SlideShare a Scribd company logo

Terraform Immutablish Infrastructure with Consul-Template

Download as PPTX, PDF
Z
Zane Williamson

This presentation discusses using Terraform and Consul-Template to implement "Immutablish" infrastructure at Trulia. Immutablish infrastructure allows some changes, unlike immutable infrastructure, through dynamically generated configuration files. Terraform is used to define Consul keys for template variables and generate unique scripts for each host. Consul-Template monitors Consul for changes and reloads services when configurations are updated. While more flexible than immutable setups, Immutablish infrastructure adds operational complexity and may not work for all stateful services.

1 of 24
zzz Terraform Immutablish Infrastructure with Consul-Template HUG Presentation
zzz Presenter – Zane Williamson • @sepulworld - Github • @zane_williamson – Twitter • Sr. DevOps at Trulia – Data Eng. Team 2
zzz Terraform at Trulia 1. 100+ applied Terraform states in action 2. We have been using Terraform since the 0.6 days 3. Trulia Innovation Week Project: Terraform State of Awareness (https://github.com/sepulworld/tfsoa - telemetry data on TF states) 4. Trulia Innovation Week Project: tfmod-generator (https://github.com/sepulworld/tfmod-generator - scaffolding generator for Terraform modules that are Git sourced) 3
zzz Overview 1. What is Immutablish infrastructure? How is it different from Immutable? 2. How Trulia uses Terraform and consul-template 3. What to consider when going down this route, not a ‘silverbullet’ 4
zzz What is Immutablish infrastructure? How is it different from Immutable? 5
zzz Immutable example on AWS • No changes allowed to running environment • Changes performed by adding new immutable instances and removing old ones (Create before Destroy) • Not very flexible, but offers a strictly controlled build and release solution • Configuration management only used when AMI is created 6 Packer + Terraform Continuous Integration Infrastructure Time Line 1. Start with live autoscale group running EC2 instances from AMI-x 2. Autoscale Group (AMI-x) Autoscale Group (AMI-y) Autoscale Group (AMI-x)TerraformAMI-yPacker/Jenkins Autoscale Group (AMI-x) Autoscale Group (AMI-y) 4. End with new Autoscale group running AMI-y 3. Destroy Previous ASG
zzz Immutablish example on AWS • Example done with AWS • SolrCloud cluster (basically a multi-node EC2 instance deployment) • Requirements: • Consul server cluster • Zookeeper service registered with Consul 7
zzz Immutablish example on AWS • Changes allowed through pre-defined config files controlled by consul-template • More flexible than immutable environment, but contains more operational complexity • Will use user-data templates to bootstrap instances with configs 8
zzz How Trulia uses Terraform and Consul-template 9
zzz Terraform Toolbox • Terraform Consul provider: • Publish consul keys that can be used by consul-template to generate dynamic configuration files • Terraform Template provider: • Used to generate unique user-data.sh bootstrap scripts for EC2 hosts 10
zzz Terraform + Consul keys • Terraform code to control unique host specific key/value entries on Consul cluster • Each SolrCloud instance that comes online to join this Consul server cluster will have access to key/values for consul- template to leverage 11 --- snip --- provider "consul" { address = "${var.consul_endpoint}:8500" datacenter = "${var.consul_datacenter}" } resource "consul_keys" "solr_config" { count = "${var.solr_count}" key { path = "service/solr_conf/solr${count.index + 1}-$ {var.team}-${var.service}- ${var.environment}.${var.domain}/LOG4J_PROPS" value = "${var.log4j_props}" } key { path = "service/solr_conf/solr${count.index + 1}- ${var.team}-${var.service}- ${var.environment}.${var.domain}/SOLR_HOME" value = "${var.solr_home}" } --- snip ---
zzz Terraform template provider • Template_file to take in variable inputs and pass to a template file • Template_cloudinit_config will then be used to renderthe user-data.sh as a text/x-shellscript 12
zzz13 Terraform template providers in action Template_File resource counted out to the number of SolrCloud systems required. Pass in user defined variables to be used in user-data.sh. Render the templates. The second part is an optional user defined script that can be appended. Use the rendered templates for user_data bootstrap. 1 data "template_file" "script" { count = "${var.solr_count}" template = "${file("${path.module}/remote_scripts/user- data.sh.tpl")}" vars { environment = "${var.environment}" team = "${var.team}" domain = "${var.domain}" service = "${var.service}" product = "${var.product}" solr_count = "${count.index + 1}" consul_server_tag_key = "${var.consul_server_tag_key}" consul_server_tag_value = "${var.consul_server_tag_value}" consul_datacenter = "${var.consul_datacenter}" consul_agent_version = "${var.consul_agent_version}" consul_template_version = "${var.consul_template_version}" install_consul_agent = "${var.install_consul_agent}" install_consul_template = "${var.install_consul_template}" install_solr_version = "${var.install_solr_version}" } } data "template_cloudinit_config" "userdata" { count = "${var.solr_count}" gzip = true base64_encode = true part { content_type = "text/x-shellscript" content = "${element(data.template_file.script.*.rendered, count.index)}" } } resource "aws_instance" "solrcloud" { count = "${var.solr_count}" user_data = "${element(data.template_cloudinit_config.userdata.*.rendered, count.index)}" root_block_device { volume_type = "${var.root_block_device_volume_type}" volume_size = "${var.root_block_device_volume_size}" delete_on_termination = "${var.root_block_device_delete_on_termination}" } ---snip--- } 2 3
zzz14 Terraform to plug data into consul for SolrCloud consul-template to use --- snip --- provider "consul" { address = "${var.consul_endpoint}:8500" datacenter = "${var.consul_datacenter}" } resource "consul_keys" "solr_config" { datacenter = "${var.consul_datacenter}" count = "${var.solr_count}" key { path = "service/solr_conf/solr${count.index + 1}-${var.team}-${var.service}- ${var.environment}.${var.domain}/LO G4J_PROPS" value = "${var.log4j_props}" } --- snip --- # /etc/default/solr.init.sh.ctmpl # Set the ZooKeeper connection string if using an external ZooKeeper(s) # e.g. host1:2181,host2:2181/chroot ZK_HOST="{{range service "zookeeper"}}{{.Address}}:2181,{{end}}" # Set hostname to match system level we control # Variables here are Terraform template interpolation, SOLR_HOST="solr${solr_count}-${team}-${product}- ${environment}.${domain}" # Generate rest of configuration based upon key/values found in consul # Variables here are Terraform template interpolation, {{range tree "service/solr_conf/solr${solr_count}-${team}-${product}- ${environment}.${domain}"}} {{.Key}}="{{.Value}}" {{end}} # /var/solr/log4j. properties.ctmpl # Generate log4j configuration from #z Variables here are Terraform template interpolation, {{range tree "service/solr/log4j/solr${solr_ count}-${team}-${product}- ${environment}.${domain}"}} {{.Key}}="{{.Value}}" {{end}} Consul server cluster SolrCloud Cluster
zzz Consul-template (the tool to make it Immutablish) • “This project provides a convenient way to populate values from Consul into the file system using the consul-template daemon” • Light weight daemon • Leverage the ”range” function in consul template 15
zzz Consul-template in action • Consul-template process that manages /etc/default/solr.init.sh • Discover ‘zookeeper’ hosts to work with (required for SolrCloud clustering) • Utilize consul-templates ‘range tree’ to discover key/values to use in configuration • Action upon change is to reload SolrCloud service 16 # /etc/default/solr.init.sh.ctmpl # Set the ZooKeeper connection string if using an external ZooKeeper(s) # e.g. host1:2181,host2:2181/chroot ZK_HOST="{{range service "zookeeper"}}{{.Address}}:2181,{{end}}" # Set hostname to match system level we control # Variables here are Terraform template interpolation, SOLR_HOST="solr${solr_count}- ${team}-${product}-${environment}.${domain}" # Generate rest of configuration based upon key/values found in consul # Variables here are Terraform template interpolation, {{range tree "service/solr_conf/solr${solr_count}-${team}- ${product}-${environment}.${domain}"}} {{.Key}}="{{.Value}}" {{end}} SolrCloud Cluster
zzz Consul-template in action, cont. • Another pre-defined configuration file that we want to make dynamic is /var/solr/log4j.properties.ctmpl • Leverage the ‘range tree’ again to generate key/value entries in configuration • Action upon change is to reload SolrCloud service 17 # /var/solr/log4j.properties.ctmpl # Generate log4j configuration from #z Variables here are Terraform template interpolation, {{range tree "service/solr/log4j/solr${solr_count}- ${team}-${product}- ${environment}.${domain}"}} {{.Key}}="{{.Value}}" {{end}} SolrCloud Cluster
zzz Consul-template: daemon configuration • Leverage ‘consul lock’ to ensure you restart only system at a time 18 consul { address = "127.0.0.1:8500" retry { enabled = true backoff = "10s" } } reload_signal = "SIGHUP” template { source = “/etc/default/solr.init.sh.ctmpl” destination = “/etc/default/solr.init.sh” command = "consul lock lock/solr_restart systemctl restart solr" command_timeout = "220s" }
zzz Immutablish post provision… • Post provision you have the ability now to update consul key/values to make configuration changes on the fly • Consul-template daemon is configured to restart service if a change is made • Terraform is used to enforce key/values in Consul for specified service configuration 19
zzz What to consider when going down this route? Not a ‘silverbullet.’ 20
zzz What to consider when designing for Immutablish 1. Number of dynamic files to manage • Ideally this is 1-3. If your service needs more than 3 files managed it will get convoluted. 2. What will manage the template files? • Terraform Template provider coupled with user-data on AWS is a good option • Continuous management could be done via Puppet or Chef 3. Is your service able to survive losing instances, and having new ones come back online? • This doesn’t work with all stateful services. We found it to work ok with services that store their cluster state in a system like Zookeeper. 21
zzz Challenges 1. Hard to test and iterate over template or key/value changes • Would be great to have a local (Vagrant perhaps) test environment to try out consul-template changes and/or consul key/value updates 2. If you have complex configuration file formats • Building a template may get hairy if you have many different layers of values in the configuration 3. Increased operational complexity vs a micro-service that is Immutable • If you want your microservice and/or a capable stateful service like SolrCloud in this talk to be Immutablish, this will increase operational complexity. 22
zzz Key takeaways 1. Provides a way to simplify application configurations across multiple environments, via templating 2. Terraform can help enforce configuration changes via its built in consul and template providers 3. Excellent for state-less services, but could be challenging for stateful services 23
zzz Questions? 24

Recommended

Terraform Modules and Continuous Deployment
Terraform Modules and Continuous DeploymentTerraform Modules and Continuous Deployment
Terraform Modules and Continuous Deployment
Zane Williamson
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ..."Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ...
Anton Babenko
 
Introductory Overview to Managing AWS with Terraform
Introductory Overview to Managing AWS with TerraformIntroductory Overview to Managing AWS with Terraform
Introductory Overview to Managing AWS with Terraform
Michael Heyns
 
An intro to Docker, Terraform, and Amazon ECS
An intro to Docker, Terraform, and Amazon ECSAn intro to Docker, Terraform, and Amazon ECS
An intro to Docker, Terraform, and Amazon ECS
Yevgeniy Brikman
 
Terraform at Scale - All Day DevOps 2017
Terraform at Scale - All Day DevOps 2017Terraform at Scale - All Day DevOps 2017
Terraform at Scale - All Day DevOps 2017
Jonathon Brouse
 
Infrastructure as Code: Introduction to Terraform
Infrastructure as Code: Introduction to TerraformInfrastructure as Code: Introduction to Terraform
Infrastructure as Code: Introduction to Terraform
Alexander Popov
 
Terraform Introduction
Terraform IntroductionTerraform Introduction
Terraform Introduction
soniasnowfrog
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with Terraform
Mario IC
 

Recommended

Terraform Modules and Continuous Deployment
Terraform Modules and Continuous DeploymentTerraform Modules and Continuous Deployment
Terraform Modules and Continuous Deployment
Zane Williamson
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ..."Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ...
Anton Babenko
 
Introductory Overview to Managing AWS with Terraform
Introductory Overview to Managing AWS with TerraformIntroductory Overview to Managing AWS with Terraform
Introductory Overview to Managing AWS with Terraform
Michael Heyns
 
An intro to Docker, Terraform, and Amazon ECS
An intro to Docker, Terraform, and Amazon ECSAn intro to Docker, Terraform, and Amazon ECS
An intro to Docker, Terraform, and Amazon ECS
Yevgeniy Brikman
 
Terraform at Scale - All Day DevOps 2017
Terraform at Scale - All Day DevOps 2017Terraform at Scale - All Day DevOps 2017
Terraform at Scale - All Day DevOps 2017
Jonathon Brouse
 
Infrastructure as Code: Introduction to Terraform
Infrastructure as Code: Introduction to TerraformInfrastructure as Code: Introduction to Terraform
Infrastructure as Code: Introduction to Terraform
Alexander Popov
 
Terraform Introduction
Terraform IntroductionTerraform Introduction
Terraform Introduction
soniasnowfrog
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with Terraform
Mario IC
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
Nebulaworks
 
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
Stephane Jourdan
 
Refactoring terraform
Refactoring terraformRefactoring terraform
Refactoring terraform
Nell Shamrell-Harrington
 
Terraform in deployment pipeline
Terraform in deployment pipelineTerraform in deployment pipeline
Terraform in deployment pipeline
Anton Babenko
 
Terraform Abstractions for Safety and Power
Terraform Abstractions for Safety and PowerTerraform Abstractions for Safety and Power
Terraform Abstractions for Safety and Power
Calvin French-Owen
 
Terraform - Taming Modern Clouds
Terraform - Taming Modern CloudsTerraform - Taming Modern Clouds
Terraform - Taming Modern Clouds
Nic Jackson
 
AWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp VaultAWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp Vault
Grzegorz Adamowicz
 
Terraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud ServicesTerraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud Services
Martin Schütte
 
Scaling terraform
Scaling terraformScaling terraform
Scaling terraform
Paolo Tonin
 
Terraform at Scale
Terraform at ScaleTerraform at Scale
Terraform at Scale
Calvin French-Owen
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modules
Yevgeniy Brikman
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with Terraform
Tim Berry
 
Mасштабирование микросервисов на Go, Matt Heath (Hailo)
Mасштабирование микросервисов на Go, Matt Heath (Hailo)Mасштабирование микросервисов на Go, Matt Heath (Hailo)
Mасштабирование микросервисов на Go, Matt Heath (Hailo)
Ontico
 
Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform Training
Yevgeniy Brikman
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
John Lynch
 
Building Windows Images with Packer
Building Windows Images with PackerBuilding Windows Images with Packer
Building Windows Images with Packer
Matt Wrock
 
Terraform introduction
Terraform introductionTerraform introduction
Terraform introduction
Jason Vance
 
The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016
effie mouzeli
 
Perl Memory Use - LPW2013
Perl Memory Use - LPW2013Perl Memory Use - LPW2013
Perl Memory Use - LPW2013
Tim Bunce
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructured
Ami Mahloof
 
London HUG 12/4
London HUG 12/4London HUG 12/4
London HUG 12/4
London HashiCorp User Group
 
Solr 6 Feature Preview
Solr 6 Feature PreviewSolr 6 Feature Preview
Solr 6 Feature Preview
Yonik Seeley
 

More Related Content

What's hot

A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
Nebulaworks
 
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
Stephane Jourdan
 
Refactoring terraform
Refactoring terraformRefactoring terraform
Refactoring terraform
Nell Shamrell-Harrington
 
Terraform in deployment pipeline
Terraform in deployment pipelineTerraform in deployment pipeline
Terraform in deployment pipeline
Anton Babenko
 
Terraform Abstractions for Safety and Power
Terraform Abstractions for Safety and PowerTerraform Abstractions for Safety and Power
Terraform Abstractions for Safety and Power
Calvin French-Owen
 
Terraform - Taming Modern Clouds
Terraform - Taming Modern CloudsTerraform - Taming Modern Clouds
Terraform - Taming Modern Clouds
Nic Jackson
 
AWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp VaultAWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp Vault
Grzegorz Adamowicz
 
Terraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud ServicesTerraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud Services
Martin Schütte
 
Scaling terraform
Scaling terraformScaling terraform
Scaling terraform
Paolo Tonin
 
Terraform at Scale
Terraform at ScaleTerraform at Scale
Terraform at Scale
Calvin French-Owen
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modules
Yevgeniy Brikman
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with Terraform
Tim Berry
 
Mасштабирование микросервисов на Go, Matt Heath (Hailo)
Mасштабирование микросервисов на Go, Matt Heath (Hailo)Mасштабирование микросервисов на Go, Matt Heath (Hailo)
Mасштабирование микросервисов на Go, Matt Heath (Hailo)
Ontico
 
Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform Training
Yevgeniy Brikman
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
John Lynch
 
Building Windows Images with Packer
Building Windows Images with PackerBuilding Windows Images with Packer
Building Windows Images with Packer
Matt Wrock
 
Terraform introduction
Terraform introductionTerraform introduction
Terraform introduction
Jason Vance
 
The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016
effie mouzeli
 
Perl Memory Use - LPW2013
Perl Memory Use - LPW2013Perl Memory Use - LPW2013
Perl Memory Use - LPW2013
Tim Bunce
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructured
Ami Mahloof
 

What's hot (20)

A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
 
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
Using Terraform.io (Human Talks Montpellier, Epitech, 2014/09/09)
 
Refactoring terraform
Refactoring terraformRefactoring terraform
Refactoring terraform
 
Terraform in deployment pipeline
Terraform in deployment pipelineTerraform in deployment pipeline
Terraform in deployment pipeline
 
Terraform Abstractions for Safety and Power
Terraform Abstractions for Safety and PowerTerraform Abstractions for Safety and Power
Terraform Abstractions for Safety and Power
 
Terraform - Taming Modern Clouds
Terraform - Taming Modern CloudsTerraform - Taming Modern Clouds
Terraform - Taming Modern Clouds
 
AWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp VaultAWS DevOps - Terraform, Docker, HashiCorp Vault
AWS DevOps - Terraform, Docker, HashiCorp Vault
 
Terraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud ServicesTerraform: Configuration Management for Cloud Services
Terraform: Configuration Management for Cloud Services
 
Scaling terraform
Scaling terraformScaling terraform
Scaling terraform
 
Terraform at Scale
Terraform at ScaleTerraform at Scale
Terraform at Scale
 
Reusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modulesReusable, composable, battle-tested Terraform modules
Reusable, composable, battle-tested Terraform modules
 
Infrastructure as Code with Terraform
Infrastructure as Code with TerraformInfrastructure as Code with Terraform
Infrastructure as Code with Terraform
 
Mасштабирование микросервисов на Go, Matt Heath (Hailo)
Mасштабирование микросервисов на Go, Matt Heath (Hailo)Mасштабирование микросервисов на Go, Matt Heath (Hailo)
Mасштабирование микросервисов на Go, Matt Heath (Hailo)
 
Comprehensive Terraform Training
Comprehensive Terraform TrainingComprehensive Terraform Training
Comprehensive Terraform Training
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Building Windows Images with Packer
Building Windows Images with PackerBuilding Windows Images with Packer
Building Windows Images with Packer
 
Terraform introduction
Terraform introductionTerraform introduction
Terraform introduction
 
The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016
 
Perl Memory Use - LPW2013
Perl Memory Use - LPW2013Perl Memory Use - LPW2013
Perl Memory Use - LPW2013
 
Terraform modules restructured
Terraform modules restructuredTerraform modules restructured
Terraform modules restructured
 

Similar to Terraform Immutablish Infrastructure with Consul-Template

London HUG 12/4
London HUG 12/4London HUG 12/4
London HUG 12/4
London HashiCorp User Group
 
Solr 6 Feature Preview
Solr 6 Feature PreviewSolr 6 Feature Preview
Solr 6 Feature Preview
Yonik Seeley
 
Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)
Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)
Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)
Adin Ermie
 
leboncoin DataEngineering / Terraform - beginner to advanced
leboncoin DataEngineering / Terraform - beginner to advancedleboncoin DataEngineering / Terraform - beginner to advanced
leboncoin DataEngineering / Terraform - beginner to advanced
leboncoin engineering
 
Solr As A SparkSQL DataSource
Solr As A SparkSQL DataSourceSolr As A SparkSQL DataSource
Solr As A SparkSQL DataSource
Spark Summit
 
Introduction To Terraform
Introduction To TerraformIntroduction To Terraform
Introduction To Terraform
Sasitha Iresh
 
Terraform 0.9 + good practices
Terraform 0.9 + good practicesTerraform 0.9 + good practices
Terraform 0.9 + good practices
Radek Simko
 
Terraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeTerraform -- Infrastructure as Code
Terraform -- Infrastructure as Code
Martin Schütte
 
TIAD : Automating the modern datacenter
TIAD : Automating the modern datacenterTIAD : Automating the modern datacenter
TIAD : Automating the modern datacenter
The Incredible Automation Day
 
Terraform infraestructura como código
Terraform infraestructura como códigoTerraform infraestructura como código
Terraform infraestructura como código
Victor Adsuar
 
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Docker, Inc.
 
Rebuilding Solr 6 Examples - Layer by Layer: Presented by Alexandre Rafalovit...
Rebuilding Solr 6 Examples - Layer by Layer: Presented by Alexandre Rafalovit...Rebuilding Solr 6 Examples - Layer by Layer: Presented by Alexandre Rafalovit...
Rebuilding Solr 6 Examples - Layer by Layer: Presented by Alexandre Rafalovit...
Lucidworks
 
Summit demystifying systemd1
Summit demystifying systemd1Summit demystifying systemd1
Summit demystifying systemd1Susant Sahani
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
NETWAYS
 
SAP LVM Custom Operations
SAP LVM Custom OperationsSAP LVM Custom Operations
SAP LVM Custom Operations
Aliter Consulting
 
SAP LVM Customer Operations
SAP LVM Customer OperationsSAP LVM Customer Operations
SAP LVM Customer Operations
Gary Jackson MBCS
 
Kamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with LuaKamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with Lua
Sebastian Damm
 
AWSをテラフォーミングする会(Terraformハンズオン)
AWSをテラフォーミングする会(Terraformハンズオン)AWSをテラフォーミングする会(Terraformハンズオン)
AWSをテラフォーミングする会(Terraformハンズオン)
正貴 小川
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019
D.Rajesh Kumar
 
CoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love SystemdCoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love Systemd
Richard Lister
 

Similar to Terraform Immutablish Infrastructure with Consul-Template (20)

London HUG 12/4
London HUG 12/4London HUG 12/4
London HUG 12/4
 
Solr 6 Feature Preview
Solr 6 Feature PreviewSolr 6 Feature Preview
Solr 6 Feature Preview
 
Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)
Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)
Infrastructure-as-Code (IaC) Using Terraform (Advanced Edition)
 
leboncoin DataEngineering / Terraform - beginner to advanced
leboncoin DataEngineering / Terraform - beginner to advancedleboncoin DataEngineering / Terraform - beginner to advanced
leboncoin DataEngineering / Terraform - beginner to advanced
 
Solr As A SparkSQL DataSource
Solr As A SparkSQL DataSourceSolr As A SparkSQL DataSource
Solr As A SparkSQL DataSource
 
Introduction To Terraform
Introduction To TerraformIntroduction To Terraform
Introduction To Terraform
 
Terraform 0.9 + good practices
Terraform 0.9 + good practicesTerraform 0.9 + good practices
Terraform 0.9 + good practices
 
Terraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeTerraform -- Infrastructure as Code
Terraform -- Infrastructure as Code
 
TIAD : Automating the modern datacenter
TIAD : Automating the modern datacenterTIAD : Automating the modern datacenter
TIAD : Automating the modern datacenter
 
Terraform infraestructura como código
Terraform infraestructura como códigoTerraform infraestructura como código
Terraform infraestructura como código
 
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
 
Rebuilding Solr 6 Examples - Layer by Layer: Presented by Alexandre Rafalovit...
Rebuilding Solr 6 Examples - Layer by Layer: Presented by Alexandre Rafalovit...Rebuilding Solr 6 Examples - Layer by Layer: Presented by Alexandre Rafalovit...
Rebuilding Solr 6 Examples - Layer by Layer: Presented by Alexandre Rafalovit...
 
Summit demystifying systemd1
Summit demystifying systemd1Summit demystifying systemd1
Summit demystifying systemd1
 
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
OSDC 2015: Mitchell Hashimoto | Automating the Modern Datacenter, Development...
 
SAP LVM Custom Operations
SAP LVM Custom OperationsSAP LVM Custom Operations
SAP LVM Custom Operations
 
SAP LVM Customer Operations
SAP LVM Customer OperationsSAP LVM Customer Operations
SAP LVM Customer Operations
 
Kamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with LuaKamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with Lua
 
AWSをテラフォーミングする会(Terraformハンズオン)
AWSをテラフォーミングする会(Terraformハンズオン)AWSをテラフォーミングする会(Terraformハンズオン)
AWSをテラフォーミングする会(Terraformハンズオン)
 
Meetup bangalore aug31st2019
Meetup bangalore aug31st2019Meetup bangalore aug31st2019
Meetup bangalore aug31st2019
 
CoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love SystemdCoreOS, or How I Learned to Stop Worrying and Love Systemd
CoreOS, or How I Learned to Stop Worrying and Love Systemd
 

Recently uploaded

Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
XfilesPro
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Hivelance Technology
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
Paco van Beckhoven
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Globus
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
Cyanic lab
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Anthony Dahanne
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
Globus
 

Recently uploaded (20)

Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
 
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
 

Terraform Immutablish Infrastructure with Consul-Template

  • 1. zzz Terraform Immutablish Infrastructure with Consul-Template HUG Presentation
  • 2. zzz Presenter – Zane Williamson • @sepulworld - Github • @zane_williamson – Twitter • Sr. DevOps at Trulia – Data Eng. Team 2
  • 3. zzz Terraform at Trulia 1. 100+ applied Terraform states in action 2. We have been using Terraform since the 0.6 days 3. Trulia Innovation Week Project: Terraform State of Awareness (https://github.com/sepulworld/tfsoa - telemetry data on TF states) 4. Trulia Innovation Week Project: tfmod-generator (https://github.com/sepulworld/tfmod-generator - scaffolding generator for Terraform modules that are Git sourced) 3
  • 4. zzz Overview 1. What is Immutablish infrastructure? How is it different from Immutable? 2. How Trulia uses Terraform and consul-template 3. What to consider when going down this route, not a ‘silverbullet’ 4
  • 5. zzz What is Immutablish infrastructure? How is it different from Immutable? 5
  • 6. zzz Immutable example on AWS • No changes allowed to running environment • Changes performed by adding new immutable instances and removing old ones (Create before Destroy) • Not very flexible, but offers a strictly controlled build and release solution • Configuration management only used when AMI is created 6 Packer + Terraform Continuous Integration Infrastructure Time Line 1. Start with live autoscale group running EC2 instances from AMI-x 2. Autoscale Group (AMI-x) Autoscale Group (AMI-y) Autoscale Group (AMI-x)TerraformAMI-yPacker/Jenkins Autoscale Group (AMI-x) Autoscale Group (AMI-y) 4. End with new Autoscale group running AMI-y 3. Destroy Previous ASG
  • 7. zzz Immutablish example on AWS • Example done with AWS • SolrCloud cluster (basically a multi-node EC2 instance deployment) • Requirements: • Consul server cluster • Zookeeper service registered with Consul 7
  • 8. zzz Immutablish example on AWS • Changes allowed through pre-defined config files controlled by consul-template • More flexible than immutable environment, but contains more operational complexity • Will use user-data templates to bootstrap instances with configs 8
  • 9. zzz How Trulia uses Terraform and Consul-template 9
  • 10. zzz Terraform Toolbox • Terraform Consul provider: • Publish consul keys that can be used by consul-template to generate dynamic configuration files • Terraform Template provider: • Used to generate unique user-data.sh bootstrap scripts for EC2 hosts 10
  • 11. zzz Terraform + Consul keys • Terraform code to control unique host specific key/value entries on Consul cluster • Each SolrCloud instance that comes online to join this Consul server cluster will have access to key/values for consul- template to leverage 11 --- snip --- provider "consul" { address = "${var.consul_endpoint}:8500" datacenter = "${var.consul_datacenter}" } resource "consul_keys" "solr_config" { count = "${var.solr_count}" key { path = "service/solr_conf/solr${count.index + 1}-$ {var.team}-${var.service}- ${var.environment}.${var.domain}/LOG4J_PROPS" value = "${var.log4j_props}" } key { path = "service/solr_conf/solr${count.index + 1}- ${var.team}-${var.service}- ${var.environment}.${var.domain}/SOLR_HOME" value = "${var.solr_home}" } --- snip ---
  • 12. zzz Terraform template provider • Template_file to take in variable inputs and pass to a template file • Template_cloudinit_config will then be used to renderthe user-data.sh as a text/x-shellscript 12
  • 13. zzz13 Terraform template providers in action Template_File resource counted out to the number of SolrCloud systems required. Pass in user defined variables to be used in user-data.sh. Render the templates. The second part is an optional user defined script that can be appended. Use the rendered templates for user_data bootstrap. 1 data "template_file" "script" { count = "${var.solr_count}" template = "${file("${path.module}/remote_scripts/user- data.sh.tpl")}" vars { environment = "${var.environment}" team = "${var.team}" domain = "${var.domain}" service = "${var.service}" product = "${var.product}" solr_count = "${count.index + 1}" consul_server_tag_key = "${var.consul_server_tag_key}" consul_server_tag_value = "${var.consul_server_tag_value}" consul_datacenter = "${var.consul_datacenter}" consul_agent_version = "${var.consul_agent_version}" consul_template_version = "${var.consul_template_version}" install_consul_agent = "${var.install_consul_agent}" install_consul_template = "${var.install_consul_template}" install_solr_version = "${var.install_solr_version}" } } data "template_cloudinit_config" "userdata" { count = "${var.solr_count}" gzip = true base64_encode = true part { content_type = "text/x-shellscript" content = "${element(data.template_file.script.*.rendered, count.index)}" } } resource "aws_instance" "solrcloud" { count = "${var.solr_count}" user_data = "${element(data.template_cloudinit_config.userdata.*.rendered, count.index)}" root_block_device { volume_type = "${var.root_block_device_volume_type}" volume_size = "${var.root_block_device_volume_size}" delete_on_termination = "${var.root_block_device_delete_on_termination}" } ---snip--- } 2 3
  • 14. zzz14 Terraform to plug data into consul for SolrCloud consul-template to use --- snip --- provider "consul" { address = "${var.consul_endpoint}:8500" datacenter = "${var.consul_datacenter}" } resource "consul_keys" "solr_config" { datacenter = "${var.consul_datacenter}" count = "${var.solr_count}" key { path = "service/solr_conf/solr${count.index + 1}-${var.team}-${var.service}- ${var.environment}.${var.domain}/LO G4J_PROPS" value = "${var.log4j_props}" } --- snip --- # /etc/default/solr.init.sh.ctmpl # Set the ZooKeeper connection string if using an external ZooKeeper(s) # e.g. host1:2181,host2:2181/chroot ZK_HOST="{{range service "zookeeper"}}{{.Address}}:2181,{{end}}" # Set hostname to match system level we control # Variables here are Terraform template interpolation, SOLR_HOST="solr${solr_count}-${team}-${product}- ${environment}.${domain}" # Generate rest of configuration based upon key/values found in consul # Variables here are Terraform template interpolation, {{range tree "service/solr_conf/solr${solr_count}-${team}-${product}- ${environment}.${domain}"}} {{.Key}}="{{.Value}}" {{end}} # /var/solr/log4j. properties.ctmpl # Generate log4j configuration from #z Variables here are Terraform template interpolation, {{range tree "service/solr/log4j/solr${solr_ count}-${team}-${product}- ${environment}.${domain}"}} {{.Key}}="{{.Value}}" {{end}} Consul server cluster SolrCloud Cluster
  • 15. zzz Consul-template (the tool to make it Immutablish) • “This project provides a convenient way to populate values from Consul into the file system using the consul-template daemon” • Light weight daemon • Leverage the ”range” function in consul template 15
  • 16. zzz Consul-template in action • Consul-template process that manages /etc/default/solr.init.sh • Discover ‘zookeeper’ hosts to work with (required for SolrCloud clustering) • Utilize consul-templates ‘range tree’ to discover key/values to use in configuration • Action upon change is to reload SolrCloud service 16 # /etc/default/solr.init.sh.ctmpl # Set the ZooKeeper connection string if using an external ZooKeeper(s) # e.g. host1:2181,host2:2181/chroot ZK_HOST="{{range service "zookeeper"}}{{.Address}}:2181,{{end}}" # Set hostname to match system level we control # Variables here are Terraform template interpolation, SOLR_HOST="solr${solr_count}- ${team}-${product}-${environment}.${domain}" # Generate rest of configuration based upon key/values found in consul # Variables here are Terraform template interpolation, {{range tree "service/solr_conf/solr${solr_count}-${team}- ${product}-${environment}.${domain}"}} {{.Key}}="{{.Value}}" {{end}} SolrCloud Cluster
  • 17. zzz Consul-template in action, cont. • Another pre-defined configuration file that we want to make dynamic is /var/solr/log4j.properties.ctmpl • Leverage the ‘range tree’ again to generate key/value entries in configuration • Action upon change is to reload SolrCloud service 17 # /var/solr/log4j.properties.ctmpl # Generate log4j configuration from #z Variables here are Terraform template interpolation, {{range tree "service/solr/log4j/solr${solr_count}- ${team}-${product}- ${environment}.${domain}"}} {{.Key}}="{{.Value}}" {{end}} SolrCloud Cluster
  • 18. zzz Consul-template: daemon configuration • Leverage ‘consul lock’ to ensure you restart only system at a time 18 consul { address = "127.0.0.1:8500" retry { enabled = true backoff = "10s" } } reload_signal = "SIGHUP” template { source = “/etc/default/solr.init.sh.ctmpl” destination = “/etc/default/solr.init.sh” command = "consul lock lock/solr_restart systemctl restart solr" command_timeout = "220s" }
  • 19. zzz Immutablish post provision… • Post provision you have the ability now to update consul key/values to make configuration changes on the fly • Consul-template daemon is configured to restart service if a change is made • Terraform is used to enforce key/values in Consul for specified service configuration 19
  • 20. zzz What to consider when going down this route? Not a ‘silverbullet.’ 20
  • 21. zzz What to consider when designing for Immutablish 1. Number of dynamic files to manage • Ideally this is 1-3. If your service needs more than 3 files managed it will get convoluted. 2. What will manage the template files? • Terraform Template provider coupled with user-data on AWS is a good option • Continuous management could be done via Puppet or Chef 3. Is your service able to survive losing instances, and having new ones come back online? • This doesn’t work with all stateful services. We found it to work ok with services that store their cluster state in a system like Zookeeper. 21
  • 22. zzz Challenges 1. Hard to test and iterate over template or key/value changes • Would be great to have a local (Vagrant perhaps) test environment to try out consul-template changes and/or consul key/value updates 2. If you have complex configuration file formats • Building a template may get hairy if you have many different layers of values in the configuration 3. Increased operational complexity vs a micro-service that is Immutable • If you want your microservice and/or a capable stateful service like SolrCloud in this talk to be Immutablish, this will increase operational complexity. 22
  • 23. zzz Key takeaways 1. Provides a way to simplify application configurations across multiple environments, via templating 2. Terraform can help enforce configuration changes via its built in consul and template providers 3. Excellent for state-less services, but could be challenging for stateful services 23