Infrastructure as Code: Project Bicep und Terraform im direkten Vergleich

Transcript

1. Project Bicep vs Terraform Thorsten Hans @ThorstenHans Consultant

2. Cloud-Native Consultant @ Thinktecture #Azure #Kubernetes #Cloud-Native #Infrastructure-as-Code [email protected] thinktecture.com

   thorsten-hans.com @ThorstenHans Thorsten Hans

3. Project Bicep vs Terraform • Introduction • Comparing Bicep and

   Terraform • Capabilities and differences • Developer Tooling • Language / Syntax • Comparing a sample architecture • Conclusion Talking Points

4. Introduction • Management of Infrastructure (services, servers, virtual networks,…) using

   source code • Address the problem of configuration drift • Infrastructure becomes reproducible and version controlled • Dev(Ops) teams can collaborate on infrastructural changes usign established / familiar tools like GitHub or Azure DevOps Infrastructure as Code

5. Introduction • Individual devs can spin up production-like environments in

   no time • Infrastructure knowledge will be shared across Dev(Ops) teams • Organizations can automate infrastructure provisioning • Dev(Ops) teams can rollback in the case of misconfiguration Infrastructure as Code P

6. Introduction • Infrastructure as Code toolset • Cloud-vendor agnostic (single

   language to manage Azure, AWS, GCP, Hetzner Cloud, …) • Open-source (additional paid offerings available, but not mandatory) • Fullfledged Infrastructure as Code lifecycle Terraform in a nutshell Write Plan Validate Apply Consume

7. Introduction • Domain Specific Language (DSL) for deploying Azure resources

   • Built for Azure – However, extension points are baked in for future integrations • Open-Source • Bicep compiles down to Azure Resource Manager (ARM) templates Project Bicep in a nutshell Write Plan with az Validate with az Apply with az Consume

8. Project Bicep vs Terraform • Introduction • Comparing Bicep and

   Terraform • Capabilities and differences • Developer Tooling • Language / Syntax • Comparing a sample architecture • Conclusion Talking Points

9. Comparing Bicep and Terraform • Bicep and Terraform serve one

   purpose • Provision and mutate cloud infrastructures using code • Both can preview infrastructure modifications before mutating the cloud environment • Both use declarative approach • You describe the desired state Capabilities and differences

10. Comparing Bicep and Terraform With both, we can • read

    existing information (Services that your actual infrastructure depends on) • build re-usable components • automate infrastructure deployment and mutation in the context of Azure Capabilities and differences

11. Comparing Bicep and Terraform So if both tools exist to

    address the needs of Infrastructure as Code (IaC), where is the difference and which should I choose? Capabilities and differences

12. Project Bicep • Communicates directly with Azure ARM APIs •

    Projects have a scope (Resource Group, Subscription. Management Group, or Tenant) • The CLI is just repsonsible for source code specific stuff (decompile, publish, build) • Actual deployment is done using existing tools (Azure CLI, Azure PowerShell modules, or Azure Portal) • There are two deployment modes Complete or Incremental (incremental by default) Capabilities and differences

13. Terraform • It can provision all necessary infrastructure components (also

    in multi- and hybrid-cloud scenarios) by using so called providers • The AzureRM provider is an abstraction of Azure’s ARM API • The CLI addresses all needs (deployment, mutation, formatting, validating, removal, …) • Tracks infrastructure state using a “state file” that must be accessible from within CI • Terraform workspaces allow per environment modifications and are tracked independantly Capabilities and differences

14. Comparing Bicep and Terraform • Visual Studio Code has best

    experience for Terraform and Bicep • For both choices, first class extensions are available • Vast amount of community extensions for Terraform Developer Tooling

15. Developer Tooling - Visual Studio Code Extensions for - Terraform

    - Project Bicep Demo

16. Comparing Bicep and Terraform Both languages are • declarative •

    easy to read and learn • equipped with functions and expressions and fundamental control flow capabilities Language / Syntax

17. Project Bicep vs Terraform • Introduction • Comparing Bicep and

    Terraform • Capabilities and differences • Developer Tooling • Language / Syntax • Comparing a sample architecture • Conclusion Talking Points

18. Comparing a sample architecture - Comparing a sample architecture that

    consists of three commonly used services in Azure - Azure Key Vault - Azure SQL Database - Azure App Service Demo

19. Project Bicep vs Terraform • Introduction • Comparing Bicep and

    Terraform • Capabilities and differences • Developer Tooling • Language / Syntax • Comparing a sample architecture • Conclusion Talking Points P

20. Should I pick Terraform or Project Bicep • Terraform addresses

    multi- and hybrid cloud scenarios • IMO Terraform is a bit more compact than Project Bicep • Anyways you will find yourself writing a lot of code when doing IaC • Terraform addresses all the needs using a single CLI Conclusion

21. Should I pick Terraform or Project Bicep • Are you

    working only with Azure -> use Project Bicep • Project Bicep is an Azure 1st class citizen • If a service or changes are released in preview, you can use them from day 1 • Project Bicep developer tooling is superior Conclusion

22. Q&A If you have further questions: shoot me a mail

    at [email protected] / [email protected] or tweet at @ThorstenHans