Deploying at Scale with HashiCorp Terraform

Transcript

1. Deploying at Scale with HashiCorp Terraform AWS User Group Las

   Vegas

2. Senior Developer Advocate, Infrastructure & Orchestration he / him @ksatirli

   Kerim Satirli

3. HashiCorp Terraform Deploying at Scale Agenda Next Steps 2 3

   Traditional and Modern IT Infrastructure 1 4

4. 01 Traditional and Modern IT Infrastructure

5. Slow Deployments of hardware and software based around manual processes

   Error-prone Mistakes during deployment executions lead to larger problems Hard to control Complicated processes needed to control complicated processes Traditional IT Infrastructure

6. Fast Deployments of hardware and software based around automated processes

   Secure Deployments are scripted, minimizing errors and enabling validation Scaleable One or all available regions or continents, multiple accounts, multiple clouds. Modern IT Infrastructure

7. IT Infrastructure server with web shop

8. IT Infrastructure without Code server with web shop

9. IT Infrastructure with Code server with web shop

10. 02 HashiCorp Terraform

11. Documented code is readable for both human operators and machines

    alike Versioned code is plain-text and can easily be version- controlled with any VCS Verified code can easily be verified against org-specific deployment rules IT Infrastructure as Code

12. main executable; interface between user, HCL, CLI operations, and providers

    Terraform Translates HCL definitions into API calls and manages service- specific resources Provider Combines IT Infrastructure definitions into (reusable) building blocks Module Terraform Concepts

13. Terraform Landscape

14. ca. 400 Providers built by HashiCorp and HashiCorp Technology partners

    Azure, Splunk, VMware vSphere, etc. ca. 4050 Provider built by the community Pingdom, Sentry, Unifi, etc. Terraform Landscape - Provider

15. ca. 140 Modules built by Technology Partners ca. 17500 Terraform

    Landscape - Modules Modules built by the community

16. Handles Create, Read, Update, Delete operations of a resource Resource

    Handles Read operations of a resource Data Source Manages resource and data source configuration State Terraform Concepts

17. Terraform Code resource "server" "factory" { count = 10 image

    = "rhel-8.1" type = "large" has_public_ip = true region = "eu-west-2" }

18. Terraform Code resource "server" "factory" { count = 10 name

    = "factory-${count.index}" image = var.image type = var.type has_public_ip = true region = "eu-west-2" }

19. Security Lifecycle Management Infrastructure Lifecycle Management HashiCorp Products

20. 03 Deploying at Scale

21. ©2024 HASHICORP How many Regions does AWS support?

22. Multi-Region Deployment data "aws_regions" "main" {}

23. Multi-Region Deployment aws_regions = toset([ "af-south-1", "ap-east-1", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3",

    "ap-south-1", "ap-southeast-1", "ap-southeast-2", "ap-southeast-3", "ca-central-1", "eu-central-1", "eu-north-1", "eu-south-1", "eu-south-2", "eu-west-1", "eu-west-2", "eu-west-3", "me-south-1", "sa-east-1", "us-east-1", Multi-Region Deployment

24. Multi-Regional Workspaces module "regional_aws_workspaces" { for_each = toset(data.aws_regions.main.names) source =

    "ksatirli/regional-workspace/tfe" version = "1.2.0" region = { category = "terraform" identifier = each.key prefix = "aws" variable = "aws_region" } vcs_repo = { identifier = "workloads/regional-aws-deployment" branch = "main" } }

25. Multi-Regional Failures

26. Single-region Service Quotas console.aws.amazon.com/support

27. Multi-Region Deployment # look up Service Code for EC2 instances

    data "aws_servicequotas_service" "ec2" { provider = "aws.us-east-1" service_name = "Amazon Elastic Compute Cloud (Amazon EC2)" } # update Service Quota for M5 EC2 instances resource "aws_servicequotas_service_quota" "ec2" { provider = "aws.us-east-1" # allow up to 100 M5 instances quota_code = "L-8B7BF662" service_code = data.aws_servicequotas_service.ec2.service_code value = 100 }

28. ✉ from AWS Support mail.google.com

29. Multi-Region Deployment app.terraform.io/app/workloads/workspaces

30. ✉ from AWS Support mail.google.com

31. Multi-Region Deployment

32. 04 Next Steps

33. Terraform Tutorials developer.hashicorp.com/terraform

34. Demo Code github.com/workloads/

35. ©2024 HASHICORP

36. Thank you speakerdeck.com/ksatirli