SlideShare a Scribd company logo

DevOps Braga #9: Introdução ao Terraform

D
DevOps Braga

Introdução ao Terraform, apresentação dada no DevOps Braga.

Technology
1 of 21
Download to read offline
https://bit.ly/2Cs2ql4
Meetup - DevOps Braga 28th March 2019 on 2
Agenda ● About me ● Intro Terraform ● Core Concepts ● Modules / Registry ● Comparison with other tools ● Demo ● TFE 3
About me Bruno Costa ● Background of SysAdmin on Linux, VMware, SAN, … ● Team Leader of DevOps Team @Eurotux ● More than 2 years using AWS, managing a dozen of AWS Accounts ● Using Terraform for a year on Production Environments 4 Reach me on Slack
Intro Terraform Terraform - It is a tool to automate your infrastructure: 1) Write a configuration file (.tf file) 2) Terraform will make sure it will reach your desired state 3) Later on, make some changes to your configuration 4) Terraform will evaluate what has changed and it will apply accordingly 5 Features: ● Written in Go ● Open Source ● From Hashicorp - other tools like Vagrant / Packer / Vault / Consul ● 98 official providers (AWS, GCP, Azure, Cloudflare, Gitlab, PostgreSQL,...) ● 102 community providers (oVirt, AWX, Kafka,…) ● Bring IaC to a new level
Intro Terraform – Phase 0 6 ● Write your config (HCL or JSON) ● Sample with AWS Route 53 ● Objective: create an DNS zone and A record pointing “blc.mydomain.org” => “10.10.10.21” ● Provider (1) ● Resources (2) ● Variables (2) Interpolation
Intro Terraform – Phase 1 7 ● Use the terraform CLI command ● Phase 1 – terraform init Provider Backend
Intro Terraform – Phase 2 8 ● Use the terraform CLI command ● Phase 2 – terraform plan Nothing has changed yet! Dependency
Intro Terraform – Phase 3 9 ● Use the terraform CLI command ● Phase 3 – terraform apply
Intro Terraform 10 What happened? ● Planning – described the action that should be taken to get to the desired state ● Approval – the user reviewed and approved the changes that need to be done ● Execution – using AWS API, Terraform applied the desired changed ● Update State – Terraform wrote data into the state (state file or backend) to keep track of the resources it manages
Core Concepts 11 Resources: ● Key element on HCL – it defines an object that Terraform manages ● Some of them, can be imported into state ● AWS has over 500 different resource types (eg: aws_security_group, aws_instance, aws_iam_role) ● Some resources can be imported into state and be managed by Terraform: terraform import
Core Concepts 12 Providers: ● You need to provide the credentials to connect to provider (user/passwd, token, ...) ● All the resources are tied to a provider, but you may interleave resources from different provider. Eg.: After adding an EC2 instance, you may add a Cloudflare A record ● You may build your own providers ● You need to define alternate providers to talk with different AWS Regions
Core Concepts 13 Data Sources: ● Instead of declaring a resource, you may use computed variables from other sources ● Eg: get AMI id, get list of AZs Outputs: ● You may need to output Terraform result, to feed into other scripts ● Output can be used on Modules Inputs: ● Can be used as vars. Eg: var.aws_provider
Core Concepts 14 Interpolation Syntax: ● Adds expressiveness into a declarative language ● Have conditionals and “pseudo-for” loops ● Built-in functions to manipulate strings, maps and lists ● Terraform 0.12 will bring many changes on interpolation syntax
Core Concepts 15 Backends: ● The backend store the state of Terraform. ● By default, it is a terraform.tfstate file ● Remote State: Keep the state shared and keep locking mechanisms between team members ● AWS: Typical setup Bootstrap – chicken/egg problem ● Have a local file backend to bootstrap DynamoDB and S3
Modules / Registry 16 Modules ● You may multiples related resources to create a module ● Improve code reuse between projects ● Can be called many times, but you cannot transparently use count ● Eg: Create a module to add an ACM certificate and the corresponding validation DNS records on Cloudflare Registry ● https://registry.terraform.io/ ● Share verified modules and community modules ● Eg: terraform-aws-modules/vpc/aws can create a VPC with corresponding subnets, IGW, , Routing Tables ● Cloud Posse has some nice modules, despite being community-based modules
Comparison with Other Tools 17 ● Configuration Tools – Chef, Puppet, ... – Terraform focus on resource creation, rather than configure a server that already exist ● Infra Tools – CloudFormation – Similar to Terraform, but Terraform can mix resource from different Cloud providers ● API – Boto3, SDK – Too much low-level. Need to manually manage resource dependency, lifecycle and implement logic to interact with different providers ● But... – You may combine Terraform with native provisioners (chef, salt) or local-exec provisioner (Ansible)
Demo 18 Network ● Create a VPC on us-east-1 ● The VPC should have 2 AZs, each one with a /24 subnet ● VPC CIDR should be 10.230.0.0/22 ● Only one NAT instance for both Private Subnets
Demo 19 Sample App PHP+MySQL ● Add a MySQL/MariaDB on Private Subnet ● Add an Apache HTTP with PHP to Public Subnet ● Grab the output from Terraform, test the website
TFE 20 Advantages: ● Private Module Registry ● Web interface (but console output) ● Customer Support ● Trial: http://app.terraform.io/account /new
Questions?

Recommended

Terraform
TerraformTerraform
TerraformHarish Kumar
 
Effective terraform
Effective terraformEffective terraform
Effective terraformCalvin French-Owen
 
DalmatinerDB and cockroachDB monitoring plataform
DalmatinerDB and cockroachDB monitoring plataformDalmatinerDB and cockroachDB monitoring plataform
DalmatinerDB and cockroachDB monitoring plataformLeandro Totino Pereira
 
Terraform
TerraformTerraform
TerraformPhil Wilkins
 
02 terraform core concepts
02 terraform core concepts02 terraform core concepts
02 terraform core conceptszekeLabs Technologies
 
Flume and Hadoop performance insights
Flume and Hadoop performance insightsFlume and Hadoop performance insights
Flume and Hadoop performance insightsOmid Vahdaty
 
Spark Summit EU talk by Jiri Simsa
Spark Summit EU talk by Jiri SimsaSpark Summit EU talk by Jiri Simsa
Spark Summit EU talk by Jiri SimsaSpark Summit
 
Flume in 10minutes
Flume in 10minutesFlume in 10minutes
Flume in 10minutesdwmclary
 

Recommended

Terraform
TerraformTerraform
TerraformHarish Kumar
 
Effective terraform
Effective terraformEffective terraform
Effective terraformCalvin French-Owen
 
DalmatinerDB and cockroachDB monitoring plataform
DalmatinerDB and cockroachDB monitoring plataformDalmatinerDB and cockroachDB monitoring plataform
DalmatinerDB and cockroachDB monitoring plataformLeandro Totino Pereira
 
Terraform
TerraformTerraform
TerraformPhil Wilkins
 
02 terraform core concepts
02 terraform core concepts02 terraform core concepts
02 terraform core conceptszekeLabs Technologies
 
Flume and Hadoop performance insights
Flume and Hadoop performance insightsFlume and Hadoop performance insights
Flume and Hadoop performance insightsOmid Vahdaty
 
Spark Summit EU talk by Jiri Simsa
Spark Summit EU talk by Jiri SimsaSpark Summit EU talk by Jiri Simsa
Spark Summit EU talk by Jiri SimsaSpark Summit
 
Flume in 10minutes
Flume in 10minutesFlume in 10minutes
Flume in 10minutesdwmclary
 
Shark - Lab Assignment
Shark - Lab AssignmentShark - Lab Assignment
Shark - Lab AssignmentFarzad Nozarian
 
Design and architecture of Jackrabbit
Design and architecture of JackrabbitDesign and architecture of Jackrabbit
Design and architecture of JackrabbitJukka Zitting
 
{code} and Containers - Open Source Infrastructure within Dell Technologies
{code} and Containers - Open Source Infrastructure within Dell Technologies{code} and Containers - Open Source Infrastructure within Dell Technologies
{code} and Containers - Open Source Infrastructure within Dell TechnologiesThe {code} Team
 
Inside Flume
Inside FlumeInside Flume
Inside FlumeCloudera, Inc.
 
Windows azure table storage – deep dive
Windows azure table storage – deep diveWindows azure table storage – deep dive
Windows azure table storage – deep diveSundararajan Subramanian
 
DNS in the Cloud
DNS in the CloudDNS in the Cloud
DNS in the CloudHabeeb Rahman
 
A Travel Through Mesos
A Travel Through MesosA Travel Through Mesos
A Travel Through MesosDatio Big Data
 
OSGifying the repository
OSGifying the repositoryOSGifying the repository
OSGifying the repositoryJukka Zitting
 
File uploads to s3
File uploads to s3File uploads to s3
File uploads to s3varunlalan
 
Azure storage
Azure storageAzure storage
Azure storageRaju Kumar
 
Web Performance & Scalability Tools
Web Performance & Scalability ToolsWeb Performance & Scalability Tools
Web Performance & Scalability ToolsFolio3 Software
 
Making Apache Kafka Elastic with Apache Mesos
Making Apache Kafka Elastic with Apache MesosMaking Apache Kafka Elastic with Apache Mesos
Making Apache Kafka Elastic with Apache MesosJoe Stein
 
/path/to/content - the Apache Jackrabbit content repository
/path/to/content - the Apache Jackrabbit content repository/path/to/content - the Apache Jackrabbit content repository
/path/to/content - the Apache Jackrabbit content repositoryJukka Zitting
 
Apache flume - Twitter Streaming
Apache flume - Twitter Streaming Apache flume - Twitter Streaming
Apache flume - Twitter Streaming Kowndinya Mannepalli
 
Infrastructure as code with terraform and packer
Infrastructure as code with terraform and packerInfrastructure as code with terraform and packer
Infrastructure as code with terraform and packerAlex Landa
 
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...Joe Stein
 
Repository performance tuning
Repository performance tuningRepository performance tuning
Repository performance tuningJukka Zitting
 
Azure Storage Performance
Azure Storage PerformanceAzure Storage Performance
Azure Storage PerformanceAnton Boyko
 
Hadoop spark online demo
Hadoop spark online demoHadoop spark online demo
Hadoop spark online demoTripti Jha
 
Apache flume
Apache flumeApache flume
Apache flumeRamakrishna kapa
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with TerraformPedro J. Molina
 
Terraform vs Pulumi
Terraform vs PulumiTerraform vs Pulumi
Terraform vs PulumiHoaiNam307
 

More Related Content

What's hot

Design and architecture of Jackrabbit
Design and architecture of JackrabbitDesign and architecture of Jackrabbit
Design and architecture of JackrabbitJukka Zitting
 
{code} and Containers - Open Source Infrastructure within Dell Technologies
{code} and Containers - Open Source Infrastructure within Dell Technologies{code} and Containers - Open Source Infrastructure within Dell Technologies
{code} and Containers - Open Source Infrastructure within Dell TechnologiesThe {code} Team
 
A Travel Through Mesos
A Travel Through MesosA Travel Through Mesos
A Travel Through MesosDatio Big Data
 
OSGifying the repository
OSGifying the repositoryOSGifying the repository
OSGifying the repositoryJukka Zitting
 
File uploads to s3
File uploads to s3File uploads to s3
File uploads to s3varunlalan
 
Web Performance & Scalability Tools
Web Performance & Scalability ToolsWeb Performance & Scalability Tools
Web Performance & Scalability ToolsFolio3 Software
 
Making Apache Kafka Elastic with Apache Mesos
Making Apache Kafka Elastic with Apache MesosMaking Apache Kafka Elastic with Apache Mesos
Making Apache Kafka Elastic with Apache MesosJoe Stein
 
/path/to/content - the Apache Jackrabbit content repository
/path/to/content - the Apache Jackrabbit content repository/path/to/content - the Apache Jackrabbit content repository
/path/to/content - the Apache Jackrabbit content repositoryJukka Zitting
 
Infrastructure as code with terraform and packer
Infrastructure as code with terraform and packerInfrastructure as code with terraform and packer
Infrastructure as code with terraform and packerAlex Landa
 
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...Joe Stein
 
Repository performance tuning
Repository performance tuningRepository performance tuning
Repository performance tuningJukka Zitting
 
Azure Storage Performance
Azure Storage PerformanceAzure Storage Performance
Azure Storage PerformanceAnton Boyko
 
Hadoop spark online demo
Hadoop spark online demoHadoop spark online demo
Hadoop spark online demoTripti Jha
 

What's hot (20)

Shark - Lab Assignment
Shark - Lab AssignmentShark - Lab Assignment
Shark - Lab Assignment
 
Design and architecture of Jackrabbit
Design and architecture of JackrabbitDesign and architecture of Jackrabbit
Design and architecture of Jackrabbit
 
{code} and Containers - Open Source Infrastructure within Dell Technologies
{code} and Containers - Open Source Infrastructure within Dell Technologies{code} and Containers - Open Source Infrastructure within Dell Technologies
{code} and Containers - Open Source Infrastructure within Dell Technologies
 
Inside Flume
Inside FlumeInside Flume
Inside Flume
 
Windows azure table storage – deep dive
Windows azure table storage – deep diveWindows azure table storage – deep dive
Windows azure table storage – deep dive
 
DNS in the Cloud
DNS in the CloudDNS in the Cloud
DNS in the Cloud
 
A Travel Through Mesos
A Travel Through MesosA Travel Through Mesos
A Travel Through Mesos
 
OSGifying the repository
OSGifying the repositoryOSGifying the repository
OSGifying the repository
 
File uploads to s3
File uploads to s3File uploads to s3
File uploads to s3
 
Azure storage
Azure storageAzure storage
Azure storage
 
Web Performance & Scalability Tools
Web Performance & Scalability ToolsWeb Performance & Scalability Tools
Web Performance & Scalability Tools
 
Making Apache Kafka Elastic with Apache Mesos
Making Apache Kafka Elastic with Apache MesosMaking Apache Kafka Elastic with Apache Mesos
Making Apache Kafka Elastic with Apache Mesos
 
/path/to/content - the Apache Jackrabbit content repository
/path/to/content - the Apache Jackrabbit content repository/path/to/content - the Apache Jackrabbit content repository
/path/to/content - the Apache Jackrabbit content repository
 
Apache flume - Twitter Streaming
Apache flume - Twitter Streaming Apache flume - Twitter Streaming
Apache flume - Twitter Streaming
 
Infrastructure as code with terraform and packer
Infrastructure as code with terraform and packerInfrastructure as code with terraform and packer
Infrastructure as code with terraform and packer
 
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
Making Distributed Data Persistent Services Elastic (Without Losing All Your ...
 
Repository performance tuning
Repository performance tuningRepository performance tuning
Repository performance tuning
 
Azure Storage Performance
Azure Storage PerformanceAzure Storage Performance
Azure Storage Performance
 
Hadoop spark online demo
Hadoop spark online demoHadoop spark online demo
Hadoop spark online demo
 
Apache flume
Apache flumeApache flume
Apache flume
 

Similar to DevOps Braga #9: Introdução ao Terraform

Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with TerraformPedro J. Molina
 
Terraform vs Pulumi
Terraform vs PulumiTerraform vs Pulumi
Terraform vs PulumiHoaiNam307
 
AWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp VaultAWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp VaultGrzegorz Adamowicz
 
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdfHashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdfssuser705051
 
Building infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowBuilding infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowAnton Babenko
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to KubernetesVishal Biyani
 
Cassandra Lunch #86: DataStax Astra Terraform Provider
Cassandra Lunch #86: DataStax Astra Terraform ProviderCassandra Lunch #86: DataStax Astra Terraform Provider
Cassandra Lunch #86: DataStax Astra Terraform ProviderAnant Corporation
 
Terraforming your Infrastructure on GCP
Terraforming your Infrastructure on GCPTerraforming your Infrastructure on GCP
Terraforming your Infrastructure on GCPSamuel Chow
 
Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Anton Babenko
 
Terraform Q&A - HashiCorp User Group Oslo
Terraform Q&A - HashiCorp User Group OsloTerraform Q&A - HashiCorp User Group Oslo
Terraform Q&A - HashiCorp User Group OsloAnton Babenko
 
Infrastructure as Code with Terraform.pptx
Infrastructure as Code with Terraform.pptxInfrastructure as Code with Terraform.pptx
Infrastructure as Code with Terraform.pptxSamuel862293
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with TerraformTim Berry
 
Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Anton Babenko
 
Cloudify and terraform integration
Cloudify and terraform integrationCloudify and terraform integration
Cloudify and terraform integrationNati Shalom
 
Terraform + ansible talk
Terraform + ansible talkTerraform + ansible talk
Terraform + ansible talkJames Strong
 
Flume-based Independent News Aggregator
Flume-based Independent News AggregatorFlume-based Independent News Aggregator
Flume-based Independent News AggregatorMário Almeida
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesYevgeniy Brikman
 

Similar to DevOps Braga #9: Introdução ao Terraform (20)

Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with Terraform
 
Terraform vs Pulumi
Terraform vs PulumiTerraform vs Pulumi
Terraform vs Pulumi
 
AWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp VaultAWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp Vault
 
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdfHashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
 
Terraform-2.pdf
Terraform-2.pdfTerraform-2.pdf
Terraform-2.pdf
 
Building infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowBuilding infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps Krakow
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Cassandra Lunch #86: DataStax Astra Terraform Provider
Cassandra Lunch #86: DataStax Astra Terraform ProviderCassandra Lunch #86: DataStax Astra Terraform Provider
Cassandra Lunch #86: DataStax Astra Terraform Provider
 
Terraforming your Infrastructure on GCP
Terraforming your Infrastructure on GCPTerraforming your Infrastructure on GCP
Terraforming your Infrastructure on GCP
 
Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019Terraform modules and some of best-practices - March 2019
Terraform modules and some of best-practices - March 2019
 
Terraform Q&A - HashiCorp User Group Oslo
Terraform Q&A - HashiCorp User Group OsloTerraform Q&A - HashiCorp User Group Oslo
Terraform Q&A - HashiCorp User Group Oslo
 
Infrastructure as Code with Terraform.pptx
Infrastructure as Code with Terraform.pptxInfrastructure as Code with Terraform.pptx
Infrastructure as Code with Terraform.pptx
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with Terraform
 
Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018Terraform modules and best-practices - September 2018
Terraform modules and best-practices - September 2018
 
Cloudify and terraform integration
Cloudify and terraform integrationCloudify and terraform integration
Cloudify and terraform integration
 
Terraform + ansible talk
Terraform + ansible talkTerraform + ansible talk
Terraform + ansible talk
 
HDFCloud Workshop: HDF5 in the Cloud
HDFCloud Workshop: HDF5 in the CloudHDFCloud Workshop: HDF5 in the Cloud
HDFCloud Workshop: HDF5 in the Cloud
 
Flume-based Independent News Aggregator
Flume-based Independent News AggregatorFlume-based Independent News Aggregator
Flume-based Independent News Aggregator
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modules
 
App Deployment on Cloud
App Deployment on CloudApp Deployment on Cloud
App Deployment on Cloud
 

More from DevOps Braga

DevOps Braga #15: Agentless monitoring with icinga and prometheus
DevOps Braga #15: Agentless monitoring with icinga and prometheusDevOps Braga #15: Agentless monitoring with icinga and prometheus
DevOps Braga #15: Agentless monitoring with icinga and prometheusDevOps Braga
 
Infrastructural challenges of a fast-pace startup
Infrastructural challenges of a fast-pace startupInfrastructural challenges of a fast-pace startup
Infrastructural challenges of a fast-pace startupDevOps Braga
 
DevOps Braga #11: Docker Anatomy
DevOps Braga #11: Docker AnatomyDevOps Braga #11: Docker Anatomy
DevOps Braga #11: Docker AnatomyDevOps Braga
 
DevOps Braga #4: Infrastructure as Code: Impulsionar DevOps
DevOps Braga #4: Infrastructure as Code: Impulsionar DevOpsDevOps Braga #4: Infrastructure as Code: Impulsionar DevOps
DevOps Braga #4: Infrastructure as Code: Impulsionar DevOpsDevOps Braga
 
DevOps Braga #7: Salt: Configuration Management
DevOps Braga #7: Salt: Configuration ManagementDevOps Braga #7: Salt: Configuration Management
DevOps Braga #7: Salt: Configuration ManagementDevOps Braga
 
DevOps Braga #3: Admin rights, everyone gets Admin rights!
DevOps Braga #3: Admin rights, everyone gets Admin rights!DevOps Braga #3: Admin rights, everyone gets Admin rights!
DevOps Braga #3: Admin rights, everyone gets Admin rights!DevOps Braga
 

More from DevOps Braga (8)

DevOps Braga #15: Agentless monitoring with icinga and prometheus
DevOps Braga #15: Agentless monitoring with icinga and prometheusDevOps Braga #15: Agentless monitoring with icinga and prometheus
DevOps Braga #15: Agentless monitoring with icinga and prometheus
 
Infrastructural challenges of a fast-pace startup
Infrastructural challenges of a fast-pace startupInfrastructural challenges of a fast-pace startup
Infrastructural challenges of a fast-pace startup
 
DevOps Braga #11: Docker Anatomy
DevOps Braga #11: Docker AnatomyDevOps Braga #11: Docker Anatomy
DevOps Braga #11: Docker Anatomy
 
DevOps Braga #4: Infrastructure as Code: Impulsionar DevOps
DevOps Braga #4: Infrastructure as Code: Impulsionar DevOpsDevOps Braga #4: Infrastructure as Code: Impulsionar DevOps
DevOps Braga #4: Infrastructure as Code: Impulsionar DevOps
 
DevOps Braga #7: Salt: Configuration Management
DevOps Braga #7: Salt: Configuration ManagementDevOps Braga #7: Salt: Configuration Management
DevOps Braga #7: Salt: Configuration Management
 
DevOps Braga #3: Admin rights, everyone gets Admin rights!
DevOps Braga #3: Admin rights, everyone gets Admin rights!DevOps Braga #3: Admin rights, everyone gets Admin rights!
DevOps Braga #3: Admin rights, everyone gets Admin rights!
 
DevOps Braga #6
DevOps Braga #6DevOps Braga #6
DevOps Braga #6
 
DevOps Braga #5
DevOps Braga #5DevOps Braga #5
DevOps Braga #5
 

Recently uploaded

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Recently uploaded (20)

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

DevOps Braga #9: Introdução ao Terraform

  • 2. Meetup - DevOps Braga 28th March 2019 on 2
  • 3. Agenda ● About me ● Intro Terraform ● Core Concepts ● Modules / Registry ● Comparison with other tools ● Demo ● TFE 3
  • 4. About me Bruno Costa ● Background of SysAdmin on Linux, VMware, SAN, … ● Team Leader of DevOps Team @Eurotux ● More than 2 years using AWS, managing a dozen of AWS Accounts ● Using Terraform for a year on Production Environments 4 Reach me on Slack
  • 5. Intro Terraform Terraform - It is a tool to automate your infrastructure: 1) Write a configuration file (.tf file) 2) Terraform will make sure it will reach your desired state 3) Later on, make some changes to your configuration 4) Terraform will evaluate what has changed and it will apply accordingly 5 Features: ● Written in Go ● Open Source ● From Hashicorp - other tools like Vagrant / Packer / Vault / Consul ● 98 official providers (AWS, GCP, Azure, Cloudflare, Gitlab, PostgreSQL,...) ● 102 community providers (oVirt, AWX, Kafka,…) ● Bring IaC to a new level
  • 6. Intro Terraform – Phase 0 6 ● Write your config (HCL or JSON) ● Sample with AWS Route 53 ● Objective: create an DNS zone and A record pointing “blc.mydomain.org” => “10.10.10.21” ● Provider (1) ● Resources (2) ● Variables (2) Interpolation
  • 7. Intro Terraform – Phase 1 7 ● Use the terraform CLI command ● Phase 1 – terraform init Provider Backend
  • 8. Intro Terraform – Phase 2 8 ● Use the terraform CLI command ● Phase 2 – terraform plan Nothing has changed yet! Dependency
  • 9. Intro Terraform – Phase 3 9 ● Use the terraform CLI command ● Phase 3 – terraform apply
  • 10. Intro Terraform 10 What happened? ● Planning – described the action that should be taken to get to the desired state ● Approval – the user reviewed and approved the changes that need to be done ● Execution – using AWS API, Terraform applied the desired changed ● Update State – Terraform wrote data into the state (state file or backend) to keep track of the resources it manages
  • 11. Core Concepts 11 Resources: ● Key element on HCL – it defines an object that Terraform manages ● Some of them, can be imported into state ● AWS has over 500 different resource types (eg: aws_security_group, aws_instance, aws_iam_role) ● Some resources can be imported into state and be managed by Terraform: terraform import
  • 12. Core Concepts 12 Providers: ● You need to provide the credentials to connect to provider (user/passwd, token, ...) ● All the resources are tied to a provider, but you may interleave resources from different provider. Eg.: After adding an EC2 instance, you may add a Cloudflare A record ● You may build your own providers ● You need to define alternate providers to talk with different AWS Regions
  • 13. Core Concepts 13 Data Sources: ● Instead of declaring a resource, you may use computed variables from other sources ● Eg: get AMI id, get list of AZs Outputs: ● You may need to output Terraform result, to feed into other scripts ● Output can be used on Modules Inputs: ● Can be used as vars. Eg: var.aws_provider
  • 14. Core Concepts 14 Interpolation Syntax: ● Adds expressiveness into a declarative language ● Have conditionals and “pseudo-for” loops ● Built-in functions to manipulate strings, maps and lists ● Terraform 0.12 will bring many changes on interpolation syntax
  • 15. Core Concepts 15 Backends: ● The backend store the state of Terraform. ● By default, it is a terraform.tfstate file ● Remote State: Keep the state shared and keep locking mechanisms between team members ● AWS: Typical setup Bootstrap – chicken/egg problem ● Have a local file backend to bootstrap DynamoDB and S3
  • 16. Modules / Registry 16 Modules ● You may multiples related resources to create a module ● Improve code reuse between projects ● Can be called many times, but you cannot transparently use count ● Eg: Create a module to add an ACM certificate and the corresponding validation DNS records on Cloudflare Registry ● https://registry.terraform.io/ ● Share verified modules and community modules ● Eg: terraform-aws-modules/vpc/aws can create a VPC with corresponding subnets, IGW, , Routing Tables ● Cloud Posse has some nice modules, despite being community-based modules
  • 17. Comparison with Other Tools 17 ● Configuration Tools – Chef, Puppet, ... – Terraform focus on resource creation, rather than configure a server that already exist ● Infra Tools – CloudFormation – Similar to Terraform, but Terraform can mix resource from different Cloud providers ● API – Boto3, SDK – Too much low-level. Need to manually manage resource dependency, lifecycle and implement logic to interact with different providers ● But... – You may combine Terraform with native provisioners (chef, salt) or local-exec provisioner (Ansible)
  • 18. Demo 18 Network ● Create a VPC on us-east-1 ● The VPC should have 2 AZs, each one with a /24 subnet ● VPC CIDR should be 10.230.0.0/22 ● Only one NAT instance for both Private Subnets
  • 19. Demo 19 Sample App PHP+MySQL ● Add a MySQL/MariaDB on Private Subnet ● Add an Apache HTTP with PHP to Public Subnet ● Grab the output from Terraform, test the website
  • 20. TFE 20 Advantages: ● Private Module Registry ● Web interface (but console output) ● Customer Support ● Trial: http://app.terraform.io/account /new