Scaling Honestbee 4. Adoption of Terraform at Honestbee 5. Reproduce Environments using Workspaces 6. Empower engineers using Modules 7. Adopt Git-Ops with Atlantis
responsibilities among teams Why? - Provide off-the-shelf functionality for Engineers - Enforce best practices and conventions for cloud infrastructure
- Checking for available provider plugins on https://releases.hashicorp.com... - Downloading plugin for provider "aws" (1.2.0)... - Downloading plugin for provider "null" (1.0.0)... ... Terminal
Get started using shared modules fast (fetch directly from git) Cons: - workflow becomes slow (full mono-repo is cloned per module import) - versioning requires the use of tags and careful release management
Pros: - Modules are fetched much faster and take up less space Cons: - Requires proper CI/CD set up (linting / builds / file hosting) - Requires private network & VPN set up …
single purpose modules Note: HCL Conditionals are a HACK! this module provisions: - postgres instance - s3 bucket - iam policy - dns entries - ... postgres instance s3 bucket iam policy simple dns
engineers to run terraform directly from pull requests Why? - Better collaboration and visibility - Review and Approval Workflow - Engineers don't need full AWS Access
across apse1a and apse1b AZs - Route53 HealthChecks for automated failover on AZ failure https://github.com/honestbee/devops-singapore-example/pull/4/files
by Kubernetes Long term: migrate towards control loops and declarative resource manifests: See https://kubernetes.io/docs/concepts/service-catalog/ Terraform will always remain as a way to define our core cloud infrastructure.