automation with packer and terraform
TRANSCRIPT
Packer & TerraFormA brief intro in automation using Packer and
TerraForm
Today’s challengesIncreasingly complex infrastructure to setup
• Multiple environments for testing and production
• Evolution / Changing of infrastructure
• Documentation of infrastructure
• More than one server involved
Infrastructure as Code (IaC)Infrastructure as Code (IaC) is the process of managing and provisioning computing infrastructure (processes, bare-metal servers, virtual servers, etc.) and their configuration through machine-processable definition files
• Cost (reduction)
• Speed (faster execution)
• and Risk (remove errors and security violations)
Introducing Packer and TerraFormPacker
Packer is a tool for creating machine and container images for multiple platforms from a single source configuration.
Treat server as immutable
Any configuration change results in a completely new server
Allows for easier tools then Chef or Puppet
JSON configuration language
TerraForm
Terraform provides a common configuration to launch infrastructure. Once launched, Terraform safely and efficiently changes infrastructure as the configuration is evolved
Describe infrastructure in a declarative way
Keep track of changes to the infrastructure
Changing infrastructure is accessible to entire team
Rollback your infrastructure to a previous point
HashiCorp Configuration Language (HCL)
Why use Packer?Standardise development environments and machine images. Create near identical state infrastructure across multiple environments
Why use TerraForm?To orchestrate and create resources in your environments with ease and simplicity
<plan> Objectives || Strategy || Design</plan>
Packerhttps://www.packer.io/
Packer Concepts:Builders
Provisioners
Parallel Builds
Post Processors
Building Images
Create a template: configuration file used to define what image we want built and how
NotesDefine the builders
Define provisioners
Define post-processors
Define variables (access keys etc)
<NB/>: Parallel Builds
Example
{ "builders": [], "description": "A packer example template", "min_packer_version": "0.8.0", "provisioners": [], "post-processors": [], "variables": []}
BuildersAmazon EC2 (AMI)
DigitalOcean
Docker
Google Compute Engine
OpenStack
VirtualBox
<Commands/>:
packer buildpacker fixpacker inspectpacker validate
{ "variables": { "aws_access_key": "YOURACCESSKEY", "aws_secret_key": "YOURSECRETKEY", "do_api_token": "YOURAPITOKEN" }, "builders": [{ "type": "amazon-ebs", "access_key": "{{user `aws_access_key`}}", "secret_key": "{{user `aws_secret_key`}}", "region": "us-east-1", "source_ami": "ami-fce3c696", "instance_type": "t2.micro", "ssh_username": "ubuntu", "ami_name": "packer-example {{timestamp}}" },{ "type": "digitalocean", "api_token": "{{user `do_api_token`}}", "image": "ubuntu-14-04-x64", "region": "nyc3", "size": "512mb" }], "provisioners": [{ "type": "shell", "inline": [ "sleep 30", "sudo apt-get update", "sudo apt-get install -y redis-server" ] }]}
TerraFormhttps://www.terraform.io/
TerraForm Key Features:Infrastructure as Code
Execution Plans
Resource Graph
Change Automation
TerraForm: a tool for building, changing, and versioning infrastructure safely and efficiently.
Resources
Providers
terraform.tfstate: maps various resource metadata to actual resource IDs so that Terraform knows what it is managing
Input variables: variables.tf & terraform.tfvars
Output variables
Example: main.tf
provider "aws" { access_key = "ACCESS_KEY_HERE" secret_key = "SECRET_KEY_HERE" region = "us-east-1"}
resource "aws_instance" "example" { ami = "ami-0d729a60" #from packer build instance_type = "t2.micro"}
Templatesmain.tf
variables.tf
terraform.tfvars
*.tpl (template resource)
<commands/>:
terraform validateterraform planterraform apply terraform destroy
# variables.tfvariable "web_count" { type = "string" description = "How many EC2 instances to deploy"}
# terraform.tfvarsweb_count = 2aws_route53_zone_id = "YOURZONEID"aws_access_key = "YOURACCESS"aws_secret_key = "YOURSECRETKEYXXXXXXXXXXXXXXX"
….# snippet from main.tfresource "template_file" "web_server_init" { count = "${var.web_count}" template = "${file("web_init.tpl")}" vars { hostname = "${lookup(var.web_hostnames, count.index)}" device_name = "/dev/xvdf" mount_point = "/srv/data" }}
#!/bin/bash -vsudo mkfs -t ext4 ${device_name}sudo mkdir ${mount_point}sudo echo "${device_name} ${mount_point} ext4 defaults,nofail 0 2" >> /etc/fstab
Build StepsPlanning (Packer -> TerraForm)
Plan reqs: packer builders / provisionersPlan TerraForm resources/providers
Remote build (Packer)Packer inspect/fix/validatePacker build (store build artifact)-> update TF to use
this artifact/ami as a source
TerraForm Plan Terraform validate > graph > planStore plan output
TerraForm Apply Run terraform apply (or terraform destroy)Commit .tfstate to VCS or remote backend.
Design Env Maintain
Packer and TerraForm
Packer build image TerraForm Apply
Store artifact
TerraForm update Add resourcesDestroy resourcesEtc