This document provides an overview of infrastructure as code concepts and tools. It begins with an introduction to infrastructure as code and how it allows infrastructure to be provisioned and maintained through code. It then covers different categories of tools including ad-hoc scripts, configuration management tools, server templating tools, and provisioning tools. Examples like Packer and Terraform are demonstrated. The document also discusses concepts like mutable vs immutable infrastructure and imperative vs declarative code. It profiles major infrastructure as code players and frameworks. Finally it touches on best practices and the benefits of infrastructure as code.
Infrastructure as Code, tools, benefits, paradigms and more.
Presentation from DigitalOnUs DevOps: Infrastructure as Code Meetup (September 20, 2018 - Monterrey Nuevo Leon MX)
Infrastructure-as-Code (IaC) Using Terraform (Intermediate Edition)Adin Ermie
In this presentation, we will cover intermediate Terraform topics including alternative providers, collection types, loops and conditionals, and resource lifecycles. We will also focus on reusability with a discussion on modules, data sources, and remote state (including live demo examples).
Finally, we start the initial look into a full DevOps process with a quick review of Workspaces and Terraform Cloud; and wrap everything up with some key takeaway learning resources in your Terraform learning adventure.
NOTE: A recording this presentation can be found here: https://youtu.be/0CEF4eZ6HiQ
Terraform modules and best-practices - September 2018Anton Babenko
Slides for my "Terraform modules and best-practices" talk on meetups during September 2018.
Some links from the slides:
https://www.terraform-best-practices.com/
https://cloudcraft.co/
https://github.com/terraform-aws-modules/
https://github.com/antonbabenko/modules.tf-lambda
Infrastructure as Code, tools, benefits, paradigms and more.
Presentation from DigitalOnUs DevOps: Infrastructure as Code Meetup (September 20, 2018 - Monterrey Nuevo Leon MX)
Infrastructure-as-Code (IaC) Using Terraform (Intermediate Edition)Adin Ermie
In this presentation, we will cover intermediate Terraform topics including alternative providers, collection types, loops and conditionals, and resource lifecycles. We will also focus on reusability with a discussion on modules, data sources, and remote state (including live demo examples).
Finally, we start the initial look into a full DevOps process with a quick review of Workspaces and Terraform Cloud; and wrap everything up with some key takeaway learning resources in your Terraform learning adventure.
NOTE: A recording this presentation can be found here: https://youtu.be/0CEF4eZ6HiQ
Terraform modules and best-practices - September 2018Anton Babenko
Slides for my "Terraform modules and best-practices" talk on meetups during September 2018.
Some links from the slides:
https://www.terraform-best-practices.com/
https://cloudcraft.co/
https://github.com/terraform-aws-modules/
https://github.com/antonbabenko/modules.tf-lambda
Infrastructure-as-Code (IaC) using TerraformAdin Ermie
Learn the benefits of Infrastructure-as-Code (IaC), what Terraform is and why people love it, along with a breakdown of the basics (including live demo deployments). Then wrap up with a comparison of Azure Resource Manager (ARM) templates versus Terraform, consider some best practices, and walk away with some key resources in your Terraform learning adventure.
Are you looking to automate your infrastructure but not sure where to start? View this presentation on ‘Getting started with Infrastructure as code’ to learn how to leverage IaC to deploy and manage resources on Azure. You will learn:
• Introduction to IaC
• Develop a simple IaC using Terraform
• Manage the deployed infrastructure using Terraform
View webinar recording at https://www.winwire.com/webinars
Best Practices of Infrastructure as Code with TerraformDevOps.com
When your organization is moving to cloud, the infrastructure layer transitions from running dedicated servers at limited scale to a dynamic environment, where you can easily adjust to growing demand by spinning up thousands of servers and scaling them down when not in use.
The future of DevOps is infrastructure as code. Infrastructure as code supports the growth of infrastructure and provisioning requests. It treats infrastructure as software: code that can be re-used, tested, automated and version controlled. HashiCorp Terraform adopts infrastructure as code throughout its tool to prevent configuration drift, manage immutable infrastructure and much more!
Join this webinar to learn why Infrastructure as Code is the answer to managing large scale, distributed systems and service-oriented architectures. We will cover key use cases, a demo of how to use Infrastructure as Code to provision your infrastructure and more:
Agenda:
Intro to Infrastructure as Code: Challenges & Use cases
Writing Infrastructure as Code with Terraform
Collaborating with Teams on Infrastructure
A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...Alex Cachia
A brief introduction to IaC with Terraform by Kenton Robbins
Managing cloud infrastructure can be a complex and time consuming process. Using Terraform, we are able to create a blueprint capable of reproducing your infrastructure simply by running a script. Find out how 'infrastructure as code' can reduce operational costs and risk while increasing efficiency and stability.
Hosted by Alex Cachia, codeHarbour provides an opportunity for discussion and a platform for digital presenters to get their technological ideas out there to the people who need to hear it.
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...Amazon Web Services
Using Terraform to automate your infrastructure on AWS. What is Terraform and how is it different from Ansible. How to control cloud deployments using Terraform.
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
This talk is a step-by-step, live-coding class on how to write automated tests for infrastructure code, including the code you write for use with tools such as Terraform, Kubernetes, Docker, and Packer. Topics covered include unit tests, integration tests, end-to-end tests, test parallelism, retries, error handling, static analysis, and more.
This beginning terraform workshop will teach you how to safely create and provision Infrastructure as Code (IAC) using Hashicorp Terraform in an AWS environment. In this class you will learn how to setup and install terraform. You will also be given a walkthrough of Terraform fundamentals. You will be lead through the process of deploying a single server, deploying a cluster and setting up a load balancer. You will also learn how to author Terraform Modules, work with Route53 and how to manage DNS.
Requirements. You will need to have an AWS account set up already with Terraform v0.9.3 installed. You will also need to have git install to download the workshop material.
You can find more informaiton on how to install terraform here: https://www.terraform.io/intro/getting-started/install.html. You can sign up for an AWS account here: https://aws.amazon.com/account/
https://github.com/jasonvance/terraform-introduction
As part of this presentation we covered basics of Terraform which is Infrastructure as code. It will helps to Devops teams to start with Terraform.
This document will be helpful for the development who wants to understand infrastructure as code concepts and if they want to understand the usability of terrform
An inroduction to Terraform, a tool that helps you deploy and change your infrastructure as code. Given at Rencontres Mondiales du Logiciel libre (RMLL) 2017
The Fn project is an open-source container-native serverless platform that you can run anywhere -- any cloud or on-premise. It’s easy to use, supports every programming language, and is extensible and performant. https://fnproject.io/
Infrastructure-as-Code (IaC) using TerraformAdin Ermie
Learn the benefits of Infrastructure-as-Code (IaC), what Terraform is and why people love it, along with a breakdown of the basics (including live demo deployments). Then wrap up with a comparison of Azure Resource Manager (ARM) templates versus Terraform, consider some best practices, and walk away with some key resources in your Terraform learning adventure.
Are you looking to automate your infrastructure but not sure where to start? View this presentation on ‘Getting started with Infrastructure as code’ to learn how to leverage IaC to deploy and manage resources on Azure. You will learn:
• Introduction to IaC
• Develop a simple IaC using Terraform
• Manage the deployed infrastructure using Terraform
View webinar recording at https://www.winwire.com/webinars
Best Practices of Infrastructure as Code with TerraformDevOps.com
When your organization is moving to cloud, the infrastructure layer transitions from running dedicated servers at limited scale to a dynamic environment, where you can easily adjust to growing demand by spinning up thousands of servers and scaling them down when not in use.
The future of DevOps is infrastructure as code. Infrastructure as code supports the growth of infrastructure and provisioning requests. It treats infrastructure as software: code that can be re-used, tested, automated and version controlled. HashiCorp Terraform adopts infrastructure as code throughout its tool to prevent configuration drift, manage immutable infrastructure and much more!
Join this webinar to learn why Infrastructure as Code is the answer to managing large scale, distributed systems and service-oriented architectures. We will cover key use cases, a demo of how to use Infrastructure as Code to provision your infrastructure and more:
Agenda:
Intro to Infrastructure as Code: Challenges & Use cases
Writing Infrastructure as Code with Terraform
Collaborating with Teams on Infrastructure
A brief introduction to IaC with Terraform by Kenton Robbins (codeHarbour May...Alex Cachia
A brief introduction to IaC with Terraform by Kenton Robbins
Managing cloud infrastructure can be a complex and time consuming process. Using Terraform, we are able to create a blueprint capable of reproducing your infrastructure simply by running a script. Find out how 'infrastructure as code' can reduce operational costs and risk while increasing efficiency and stability.
Hosted by Alex Cachia, codeHarbour provides an opportunity for discussion and a platform for digital presenters to get their technological ideas out there to the people who need to hear it.
Using HashiCorp’s Terraform to build your infrastructure on AWS - Pop-up Loft...Amazon Web Services
Using Terraform to automate your infrastructure on AWS. What is Terraform and how is it different from Ansible. How to control cloud deployments using Terraform.
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
This talk is a step-by-step, live-coding class on how to write automated tests for infrastructure code, including the code you write for use with tools such as Terraform, Kubernetes, Docker, and Packer. Topics covered include unit tests, integration tests, end-to-end tests, test parallelism, retries, error handling, static analysis, and more.
This beginning terraform workshop will teach you how to safely create and provision Infrastructure as Code (IAC) using Hashicorp Terraform in an AWS environment. In this class you will learn how to setup and install terraform. You will also be given a walkthrough of Terraform fundamentals. You will be lead through the process of deploying a single server, deploying a cluster and setting up a load balancer. You will also learn how to author Terraform Modules, work with Route53 and how to manage DNS.
Requirements. You will need to have an AWS account set up already with Terraform v0.9.3 installed. You will also need to have git install to download the workshop material.
You can find more informaiton on how to install terraform here: https://www.terraform.io/intro/getting-started/install.html. You can sign up for an AWS account here: https://aws.amazon.com/account/
https://github.com/jasonvance/terraform-introduction
As part of this presentation we covered basics of Terraform which is Infrastructure as code. It will helps to Devops teams to start with Terraform.
This document will be helpful for the development who wants to understand infrastructure as code concepts and if they want to understand the usability of terrform
An inroduction to Terraform, a tool that helps you deploy and change your infrastructure as code. Given at Rencontres Mondiales du Logiciel libre (RMLL) 2017
The Fn project is an open-source container-native serverless platform that you can run anywhere -- any cloud or on-premise. It’s easy to use, supports every programming language, and is extensible and performant. https://fnproject.io/
This presentation, given at the Fort Worth .NET User Group on 19 Sept. 2017, talks about serverless technology: What it is, when it's best to use, its features and limitations. It specifically focuses on Azure Functions and Azure Logic Apps.
How HashiCorp platform tools can make the difference in development and deplo...Dmytro Mykhailov
This is slides from my talk on Kharkiv IT Weekend on May 27, 2017.
Here is link to my blog where you can find more information about the approaches:
https://devraccoon.com/2017/05/30/hashicorp-tools-on-it-weekend-kharkiv/
DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...Michael Elder
Delivered at IBM Innovate 2014. Original abstract:
How can you improve your customer feedback loop using iterative, full stack application design for the cloud?
In this presentation, we’ll cover an innovative new way of designing and versioning your cloud applications through a web-based environment development toolkit. With support for OpenStack and other cloud providers, we’re able to capture all aspects of your cloud-based application from compute, storage, and virtual networking all the way up to the application managed in UrbanCode Deploy. In a single click, you can stand up a new environment complete with application components deployed and ready to run. With built in configuration management, you can see the changes made by your automation to configure each node. And with UrbanCode Deploy’s inventory management system, you’ll always know what version of which component is deployed where.
Come learn about our new take on cloud design and get involved to provide us with feedback to make this offering exactly what you need.
Hyper-V, VMWare, Azure, Amazon, Docker…existen diferentes escenarios y tecnologías que podemos llegar a usar para aprovisionar nuestra infraestructura, desde nuestro propio datacenter hasta diferentes opciones basadas en virtualización o proveedor de cloud computing.
Por qué puede ser tan útil este concepto así como de cómo podríamos llevar a la práctica usando diferentes tecnologías y herramientas que tenemos a nuestra disposición. Con Ibon Landa.
Moving to the cloud isn’t easy, transforming your engineering team to adopt to the cloud and services lifestyle is therefore crucial. It all starts with creating a common understanding of the engineering and development principles which are important in the cloud, which are different then building regular applications. This session will take you on a road trip based on the presenters experience developing and more importantly operating Azure Active Directory, SQL Server Azure and most recently the Xbox Live Services to support Xbox One.
Configuration Management in the Cloud | AWS Public Sector Summit 2017Amazon Web Services
In order for your application to operate in a predictable manner in both your test and production environments, you must vigilantly maintain the configuration of your resources. By leveraging configuration management solutions, Dev and Ops engineers can define the state of their resources across their entire lifecycle. In this session, you will learn how to use AWS OpsWorks, AWS CodeDeploy, and AWS CodePipeline to build a reliable and consistent development pipeline that assures your production workloads behave in a predictable manner. Learn More: https://aws.amazon.com/government-education/
Today, the development and operations landscape has shifted to a more collaborative model merging the two (DevOps). Developers need to know much more about the operational components of their software - especially around network programming, services development, and continuous deployment. Likewise, the developer's IT counterpart needs to know much more about development - especially around infrastructure automation (Chef/Puppet), automated testing, and continuous deployment.
Deep dive into service fabric after 2 yearsTomasz Kopacz
How to use more advanced capabilities built-in into service fabric. How to create scalable and FAST applications. When to choose stateless, statefull and actor services. How to deploy any exe to service fabric.
Samples: https://github.com/tkopacz/2016DeveloperDays
DCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing EnvironmentDocker, Inc.
Jeanie Schwenk, Jireh Semiconductor
Jireh Semiconductor bought the Hillsboro fab and its contents including the manufacturing tools, servers, and software running the fab. The previous company had been winding down for years so server and software upgrades had not been on the radar for some time. In 2011 Jireh became the proud owner of the building, the tools, and its legacy software running on servers that weren’t even made any more.
That's when I started my adventure with Jireh in September 2016 with a charter to modernize the applications running the manufacturing facility process and move them into VMs with no impact to manufacturing. That led me down a path of exploration and questions. “What’s the goal?”
The goal wasn't to move to VMs. It was to become independent of the aging PA-RISC architecture, bring forward the ~230 java 1.4.2 applications (10-15 years old), scale to allow increased the load on the software and hardware in order to ramp the factory output to numbers never seen previously. And do it without manufacturing downtime.
The solution included a transition from waterfall and silo development to agile scrum. Rather than simply migrating to VMs, it became obvious the lynch pin for a successful software transition with the required uptime, flexibility, and scalability was Docker Enterprise.
Join me for this session where I'll talk about my journey modernizing 15+ year old applications and infrastructure at Jireh.
Migrating IBM i Systems to the Cloud: Exploring the Pros and ConsPrecisely
In today's dynamic IT landscape, businesses running IBM Power Systems are continuously seeking ways to optimize their infrastructure and leverage cutting-edge technologies. Migrating IBM i and AIX workloads to the cloud has emerged as a compelling option for many organizations, offering a host of potential benefits. However, it is crucial to carefully weigh the pros and cons of cloud migration before making a decision.
In this webinar, we'll delve into the intricate world of IBM i cloud migration, equipping you with the knowledge to make an informed choice.
Join us for this webcast to hear about:
• The compelling advantages of migrating to the cloud
• The potential challenges of migration
• Recommended best practices for undertaking a migration
Confoo-Montreal-2016: Controlling Your Environments using Infrastructure as CodeSteve Mercier
Slides from my talk at ConFoo Montreal, February 2016. A presentation on how to apply configuration management (CM) principles for your various environments, to control changes made to them. You apply CM on your code, why not on your environments content? This presentation will present the infrastructure as code principles using Chef and/or Ansible. Topics discussed include Continuous Integration, Continuous Delivery/Deployment principles, Infrastructure As Code and DevOps.
APIdays Paris 2018 - Will Serverless kill Containers and Operations? Stéphane...apidays
Will Serverless kill Containers and Operations?
Stéphane Woillez, Technical Sales Lead South EMEA, Docker
Apply to be a speaker here - https://apidays.typeform.com/to/J1snsg
ServerLess technology analysis, state of the technology as of December 2018, what needs to be done to build a complete, operational serverless platform for production
This deck is the story around how Postman was able to scale to serve 10+ million requests per hour in one year from startup and how docker became an integral part of it's frugal operations
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
2. Hi, my name is Lior Kamrat (AKA “Leo” or LK)
• Azure Cloud Solutions Architect @ Microsoft
• I used to work @ VMware
• Double VMware VCDX #230 for both CMA & DCV
• Virtual Design Master Panelist
• POP! Funko Collector
• I blog at imallvirtual.com
• I tweet @LiorKamrat
3. Disclaimer:
Please forgive me about all this “Buzzword Bingo” you are about
to witness. It will be technical, with demos, I promise!
Also, this is not a Terraform brownbag, we have one coming
next month as part of the “API Zero to Hero” vBrownbag track.
4. Our menu for today…
• The “Iron & Cloud Age” of IT
• What is Infrastructure as (from) Code?
• Tooling Categories
• Packer Demo
• Mutable & Immutable Infrastructure
• Imperative Code vs. Declarative Code
• Terraform Provisioning Demo
• A word about the desired state
• IaC Stack Deployment Approach
• The Major (cross-platform) Players
• Terraform vs. All The REST
• Terraform Enforcement Demo
• Good vs. Evil
5. The Iron (or bronze) Age
• Around 1200 BC and 600 BC, depending on
the region you were at.
• Dominant toolmaking material was iron.
The Iron Age of IT
• In the “iron age” of IT, systems were directly bound to physical hardware.
• Provisioning and maintaining infrastructure was manual work, forcing teams to spend
their time pointing, clicking, and typing to keep the gears turning.
• Because changes involved so much work, change management processes forced careful
up-front consideration, design, and review work. Getting it wrong was expensive!
6. The “Cloud Age” of IT
• Where all the cool kids are now “DevOps”
• When you no longer “script”, you just “code”
Enters “Infrastructure as Code”…
• Apps have been decoupled from the physical hardware.
• Routine provisioning and maintenance can be delegated to software systems,
freeing the humans from drudgery.
• Changes can be made in minutes, if not seconds.
• Change management can exploit this speed, providing better reliability along
with faster release cycles.
7. What Is Infrastructure as (from) Code?
• Infrastructure as code (IaC) is an approach to infrastructure
automation based on practices from software development.
• It emphasizes consistent, repeatable routines for
provisioning and changing systems and their configuration.
• Changes are made to definitions and then rolled out to
systems through unattended processes that include
thorough validation.
8. Tooling Categories
Ad Hoc Scripts
Configuration
Management (CM)
Tools
Server Templating
Tools
Server Provisioning
Tools
9. Ad-Hoc Scripts
• The most straightforward approach to automating
anything is to write an ad hoc script.
You take manual work and
break it down into steps
Choose your favorite
scripting language
Define and write each
of those steps in code
Execute that script
10. Configuration Management Tools
• Chef, Puppet, Ansible, and SaltStack are all configuration
management tools, designed to install and manage software
on existing servers.
• Coding conventions – Consistent & predictable structure, file
layout, clearly named parameters, secrets management, etc.
• Idempotent Code – Continuously executing the same code
repeatedly while producing the same result.
• Distribution – Unlike ad hoc scripts, CM tools are designed
specifically for managing large numbers of remote servers.
11. Server Templating Tools
• Growing in it’s popularity, are server templating tools such as
Docker, Packer, and Vagrant.
• Create an image of a server that captures a fully self-contained
“snapshot” of the operating system, the software, the files, and
all other relevant details.
• And move on to your deployment step in your pipeline…
• Server templating is a key component of the shift to immutable
infrastructure.
Server Image Container Image
12. Servers (or “resources”) Provisioning Tools
• Provisioning tools such as Terraform, Azure Resource Manager
Templates, AWS CloudFormation and OpenStack Heat are
responsible for creating your servers.
• You can use this tools not only create servers, but also other
resources such as databases, load balancers, firewall settings,
storage, etc.
• Multi-Platform
And so much more…
14. Mutable & Immutable Infrastructure
Mutable Infrastructure
• Infrastructure will be continually updated, patched and tuned to
meet the ongoing needs of the purpose it serves.
• CM tools such as Chef or Puppet typically default to a mutable
infrastructure paradigm.
• Over time, as you apply more and more updates, each server
builds up a unique history of changes.
• As a result, each service becomes slightly different than all the
others, leading to configuration drift and can result to bugs
which can be difficult to diagnose and reproduce.
App 1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
App – Configuration Drift
Service
1.0
Service
1.0
Service
1.0
Service
1.1
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
0.9
15. Mutable & Immutable Infrastructure
Immutable Infrastructure
• Using Terraform to deploy machine images created by Docker or
Packer, result “changes” to be deployments of a completely new
app version.
• Reduces the likelihood of configuration drift bugs, makes it easier
to know exactly what software is running on each server.
• Automated testing are more effective, as an immutable image
that passes your tests in the test environment is likely to behave
exactly the same way in the production.
• Blue / Green
App 1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
App 2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
16. Mutable & Immutable Infrastructure
App 1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
App 2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
Service
2.0
App 1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
1.0
App – Configuration Drift
Service
1.0
Service
1.0
Service
1.0
Service
1.1
Service
1.0
Service
1.0
Service
1.0
Service
1.0
Service
0.9
Mutable Immutable• The Pets and Cattle debate.
• One approach is not necessary better then the
other, it depends on your use-case.
• With the mutable approach, the team needs to
be aware of the infrastructure “history”.
• Generally speaking, the immutable approach is
better for stateless applications.
• Immutable drives no deviation and no changes.
It is what it is.
17. Imperative Code vs. Declarative Code
My house is #9 and will be on the right
Leave the house Get in the the car Drive straight on
Morty Blvd. for 3km
Turn right on Rick street
and drive for 5 blocks
AKA “The How”
Imperative (procedural):
Defines specific commands that need to be
executed in the appropriate order to end
with the desired conclusion.
1 2 3 4
5
18. Imperative Code vs. Declarative Code
My address is:
9 Rick Street,
Tel-Aviv
Israel
4580800
AKA “The What”
Declarative (functional):
Defines the desired state and the system
executes what needs to happen to achieve
that desired state.
19. A word about the desired state
Example: Ansible Playbook Example: Terraform Plan
15 Servers 10 Servers
22. Pull / Master / Agent
Pros:
• Central place where you can manage the status of your infrastructure.
• Some tools provide a web interface for the master server.
• Puppet Enterprise (PE) console
• Chef management console
• Scalability
Cons:
• Requires a daemon to be installed on all machines and a central authority to be setup.
• Extra infrastructure
• Maintenance
• Security
• Difficult to manage – moving parts, availability, etc.
Chef Client Chef Server Target servers
installed with
Chef agent
23. Push / Masterless / Agentless
• A client contacts the nodes and sends updates as they
are needed.
• When a change is made to the infrastructure, each
node is alerted of this and then run the changes.
Pros
• Simple to manage and setup
Cons
• No central control plane
Terraform
Client
API Calls
24. The Major (cross-platform) Players
Tool Tool Type Infrastructure Architecture Approach Manifest Written Language
Configuration
Management
Mutable Pull Declarative
Domain Specific Language
(DSL) & Embedded Ruby
(ERB)
Configuration
Management
Mutable Pull Declarative & Imperative Ruby
Configuration
Management
Mutable Push Declarative & Imperative YAML
Configuration
Management
Mutable Push & Pull Declarative & Imperative YAML
Provisioning Immutable Push Declarative
HashiCorp Configuration
Language (HCL)
25. Terraform vs. All The REST
• Cloud-Agnostic (well, kinda…)
• The “terraform plan” command
• State Management
• Terraform Modules
• HashiCorp Configuration Language (HCL)
• There is more…
As part of the vBrownbag “API
Zero to Hero” series, Byron
Schaller & myself will run the
“Exploring Terraform APIs” session
next month.
27. Good vs. Evil
To support and enable change
Changes to systems are routine
Invest time on valuable things
Users can define, provision, and manage
the resources they need
Easily and quickly recover from failures
Improvements are made continuously
Solutions are implemented and
constantly being tested
Being an obstacle or a constraint
Drama or stress for users or IT
Spend time on repetitive tasks
IT staff dependency
Running like headless chickens
Expensive patching and risky
“big bang” projects
Talk about solutions in
meetings and documents
For those of you who are interested in history, you know that there was an age in history called “The Iron or the Bronze Age” somewhere around 1200 BC and 600 BC, depending on the region.
The dominant toolmaking material was iron – Weapons, jewelries, cookware, etc.
The great thing about ad hoc scripts is that you can use popular, general-purpose programming languages and you can write the code however you want.
The terrible thing about ad hoc scripts is that you can use popular, general-purpose programming languages and you can write the code however you want.
Coding conventions – Enforces a consistent, predictable structure, including documentation, file layout, clearly named parameters, secrets management, and so on.
Idempotence
Code that works correctly no matter how many times you run it is called idempotent code.
Writing an ad hoc script that works once isn’t too difficult; writing an ad hoc script that works correctly even if you run it over and over again is a lot harder.
Distribution – Ad hoc scripts are designed to run on a single, local machine. Puppet and other configuration management tools are designed specifically for managing large numbers of remote servers.
The idea behind server templating tools is to create an image of a server that captures a fully self-contained “snapshot” of the operating system, the software, the files, and all other relevant details.
“Every other aspect of your platform” – Since this depended on terraform providers which are open-sourced, not every resource or platform out there is available.
A word about Packer vs. Docker build
Packer builds Docker containers without the use of Dockerfiles. By not using Dockerfiles, Packer is able to provision containers with portable scripts or configuration management systems that are not tied to Docker in any way. It also has a simple mental model: you provision containers much the same way you provision a normal virtualized or dedicated server.
For example, if you tell Chef to install a new version of OpenSSL, it’ll run the software update on your existing servers and the changes will happen in place.
Mutable Infrastructure
Essentially, it means the infrastructure will be continually updated, tweaked, and tuned to meet the ongoing needs of the purpose it serves.
Configuration management tools such as Chef, Puppet, Ansible, and SaltStack typically default to a mutable infrastructure paradigm.
Over time, as you apply more and more updates, each server builds up a unique history of changes.
As a result, each server becomes slightly different than all the others, leading to subtle configuration bugs that are difficult to diagnose and reproduce.
Using the term “immutable” to describe this pattern can be misleading. “Immutable” means that a thing can’t be changed, so a truly immutable server would be useless. As soon as a server boots, its runtime state changes—processes run, entries are written to logfiles, and application data is added, updated, and removed.
It’s more useful to think of the term “immutable” as applying to the server’s configuration, rather than to the server as a whole. This creates a clear line between configuration and data. It forces teams to explicitly define which elements of a server they will manage deterministically as configuration and which elements will be treated as data.
A good example will be this days mobile phones that have batteries that cannot be replaced. So instead of upgrading devices in the field, those devices are now immutable and the whole device needs to be replaced. This provides a level of consistency that makes support easier.
Immutable Infrastructure
If you’re using a provisioning tool such as Terraform to deploy machine images created by Docker or Packer, then most “changes” are actually deployments of a completely new app version.
Since every deployment uses immutable images on fresh servers, this approach reduces the likelihood of configuration drift bugs, makes it easier to know exactly what software is running on each server.
It also makes your automated testing more effective, as an immutable image that passes your tests in the test environment is likely to behave exactly the same way in the production environment.
Blue-green deployment is a technique that reduces downtime and risk by running two environments, usually representing different application version and also called Blue and Green.
Pets
Servers that are treated as indispensable or unique systems that can never be down. Typically they are manually built, managed, and “hand fed”.
Cattle
Arrays of servers, that are built using automated tools, and are designed for failure, where no one, two, or even three servers are irreplaceable.
Imperative (Procedural) is the “how”. It’s a historical approach which uses the “I don’t trust you, give me the actions” parameters in explicit steps.
Procedural code does not fully capture the state of the infrastructure:
Reading through Ansible templates is not enough to know what’s deployed.
You’d also have to know the order in which those templates were applied.
Had you applied them in a different order, you might have ended up with different infrastructure.
You have to know the full history of every change that has ever happened.
Procedural code limits reusability:
The reusability of procedural code is inherently limited because you have to manually take into account the current state of the infrastructure.
Since that state is constantly changing, code you used a week ago may no longer be usable because it was designed to modify a state of your infrastructure that no longer exists.
As a result, procedural codebases tend to grow large and complicated over time.
Declarative (Functional) is “the what. “This is what I need, I can’t be bothered telling you how to get there” parameters. The how is handled by the interpreter/engine not the administrator. The sys admin describes a desired end state and the tool attempts to reach it.
Regardless of how I get to your house, what really matters is the car I drive. Am I going to drive an imperative stick shift car or a declarative automatic car. Enough metaphors?
Before we dive into code, it’s important to realize that many declarative approaches have some sort of imperative abstraction layer.
An automatic car has some sort of abstraction layer over shifting gears.
With Terraform declarative approach, the code always represents the latest state of your infrastructure. At a glance, you can tell what’s currently deployed and how it’s configured, without having to worry about history or timing.
This also makes it easy to create reusable code, as you don’t have to manually account for the current state of the world. Instead, you just focus on describing your desired state.
Pull / Master / Agent
The server being provisioned (node) runs an agent (daemon) that asks a central authority (master) if/when it has any updates that it should run.
Requires a daemon to be installed on all machines and a central authority to be setup.
Pros:
Central place where you can see and manage the status of your infrastructure.
Some tools provide a web interface (Chef Console, Puppet Enterprise Console) for the master server.
Scalability
Cons:
Extra infrastructure
Maintenance
Security
Difficult to manage – moving parts, availability
Pull / Master / Agent
The server being provisioned (node) runs an agent (daemon) that asks a central authority (master) if/when it has any updates that it should run.
Requires a daemon to be installed on all machines and a central authority to be setup.
Terraform in Atlas
Modules in Terraform are self-contained packages of Terraform configurations that are managed as a group. Modules are used to create reusable components in Terraform as well as for basic code organization.