Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Terraform modules and (some of) best practices

163 views

Published on

Zurich HUG meetup, 21 November 2018 - https://www.meetup.com/Zurich-HashiCorp-User-Group/events/255859299/

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Terraform modules and (some of) best practices

  1. 1. Terraform modules and (some of) best-practices Anton Babenko @antonbabenko November 2018
  2. 2. Anton Babenko Terraform AWS fanatic since 2015. HUG, AWS, DevOps Norway, DevOpsDays Oslo… I 💚 open-source: terraform-community-modules + terraform-aws-modules antonbabenko/pre-commit-terraform — auto-formatting code and documentation antonbabenko/modules.tf-lambda — Terraform configurations from visual diagrams www.terraform-best-practices.com medium.com/@anton.babenko @antonbabenko - Twitter, and many Slacks
  3. 3. Collection of open-source Terraform AWS modules supported by the community. More than 1,5 million downloads. (VPC, Autoscaling, RDS, Security Groups, ELB, ALB, Redshift, SNS, SQS, IAM, EKS, ECS…) github.com/terraform-aws-modules registry.terraform.io/modules/terraform-aws-modules
  4. 4. Write, plan and manage infrastructure as code www.terraform.io
  5. 5. Google Cloud Deployment Manager Azure Resource Manager
  6. 6. Plus100+moreproviders
  7. 7. Terraform — is a universal tool to manage anything that has an API GSuite Dropbox files and access New Relic metrics Datadog users and metrics Bugs in Jira All Terraform providers
  8. 8. VPC, please!
  9. 9. Problems Code size is growing Complicated dependencies
  10. 10. Solution — Terraform modules
  11. 11. Terraform modules are self-contained packages of Terraform configurations that are managed as a group.
  12. 12. Resource modules Only create resources in a very flexible way Open-source
  13. 13. Resource modules
  14. 14. Infrastructure modules Consist of resource modules Company standards and tags Pre-processors, jsonnet, cookiecutter
  15. 15. Infrastructure modules
  16. 16. Types of Terraform modules Resource modules (terraform-aws-modules, for example) Infrastructure modules
  17. 17. - [ ] How to write modules - [ ] How to use modules
  18. 18. Tip №0 Check Terraform Registry before writing new resource module.
  19. 19. Hide specifics
  20. 20. Size
  21. 21. Size https://github.com/mbtproject/mbt
  22. 22. Things to avoid in Terraform modules
  23. 23. Exception: logical providers (template, random, local, http, external) Providers in modules — bad
  24. 24. Provisioner — bad Avoid provisioners in all resources
  25. 25. Provisioner — bad Avoid provisioners even inside EC2 resources
  26. 26. Provisioner — bad Avoid provisioners even inside EC2 resources
  27. 27. null_resource provisioner — good
  28. 28. Traits of good Terraform modules Documentation and examples Feature-rich Sane defaults Clean code Tests Read more: http://bit.ly/common-traits-in-terraform-modules
  29. 29. - [x] How to write modules - [x] Do not write, if possible - [x] Do not use: providers and provisioners - [ ] How to use modules
  30. 30. How to use Terraform modules Many resources, many modules How to organize and use them? How to orchestrate them?
  31. 31. All in one Good: Declare variables and outputs in fewer places Bad: Large blast radius Everything is blocked at once Not possible to specify dependenies between modules (depends_on)
  32. 32. 1-in-1 Good: Small blast radius Possible to chain calls Faster and easier to work with Bad: Declare variables and outputs in several places
  33. 33. How is it in your project? "All in one" or 1-in-1 ?
  34. 34. Correct Most frequent answer: "somewhere in between" + "it depends"
  35. 35. What about orchestration in your project?
  36. 36. Orchestration in Terraform
  37. 37. Do not try this at home!
  38. 38. Orchestration = Terragrunt https://github.com/gruntwork-io/terragrunt/
  39. 39. Orchestration = Terragrunt
  40. 40. Orchestration = Terragrunt
  41. 41. Orchestration = Terragrunt
  42. 42. Orchestration = Terragrunt
  43. 43. Edge cases Different AWS regions (S3 signature, EC2 ClassicLink, IPv6) Age of AWS accounts Limits in AWS
  44. 44. Avoid in Terraform Non-sensitive arguments in CLI. Put them in tfvars file. • -target • -parallelism "Terraform workspaces" => separate directory Dependency hell in modules
  45. 45. - [x] How to write modules - [x] How to use modules - [x] 1-in-1 much better over time - [x] Orchestration = Terragrunt - [ ] What is next?
  46. 46. Terraform 0.12 HCL2 — simplified syntax Loops ("for") Dynamic blocks ("for_each") Correct operations of comparison (… ? … : …) Extended types in variables Templates in string values Links between all resources everywhere (depends_on) Read more — https://www.hashicorp.com/blog/terraform-0-1-2-preview
  47. 47. Summary Write less and simpler — Terraform 0.12 will not fix your code for you Use existing modules and tools
  48. 48. BONUS
  49. 49. cloudcraft.co features Manage AWS components in browser (EC2 instances, autoscaling groups, RDS, etc) Connect components Import live AWS infrastructure Calculate the budget Share link to a blueprint Export as image Embed drawing to wiki, Confluence, etc
  50. 50. Infrastructure as code generator — from visual diagrams to Terraform
  51. 51. ✓ cloudcraft.co — design, plan and visualize ✓ terraform-aws-modules — building blocks of AWS infrastructure ✓ Terraform — infrastructure as code
  52. 52. modules.tf notes ✓ Available for all users: https://cloudcraft.co/ ✓ Generates potentially ready-to-use Terraform configurations ✓ Suits best for bootstrapping ✓ Enforces Terraform best practices ✓ Batteries included (terraform-aws-modules, terragrunt, pre-commit, …) ✓ 100% free for all & open-source (https://github.com/antonbabenko/ modules.tf-lambda ) ✓ Want to sponsor, or a sticker? Contact me.
  53. 53. modules.tf demo
  54. 54. Thanks! Questions? In progress — www.terraform-best-practices.com github.com/antonbabenko twitter.com/antonbabenko
  55. 55. Thanks to my supporters!
  56. 56. Cloudcraft — the best way to draw AWS diagrams cloudcraft.co
  57. 57. HIRING! http://www.1plusx.com/about/careers/

×