Infrastructure environment progression with Terraform - Luke Carter-Key & Simon Grzebieta

Показать описание

Most teams have at least one other environment where changes are tested before applying them in production where they can have either good or bad customer impact.

In various organisations we have tried several approaches to how infrastructure changes make their way to production.

We would like to share what we've learnt about the pros and cons of each approach and provide some tips on how to choose the right set of tradeoffs in different situations.

Some of these approaches are:
- Just do it in prod
- Every environment is a snowflake
- Using Terraform targeted apply to pick what to put in each environment (don't do this)
- Branches for each environment
- Directories for each environment
- Using local and remote modules to share code across environments
- Taking the same config and applying it with different tfvars to each environment

Some of these are universally a bad idea but most have situations where they are a reasonable choice.

----

Рекомендации по теме

Комментарии

10:47 - I wish there was a bit more info about this setup. How granular are we talking about for folder scope? Would there also be folders for persistence / databases, folders for IAM & security groups, each with their own state per environment? How do you handle multiple statefiles in CI/CD for this type of structure? Do you create a wrapper script that runs terraform in each directory in a particular sequence?

pnhbs

Learned a lot about terraform practices in production from this video! Thanks!

weichaoluo

I took all my envs folders 10:47 out into a single large configs folder where each env file is prefixed with clusters or networks. This was done to minimize where someone must look to make a change. Often a single change needs a tweak to both clusters and networks. By putting all the config in one place it lowers the number of things the maintenance worker must know to apply the change. The ops people feel more positive that they always know where to look first.

ntippy

Infrastructure environment progression with Terraform - Luke Carter-Key & Simon Grzebieta

Infrastructure environment progression with Terraform

Infrastructure environment progression with Terraform - Luke Carter-Key & Simon Grzebieta

Complete Terraform Course - From BEGINNER to PRO! (Learn Infrastructure as Code)

Terraform Tutorial for Beginners : Terraform in a production environment

Infrastructure Pipelines with Terraform Cloud

HashiCorp Terraform and the four phases of the journey to collaborating on infrastructure as code

Evolving Your Infrastructure with Terraform

Terraform Workspaces Are Bad Actually, And Here's Why.

How I structure my Terraform Infrastructure Code

JD Edwards Infrastructure Terraform Automation on Oracle Cloud

How to structure terraform environments (two methods)

Infrastructure as Code - An Introduction to Terraform | John Martin | Hybrid Group

Maintaining Terraform State Files

Going from 0-300 with Terraform Landing Zones

Infrastructure as Code - An Introduction to Terraform

Identifying Misconfigurations in your Terraform

Terraform Best Practices with Examples and Arguments by Anton Babenko at DevOps Unicorns

Launching new Terraform providers for Dell Infrastructure Solutions

Lessons learned working in Terraform with 1000+ engineers

Infrastructure-as-Code using Terraform -- Beginner Edition

#9 Terraform in Azure for Beginners - Custom Script Extensions

AutomaCon 2016: Infrastructure as Code with Terraform (Seth Vargo, Hashicorp)

Terraform Training in One Hour | COIT.io

Infrastructure-as-Code (IaC) using Terraform -- Beginner Edition