarakat_ Unit Testing [Fact] public async Task AllResourceGroups_Should_Have_ProductName_Tag() { var

    resources = await TestAsync<MyStack>(); var resourceGroups = resources.OfType<Pulumi.Azure.Core.ResourceGroup>(); resourceGroups.ShouldAllBe(rg =>rg.Tags.GetValue().ContainsKey("productname")); }
  38. @hossambarakat_ Summary

  39. @hossambarakat_

  40. @hossambarakat_ • https://github.com/hossambarakat/pulumi-demos • http://pulumi.com/docs • https://github.com/pulumi/examples Resources https://bit.ly/pulumi-ndc-porto

  41. @hossambarakat_ Questions?

  42. Thanks Hossam Barakat @hossambarakat_ www.hossambarakat.net