tfnotify - Show Terraform execution plan beautifully on GitHub

Transcript

1. tfnotify @b4b4r07 (Sep 11, 2018) / HashiCorp Meetup #3
 DevOps

   Λࢧ͑Δࠓ࿩୊ͷ HashiCorp πʔϧ܈ʹ͍ͭͯ Show Terraform execution plan beautifully on GitHub

2. BABAROT / @b4b4r07 Mercari, Inc.
 SRE, Microservices Platform Blog /

   tellme.tokyo

3. 1. mercari/tfnotify 2. Why tfnotify? 3. Implementations Agenda

4. mercari/tfnotify

5. • Go ੡ CLI πʔϧ • Terraform ͷ࣮ߦ݁ՌΛύʔε͠ɺ
 ద੾ͳϑΥʔϚοτʹ͋ͯ͸Ίͯɺ
 ೚ҙͷ௨஌ઌ

   (GitHub ͷίϝϯτ౳)
 ΁௨஌͢Δ tfnotify ͱ͸

6. tfnotify Workflow DSFBUFE UFSSBGPSN
   QMBO
   c
   UGOPUJGZ
   QMBO 1045
   DPN N FOU PVUQVU

7. tfnotify Workflow N FSHFE UFSSBGPSN
   BQQMZ
   c
   UGOPUJGZ
   BQQMZ 1045
   DPN N FOU PVUQVU

8. Example • fmt • plan • apply

9. Example {{.Title}} {{.Message}} {{.Result}} {{.Body}} ࣮ߦग़ྗ͢΂ͯ ࣮ߦ݁ՌͷαϚϦ --messageͰ౉ͤΔ ೚ҙͷλΠτϧ

10. Why tfnotify?

11. ͳͥඞཁͱͳͬͨͷ͔ • ϝϧΧϦͰ͸ Microservices ྖҬͰ Terraform Λར༻͍ͯ͠Δ • Ownership ͷ؍఺͔ΒΠϯϑϥ؅ཧʹ͓͍ͯ΋ϨϏϡʔɾϚʔδ͸

    ֤ Micorservices νʔϜʹΑͬͯ͞ΕΔ΂͖ • ͱ͸͍ͬͯ΋ɺPlatform νʔϜʹϨϏϡʔ͞Ε͍ͨέʔε΋͋Δ

12. ͳͥඞཁͱͳͬͨͷ͔ • Platform νʔϜͱͯ͠΋ɺ֤ Microservices νʔϜͱͯ͠΋ɺ
 Infrastructure as Code ͷॏཁੑΛཧղ͠

    Terraform ͰίʔυԽ͠ɺ ͦͷ࣮ߦܭըΛຖճݟΔ͜ͱΛश׳͚͍ͮͨ • ຖ೔ଟ͘ͷ P-R ͕͋ΔதɺCircle CI ʹݟʹ͍͘खؒΛল͖͍ͨ →ϨϏϡʔͷྲྀΕͰ GitHub ্ͰΫΠοΫʹ֬ೝ͍ͨ͠

13. ϝϧΧϦͰͷ HashiCorp πʔϧ

14. ϝϧΧϦͰͷ HashiCorp πʔϧ • ϝϧΧϦʹ͸ 70 Ҏ্ͷ Microservices ͕͋Δ
 (ࠓ೔ݱࡏɽ૿͑ଓ͚͍ͯΔ)

    • ͢΂ͯͷ Microservices ͱͦͷ Platform ͷ
 Πϯϑϥߏஙʹ͸ Terraform Λར༻͍ͯ͠Δ • Developers ʹ Infrastructure as Code Λ
 ࣮ફͯ͠΋Β͏

15. ϝϧΧϦͰͷ Terraform ར༻ࣄྫ

16. ϝϧΧϦͰͷ Terraform ར༻ࣄྫ

17. ϝϧΧϦͰͷ Terraform ར༻ࣄྫ

18. ϝϧΧϦͰͷ Terraform ར༻ࣄྫ

19. ϝϧΧϦͰͷ Terraform ར༻ࣄྫ • Insights • 110+ Contributors • 8

    ~ 10 Pull Requests / week (5 days) • 140+ state files (70+ Microservices * 2 Env) • ͻͱͭͷதԝϦϙδτϦͰ͢΂ͯͷ Terraform ίʔυΛ؅ཧ͍ͯ͠Δ • CI pipeline ͷߏங͕Ұ౓ͰࡁΉ • Platform νʔϜ͕ϨϏϡʔʹೖΓ΍͍͢

20. ϦϙδτϦߏ੒ • ֤ Microservice ͝ͱʹ
 σΟϨΫτϦΛ෼͚Δ • Service ͝ͱʹ tfstate

    Λ෼͚Δ • ӨڹΛଞ΁೾ٴͤ͞ͳ͍ • Resource ͝ͱʹ file Λ෼͚Δ • Ϧιʔεఆٛ৔ॴΛ໌֬Խ • CODEOWNERS Ͱݖݶҕৡ

21. ϦϙδτϦߏ੒ • ֤ Microservice ͝ͱʹ
 σΟϨΫτϦΛ෼͚Δ • Service ͝ͱʹ tfstate

    Λ෼͚Δ • ӨڹΛଞ΁೾ٴͤ͞ͳ͍ • Resource ͝ͱʹ file Λ෼͚Δ • Ϧιʔεఆٛ৔ॴΛ໌֬Խ • CODEOWNERS Ͱݖݶҕৡ தԝूݖ ཱࣗ෼ࢄ

22. ݖݶҕৡ IUUQTCMPHHJUIVCDPNJOUSPEVDJOHDPEFPXOFST • GitHub ͷػೳ • CODEOWNERS ʹهࡌ͞Ε ͨਓ͔Β Approve

    ͞ΕΔ
 ·ͰϚʔδͰ͖ͳ͍Α͏ʹ Ͱ͖Δ • ͜ΕʹΑΓݖݶҕৡΛ࣮ݱ • (উखʹมߋͰ͖ͳ͍)

23. ݖݶҕৡ IUUQTIFMQHJUIVCDPNBSUJDMFTBCPVUDPEFPXOFST

24. Ϟδϡʔϧ • microservices-starter-kit (Terraform Ϟδϡʔϧ) • Template Provider Λ࢖͍σΟϨΫτϦ࡞੒ɺϑΝΠϧు͖ग़͠ •

    Microservices ͷ্ཱͪ͛ʹඞཁͳϦιʔεΛ Bootstrap ͢Δ • GCP Project, Service account ͳͲ • PagerDuty, DataDog, Kubernetes (Namespace, Secret) ͳͲ • GitHub Teams (CODEOWNERS ͷݖݶҕৡʹ࢖͏) IUUQTTQFBLFSEFDLDPNCCSUFSSBGPSNPQTGPSNJDSPTFSWJDFT

25. Implementations

26. ࣮૷ • io.TeeReader Λ࢖͍ͬͯΔ • GitHub ʹ POST ͢Δ͚ͩͰ͸ ͳ͘

    CI ͷ Console ʹ΋ग़ྗ • Terraform ͷ࣮ߦ݁Ռ͸ࣗલͷ ύʔαͰߏ଄Խ͢Δ (regexp) • POST ͢Δϝοηʔδ͸ Go ͷ
 ςϯϓϨʔτͰॻ͘͜ͱ͕Ͱ͖Δ • ઃఆ͸ YAML Ͱ࣋ͭ

27. ࣮૷ • ॏෳͨ͠಺༰͕͋Δ৔߹ɺ
 ݹ͍΋ͷ͕࡟আ͞ΕΔ • ࣮ߦ݁Ռ͸௕͍ͷͰ Details λά ͰғͬͯંΓͨͨΈɺҰṮʹඞཁ ͳ৘ใ͚͕ͩݟ΍͘͢දࣔ͞ΕΔ


    {{.Title}}, {{.Message}} ͷॏෳΛݟΔ

28. Conclusion

29. ·ͱΊ • ϝϧΧϦͰ͸ Microservices ྖҬͰ Terraform Λར༻͍ͯ͠Δ • ूݖͱ෼ࢄͷόϥϯεͰ Terraform

    ϦϙδτϦΛӡ༻͍ͯ͠Δ • ͨ͘͞Μͷ P-R Λޮ཰Α͘ϨϏϡʔ͢ΔͨΊ tfnotify Λॻ͍ͨ • Terraform ͷ࣮ߦ݁ՌΛखܰʹ֬ೝ͍ͨ͠ • Infrastructure as Code ͷจԽΛࠜ෇͔ͤΔ • ຖճ plan, apply ݁ՌΛݟΔश׳Λ΋ͭ / ΋ͬͯ΋Β͏ • ઌߦ࣮૷͕ͳ͍ͨΊ OSS ʹͨ͠

30. Thanks