Terraform Operator for Kubernetes

Transcript

1. Copyright © 2020 HashiCorp Terraform Operator for Kubernetes May 13,

   2020 | St. Louis HUG

2. PUBLIC CLOUD STAGING STAGING QUEUE STAGING DEAD LETTER QUEUE PRODUCTION

   PRODUCTION QUEUE PRODUCTION DEAD LETTER QUEUE

3. “I don’t want to learn Terraform.”

4. “Why should you?” Infrastructure should be self-service.

5. Rosemary Wang (She/Her) Developer Advocate at HashiCorp joatmon08.github.io @joatmon08 joatmon08

   linkedin.com/in/rosemarywang/

6. ⁄ Self-Service Infrastructure with Kubernetes

7. Service Catalog PUBLIC CLOUD APPLICATION QUEUE DEAD LETTER QUEUE SERVICE

   BROKER SERVICE CATALOG SERVICE INSTANCE CREATE READ UPDATE DELETE kubernetes.io/docs/concepts/extend-kubernetes/service-catalog/

8. “An Operator extends Kubernetes to automate the management of the

   entire lifecycle of a particular application.” Kubernetes Operators by Jason Dobies & Joshua Wood

9. Operator Pattern ▪ Bullet One ▪ Bullet Two ▪ Bullet

   Three ▪ Bullet Four ▪ Bullet Five ▪ Bullet Six FRONTEND PERSISTENT VOLUME BACKEND OPERATOR MYAPP CUSTOM RESOURCE DAY 1-2 API: V1 KIND: MYAPP SPEC: FRONTEND: REPLICAS: 1 (OR 2) IMAGE: FRONTEND BACKEND: REPLICAS: 1 IMAGE: BACKEND VOLUME_SIZE: 1G DAY 3 SNAPSHOT PERSISTENT VOLUME LIST METADATA FOR SNAPSHOTS kubernetes.io/docs/concepts/extend-kubernetes/operator/

10. PUBLIC CLOUD MYAPP QUEUE DEAD LETTER QUEUE OPERATOR MYAPP CUSTOM

    RESOURCE DAY 1-2 API: V1 KIND: MYAPP-INFRA SPEC: QUEUE: NAME: MYAPP DLQ: NAME: MYAPP-DLQ TYPE: FIFO MESSAGES: 10 DAY 3 ADD MESSAGES TO STAGING QUEUE FOR TESTING UPDATE QUEUES

11. PRIVATE DATACENTER MYAPP LOAD BALANCER DATABASE OPERATOR MYAPP CUSTOM RESOURCE

    DAY 1-2 API: V1 KIND: MYAPP-INFRA SPEC: LB: NAME: MYAPP DATABASE: NAME: MYAPP-DLQ SIZE: 1G TYPE: MYSQL DAY 3 REGISTER NEW INSTANCES OF APP TO LOAD BALANCER DB TEST CORPUS

12. ⁄ Terraform Operator for Kubernetes

13. PUBLIC CLOUD MYAPP OPERATOR MYAPP CUSTOM RESOURCE DAY 1-2 API:

    V1 KIND: MYAPP-INFRA SPEC: MODULE: SOURCE: QUEUES VERSION: 1.0.0 VARIABLES: NAME: MYAPP DAY 3 ENFORCE TAGS FOR QUEUES ADD QUEUE ENCRYPTION TERRAFORM CLOUD REGISTRY “QUEUEAPP-INFRA” MODULE QUEUE DEAD LETTER QUEUE MYAPP-QUEUE MYAPP-DLQ WORKSPACE “MYAPP-INFRA” SENTINEL POLICY PLAN APPLY

14. MYAPP OPERATOR MYAPP CUSTOM RESOURCE DAY 1-2 API: V1 KIND:

    MYAPP-INFRA SPEC: MODULE: SOURCE: QUEUES VERSION: 1.0.0 VARIABLES: NAME: MYAPP DAY 3 TUNE LOAD BALANCER UPDATE DATABASE ROLES TERRAFORM ENTERPRISE REGISTRY “WEBAPP-INFRA” MODULE MYAPP-LB MYAPP-DB WORKSPACE “MYAPP-INFRA” PLAN APPLY SENTINEL POLICY PRIVATE DATACENTER LOAD BALANCER DATABASE

15. Self-Service Configure infrastructure required by application using Kubernetes interface (Should

    I bundle infrastructure code with application?) Common Architecture Use modules to enable common architecture. (How do I build a queue / database?) Security & Compliance Ensure all provisioned infrastructure is secure and compliant. (Is this infrastructure configuration secure and compliant?)

16. OPERATIONS TERRAFORM MODULE NEW MODULE VERSION TERRAFORM WORKSPACE DEVELOPER WORKSPACE

    CUSTOM RESOURCE OPERATOR RUN ID, STATUS VARIABLES, MODULE RUN ID, STATUS WORKSPACE VARIABLES CONFIGURATION UPDATE TO USE NEW MODULE VERSION PLAN APPLY

17. “I don’t want to learn Terraform HCL.”

18. “You can use Kubernetes instead.”

19. Terraform as Platform Choose your interface.

20. Resources ▪ hashicorp.com/blog/creating-workspaces-with- the-hashicorp-terraform-operator-for- kubernetes/ ▪ github.com/hashicorp/terraform-helm ▪ app.terraform.io/signup

21. Thank you! joatmon08.github.io