Terraform and cloud.ca
-
Upload
cloudops2005 -
Category
Technology
-
view
451 -
download
0
Transcript of Terraform and cloud.ca
cloud.ca @cloud_dot_ca
Automate deployments withTerraform & cloud.ca
February 25, 2016
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
About us
Page 2
CloudOps○ Cloud infrastructure experts since 2005 ○ Design, build and manage public, private and hybrid cloud
solutions
Patrick Dubé○ Software Engineering, McGill○ Software developer @ CloudOps since 2013
cloud.ca○ Infrastructure as a Service platform, based in Montreal○ Launched August 2014
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Personal goal
Page 3
After this presentation:
● Everyone attending will only deploy infrastructure using
automation
● 95% reconsider their deployment methods
● 50% try automating a deployment. Just to see how it feels.
cloud.ca @cloud_dot_ca
So what’s the big deal with cloud anyway?
4
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
What is it?
Page 5
Cloud computingPool of computing resources (e.g. memory, processing power, storage, etc.) delivered over a network connection (e.g. the internet)
iCloud Cloud computing
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Ok, so why do I care?
Page 6
Flexibility/Scalability● Fast provisioning● Adaptability to changes in workloads
Utility cost● Pay for usage● Low up front costs● Efficient
Redundancy● No single point of failure (service provider specific)● Designed for fault tolerance
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
What is cloud.ca?
Regional Infrastructure as a Service
Compute
● High performance instances● SSD storage● Virtual Private Clouds (VPCs)● ACLs● VPN access● Load balancing
Object storage (Swift)
● Highly available● Secure● Durable
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
What are some other features?
● Multi-level nested organization scheme● Role-based access control● Activity monitoring● Usage reporting● Term discounts● Bilingual (EN & FR)● Environments
○ Enables resource sharing within a team○ Isolates workloads○ Controls user access through membership and roles
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Environment?
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Nice.
cloud.ca @cloud_dot_ca
Automate, Deploy, Deploy, Deploy, etc.
11
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Why automate?
Infrastructure automation is not only for large enterprise
Manual configuration is● Repetitive● Error prone● Non-reusable
Automation enables● Repeatable environments (Dev, QA, Production, etc.)● Change management● Scaling/reuse with confidence
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Really? How?
Page 13
Terraform (by HashiCorp)● Infrastructure as code● Cross platform● Execution plans● Versioning● Reusable
Similar tools● OpenStack Heat● AWS CloudFormation
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
How does it work?
Page 14
In a nutshell
● Loads configuration files
● Checks for changes versus deployed infrastructure
● Translates changes into service provider API calls
● Applies changes
● Saves state to a file
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Specifically?
Page 15
Building blocks
● Providers
● Resources
● Variables
● Outputs
● Remote state
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
What providers are supported?
Some providers:
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 17
Deployment to “dev” environment● 1 virtual private cloud● 2 tiers (web & data)● 3 instances in the web tier● 1 instances in the data tier● 2 public IP addresses● 1 load balancer rule for the web instances● 1 port forwarding rule for SSH
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
What does that look like?
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
How do we use providers?
Page 19
Provider specific configuration
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Variables?
Page 20
Define variables
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Set variables in separate file e.g. terraform.tfvars
How do you set them?
Page 21
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
But, how do I use them?
Page 22
Define resources
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Seems simple. Show me what you got.
Page 23
Another example
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Can I retrieve information about resources?
Page 24
Define outputs
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Teamwork support?
Page 25
Define a remote backend
● Synchronization with teammates● Caution: does not lock infrastructure
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 26
Retrieve API keys
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 27
Apache CloudStack API keys
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 28
Swift credentials
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 29
Export to environment variables
$ source credentials.ignore
Setup remote backend$ terraform remote config -backend=swift \
-backend-config=”path=dev”
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 30
$ terraform plan
...
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 31
$ terraform graph | dot -Tpng > graph.png
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 32
$ terraform apply
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 33
After a couple minutes
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Enough talk. Show me the money.
Page 34
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Now what?
Page 35
Reuse for “quality_assurance” environment● Make another directory: “qa”● Copy config files from previous deployment● Set remote backend to different container
○ $ terraform remote config -backend=swift -backend-config=”path=qa”
● Modify terraform.tfvars:
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Wow, that’s cool.
Page 36
Infrastructure deployments are all the same● Instances● VPCs● Networks● Storage● Public IP addresses
Terraform enables templating of deployments● Change credentials● Change variable default values● Deploy
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
Can I configure my applications through Terraform?
Page 37
Terraform is not a configuration management tool● Define● Deploy● Share● Reuse
However● Can kickstart resources through provisioners (chef,
remote_exec, etc.) or user_data
cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca
What next?
Page 38
Looking forward● Integrate with configuration management tools (provisioners)
● Deploy multi-cloud configuration
● Code for this demo available:
○ https://github.com/cloud-ca/confoo-terraform
● Slides will be available @cloud_dot_ca (Twitter)
cloud.ca @cloud_dot_ca
Thank youQuestions?Patrick Dubé[email protected]