Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Infrastructure as Code with Terraform and Friends

Paul Hinze
January 12, 2016
Technology
2
270

Infrastructure as Code with Terraform and Friends

Chicago DevOps Meetup

Infrastructure as Code with Terraform and Friends

We have long since passed the time when it was feasible for human beings to manually provision, configure, and manage infrastructure. Automation is clearly the way forward, as we have known for years. However, it is difficult to determine how to effectively utilize automation in a way that reduces complexity rather than contributes to it. An automated mess is only marginally better than a manual mess.

Infrastructure as Code is a holistic approach to automation that seeks to reign in the ever-increasing complexity of modern infrastructure by borrowing practices from the software development community.

In this talk, we'll start with a discussion of the concepts central to Infrastructure as Code. Then we'll take a tour of the various tools, technologies, and practices that help us interact with infrastructure as code. Finally, we'll take a deeper dive to look at concrete examples from Terraform, the project I work on full time.

Paul Hinze

January 12, 2016
Tweet

More Decks by Paul Hinze

See All by Paul Hinze
Getting Good at System Failure Analysis
phinze
0
420
Applying Graph Theory to Infrastructure As Code
phinze
6
1.9k
SWIM: Scalable Weakly Consistent Infection Style Process Group Membership Protocol
phinze
2
300
Smoke & Mirrors: The Primitives of High Availability
phinze
1
480
Git: Everybody's Favorite MMO
phinze
0
120
Shut Up and Pipe! Unix-style Object Collaboration in Rack and Vagrant
phinze
0
120
Freighthop: Vagrant on Rails
phinze
0
270
Puppet Modules Are Our Friends
phinze
0
77
Who Needs Clouds?: HA in Your Datacenter
phinze
1
490

Other Decks in Technology

See All in Technology
Cloud Run と GitHub Template Repository による軽量なアプリケーションプラットフォーム/ #nikkei_tech_talk
nikkei_engineer_recruiting
0
110
20240911_New_Relicダッシュボード活用例
speakerdeckfk
0
110
「認証認可」という体験をデザインする ~Nekko Cloud認証認可基盤計画
logica0419
2
440
突撃! 隣のAmazon Bedrockユーザー 〜YouはどうしてAWSで?〜
minorun365
PRO
3
390
Analytics-Backed App Widget Development - Served with Jetpack Glance
miyabigouji
0
610
事前準備が肝!AI活用のための業務改革
layerx
PRO
1
380
不動産売買取引におけるAIの可能性とプロダクトでのAI活用
zabio3
0
270
開発生産性を始める前に開発チームができること / optim-improve-development-productivity.pdf
optim
0
110
『GRANBLUE FANTASY Relink』キャラクターの魅力を支えるリグ・シミュレーション制作事例
cygames
0
120
DroidKaigi 2024 たすけて!ViewModel
mhidaka
5
940
自作Cコンパイラ 8時間の奮闘
soukouki
0
850
とあるOSSを継続可能にするための取り組みについて / OSS Refactoring Process
bun913
1
210

Featured

See All Featured
Imperfection Machines: The Place of Print at Facebook
scottboms
263
13k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
278
13k
Building Flexible Design Systems
yeseniaperezcruz
325
38k
No one is an island. Learnings from fostering a developers community.
thoeni
18
2.9k
Art, The Web, and Tiny UX
lynnandtonic
294
20k
WebSockets: Embracing the real-time Web
robhawkes
59
7.3k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
29
2.6k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
36
6.8k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
28
1.6k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
36
2.1k
GitHub's CSS Performance
jonrohan
1030
450k

Transcript

  1. HASHICORP Infrastructure as Code with Terraform and Friends

  2. HASHICORP phinze Paul Hinze

  3. None

  4. HASHICORP

  5. HASHICORP

  6. HASHICORP Infrastructure as Code

  7. HASHICORP Maturity

  8. HASHICORP Manual Everything Rack & Stack

  9. HASHICORP Basic AutomaDon #!/bin/bash Farm-to-table Bespoke Scripts

  10. HASHICORP Machine VirtualizaDon "I heard you like servers"

  11. HASHICORP CommodiDzaDon of Infrastructure The *aaS Explosion

  12. HASHICORP Datacenter-as-Computer Containers & Schedulers

  13. HASHICORP

  14. HASHICORP

  15. HASHICORP

  16. HASHICORP Capability Complexity

  17. HASHICORP

  18. HASHICORP Managing Complexity A strategy for

  19. HASHICORP

  20. HASHICORP 535 :global_includes, 536 :gmail_domain 537 ].each do |key| 538

    params[:account][:settings].try(:delete, key) 539 end 540 end 541 542 if params[:account][:settings] && params[:account][:settings].has_key?(:trusted_referers) 543 if trusted_referers = params[:account][:settings].delete(:trusted_referers) 544 @account.trusted_referers = trusted_referers if @account.root_account? 545 end 546 end 547 548 if sis_id = params[:account].delete(:sis_source_id) 549 if [email protected]_account? && sis_id != @account.sis_source_id && @account.root_account.grant 550 if sis_id == '' 551 @account.sis_source_id = nil 552 else 553 @account.sis_source_id = sis_id 554 end 555 end 556 end 557 558 process_external_integration_keys 559 560 can_edit_email = params[:account][:settings].try(:delete, :edit_institution_email) 561 if @account.root_account? && !can_edit_email.nil? 562 @account[:settings][:edit_institution_email] = value_to_boolean(can_edit_email) 563 end 564 565 if @account.update_attributes(params[:account]) 566 format.html { redirect_to account_settings_url(@account) } 567 format.json { render :json => @account } 568 else 569 flash[:error] = t(:update_failed_notice, "Account settings update failed") 570 format.html { redirect_to account_settings_url(@account) } 571 format.json { render :json => @account.errors, :status => :bad_request } 572 end 573 end 574 end 575 end 576 577 def settings 578 if authorized_action(@account, @current_user, :read) 579 @available_reports = AccountReport.available_reports if @account.grants_right?(@current_user, @se 580 if @available_reports 581 @last_complete_reports = {} 582 @last_reports = {} 583 if AccountReport.connection.adapter_name == 'PostgreSQL' 584 scope = @account.account_reports.select("DISTINCT ON (report_type) account_reports.*").order( 585 @last_complete_reports = scope.last_complete_of_type(@available_reports.keys, nil).preload(:a 586 @last_reports = scope.last_of_type(@available_reports.keys, nil).index_by(&:report_type) 587 else 588 @available_reports.keys.each do |report| 589 @last_complete_reports[report] = @account.account_reports.last_complete_of_type(report).fir 590 @last_reports[report] = @account.account_reports.last_of_type(report).first 591 end 592 end 593 end 594 load_course_right_side 595 @account_users = @account.account_users 596 ActiveRecord::Associations::Preloader.new(@account_users, user: :communication_channels).run 597 order_hash = {} 598 @account.available_account_roles.each_with_index do |role, idx| 599 order_hash[role.id] = idx 600 end 601 @account_users = @account_users.select(&:user).sort_by{|au| [order_hash[au.role_id] || CanvasSort 602 @alerts = @account.alerts HASHICORP

  21. HASHICORP 535 :global_includes, 536 :gmail_domain 537 ].each do |key| 538

    params[:account][:settings].try(:delete, key) 539 end 540 end 541 542 if params[:account][:settings] && params[:account][:settings].has_key?(:trusted_referers) 543 if trusted_referers = params[:account][:settings].delete(:trusted_referers) 544 @account.trusted_referers = trusted_referers if @account.root_account? 545 end 546 end 547 548 if sis_id = params[:account].delete(:sis_source_id) 549 if [email protected]_account? && sis_id != @account.sis_source_id && @account.root_account.grant 550 if sis_id == '' 551 @account.sis_source_id = nil 552 else 553 @account.sis_source_id = sis_id 554 end 555 end 556 end 557 558 process_external_integration_keys 559 560 can_edit_email = params[:account][:settings].try(:delete, :edit_institution_email) 561 if @account.root_account? && !can_edit_email.nil? 562 @account[:settings][:edit_institution_email] = value_to_boolean(can_edit_email) 563 end 564 565 if @account.update_attributes(params[:account]) 566 format.html { redirect_to account_settings_url(@account) } 567 format.json { render :json => @account } 568 else 569 flash[:error] = t(:update_failed_notice, "Account settings update failed") 570 format.html { redirect_to account_settings_url(@account) } 571 format.json { render :json => @account.errors, :status => :bad_request } 572 end 573 end 574 end 575 end 576 577 def settings 578 if authorized_action(@account, @current_user, :read) 579 @available_reports = AccountReport.available_reports if @account.grants_right?(@current_user, @se 580 if @available_reports 581 @last_complete_reports = {} 582 @last_reports = {} 583 if AccountReport.connection.adapter_name == 'PostgreSQL' 584 scope = @account.account_reports.select("DISTINCT ON (report_type) account_reports.*").order( 585 @last_complete_reports = scope.last_complete_of_type(@available_reports.keys, nil).preload(:a 586 @last_reports = scope.last_of_type(@available_reports.keys, nil).index_by(&:report_type) 587 else 588 @available_reports.keys.each do |report| 589 @last_complete_reports[report] = @account.account_reports.last_complete_of_type(report).fir 590 @last_reports[report] = @account.account_reports.last_of_type(report).first 591 end 592 end 593 end 594 load_course_right_side 595 @account_users = @account.account_users 596 ActiveRecord::Associations::Preloader.new(@account_users, user: :communication_channels).run 597 order_hash = {} 598 @account.available_account_roles.each_with_index do |role, idx| 599 order_hash[role.id] = idx 600 end 601 @account_users = @account_users.select(&:user).sort_by{|au| [order_hash[au.role_id] || CanvasSort 602 @alerts = @account.alerts HASHICORP Infrastructure as Code

  22. HASHICORP

  23. HASHICORP Less Rote Work

  24. HASHICORP Confident Changes

  25. HASHICORP Faster Delivery

  26. HASHICORP Managing Complexity We get there by

  27. HASHICORP Versioned Everything

  28. HASHICORP Disposable & Reproducible

  29. HASHICORP Self-TesDng

  30. HASHICORP Small, IteraDve Changes

  31. HASHICORP

  32. HASHICORP 535 :global_includes, 536 :gmail_domain 537 ].each do |key| 538

    params[:account][:settings].try(:delete, key) 539 end 540 end 541 542 if params[:account][:settings] && params[:account][:settings].has_key?(:trusted_referers) 543 if trusted_referers = params[:account][:settings].delete(:trusted_referers) 544 @account.trusted_referers = trusted_referers if @account.root_account? 545 end 546 end 547 548 if sis_id = params[:account].delete(:sis_source_id) 549 if [email protected]_account? && sis_id != @account.sis_source_id && @account.root_account.grant 550 if sis_id == '' 551 @account.sis_source_id = nil 552 else 553 @account.sis_source_id = sis_id 554 end 555 end 556 end 557 558 process_external_integration_keys 559 560 can_edit_email = params[:account][:settings].try(:delete, :edit_institution_email) 561 if @account.root_account? && !can_edit_email.nil? 562 @account[:settings][:edit_institution_email] = value_to_boolean(can_edit_email) 563 end 564 565 if @account.update_attributes(params[:account]) 566 format.html { redirect_to account_settings_url(@account) } 567 format.json { render :json => @account } 568 else 569 flash[:error] = t(:update_failed_notice, "Account settings update failed") 570 format.html { redirect_to account_settings_url(@account) } 571 format.json { render :json => @account.errors, :status => :bad_request } 572 end 573 end 574 end 575 end 576 577 def settings 578 if authorized_action(@account, @current_user, :read) 579 @available_reports = AccountReport.available_reports if @account.grants_right?(@current_user, @se 580 if @available_reports 581 @last_complete_reports = {} 582 @last_reports = {} 583 if AccountReport.connection.adapter_name == 'PostgreSQL' 584 scope = @account.account_reports.select("DISTINCT ON (report_type) account_reports.*").order( 585 @last_complete_reports = scope.last_complete_of_type(@available_reports.keys, nil).preload(:a 586 @last_reports = scope.last_of_type(@available_reports.keys, nil).index_by(&:report_type) 587 else 588 @available_reports.keys.each do |report| 589 @last_complete_reports[report] = @account.account_reports.last_complete_of_type(report).fir 590 @last_reports[report] = @account.account_reports.last_of_type(report).first 591 end 592 end 593 end 594 load_course_right_side 595 @account_users = @account.account_users 596 ActiveRecord::Associations::Preloader.new(@account_users, user: :communication_channels).run 597 order_hash = {} 598 @account.available_account_roles.each_with_index do |role, idx| 599 order_hash[role.id] = idx 600 end 601 @account_users = @account_users.select(&:user).sort_by{|au| [order_hash[au.role_id] || CanvasSort 602 @alerts = @account.alerts HASHICORP

  33. HASHICORP Pipeline

  34. HASHICORP Ansible, Chef, Puppet, ... Server ConfiguraDon ArDfact ProducDon Aminator,

    Packer, Docker Build, ... Infrastructure OrchestraDon CloudFormaDon, Terraform, ... Automated VerificaDon ServerSpec, Test Kitchen, ...

  35. HASHICORP RunDme

  36. HASHICORP Consul, etcd, Zookeeper... Service Discovery Resource Scheduling Kubernetes, Mesos,

    Nomad, ... Monitoring AlerDng, MeDcs, Logging, ...

  37. HASHICORP

  38. HASHICORP

  39. HASHICORP

  40. HASHICORP HASHICORP Dozens of Providers

  41. HASHICORP Create() Read() Update() Delete() resource { attr = val

    } DeclaraDve Model

  42. HASHICORP Dependency Graph

  43. HASHICORP main.tf provider "aws" { region = "us-east-1" } resource

    "aws_instance" "web" { ami = "ami-b82176d2" instance_type = "t1.micro" tags { Name = "hello-terraform" } }

  44. HASHICORP Config: User-Provided State: View of Reality Diff: {State -

    Config} Plan: Presents Diff Apply: Resolves Diff Concepts

  45. HASHICORP "World's Smallest" Distributed System Hello, World! My IP is:

    A.B.C.D My Instance ID is: i-abc123

  46. HASHICORP Thanks! <3