SlideShare a Scribd company logo

Yes, one can simply terraform their app to azure, easily

Download as PPTX, PDF
O
Omer Barel

Yes, one can simply terraform their app to azure, easily

Technology
1 of 15
Yes. One can simply “Terraform” their App to Azure. Easily. Omer Barel DevOps Architect & Tech Lead omerb@codevalue.net @omerbarel https://about.me/omerbarel http://codevalue.net
Agenda  Challenges with Infrastructure Deployments  Application Overview  The Developer Inner Loop  CI / CD Process Deep Dive  Security & Governance  What the future holds 2
About Me Omer Barel  Husband to Naama  Father of Leo & Theo  Love Whiskey & Travelling (preferably together! )  K8s & Terraform Advocate  @omerbarel 3
The challanges 4 How to do infrastructure CI / CD? Securly? How to deploy to subscriptions we can’t access? How to version the infrastrcuture? How to reduce cloud costs?
5 How to handle our infrastrucutre the same way we handle our applicaion? Infrastructure as Code
Technology Stack 6 GitHub • (4) Microservices Repository • Infrastructure Repository Azure Build Pipelines • CI Per Microservice • Infrastructure CI Azure Release Pipelines Single Deployment Pipeline AKS Application Infrastructure Helm Charts Application Deployment
Process Outline 7
Continuous Integration 8 dev branch
Continuous Deployment 9
Security & Governance 10 Key Vault Integration External interface to IT admins Pipeline variables to DevOps Seperation of concerns Least-priviliged with Key Vault read access Terraform Service Principle Subscription Access Active Directory Access Environment Rollout Promotions Gates Tests Manual override
Next Steps 11 GitHub Releases (Git Tags) Blue / Green Deployments Rollback (True) Infrastructure Testing Developers’ Self Service
Reference Links 12 Terraform GitHub Repo - https://github.com/jungopro/terraform-ci-cd-demo Phippy and Friends - https://github.com/jungopro/phippyandfriends Azure DevOps Project - https://dev.azure.com/jungodevops/Multiple-CI-Single-CD/ Blog - https://codevalue.com/battle-tested-terraform-deployment/
Takeaways 13 Infrastructure as Code allows us to deploy our infrastrucutre using the same processes and practices we use to deploy our application Terraform has built in logic to implement those processes and practices Azure DevOps • - Enables scaling to complex scenarios with multiple environments & subscriptions • - Provides a common workplace to govern & collaborate (PR approvals, code review, build & release visualization, etc.) Azure Key Vault integration helps us secure the process and interface with IT & security personnel
Q A 14
Omer Barel DevOps Architect & Tech Lead omerb@codevalue.net @omerbarel https://about.me/omerbarel http://codevalue.net

Recommended

The Full Stack Java Developer - Josh Long
The Full Stack Java Developer - Josh LongThe Full Stack Java Developer - Josh Long
The Full Stack Java Developer - Josh Longploibl
 
Platform-as-a-Service (PaaS) Overview
Platform-as-a-Service (PaaS) OverviewPlatform-as-a-Service (PaaS) Overview
Platform-as-a-Service (PaaS) OverviewRichard Seroter
 
Turning up-the-heat
Turning up-the-heatTurning up-the-heat
Turning up-the-heatTim Pouyer
 
The Open Sourcing of Infrastructure
The Open Sourcing of InfrastructureThe Open Sourcing of Infrastructure
The Open Sourcing of InfrastructureAll Things Open
 
Alta disponibilidad con Erlang/Elixir - Norberto Ortigoza
Alta disponibilidad con Erlang/Elixir - Norberto OrtigozaAlta disponibilidad con Erlang/Elixir - Norberto Ortigoza
Alta disponibilidad con Erlang/Elixir - Norberto OrtigozaSoftware Guru
 
OWF13 - October 3 - Raphael Ferreira
OWF13 - October 3 - Raphael FerreiraOWF13 - October 3 - Raphael Ferreira
OWF13 - October 3 - Raphael FerreiraParis Open Source Summit
 
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Codefresh
 
Integrating Security Controls into the Development and Delivery Pipeline
Integrating Security Controls into the Development and Delivery PipelineIntegrating Security Controls into the Development and Delivery Pipeline
Integrating Security Controls into the Development and Delivery PipelineAkamai Developers & Admins
 

Recommended

The Full Stack Java Developer - Josh Long
The Full Stack Java Developer - Josh LongThe Full Stack Java Developer - Josh Long
The Full Stack Java Developer - Josh Longploibl
 
Platform-as-a-Service (PaaS) Overview
Platform-as-a-Service (PaaS) OverviewPlatform-as-a-Service (PaaS) Overview
Platform-as-a-Service (PaaS) OverviewRichard Seroter
 
Turning up-the-heat
Turning up-the-heatTurning up-the-heat
Turning up-the-heatTim Pouyer
 
The Open Sourcing of Infrastructure
The Open Sourcing of InfrastructureThe Open Sourcing of Infrastructure
The Open Sourcing of InfrastructureAll Things Open
 
Alta disponibilidad con Erlang/Elixir - Norberto Ortigoza
Alta disponibilidad con Erlang/Elixir - Norberto OrtigozaAlta disponibilidad con Erlang/Elixir - Norberto Ortigoza
Alta disponibilidad con Erlang/Elixir - Norberto OrtigozaSoftware Guru
 
OWF13 - October 3 - Raphael Ferreira
OWF13 - October 3 - Raphael FerreiraOWF13 - October 3 - Raphael Ferreira
OWF13 - October 3 - Raphael FerreiraParis Open Source Summit
 
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Codefresh
 
Integrating Security Controls into the Development and Delivery Pipeline
Integrating Security Controls into the Development and Delivery PipelineIntegrating Security Controls into the Development and Delivery Pipeline
Integrating Security Controls into the Development and Delivery PipelineAkamai Developers & Admins
 
The Architect is Not Convinced
The Architect is Not ConvincedThe Architect is Not Convinced
The Architect is Not Convincedduvander
 
The Rise of Pareto-as-a-Service
The Rise of Pareto-as-a-ServiceThe Rise of Pareto-as-a-Service
The Rise of Pareto-as-a-Serviceduvander
 
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...UA DevOps Conference
 
YOOXlabTechEvent: How Cloud helps Innovation
YOOXlabTechEvent: How Cloud helps InnovationYOOXlabTechEvent: How Cloud helps Innovation
YOOXlabTechEvent: How Cloud helps InnovationYOOXlabsTechEvent
 
How to Evaluate an API Without Writing a Line of Code
How to Evaluate an API Without Writing a Line of CodeHow to Evaluate an API Without Writing a Line of Code
How to Evaluate an API Without Writing a Line of Codeduvander
 
AWS Summit Tel Aviv - Security Keynote
AWS Summit Tel Aviv - Security KeynoteAWS Summit Tel Aviv - Security Keynote
AWS Summit Tel Aviv - Security KeynoteAmazon Web Services
 
Container Infrastructure Security for Cloud Native Infrastructure
Container Infrastructure Security for Cloud Native InfrastructureContainer Infrastructure Security for Cloud Native Infrastructure
Container Infrastructure Security for Cloud Native InfrastructureSomik Behera
 
Why Swift on the server?
Why Swift on the server?Why Swift on the server?
Why Swift on the server?ibmmobile
 
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」Yuji Hato
 
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem....NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...NETFest
 
Controlling your home with IoT Hub
Controlling your home with IoT HubControlling your home with IoT Hub
Controlling your home with IoT HubStamatis Pavlis
 
Infrastructure as Code with Terraform on AWS
Infrastructure as Code with Terraform on AWSInfrastructure as Code with Terraform on AWS
Infrastructure as Code with Terraform on AWSAli Can Kuştemur 🐧
 
DreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory
 
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019Taylor Wicksell and Tom Gianos at SpringOne Platform 2019
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019VMware Tanzu
 
10 things you can do at the edge
10 things you can do at the edge10 things you can do at the edge
10 things you can do at the edgeAkamai Developers & Admins
 
Getting started with AWS IoT on Raspberry Pi
Getting started with AWS IoT on Raspberry PiGetting started with AWS IoT on Raspberry Pi
Getting started with AWS IoT on Raspberry PiIan Massingham
 
Deployit Demo - October 2013
Deployit Demo - October 2013Deployit Demo - October 2013
Deployit Demo - October 2013XebiaLabs
 
Azure Sphere
Azure SphereAzure Sphere
Azure SphereMirco Vanini
 
Ruby On Rails Tutorial | Ruby Programming Language | Edureka
Ruby On Rails Tutorial | Ruby Programming Language | EdurekaRuby On Rails Tutorial | Ruby Programming Language | Edureka
Ruby On Rails Tutorial | Ruby Programming Language | EdurekaEdureka!
 
Using Cookies to Store Your Postman Secrets
Using Cookies to Store Your Postman SecretsUsing Cookies to Store Your Postman Secrets
Using Cookies to Store Your Postman SecretsPostman
 
56k.cloud training
56k.cloud training56k.cloud training
56k.cloud trainingBrian Christner
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrewLibbySchulze
 

More Related Content

What's hot

The Architect is Not Convinced
The Architect is Not ConvincedThe Architect is Not Convinced
The Architect is Not Convincedduvander
 
The Rise of Pareto-as-a-Service
The Rise of Pareto-as-a-ServiceThe Rise of Pareto-as-a-Service
The Rise of Pareto-as-a-Serviceduvander
 
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...UA DevOps Conference
 
YOOXlabTechEvent: How Cloud helps Innovation
YOOXlabTechEvent: How Cloud helps InnovationYOOXlabTechEvent: How Cloud helps Innovation
YOOXlabTechEvent: How Cloud helps InnovationYOOXlabsTechEvent
 
How to Evaluate an API Without Writing a Line of Code
How to Evaluate an API Without Writing a Line of CodeHow to Evaluate an API Without Writing a Line of Code
How to Evaluate an API Without Writing a Line of Codeduvander
 
AWS Summit Tel Aviv - Security Keynote
AWS Summit Tel Aviv - Security KeynoteAWS Summit Tel Aviv - Security Keynote
AWS Summit Tel Aviv - Security KeynoteAmazon Web Services
 
Container Infrastructure Security for Cloud Native Infrastructure
Container Infrastructure Security for Cloud Native InfrastructureContainer Infrastructure Security for Cloud Native Infrastructure
Container Infrastructure Security for Cloud Native InfrastructureSomik Behera
 
Why Swift on the server?
Why Swift on the server?Why Swift on the server?
Why Swift on the server?ibmmobile
 
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」Yuji Hato
 
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem....NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...NETFest
 
Controlling your home with IoT Hub
Controlling your home with IoT HubControlling your home with IoT Hub
Controlling your home with IoT HubStamatis Pavlis
 
Infrastructure as Code with Terraform on AWS
Infrastructure as Code with Terraform on AWSInfrastructure as Code with Terraform on AWS
Infrastructure as Code with Terraform on AWSAli Can Kuştemur 🐧
 
DreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory
 
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019Taylor Wicksell and Tom Gianos at SpringOne Platform 2019
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019VMware Tanzu
 
Getting started with AWS IoT on Raspberry Pi
Getting started with AWS IoT on Raspberry PiGetting started with AWS IoT on Raspberry Pi
Getting started with AWS IoT on Raspberry PiIan Massingham
 
Deployit Demo - October 2013
Deployit Demo - October 2013Deployit Demo - October 2013
Deployit Demo - October 2013XebiaLabs
 
Ruby On Rails Tutorial | Ruby Programming Language | Edureka
Ruby On Rails Tutorial | Ruby Programming Language | EdurekaRuby On Rails Tutorial | Ruby Programming Language | Edureka
Ruby On Rails Tutorial | Ruby Programming Language | EdurekaEdureka!
 
Using Cookies to Store Your Postman Secrets
Using Cookies to Store Your Postman SecretsUsing Cookies to Store Your Postman Secrets
Using Cookies to Store Your Postman SecretsPostman
 

What's hot (20)

The Architect is Not Convinced
The Architect is Not ConvincedThe Architect is Not Convinced
The Architect is Not Convinced
 
The Rise of Pareto-as-a-Service
The Rise of Pareto-as-a-ServiceThe Rise of Pareto-as-a-Service
The Rise of Pareto-as-a-Service
 
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...
КОСТЯНТИН СЕВЕРЕНЧУК «Monitoring and Automation in DevTestSecOps world» Lviv ...
 
YOOXlabTechEvent: How Cloud helps Innovation
YOOXlabTechEvent: How Cloud helps InnovationYOOXlabTechEvent: How Cloud helps Innovation
YOOXlabTechEvent: How Cloud helps Innovation
 
How to Evaluate an API Without Writing a Line of Code
How to Evaluate an API Without Writing a Line of CodeHow to Evaluate an API Without Writing a Line of Code
How to Evaluate an API Without Writing a Line of Code
 
AWS Summit Tel Aviv - Security Keynote
AWS Summit Tel Aviv - Security KeynoteAWS Summit Tel Aviv - Security Keynote
AWS Summit Tel Aviv - Security Keynote
 
Container Infrastructure Security for Cloud Native Infrastructure
Container Infrastructure Security for Cloud Native InfrastructureContainer Infrastructure Security for Cloud Native Infrastructure
Container Infrastructure Security for Cloud Native Infrastructure
 
Why Swift on the server?
Why Swift on the server?Why Swift on the server?
Why Swift on the server?
 
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」
継続的な開発スタイル 「AbemaTV iOSアプリを週一でリリースしている話」
 
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem....NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...
.NET Fest 2019. Roberto Freato. Provisioning Azure PaaS fluently with Managem...
 
Controlling your home with IoT Hub
Controlling your home with IoT HubControlling your home with IoT Hub
Controlling your home with IoT Hub
 
Infrastructure as Code with Terraform on AWS
Infrastructure as Code with Terraform on AWSInfrastructure as Code with Terraform on AWS
Infrastructure as Code with Terraform on AWS
 
DreamFactory Essentials Webinar
DreamFactory Essentials WebinarDreamFactory Essentials Webinar
DreamFactory Essentials Webinar
 
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019Taylor Wicksell and Tom Gianos at SpringOne Platform 2019
Taylor Wicksell and Tom Gianos at SpringOne Platform 2019
 
10 things you can do at the edge
10 things you can do at the edge10 things you can do at the edge
10 things you can do at the edge
 
Getting started with AWS IoT on Raspberry Pi
Getting started with AWS IoT on Raspberry PiGetting started with AWS IoT on Raspberry Pi
Getting started with AWS IoT on Raspberry Pi
 
Deployit Demo - October 2013
Deployit Demo - October 2013Deployit Demo - October 2013
Deployit Demo - October 2013
 
Azure Sphere
Azure SphereAzure Sphere
Azure Sphere
 
Ruby On Rails Tutorial | Ruby Programming Language | Edureka
Ruby On Rails Tutorial | Ruby Programming Language | EdurekaRuby On Rails Tutorial | Ruby Programming Language | Edureka
Ruby On Rails Tutorial | Ruby Programming Language | Edureka
 
Using Cookies to Store Your Postman Secrets
Using Cookies to Store Your Postman SecretsUsing Cookies to Store Your Postman Secrets
Using Cookies to Store Your Postman Secrets
 

Similar to Yes, one can simply terraform their app to azure, easily

Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrewLibbySchulze
 
Docker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationDocker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationAlex Vranceanu
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays
 
Untangling DevOps - A high-level overview and how we got here
Untangling DevOps - A high-level overview and how we got hereUntangling DevOps - A high-level overview and how we got here
Untangling DevOps - A high-level overview and how we got hereBarton George
 
Our Brave Modular Future
Our Brave Modular FutureOur Brave Modular Future
Our Brave Modular FutureOrchestrate
 
Cloud Application Development Lifecycle
Cloud Application Development LifecycleCloud Application Development Lifecycle
Cloud Application Development LifecycleSuhas Kelkar
 
State of Infrastructure as Code - AutomaCon 2016
State of Infrastructure as Code - AutomaCon 2016State of Infrastructure as Code - AutomaCon 2016
State of Infrastructure as Code - AutomaCon 2016Amazon Web Services
 
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptxDevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptxTurja Narayan Chaudhuri
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Ken Owens
 
Developing and Deploying Microservices with Project Tye
Developing and Deploying Microservices with Project TyeDeveloping and Deploying Microservices with Project Tye
Developing and Deploying Microservices with Project TyeEran Stiller
 
Tampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerTampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerSakari Hoisko
 
Why modern cloud infrastructure require automation
Why modern cloud infrastructure require automationWhy modern cloud infrastructure require automation
Why modern cloud infrastructure require automationGerald Crescione
 
Docker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker, Inc.
 
CWIN17 london becoming cloud native part 2 - guy martin docker
CWIN17 london becoming cloud native part 2 - guy martin dockerCWIN17 london becoming cloud native part 2 - guy martin docker
CWIN17 london becoming cloud native part 2 - guy martin dockerCapgemini
 
Why kubernetes matters
Why kubernetes mattersWhy kubernetes matters
Why kubernetes mattersPlatform9
 
Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Sqreen
 
Yaroslav Ravlinko, Intellias. You don’t need Kubernetes. You need to understa...
Yaroslav Ravlinko, Intellias. You don’t need Kubernetes. You need to understa...Yaroslav Ravlinko, Intellias. You don’t need Kubernetes. You need to understa...
Yaroslav Ravlinko, Intellias. You don’t need Kubernetes. You need to understa...IT Arena
 
Democratizing security
Democratizing securityDemocratizing security
Democratizing securitySanjeev Sharma
 
DoD Enterprise DevSecOps Initiative by Mr. Nicolas Chaillan
DoD Enterprise DevSecOps Initiative by Mr. Nicolas ChaillanDoD Enterprise DevSecOps Initiative by Mr. Nicolas Chaillan
DoD Enterprise DevSecOps Initiative by Mr. Nicolas ChaillanHermanKBeta
 

Similar to Yes, one can simply terraform their app to azure, easily (20)

56k.cloud training
56k.cloud training56k.cloud training
56k.cloud training
 
Cncf checkov and bridgecrew
Cncf checkov and bridgecrewCncf checkov and bridgecrew
Cncf checkov and bridgecrew
 
Docker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - PresentationDocker Birthday #5 Meetup Cluj - Presentation
Docker Birthday #5 Meetup Cluj - Presentation
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
 
Untangling DevOps - A high-level overview and how we got here
Untangling DevOps - A high-level overview and how we got hereUntangling DevOps - A high-level overview and how we got here
Untangling DevOps - A high-level overview and how we got here
 
Our Brave Modular Future
Our Brave Modular FutureOur Brave Modular Future
Our Brave Modular Future
 
Cloud Application Development Lifecycle
Cloud Application Development LifecycleCloud Application Development Lifecycle
Cloud Application Development Lifecycle
 
State of Infrastructure as Code - AutomaCon 2016
State of Infrastructure as Code - AutomaCon 2016State of Infrastructure as Code - AutomaCon 2016
State of Infrastructure as Code - AutomaCon 2016
 
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptxDevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
 
Developing and Deploying Microservices with Project Tye
Developing and Deploying Microservices with Project TyeDeveloping and Deploying Microservices with Project Tye
Developing and Deploying Microservices with Project Tye
 
Tampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday DockerTampere Docker meetup - Happy 5th Birthday Docker
Tampere Docker meetup - Happy 5th Birthday Docker
 
Why modern cloud infrastructure require automation
Why modern cloud infrastructure require automationWhy modern cloud infrastructure require automation
Why modern cloud infrastructure require automation
 
Docker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to DockerDocker Bday #5, SF Edition: Introduction to Docker
Docker Bday #5, SF Edition: Introduction to Docker
 
CWIN17 london becoming cloud native part 2 - guy martin docker
CWIN17 london becoming cloud native part 2 - guy martin dockerCWIN17 london becoming cloud native part 2 - guy martin docker
CWIN17 london becoming cloud native part 2 - guy martin docker
 
Why kubernetes matters
Why kubernetes mattersWhy kubernetes matters
Why kubernetes matters
 
Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?
 
Yaroslav Ravlinko, Intellias. You don’t need Kubernetes. You need to understa...
Yaroslav Ravlinko, Intellias. You don’t need Kubernetes. You need to understa...Yaroslav Ravlinko, Intellias. You don’t need Kubernetes. You need to understa...
Yaroslav Ravlinko, Intellias. You don’t need Kubernetes. You need to understa...
 
Democratizing security
Democratizing securityDemocratizing security
Democratizing security
 
DoD Enterprise DevSecOps Initiative by Mr. Nicolas Chaillan
DoD Enterprise DevSecOps Initiative by Mr. Nicolas ChaillanDoD Enterprise DevSecOps Initiative by Mr. Nicolas Chaillan
DoD Enterprise DevSecOps Initiative by Mr. Nicolas Chaillan
 

Recently uploaded

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 

Recently uploaded (20)

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Yes, one can simply terraform their app to azure, easily

  • 1. Yes. One can simply “Terraform” their App to Azure. Easily. Omer Barel DevOps Architect & Tech Lead omerb@codevalue.net @omerbarel https://about.me/omerbarel http://codevalue.net
  • 2. Agenda  Challenges with Infrastructure Deployments  Application Overview  The Developer Inner Loop  CI / CD Process Deep Dive  Security & Governance  What the future holds 2
  • 3. About Me Omer Barel  Husband to Naama  Father of Leo & Theo  Love Whiskey & Travelling (preferably together! )  K8s & Terraform Advocate  @omerbarel 3
  • 4. The challanges 4 How to do infrastructure CI / CD? Securly? How to deploy to subscriptions we can’t access? How to version the infrastrcuture? How to reduce cloud costs?
  • 5. 5 How to handle our infrastrucutre the same way we handle our applicaion? Infrastructure as Code
  • 6. Technology Stack 6 GitHub • (4) Microservices Repository • Infrastructure Repository Azure Build Pipelines • CI Per Microservice • Infrastructure CI Azure Release Pipelines Single Deployment Pipeline AKS Application Infrastructure Helm Charts Application Deployment
  • 10. Security & Governance 10 Key Vault Integration External interface to IT admins Pipeline variables to DevOps Seperation of concerns Least-priviliged with Key Vault read access Terraform Service Principle Subscription Access Active Directory Access Environment Rollout Promotions Gates Tests Manual override
  • 11. Next Steps 11 GitHub Releases (Git Tags) Blue / Green Deployments Rollback (True) Infrastructure Testing Developers’ Self Service
  • 12. Reference Links 12 Terraform GitHub Repo - https://github.com/jungopro/terraform-ci-cd-demo Phippy and Friends - https://github.com/jungopro/phippyandfriends Azure DevOps Project - https://dev.azure.com/jungodevops/Multiple-CI-Single-CD/ Blog - https://codevalue.com/battle-tested-terraform-deployment/
  • 13. Takeaways 13 Infrastructure as Code allows us to deploy our infrastrucutre using the same processes and practices we use to deploy our application Terraform has built in logic to implement those processes and practices Azure DevOps • - Enables scaling to complex scenarios with multiple environments & subscriptions • - Provides a common workplace to govern & collaborate (PR approvals, code review, build & release visualization, etc.) Azure Key Vault integration helps us secure the process and interface with IT & security personnel
  • 15. Omer Barel DevOps Architect & Tech Lead omerb@codevalue.net @omerbarel https://about.me/omerbarel http://codevalue.net

Editor's Notes

  1. What’s the motivation to use terraform with azure devops? Why not use ARM templates? What’s the CI CD Logic that terraform provides? Plan > plan.out > release
  2. Explain a bit about Azure services – Azure DevOps, AKS, KeyVault
  3. Validate PR Done before deployment to developer’s environment Basic testing and validation in the build phase More testing in the release phase Deploy application and optionally add application level testing Destroy everything to validate CI end-to-end Terraform workspace == per-environment .tfvars file
  4. Optional gates between environments (manual approval, etc.) Same build as before, only done from MASTER branch with source tagging CI per environment with different .tfvars file
  5. Testing – ConfTest, Terratest