SlideShare a Scribd company logo

Terraform GitOps on Codefresh

Codefresh
Codefresh

**Watch the full webinar at https://codefresh.io/events/terraform-gitops-codefresh/ Today we write "Infrastructure as Code" and even "Pipelines as Code", so let's start treating our "code as code" and practice CI/CD with GitOps! In this talk, we'll show you how we build and deploy applications with Terraform using GitOps and Codefresh. Cloud Posse is a Terraform power user that has developed over 130 Terraform modules which are free and open source. We'll share how we handle automation with security while making the process easy for engineers.

Technology
1 of 43
Download to read offline
Terraform GitOps How to do Operations by Pull Request <hello@cloudposse.com> https://cloudposse.com/ @cloudposse +
What to Expect Feelings of OMG Aha! Moments... Totally Sweet Ops What is GitOps? (not rocket science) Why it’s awesome (and you’ll agree) How to get started… (our way) And... Live demo. . .. Q&A . ...
Who is this dude? Founder of a DevOps Professional Services Company We’ve pioneered Collaborative DevOps for Companies (cloudposse.com) SweetOps M e (Erik Osterman) ( 100% Open Source )
Infrastructure as a Service Everything as Code, SDNs Serverless & Lambdas Mesh Networking, Operators Container Management Platforms CI/CD Everywhere, ChatOps, GitOps DevOps Renaissance (kubernetes, ecs, mesos, swarm)
DevOps Complicated Manual Rollouts via the terminal Poor Audit Trails (huge risk) Not clear what’s been deployed Out of date documentation No one knows how to make changes The “Industry” (configuration drift)
Terraform more problems Deploying infrastructure is not like deploying a web app (no easy rollbacks) Terraform is more like a database migration tool Terraform does not automatically rollback on errors Terraform plans are a best guess of what’s to happen Terraform apply will regularly fail Terraform apply on merge risks destabilizing master
I test some changes at home... For Example….
“I ^ it worked... on my machine.” SWEAR .
Then comes… Launch Day Production
The Math is Simple A*B*C*D*E*F = impossible to manage A = # of tools pinned to versions B = # of dependencies pinned to versions C = # of AWS accounts D = # of project environments (per acct) E = # of number of developers F = # of customers (our case) Too many permutations to keep straight This is why we don’t run things “natively”
So…. Let’s fix this.
Goal: Make it Easy to Terraform Stuff. (e.g. enable anyone on team to easily spin up RDS Database with Terraform)
Let’s Practice GitOps. Use Git as a System of Record for the desired state of configuration Do Operations by Pull Request for Infrastructure as Code Then use Continuous Delivery to apply changes to infrastructure (basically it’s a CI/CD for DevOps) See output from terraform in GitHub comments (E.g. “Plan: 23 to add, 2 to change, 15 to destroy.”)
GitOps Objectives Repeatable - Apply changes the same way every time (even your entire stack all at once!) Predictable - Know what’s going to happen (e.g. before you merge) Auditable - See what was done (e.g. when things were applied. see if there were errors) Accessible - Anyone who can open a PR can contribute
The Solution https://codefresh.io
Automate Anything (if it runs in a container)
How We Use Codefresh Terraform Cloud Formation Helm → K8S Helmfile Because we can run any command
But will it work with... Terragrunt? YES GITLAB? YES BITBUCKET? YES ANSIBLE? YES
About Codefresh Yet another CI/CD solution, only better. 1. Stick everything you want to automate into containers 2. String containers together in a pipeline, run them in parallel 3. Trigger pipelines on webhooks, comments, releases, etc. Slack Notifications Approval Steps GitHub Comments
Basic Flow Diagram
“Interactive” Pull Requests
The “Git Workflow”
Step One: Open Pull Request
Step Two: Review “Auto Plan”
Step Three: Seek Approval Code Review
Step Four: Deploy Changes
Step Five: Merge Pull Request
Sneak Peak
That was easy.
How to get started 1. Signup for Codefresh 2. Add codefresh.yaml to each terraform repo 3. Get back to work (sorry it’s that easy). Or ask us for help =)
Example /codefresh.yaml. init: title: Run `terraform init` stage: Init fail_fast: true image: ${{build_image}} working_directory: *cwd environment: - TF_COMMAND=init commands: - eval "$(chamber exec atlantis -- sh -c "export -p")" - eval "$(ssh-agent)" - echo "${ATLANTIS_SSH_PRIVATE_KEY}" | ssh-add - - terraform init # define step called “init” # give it a title # associate it with a stage of the pipeline # exit on errors # docker image to use # working directory (e.g. terraform code) # environment variables # (used for our github comment template) # commands we should run in this step # export environment from chamber to shell # start an SSH agent # load SSH key so we can pull private repos # run terraform init with s3 backend Steps can be Entirely Customized. Init Step
Example codefresh.yaml. (Continued) plan: title: Run `terraform plan` stage: Plan fail_fast: true image: ${{build_image}} working_directory: *cwd environment: - TF_COMMAND=plan commands: - set +e -xo pipefail - terraform plan | tfmask | scenery | tee plan.txt - export TF_EXIT_CODE=$? - github-commenter < plan.txt - '[ $TF_EXIT_CODE -ne 1 ]' # define step called “init” # give it a title # associate it with a stage of the pipeline # exit on errors # docker image to use # working directory (e.g. terraform code) # environment variables # (used for our github comment template) # commands we should run in this step # shell flags # terraform plan, mask secrets, format it # record exit code of terraform plan # comment back to PR with plan output # exit code of 0 or 2 is success; 1 is error Steps can be Entirely Customized. PLan Step
Example codefresh.yaml. (Continued) apply: title: Run `terraform apply` stage: Apply fail_fast: true image: ${{build_image}} working_directory: *cwd environment: - TF_COMMAND=apply commands: - set +e -xo pipefail - terraform apply | tfmask | tee apply.txt - export TF_EXIT_CODE=$? - github-commenter < apply.txt - '[ $TF_EXIT_CODE -eq 0 ]' # define step called “apply” # give it a title # associate it with a stage of the pipeline # exit on errors # docker image to use # working directory (e.g. terraform code) # environment variables # (used for our github comment template) # commands we should run in this step # shell flags # apply the terraform plan and mask output # (run apply using previous plan) # $PLANFILE ensures WYSIWYG # Comment back on github with outcome # Expect an exit code of zero Apply Step
Live Demo 1. Add User 2. Open PR 3. Run Plan 4. Seek Approval (or not) 5. Apply 6. Merge
Demo Time!
Our Best Practices Use Geodesic as our cloud automation shell Use IAM STS for short lived AWS credentials (not hardcoded credentials) Use GitHub CODEOWNERS Use .tfvars for non-secrets Use SSM Parameter Store + KMS for Secrets Use scenery for clean output; tfmask to sanitize output Atlantis “Best Practices”
Why do you care? Teamwork.
GitOps Stop living dangerously. Start using GitOps. https://github.com/runatlantis/atlantis ● Practice total transparency in operations ● Enable team collaboration ● Reduce access to environments → increase security ● Increase Productivity, Simplify Maintenance, Ensure Repeatability
Where can I ask questions? slack.sweetops.com Join our community!
Links Example Pipeline on GitHub cpco.io/codefresh-gitops github.com/cloudposse/tfmask github.com/cloudposse/geodesic github.com/cloudposse/github-commenter
Office Hours with Cloud Posse ● Expert Advice — Prescriptive solutions to your questions ● Reduced Time to Market — know your options & eliminate analysis paralysis ● Trusted Partner — who learns your stack and understands your problems ● Recorded Strategy Sessions — Weekly or Biweekly Cadence (30m-1hr) ● Easy Scheduling — via Calendly or recurring events ● Shared Slack Channel — for private communications (~12 hour SLA) What you get... Why you want it...  $500/mo - 2 hours 
Hire us. =) A Totally Sweet DevOps Professional Services Company 100+ Free Terraform Modules github.com/cloudposse Active Community sweetops.com/slack Awesome Documentation docs.cloudposse.com 415 5 3 5 86 15 hello@ cloudposse.com (free consultation)

Recommended

GitOps - Operation By Pull Request
GitOps - Operation By Pull RequestGitOps - Operation By Pull Request
GitOps - Operation By Pull RequestKasper Nissen
 
GitOps is the best modern practice for CD with Kubernetes
GitOps is the best modern practice for CD with KubernetesGitOps is the best modern practice for CD with Kubernetes
GitOps is the best modern practice for CD with KubernetesVolodymyr Shynkar
 
Argocd up and running
Argocd up and runningArgocd up and running
Argocd up and runningRaphaël PINSON
 
Gitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDGitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDHaggai Philip Zagury
 
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps WayDevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Waysmalltown
 
Get started with gitops and flux
Get started with gitops and fluxGet started with gitops and flux
Get started with gitops and fluxLibbySchulze1
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes waysparkfabrik
 
The journey to GitOps
The journey to GitOpsThe journey to GitOps
The journey to GitOpsNicola Baldi
 

Recommended

GitOps - Operation By Pull Request
GitOps - Operation By Pull RequestGitOps - Operation By Pull Request
GitOps - Operation By Pull RequestKasper Nissen
 
GitOps is the best modern practice for CD with Kubernetes
GitOps is the best modern practice for CD with KubernetesGitOps is the best modern practice for CD with Kubernetes
GitOps is the best modern practice for CD with KubernetesVolodymyr Shynkar
 
Argocd up and running
Argocd up and runningArgocd up and running
Argocd up and runningRaphaël PINSON
 
Gitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDGitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDHaggai Philip Zagury
 
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps WayDevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Waysmalltown
 
Get started with gitops and flux
Get started with gitops and fluxGet started with gitops and flux
Get started with gitops and fluxLibbySchulze1
 
Gitops: the kubernetes way
Gitops: the kubernetes wayGitops: the kubernetes way
Gitops: the kubernetes waysparkfabrik
 
The journey to GitOps
The journey to GitOpsThe journey to GitOps
The journey to GitOpsNicola Baldi
 
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturasparkfabrik
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfamanmakwana3
 
Effective terraform
Effective terraformEffective terraform
Effective terraformCalvin French-Owen
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with BackstageOpsta
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitWeaveworks
 
Introduction to CICD
Introduction to CICDIntroduction to CICD
Introduction to CICDKnoldus Inc.
 
Gitlab CI/CD
Gitlab CI/CDGitlab CI/CD
Gitlab CI/CDJEMLI Fathi
 
Gitops Hands On
Gitops Hands OnGitops Hands On
Gitops Hands OnBrice Fernandes
 
Transforming Organizations with CI/CD
Transforming Organizations with CI/CDTransforming Organizations with CI/CD
Transforming Organizations with CI/CDCprime
 
Infrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformInfrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformAdin Ermie
 
Terraform
TerraformTerraform
TerraformChristophe Marchal
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsMariano Cunietti
 
Backstage at CNCF Madison.pptx
Backstage at CNCF Madison.pptxBackstage at CNCF Madison.pptx
Backstage at CNCF Madison.pptxBrandenTimm1
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsVietnam Open Infrastructure User Group
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCDCloudOps2005
 
Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4HngNguyn748044
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDSunnyvale
 
Platform Engineering
Platform EngineeringPlatform Engineering
Platform EngineeringOpsta
 
Git ops & Continuous Infrastructure with terra*
Git ops & Continuous Infrastructure with terra*Git ops & Continuous Infrastructure with terra*
Git ops & Continuous Infrastructure with terra*Haggai Philip Zagury
 
Introduction To DevOps Workshop @ New Horizon College
Introduction To DevOps Workshop @ New Horizon College Introduction To DevOps Workshop @ New Horizon College
Introduction To DevOps Workshop @ New Horizon College Dhilipsiva DS
 

More Related Content

What's hot

GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturasparkfabrik
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfamanmakwana3
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with BackstageOpsta
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitWeaveworks
 
Introduction to CICD
Introduction to CICDIntroduction to CICD
Introduction to CICDKnoldus Inc.
 
Transforming Organizations with CI/CD
Transforming Organizations with CI/CDTransforming Organizations with CI/CD
Transforming Organizations with CI/CDCprime
 
Infrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformInfrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformAdin Ermie
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsMariano Cunietti
 
Backstage at CNCF Madison.pptx
Backstage at CNCF Madison.pptxBackstage at CNCF Madison.pptx
Backstage at CNCF Madison.pptxBrandenTimm1
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCDCloudOps2005
 
Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4HngNguyn748044
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDSunnyvale
 
Platform Engineering
Platform EngineeringPlatform Engineering
Platform EngineeringOpsta
 

What's hot (20)

GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastrutturaGitOps: Git come unica fonte di verità per applicazioni e infrastruttura
GitOps: Git come unica fonte di verità per applicazioni e infrastruttura
 
ArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdfArgoCD Meetup PPT final.pdf
ArgoCD Meetup PPT final.pdf
 
Effective terraform
Effective terraformEffective terraform
Effective terraform
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with Backstage
 
The Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps ToolkitThe Power of GitOps with Flux & GitOps Toolkit
The Power of GitOps with Flux & GitOps Toolkit
 
Introduction to CICD
Introduction to CICDIntroduction to CICD
Introduction to CICD
 
Gitlab CI/CD
Gitlab CI/CDGitlab CI/CD
Gitlab CI/CD
 
Gitops Hands On
Gitops Hands OnGitops Hands On
Gitops Hands On
 
Transforming Organizations with CI/CD
Transforming Organizations with CI/CDTransforming Organizations with CI/CD
Transforming Organizations with CI/CD
 
Infrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using TerraformInfrastructure-as-Code (IaC) using Terraform
Infrastructure-as-Code (IaC) using Terraform
 
Terraform
TerraformTerraform
Terraform
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
 
Gitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operationsGitops: a new paradigm for software defined operations
Gitops: a new paradigm for software defined operations
 
Backstage at CNCF Madison.pptx
Backstage at CNCF Madison.pptxBackstage at CNCF Madison.pptx
Backstage at CNCF Madison.pptx
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOps
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCD
 
Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4Introduction to Red Hat OpenShift 4
Introduction to Red Hat OpenShift 4
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
 
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCDKubernetes GitOps featuring GitHub, Kustomize and ArgoCD
Kubernetes GitOps featuring GitHub, Kustomize and ArgoCD
 
Platform Engineering
Platform EngineeringPlatform Engineering
Platform Engineering
 

Similar to Terraform GitOps on Codefresh

Git ops & Continuous Infrastructure with terra*
Git ops & Continuous Infrastructure with terra*Git ops & Continuous Infrastructure with terra*
Git ops & Continuous Infrastructure with terra*Haggai Philip Zagury
 
Introduction To DevOps Workshop @ New Horizon College
Introduction To DevOps Workshop @ New Horizon College Introduction To DevOps Workshop @ New Horizon College
Introduction To DevOps Workshop @ New Horizon College Dhilipsiva DS
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy Systemadrian_nye
 
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)Fabrice Bernhard
 
Building Hermetic Systems (without Docker)
Building Hermetic Systems (without Docker)Building Hermetic Systems (without Docker)
Building Hermetic Systems (without Docker)William Farrell
 
"Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko
"Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko "Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko
"Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko Fwdays
 
Unlimited Staging Environments on Kubernetes
Unlimited Staging Environments on KubernetesUnlimited Staging Environments on Kubernetes
Unlimited Staging Environments on KubernetesErik Osterman
 
Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !
Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !
Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !Florent BENOIT
 
Unlimited Staging Environments
Unlimited Staging EnvironmentsUnlimited Staging Environments
Unlimited Staging EnvironmentsCodefresh
 
Building Instruqt, a scalable learning platform
Building Instruqt, a scalable learning platformBuilding Instruqt, a scalable learning platform
Building Instruqt, a scalable learning platformInstruqt
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Phil Estes
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...Yevgeniy Brikman
 
Cloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Cloud meets Fog & Puppet A Story of Version Controlled InfrastructureCloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Cloud meets Fog & Puppet A Story of Version Controlled InfrastructureHabeeb Rahman
 
NLUUG Spring 2012 - OpenShift Primer
NLUUG Spring 2012 - OpenShift PrimerNLUUG Spring 2012 - OpenShift Primer
NLUUG Spring 2012 - OpenShift PrimerEric D. Schabell
 
The Duck Teaches Learn to debug from the masters. Local to production- kill ...
The Duck Teaches Learn to debug from the masters. Local to production- kill ...The Duck Teaches Learn to debug from the masters. Local to production- kill ...
The Duck Teaches Learn to debug from the masters. Local to production- kill ...ShaiAlmog1
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesJérôme Petazzoni
 
Midwest PHP 2017 DevOps For Small team
Midwest PHP 2017 DevOps For Small teamMidwest PHP 2017 DevOps For Small team
Midwest PHP 2017 DevOps For Small teamJoe Ferguson
 
The "Holy Grail" of Dev/Ops
The "Holy Grail" of Dev/OpsThe "Holy Grail" of Dev/Ops
The "Holy Grail" of Dev/OpsErik Osterman
 

Similar to Terraform GitOps on Codefresh (20)

Git ops & Continuous Infrastructure with terra*
Git ops & Continuous Infrastructure with terra*Git ops & Continuous Infrastructure with terra*
Git ops & Continuous Infrastructure with terra*
 
Introduction To DevOps Workshop @ New Horizon College
Introduction To DevOps Workshop @ New Horizon College Introduction To DevOps Workshop @ New Horizon College
Introduction To DevOps Workshop @ New Horizon College
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
 
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
Adopt DevOps philosophy on your Symfony projects (Symfony Live 2011)
 
Building Hermetic Systems (without Docker)
Building Hermetic Systems (without Docker)Building Hermetic Systems (without Docker)
Building Hermetic Systems (without Docker)
 
"Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko
"Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko "Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko
"Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko
 
Unlimited Staging Environments on Kubernetes
Unlimited Staging Environments on KubernetesUnlimited Staging Environments on Kubernetes
Unlimited Staging Environments on Kubernetes
 
Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !
Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !
Devoxx France: Développement JAVA avec un IDE dans le Cloud: Yes we can !
 
Unlimited Staging Environments
Unlimited Staging EnvironmentsUnlimited Staging Environments
Unlimited Staging Environments
 
Building Instruqt, a scalable learning platform
Building Instruqt, a scalable learning platformBuilding Instruqt, a scalable learning platform
Building Instruqt, a scalable learning platform
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
 
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...How to test infrastructure code: automated testing for Terraform, Kubernetes,...
How to test infrastructure code: automated testing for Terraform, Kubernetes,...
 
Cloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Cloud meets Fog & Puppet A Story of Version Controlled InfrastructureCloud meets Fog & Puppet A Story of Version Controlled Infrastructure
Cloud meets Fog & Puppet A Story of Version Controlled Infrastructure
 
NLUUG Spring 2012 - OpenShift Primer
NLUUG Spring 2012 - OpenShift PrimerNLUUG Spring 2012 - OpenShift Primer
NLUUG Spring 2012 - OpenShift Primer
 
The Duck Teaches Learn to debug from the masters. Local to production- kill ...
The Duck Teaches Learn to debug from the masters. Local to production- kill ...The Duck Teaches Learn to debug from the masters. Local to production- kill ...
The Duck Teaches Learn to debug from the masters. Local to production- kill ...
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
 
Git 101
Git 101Git 101
Git 101
 
Midwest PHP 2017 DevOps For Small team
Midwest PHP 2017 DevOps For Small teamMidwest PHP 2017 DevOps For Small team
Midwest PHP 2017 DevOps For Small team
 
Terraform
TerraformTerraform
Terraform
 
The "Holy Grail" of Dev/Ops
The "Holy Grail" of Dev/OpsThe "Holy Grail" of Dev/Ops
The "Holy Grail" of Dev/Ops
 

More from Codefresh

Detect, debug, deploy with Codefresh and Lightstep
Detect, debug, deploy with Codefresh and LightstepDetect, debug, deploy with Codefresh and Lightstep
Detect, debug, deploy with Codefresh and LightstepCodefresh
 
CICD Pipelines for Microservices: Lessons from the Trenches
CICD Pipelines for Microservices: Lessons from the TrenchesCICD Pipelines for Microservices: Lessons from the Trenches
CICD Pipelines for Microservices: Lessons from the TrenchesCodefresh
 
Simplify Your Code with Helmfile
Simplify Your Code with HelmfileSimplify Your Code with Helmfile
Simplify Your Code with HelmfileCodefresh
 
Making the Most of Helm 3 with Codefresh
Making the Most of Helm 3 with CodefreshMaking the Most of Helm 3 with Codefresh
Making the Most of Helm 3 with CodefreshCodefresh
 
5 Simple Tips for Troubleshooting Your Kubernetes Pods
5 Simple Tips for Troubleshooting Your Kubernetes Pods5 Simple Tips for Troubleshooting Your Kubernetes Pods
5 Simple Tips for Troubleshooting Your Kubernetes PodsCodefresh
 
Best Practices for Microservice CI/CD: Lessons from Expedia and Codefresh
Best Practices for Microservice CI/CD: Lessons from Expedia and CodefreshBest Practices for Microservice CI/CD: Lessons from Expedia and Codefresh
Best Practices for Microservice CI/CD: Lessons from Expedia and CodefreshCodefresh
 
Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & CodefreshCodefresh
 
VM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesVM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesCodefresh
 
Why You Should be Using Multi-stage Docker Builds in 2019
Why You Should be Using Multi-stage Docker Builds in 2019Why You Should be Using Multi-stage Docker Builds in 2019
Why You Should be Using Multi-stage Docker Builds in 2019Codefresh
 
Deploy Secure Cloud-Native Apps Fast
Deploy Secure Cloud-Native Apps Fast Deploy Secure Cloud-Native Apps Fast
Deploy Secure Cloud-Native Apps Fast Codefresh
 
CICD Pipelines for Microservices Best Practices
CICD Pipelines for Microservices Best Practices CICD Pipelines for Microservices Best Practices
CICD Pipelines for Microservices Best Practices Codefresh
 
Codefresh CICD New Features Launch! May 2019
Codefresh CICD New Features Launch! May 2019Codefresh CICD New Features Launch! May 2019
Codefresh CICD New Features Launch! May 2019Codefresh
 
Adding Container Image Scanning to Your Codefresh Pipelines with Anchore
Adding Container Image Scanning to Your Codefresh Pipelines with AnchoreAdding Container Image Scanning to Your Codefresh Pipelines with Anchore
Adding Container Image Scanning to Your Codefresh Pipelines with AnchoreCodefresh
 
Image scanning using Clair
Image scanning using Clair Image scanning using Clair
Image scanning using Clair Codefresh
 
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and... Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...Codefresh
 
Docker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshDocker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshCodefresh
 
Automated Serverless Pipelines with #GitOps on Codefresh
Automated Serverless Pipelines with #GitOps on CodefreshAutomated Serverless Pipelines with #GitOps on Codefresh
Automated Serverless Pipelines with #GitOps on CodefreshCodefresh
 
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Codefresh
 
Net Pipeline on Windows Kubernetes
Net Pipeline on Windows KubernetesNet Pipeline on Windows Kubernetes
Net Pipeline on Windows KubernetesCodefresh
 
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh Codefresh
 

More from Codefresh (20)

Detect, debug, deploy with Codefresh and Lightstep
Detect, debug, deploy with Codefresh and LightstepDetect, debug, deploy with Codefresh and Lightstep
Detect, debug, deploy with Codefresh and Lightstep
 
CICD Pipelines for Microservices: Lessons from the Trenches
CICD Pipelines for Microservices: Lessons from the TrenchesCICD Pipelines for Microservices: Lessons from the Trenches
CICD Pipelines for Microservices: Lessons from the Trenches
 
Simplify Your Code with Helmfile
Simplify Your Code with HelmfileSimplify Your Code with Helmfile
Simplify Your Code with Helmfile
 
Making the Most of Helm 3 with Codefresh
Making the Most of Helm 3 with CodefreshMaking the Most of Helm 3 with Codefresh
Making the Most of Helm 3 with Codefresh
 
5 Simple Tips for Troubleshooting Your Kubernetes Pods
5 Simple Tips for Troubleshooting Your Kubernetes Pods5 Simple Tips for Troubleshooting Your Kubernetes Pods
5 Simple Tips for Troubleshooting Your Kubernetes Pods
 
Best Practices for Microservice CI/CD: Lessons from Expedia and Codefresh
Best Practices for Microservice CI/CD: Lessons from Expedia and CodefreshBest Practices for Microservice CI/CD: Lessons from Expedia and Codefresh
Best Practices for Microservice CI/CD: Lessons from Expedia and Codefresh
 
Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh
 
VM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesVM vs Docker-Based Pipelines
VM vs Docker-Based Pipelines
 
Why You Should be Using Multi-stage Docker Builds in 2019
Why You Should be Using Multi-stage Docker Builds in 2019Why You Should be Using Multi-stage Docker Builds in 2019
Why You Should be Using Multi-stage Docker Builds in 2019
 
Deploy Secure Cloud-Native Apps Fast
Deploy Secure Cloud-Native Apps Fast Deploy Secure Cloud-Native Apps Fast
Deploy Secure Cloud-Native Apps Fast
 
CICD Pipelines for Microservices Best Practices
CICD Pipelines for Microservices Best Practices CICD Pipelines for Microservices Best Practices
CICD Pipelines for Microservices Best Practices
 
Codefresh CICD New Features Launch! May 2019
Codefresh CICD New Features Launch! May 2019Codefresh CICD New Features Launch! May 2019
Codefresh CICD New Features Launch! May 2019
 
Adding Container Image Scanning to Your Codefresh Pipelines with Anchore
Adding Container Image Scanning to Your Codefresh Pipelines with AnchoreAdding Container Image Scanning to Your Codefresh Pipelines with Anchore
Adding Container Image Scanning to Your Codefresh Pipelines with Anchore
 
Image scanning using Clair
Image scanning using Clair Image scanning using Clair
Image scanning using Clair
 
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and... Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...
 
Docker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshDocker based-Pipelines with Codefresh
Docker based-Pipelines with Codefresh
 
Automated Serverless Pipelines with #GitOps on Codefresh
Automated Serverless Pipelines with #GitOps on CodefreshAutomated Serverless Pipelines with #GitOps on Codefresh
Automated Serverless Pipelines with #GitOps on Codefresh
 
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
 
Net Pipeline on Windows Kubernetes
Net Pipeline on Windows KubernetesNet Pipeline on Windows Kubernetes
Net Pipeline on Windows Kubernetes
 
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

Terraform GitOps on Codefresh

  • 1. Terraform GitOps How to do Operations by Pull Request <hello@cloudposse.com> https://cloudposse.com/ @cloudposse +
  • 2. What to Expect Feelings of OMG Aha! Moments... Totally Sweet Ops What is GitOps? (not rocket science) Why it’s awesome (and you’ll agree) How to get started… (our way) And... Live demo. . .. Q&A . ...
  • 3. Who is this dude? Founder of a DevOps Professional Services Company We’ve pioneered Collaborative DevOps for Companies (cloudposse.com) SweetOps M e (Erik Osterman) ( 100% Open Source )
  • 4. Infrastructure as a Service Everything as Code, SDNs Serverless & Lambdas Mesh Networking, Operators Container Management Platforms CI/CD Everywhere, ChatOps, GitOps DevOps Renaissance (kubernetes, ecs, mesos, swarm)
  • 5. DevOps Complicated Manual Rollouts via the terminal Poor Audit Trails (huge risk) Not clear what’s been deployed Out of date documentation No one knows how to make changes The “Industry” (configuration drift)
  • 6. Terraform more problems Deploying infrastructure is not like deploying a web app (no easy rollbacks) Terraform is more like a database migration tool Terraform does not automatically rollback on errors Terraform plans are a best guess of what’s to happen Terraform apply will regularly fail Terraform apply on merge risks destabilizing master
  • 7. I test some changes at home... For Example….
  • 8. “I ^ it worked... on my machine.” SWEAR .
  • 9. Then comes… Launch Day Production
  • 10. The Math is Simple A*B*C*D*E*F = impossible to manage A = # of tools pinned to versions B = # of dependencies pinned to versions C = # of AWS accounts D = # of project environments (per acct) E = # of number of developers F = # of customers (our case) Too many permutations to keep straight This is why we don’t run things “natively”
  • 11.
  • 13. Goal: Make it Easy to Terraform Stuff. (e.g. enable anyone on team to easily spin up RDS Database with Terraform)
  • 14. Let’s Practice GitOps. Use Git as a System of Record for the desired state of configuration Do Operations by Pull Request for Infrastructure as Code Then use Continuous Delivery to apply changes to infrastructure (basically it’s a CI/CD for DevOps) See output from terraform in GitHub comments (E.g. “Plan: 23 to add, 2 to change, 15 to destroy.”)
  • 15. GitOps Objectives Repeatable - Apply changes the same way every time (even your entire stack all at once!) Predictable - Know what’s going to happen (e.g. before you merge) Auditable - See what was done (e.g. when things were applied. see if there were errors) Accessible - Anyone who can open a PR can contribute
  • 17. Automate Anything (if it runs in a container)
  • 18. How We Use Codefresh Terraform Cloud Formation Helm → K8S Helmfile Because we can run any command
  • 19. But will it work with... Terragrunt? YES GITLAB? YES BITBUCKET? YES ANSIBLE? YES
  • 20. About Codefresh Yet another CI/CD solution, only better. 1. Stick everything you want to automate into containers 2. String containers together in a pipeline, run them in parallel 3. Trigger pipelines on webhooks, comments, releases, etc. Slack Notifications Approval Steps GitHub Comments
  • 24. Step One: Open Pull Request
  • 25. Step Two: Review “Auto Plan”
  • 26. Step Three: Seek Approval Code Review
  • 27. Step Four: Deploy Changes
  • 28. Step Five: Merge Pull Request
  • 31. How to get started 1. Signup for Codefresh 2. Add codefresh.yaml to each terraform repo 3. Get back to work (sorry it’s that easy). Or ask us for help =)
  • 32. Example /codefresh.yaml. init: title: Run `terraform init` stage: Init fail_fast: true image: ${{build_image}} working_directory: *cwd environment: - TF_COMMAND=init commands: - eval "$(chamber exec atlantis -- sh -c "export -p")" - eval "$(ssh-agent)" - echo "${ATLANTIS_SSH_PRIVATE_KEY}" | ssh-add - - terraform init # define step called “init” # give it a title # associate it with a stage of the pipeline # exit on errors # docker image to use # working directory (e.g. terraform code) # environment variables # (used for our github comment template) # commands we should run in this step # export environment from chamber to shell # start an SSH agent # load SSH key so we can pull private repos # run terraform init with s3 backend Steps can be Entirely Customized. Init Step
  • 33. Example codefresh.yaml. (Continued) plan: title: Run `terraform plan` stage: Plan fail_fast: true image: ${{build_image}} working_directory: *cwd environment: - TF_COMMAND=plan commands: - set +e -xo pipefail - terraform plan | tfmask | scenery | tee plan.txt - export TF_EXIT_CODE=$? - github-commenter < plan.txt - '[ $TF_EXIT_CODE -ne 1 ]' # define step called “init” # give it a title # associate it with a stage of the pipeline # exit on errors # docker image to use # working directory (e.g. terraform code) # environment variables # (used for our github comment template) # commands we should run in this step # shell flags # terraform plan, mask secrets, format it # record exit code of terraform plan # comment back to PR with plan output # exit code of 0 or 2 is success; 1 is error Steps can be Entirely Customized. PLan Step
  • 34. Example codefresh.yaml. (Continued) apply: title: Run `terraform apply` stage: Apply fail_fast: true image: ${{build_image}} working_directory: *cwd environment: - TF_COMMAND=apply commands: - set +e -xo pipefail - terraform apply | tfmask | tee apply.txt - export TF_EXIT_CODE=$? - github-commenter < apply.txt - '[ $TF_EXIT_CODE -eq 0 ]' # define step called “apply” # give it a title # associate it with a stage of the pipeline # exit on errors # docker image to use # working directory (e.g. terraform code) # environment variables # (used for our github comment template) # commands we should run in this step # shell flags # apply the terraform plan and mask output # (run apply using previous plan) # $PLANFILE ensures WYSIWYG # Comment back on github with outcome # Expect an exit code of zero Apply Step
  • 35. Live Demo 1. Add User 2. Open PR 3. Run Plan 4. Seek Approval (or not) 5. Apply 6. Merge
  • 37. Our Best Practices Use Geodesic as our cloud automation shell Use IAM STS for short lived AWS credentials (not hardcoded credentials) Use GitHub CODEOWNERS Use .tfvars for non-secrets Use SSM Parameter Store + KMS for Secrets Use scenery for clean output; tfmask to sanitize output Atlantis “Best Practices”
  • 38. Why do you care? Teamwork.
  • 39. GitOps Stop living dangerously. Start using GitOps. https://github.com/runatlantis/atlantis ● Practice total transparency in operations ● Enable team collaboration ● Reduce access to environments → increase security ● Increase Productivity, Simplify Maintenance, Ensure Repeatability
  • 40. Where can I ask questions? slack.sweetops.com Join our community!
  • 41. Links Example Pipeline on GitHub cpco.io/codefresh-gitops github.com/cloudposse/tfmask github.com/cloudposse/geodesic github.com/cloudposse/github-commenter
  • 42. Office Hours with Cloud Posse ● Expert Advice — Prescriptive solutions to your questions ● Reduced Time to Market — know your options & eliminate analysis paralysis ● Trusted Partner — who learns your stack and understands your problems ● Recorded Strategy Sessions — Weekly or Biweekly Cadence (30m-1hr) ● Easy Scheduling — via Calendly or recurring events ● Shared Slack Channel — for private communications (~12 hour SLA) What you get... Why you want it...  $500/mo - 2 hours 
  • 43. Hire us. =) A Totally Sweet DevOps Professional Services Company 100+ Free Terraform Modules github.com/cloudposse Active Community sweetops.com/slack Awesome Documentation docs.cloudposse.com 415 5 3 5 86 15 hello@ cloudposse.com (free consultation)