Terraform - Overview

Transcript

1. TERRAFORM Build,  Combine,  and  Launch  Infrastructure

2. SETH VARGO @sethvargo

3. None
4. None

5. MOTIVATION Why  Terraform?

6. How  do  I  provision  resources?          

      compute?              storage?              network?

7. How  do  I  manage  resource  lifecycles?

8. How  do  I  balance  service  providers   providing  core  technology

    for  my   datacenter?

9. How  do  I  enforce  policy  across  all   these  resources?

10. How  do  I  automate  and  share  those   configuraCons?

11. RISING DATACENTER COMPLEXITY

12. RISING DATACENTER COMPLEXITY DC

13. RISING DATACENTER COMPLEXITY DC

14. RISING DATACENTER COMPLEXITY DC VM VM VM VM VM VM

    VM VM VM VM VM VM VM VM VM VM

15. RISING DATACENTER COMPLEXITY DC VM VM VM VM VM VM

    VM VM VM VM VM VM VM VM VM VM C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C C

16. RISING DATACENTER COMPLEXITY DC DNS Database CDN

17. RISING DATACENTER COMPLEXITY DC-01 DC-02

18. RISING DATACENTER COMPLEXITY DC-01 DC-02 VM VM VM VM VM

    VM VM VM C C C C C C C C C C C C C C C C C C C C C C C C

19. RISING DATACENTER COMPLEXITY IaaS,  PaaS,  SaaS

20. RISING DATACENTER COMPLEXITY All logos and trademarks are copyright their

    respective owners

21. WHY? What  was  our  original  goal?

22. EFFECTIVELY  DELIVER AND  MAINTAIN   APPLICATIONS

23. h-ps:/ / d250n10lsq5j8r.cloudfront.n et/assets/atlas/runAme-­‐ develop-­‐icon-­‐color-­‐ ebf4ccf5f2ca3513e495bccb e9320d45.png Consistent Shareable Readily

    Available High production 
 parity h-ps:/ / d250n10lsq5j8r.cloudfront.n et/assets/atlas/runAme-­‐ deploy-­‐icon-­‐ color-­‐1c39f618b3b5ead204 dda4646bb2410e.png Start and configure servers / services Deploy and run application Update servers or applications Reconfigure, feature flag Monitor health Orchestrate complex changes DEVELOP DEPLOY MAINTAIN

24. h-ps:/ / d250n10lsq5j8r.cloudfront.n et/assets/atlas/runAme-­‐ develop-­‐icon-­‐color-­‐ ebf4ccf5f2ca3513e495bccb e9320d45.png h-ps:/ / d250n10lsq5j8r.cloudfront.n

    et/assets/atlas/runAme-­‐ deploy-­‐icon-­‐ color-­‐1c39f618b3b5ead204 dda4646bb2410e.png DEVELOP DEPLOY MAINTAIN

25. TERRAFORM'S  GOAL

26. PROVIDE A SINGLE WORKFLOW

27. WITH A UNIFIED VIEW

28. USING INFRASTRUCTURE AS CODE

29. THAT CAN BE ITERATED AND CHANGED SAFELY

30. CAPABLE OF COMPLEX N-TIER APPLICATIONS

31. DIGITAL OCEAN DROPLET WITH DNS USING DNS SIMPLE resource "digitalocean_droplet"

    "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }

32. DIGITAL OCEAN DROPLET WITH DNS USING DNS SIMPLE resource "digitalocean_droplet"

    "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }

33. DIGITAL OCEAN DROPLET WITH DNS USING DNS SIMPLE resource "digitalocean_droplet"

    "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }

34. DIGITAL OCEAN DROPLET WITH DNS USING DNS SIMPLE resource "digitalocean_droplet"

    "web" { name = "tf-web" size = "512mb" image = "centos-5-8-x32" region = "sfo1" } resource "dnsimple_record" "hello" { domain = "example.com" name = "test" value = "${digitalocean_droplet.web.ipv4_address}" type = "A" }

35. HUMAN-FRIENDLY CONFIG* * JSON-COMPATIBLE FOR NON-HUMANS

36. VCS-FRIENDLY FORMAT

37. ENTIRE INFRASTRUCTURE... IN A SINGLE TEXT FILE

38. TERRAFORM  GRAPH

39. COMPOSE N-TIERS / PROVIDERS

40. TERRAFORM  PROVIDERS

41. SINGLE INTEGRATION POINT

42. EXPOSE ("PROVIDE") A RESOURCE

43. EXPOSE ("PROVIDE") A RESOURCE aws_instance dnssimple_record

44. CRUD API

45. PLUGGABLE FOR INTEGRATIONS

46. C C C C C C VM VM VM IAAS

    (OpenStack, etc) PHYSICAL "LAYER CAKE" PROVIDER PER LAYER UNIFIED CONFIGURATION

47. $ terraform apply

48. All logos and trademarks are copyright their respective owners

49. TERRAFORM  PLAN

50. $ terraform plan + digitalocean_droplet.web backups: "" => "<computed>" image:

    "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>"

51. $ terraform plan + digitalocean_droplet.web backups: "" => "<computed>" image:

    "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>"

52. $ terraform plan + digitalocean_droplet.web backups: "" => "<computed>" image:

    "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>"

53. $ terraform plan + digitalocean_droplet.web backups: "" => "<computed>" image:

    "" => "centos-5-8-x32" ipv4_address: "" => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>"

54. backups: "" => "<computed>" image: "" => "centos-5-8-x32" ipv4_address: ""

    => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>" ttl: "" => "<computed>" type: "" => "A" value: "" => "${digitalocean_droplet.web.ipv4_address}"

55. backups: "" => "<computed>" image: "" => "centos-5-8-x32" ipv4_address: ""

    => "<computed>" ipv4_address_private: "" => "<computed>" name: "" => "tf-web" private_networking: "" => "<computed>" region: "" => "sfo1" size: "" => "512mb" status: "" => "<computed>" + dnsimple_record.hello domain: "" => "example.com" domain_id: "" => "<computed>" hostname: "" => "<computed>" name: "" => "test" priority: "" => "<computed>" ttl: "" => "<computed>" type: "" => "A" value: "" => "${digitalocean_droplet.web.ipv4_address}"

56. SHOWS YOU WHAT WILL HAPPEN

57. EXPLAINS CERTAIN ACTIONS

58. PREVIOUSLY?

59. DEV OPS

60. DEV OPS ^ versus

61. DEVELOPERS OPERATORS Define core infrastructure Security Scalability Deploy applications Production

    parity

62. DEVELOPERS OPERATORS Modify Terraform configs Treat Terraform configs as a

    black box

63. DEVELOPERS OPERATORS Self-server Self-servee

64. C C C C C C VM VM VM IAAS

    (OpenStack, etc) PHYSICAL DECOMPOSE DELEGATE DEPLOY DEV OPS

65. TERRAFORM MODULE module "consul" { source = "github.com/hashicorp/consul/terraform/aws" servers =

    5 version = "0.4.0" }

66. TERRAFORM MODULE module "consul" { source = "github.com/hashicorp/consul/terraform/aws" servers =

    5 version = "0.4.0" } resource "dnsimple_record" "consul" { domain = "example.com" name = "consul" value = "${module.consul.ip_address}" type = "A" }

67. ABSTRACT COMPONENTS

68. HIGHER-LEVEL REASONING

69. RE-USABLE

70. MAINTENANCE DELEGATION

71. SETH VARGO @sethvargo QUESTIONS?