terraform and cloud.ca

cloud.ca @cloud_dot_ca

Automate deployments withTerraform & cloud.ca

February 25, 2016

cloud.ca @cloud_dot_cacloud.ca @cloud_dot_ca

About us

CloudOps○ Cloud infrastructure experts since 2005 ○ Design, build and manage public, private and hybrid cloud

solutions

Patrick Dubé○ Software Engineering, McGill○ Software developer @ CloudOps since 2013

cloud.ca○ Infrastructure as a Service platform, based in Montreal○ Launched August 2014


Personal goal

After this presentation:

● Everyone attending will only deploy infrastructure using

automation

● 95% reconsider their deployment methods

● 50% try automating a deployment. Just to see how it feels.


So what’s the big deal with cloud anyway?

4


What is it?

Cloud computingPool of computing resources (e.g. memory, processing power, storage, etc.) delivered over a network connection (e.g. the internet)

iCloud Cloud computing


Ok, so why do I care?

Flexibility/Scalability● Fast provisioning● Adaptability to changes in workloads

Utility cost● Pay for usage● Low up front costs● Efficient

Redundancy● No single point of failure (service provider specific)● Designed for fault tolerance


What is cloud.ca?

Regional Infrastructure as a Service

Compute

● High performance instances● SSD storage● Virtual Private Clouds (VPCs)● ACLs● VPN access● Load balancing

Object storage (Swift)

● Highly available● Secure● Durable


What are some other features?

● Multi-level nested organization scheme● Role-based access control● Activity monitoring● Usage reporting● Term discounts● Bilingual (EN & FR)● Environments

○ Enables resource sharing within a team○ Isolates workloads○ Controls user access through membership and roles


Environment?


Nice.


Automate, Deploy, Deploy, Deploy, etc.

11


Why automate?

Infrastructure automation is not only for large enterprise

Manual configuration is● Repetitive● Error prone● Non-reusable

Automation enables● Repeatable environments (Dev, QA, Production, etc.)● Change management● Scaling/reuse with confidence


Really? How?

Terraform (by HashiCorp)● Infrastructure as code● Cross platform● Execution plans● Versioning● Reusable

Similar tools● OpenStack Heat● AWS CloudFormation


How does it work?

In a nutshell

● Loads configuration files

● Checks for changes versus deployed infrastructure

● Translates changes into service provider API calls

● Applies changes

● Saves state to a file


Specifically?

Building blocks

● Providers

● Resources

● Variables

● Outputs

● Remote state


What providers are supported?

Some providers:


Enough talk. Show me the money.

Deployment to “dev” environment● 1 virtual private cloud● 2 tiers (web & data)● 3 instances in the web tier● 1 instances in the data tier● 2 public IP addresses● 1 load balancer rule for the web instances● 1 port forwarding rule for SSH


What does that look like?


How do we use providers?

Provider specific configuration


Variables?

Define variables


Set variables in separate file e.g. terraform.tfvars

How do you set them?


But, how do I use them?

Define resources


Seems simple. Show me what you got.

Another example


Can I retrieve information about resources?

Define outputs


Teamwork support?

Define a remote backend

● Synchronization with teammates● Caution: does not lock infrastructure



Retrieve API keys



Apache CloudStack API keys



Swift credentials



Export to environment variables

$ source credentials.ignore

Setup remote backend$ terraform remote config -backend=swift \

-backend-config=”path=dev”



$ terraform plan

...



$ terraform graph | dot -Tpng > graph.png



$ terraform apply



After a couple minutes


Now what?

Reuse for “quality_assurance” environment● Make another directory: “qa”● Copy config files from previous deployment● Set remote backend to different container

○ $ terraform remote config -backend=swift -backend-config=”path=qa”

● Modify terraform.tfvars:


Wow, that’s cool.

Infrastructure deployments are all the same● Instances● VPCs● Networks● Storage● Public IP addresses

Terraform enables templating of deployments● Change credentials● Change variable default values● Deploy


Can I configure my applications through Terraform?

Terraform is not a configuration management tool● Define● Deploy● Share● Reuse

However● Can kickstart resources through provisioners (chef,

remote_exec, etc.) or user_data


What next?

Looking forward● Integrate with configuration management tools (provisioners)

● Deploy multi-cloud configuration

● Code for this demo available:

○ https://github.com/cloud-ca/confoo-terraform

● Slides will be available @cloud_dot_ca (Twitter)

https://github.com/cloud-ca/confoo-terraform

https://github.com/cloud-ca/confoo-terraform


Thank youQuestions?Patrick Dubé[email protected]

terraform and cloud.ca

Technology