terraform
play

Terraform Colonise the cloud! Stefan Magnus Landr, BEKK Consulting - PowerPoint PPT Presentation

Oct 23, 2022 •885 likes •1.07k views

Terraform Colonise the cloud! Stefan Magnus Landr, BEKK Consulting AS ApacheCon North America 2017 - 17. May 2017 1 Terraform Commandline tool (go) (OS X, Windows, Linux, ) Developed by Hashicorp (Vagrant, Packer, Consul, Nomad)

  1. Terraform Colonise the cloud! Stefan Magnus Landrø, BEKK Consulting AS ApacheCon North America 2017 - 17. May 2017 1

  2. Terraform • Commandline tool (go) (OS X, Windows, Linux, …) • Developed by Hashicorp (Vagrant, Packer, Consul, Nomad) • Lets you describe and provision cloud infrastructure using HCL formatted text files • Servers, networks, load balancing, storage, containers • Multi-provider (AWS, Azure, GC, Cloudstack, …) ApacheCon North America 2017 - 17. May 2017 2

  3. Demo • CloudStack @ Exoscale (Switzerland) • Web servers (CentOS/Linux) • Bastion host for management/provisioning • SSH public/private key • Run Apache httpd web server • Domain name (DNS) (AWS) ApacheCon North America 2017 - 17. May 2017 3

  4. Provider (1) • A provider is used to connect to a cloud provider • AWS, Azure, GC, Digital Ocean, Cloudstack, Openstack, Heroku, CloudFoundry, Mailgun, easyDNS, CloudFlare… • Providers know the APIs and expose available services ApacheCon North America 2017 - 17. May 2017 4

  5. Resource (2) • A resource defines how to use a cloud resource/service • VM, IP-address, load balancer, network, firewall, object storage, DNS-record • The name of the provider is used as a resource name prefix • Resources have unique ids • Combination of resource type and name ApacheCon North America 2017 - 17. May 2017 5

  6. Dependencies (3) • A resource can depend on another resource • Can determine the order of creation ApacheCon North America 2017 - 17. May 2017 6

  7. terraform show • When manipulating resources , Terraform saves the current state i a .tfstate file (or S3, Consul) • Knows a resource's current state in the cloud terraform show ApacheCon North America 2017 - 17. May 2017 7

  8. Syntax (4) • Variables • Interpolation • Functions (math, base64, join, lower, ...) • Count ApacheCon North America 2017 - 17. May 2017 8

  9. provisioner (5) • A provisioner lets you provision against the resource right after creation • chef • remote-exec (script run on the server) • local-exec (script run locally) ApacheCon North America 2017 - 17. May 2017 9

  10. terraform taint • When resources have to be recreated from scratch, they have to be tainted terraform taint <resource_type>.<resource_id> ApacheCon North America 2017 - 17. May 2017 10

  11. Security first! (6) • Connect to you web server through bastion host • Limit access to bastion host to your IP range • Use smart card to protect your private key • E.g. yubikey as OpenPGP smartcard and gpg-agent emulating ssh-agent ApacheCon North America 2017 - 17. May 2017 11

  12. ApacheCon North America 2017 - 17. May 2017 12

  13. output (7) • Outputs lets you define values that will be output when Terraform applies • Can be queried easily: terraform output [-json] ApacheCon North America 2017 - 17. May 2017 13

  14. Multi-provider (8) • Can connect resources from different cloud providers • Unique feature in Terraform! ApacheCon North America 2017 - 17. May 2017 14

  15. Multi provider, multi datacenter, multi technology (9) • DNS using weighted record set • Could have used latency / geolocation • Health checks to determine data center (or service) outage ApacheCon North America 2017 - 17. May 2017 15

  16. Bonus: Dependency graph • Dependency graphs can be generated dynamically terraform graph | dot -Tpng | open -f -a Preview ApacheCon North America 2017 - 17. May 2017 16

  17. Summary • Terraform is great for defining infrastructure as code • Perform incremental changes to your infrastructure • Can combine several cloud providers in your infrastructure github.com/landro @landro ApacheCon North America 2017 - 17. May 2017 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to

The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to

The NSX Terraform Provider The NSX Terraform provider gives the NSX administrator a way to automate NSX to provide virtualized networking and security services using both ESXi and KVM based hypervisor hosts as well as container networking and

1.68k views • 150 slides
Migrating HealthCare.gov to Terraform: Lessons Learned Christian Monaghan @monaghan_a_gram

Migrating HealthCare.gov to Terraform: Lessons Learned Christian Monaghan @monaghan_a_gram

Migrating HealthCare.gov to Terraform: Lessons Learned Christian Monaghan @monaghan_a_gram Cofounder, Nava PBC What is Terraform? A tool for building , changing , and versioning infrastructure Manage cloud providers Infrastructure as Code

958 views • 56 slides
Brookfield and TerraForm Power: New Sponsor Transaction March 7, 2017 Risk Factors &amp;

Brookfield and TerraForm Power: New Sponsor Transaction March 7, 2017 Risk Factors &amp;

Brookfield and TerraForm Power: New Sponsor Transaction March 7, 2017 Risk Factors &amp; Additional Information This presentation provides certain information relating to a new sponsor transaction between TerraForm Power, Inc. (TerraForm

160 views • 14 slides
Terraform Earth Secure Infrastructure for Developers Chase Evans Timeline 1. Where we were

Terraform Earth Secure Infrastructure for Developers Chase Evans Timeline 1. Where we were

Terraform Earth Secure Infrastructure for Developers Chase Evans Timeline 1. Where we were before May 2. Where we are today 3. Where we are going Timeline 1. Where we were before May GeoEngineer Builds Terraform state files by

754 views • 57 slides
AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology

AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology

AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology Services Yoon Lee, Technology Services Topics AWS Authentication AWS Authorization About Roles &amp; Policies Best practices Terraform

1.92k views • 33 slides
Vault Provider The Vault provider allows Terraform to read from, write to, and congure

Vault Provider The Vault provider allows Terraform to read from, write to, and congure

Vault Provider The Vault provider allows Terraform to read from, write to, and congure Hashicorp Vault (https://vaultproject.io/). Important Interacting with Vault from Terraform causes any secrets that you read and write to be persisted in both

1.82k views • 159 slides
Deployment automation for an AWS Serverless project: SAM vs CloudFormation vs Terraform vs

Deployment automation for an AWS Serverless project: SAM vs CloudFormation vs Terraform vs

Deployment automation for an AWS Serverless project: SAM vs CloudFormation vs Terraform vs ServerlessFramework Bruno Amaro Almeida | 9 Sept 2019 @bruno_amaro Community Day 2019 Sponsors FUTURE. CO-CREATED. Nordic Roots, Global Mindset

238 views • 23 slides
Modern Provisioning and CI/CD with Terraform, Terratest &amp; Jenkins Duncan Hutty Overview 1.

Modern Provisioning and CI/CD with Terraform, Terratest &amp; Jenkins Duncan Hutty Overview 1.

Modern Provisioning and CI/CD with Terraform, Terratest &amp; Jenkins Duncan Hutty Overview 1. Introduction: Context, Philosophy 2. Provisioning Exercises 1. MVP 2. Testing 3. CI/CD 4. Refactoring 3. Coping with complexity &amp; scale

946 views • 49 slides
How to Automated testing for: terraform test docker packer infrastructure

How to Automated testing for: terraform test docker packer infrastructure

How to Automated testing for: terraform test docker packer infrastructure kubernetes and more code Passed: 5. Failed: 0. Skipped: 0. Test run successful. The DevOps world is full of Fear Fear of outages Fear of security

2.33k views • 200 slides
IAC WITH TERRAFORM Based in Toronto, Canada Goal: Build software that dramatically reduces

IAC WITH TERRAFORM Based in Toronto, Canada Goal: Build software that dramatically reduces

ARTURO PIE @arturo_pie IAC WITH TERRAFORM Based in Toronto, Canada Goal: Build software that dramatically reduces waste in the global supply chain We serve Kelloggs, P&amp;G, DHL, LOreal and others Software Craftsmanship

621 views • 38 slides
StatusCake Provider The StatusCake provider allows Terraform to create and congure tests in

StatusCake Provider The StatusCake provider allows Terraform to create and congure tests in

StatusCake Provider The StatusCake provider allows Terraform to create and congure tests in StatusCake (https://www.statuscake.com/). StatusCake is a tool that helps to monitor the uptime of your service via a network of monitoring centers

466 views • 3 slides
UltraDNS Provider This provider is unmaintained , read more details in the README

UltraDNS Provider This provider is unmaintained , read more details in the README

UltraDNS Provider This provider is unmaintained , read more details in the README (https://github.com/terraform-providers/terraform- provider-ultradns/blob/master/README.md). The UltraDNS provider is used to interact with the resources supported

429 views • 12 slides
Orchestra)ng Containers with Consul and Terraform Mitchell Hashimoto @mitchellh

Orchestra)ng Containers with Consul and Terraform Mitchell Hashimoto @mitchellh

Orchestra)ng Containers with Consul and Terraform Mitchell Hashimoto @mitchellh ORCHESTRATION? Why is it needed? What is it? ORCHESTRATION Do some set of ac)ons, to a set of things, in a

1.47k views • 70 slides
Creating an iRODS zone with terraform Brett Hartley iRODS at Sanger - 2019 6 production zones,

Creating an iRODS zone with terraform Brett Hartley iRODS at Sanger - 2019 6 production zones,

Creating an iRODS zone with terraform Brett Hartley iRODS at Sanger - 2019 6 production zones, 6 dev zones 23PB Where we were: Mostly 4.1.12, with one 3.3.1 Graph/Media Area Mostly Ubuntu 12.04 Some 18.04 and RedHat 7.4 Where we wanted

303 views • 13 slides
Scalable WordPress in AWS Elastic Beanstalk Stephen J. Butler, Technology Services

Scalable WordPress in AWS Elastic Beanstalk Stephen J. Butler, Technology Services

Scalable WordPress in AWS Elastic Beanstalk Stephen J. Butler, Technology Services sbutler1@Illinois Tools Terraform https://www.terraform.io/ UIUC AWS https://aws.illinois.edu/ aws-support@illinois.edu Labs

657 views • 53 slides
VMware vSphere Provider The VMware vSphere provider gives Terraform the ability to work with

VMware vSphere Provider The VMware vSphere provider gives Terraform the ability to work with

VMware vSphere Provider The VMware vSphere provider gives Terraform the ability to work with VMware vSphere Products, notably vCenter Server (https://www.vmware.com/products/vcenter-server.html) and ESXi

1.74k views • 156 slides
Building a secure Kennedy bastion, or, 50 @anna_ken_ ways to kill your server Telenor Digital

Building a secure Kennedy bastion, or, 50 @anna_ken_ ways to kill your server Telenor Digital

Anna Building a secure Kennedy bastion, or, 50 @anna_ken_ ways to kill your server Telenor Digital What is a bastion (jumpbox) ? Outside world bastion server server server What do we mean by secure? How do we make a custom AMI?

231 views • 20 slides
BASTION: A Security Enforcement Network Stack for Container Networks Jaehyun Nam 1 , Seungsoo Lee

BASTION: A Security Enforcement Network Stack for Container Networks Jaehyun Nam 1 , Seungsoo Lee

BASTION: A Security Enforcement Network Stack for Container Networks Jaehyun Nam 1 , Seungsoo Lee 1 , Hyunmin Seo 1 , Phillip Porras 2 , Vinod Yegneswaran 2 , and Seungwon Shin 1 KAIST 1 and SRI International 2 The state of Container Security

800 views • 24 slides
Fundamentals of Fluid Dynamics: Ideal Flow Theory &amp; Basic Aerodynamics Introductory Course on

Fundamentals of Fluid Dynamics: Ideal Flow Theory &amp; Basic Aerodynamics Introductory Course on

Introduction Ideal flow theory Vorticity of flow Basic aerodynamics Fundamentals of Fluid Dynamics: Ideal Flow Theory &amp; Basic Aerodynamics Introductory Course on Multiphysics Modelling T OMASZ G. Z IELI NSKI (after: D.J. A CHESON s

918 views • 87 slides
Video in the Interface Video: the BEST * modality As passive or active as needed Simple

Video in the Interface Video: the BEST * modality As passive or active as needed Simple

Video in the Interface Video: the BEST * modality As passive or active as needed Simple directional localization Line-of-sight supports see/be seen paradigm (within visible spectrum) Rich sensor * According to a vision

599 views • 37 slides
Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr

Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr

Formal Abstractions for Attested Execution Secure Processors Eurocrypt May 1 st , 2017 Rafael Pass, Elaine Shi, Florian Tramr Trusted hardware: Different communities, different world views 2 Trusted hardware: Different communities,

929 views • 72 slides
CS 378: Autonomous Intelligent Robotics (FRI) Dr. Todd Hester Are there any questions? Talks

CS 378: Autonomous Intelligent Robotics (FRI) Dr. Todd Hester Are there any questions? Talks

CS 378: Autonomous Intelligent Robotics (FRI) Dr. Todd Hester Are there any questions? Talks Keith Sullivan Hierarchical Multiagent Learning from Demonstration Junaed Sattar A Multimodal Approach Towards Robust Human- machine

480 views • 24 slides
Introduction to Trusted Computing Pieter Maene , Johannes G otzfried, Ruan de Clercq, Tilo M

Introduction to Trusted Computing Pieter Maene , Johannes G otzfried, Ruan de Clercq, Tilo M

Introduction to Trusted Computing Pieter Maene , Johannes G otzfried, Ruan de Clercq, Tilo M uller, Felix Freiling, and Ingrid Verbauwhede 1 KU Leuven/COSIC, Belgium 2 FAU Erlangen-N urnberg, Germany January 31, 2017 Trusted Computing 2

723 views • 35 slides
New York University High Performance Computing High Performance Computing Information

New York University High Performance Computing High Performance Computing Information

New York University High Performance Computing High Performance Computing Information Techonology Services New York University hpc@nyu.edu September 20, 2011 (High Performance Computing Information Techonology Services New York University

226 views • 22 slides

More recommend