1 of 16

Infrastructure as Code in:��15 minutes

2 of 16

Agenda

  • Traditional infrastructure deployment
  • What is Infrastructure as Code (a.k.a IaC)
  • Benefits of IaC
  • Imperative vs Declarative
  • IaC with Terraform
  • IaC in DevOps Pipelines
  • Sample Setup
  • Q&A

3 of 16

Traditional infrastructure deployment

  • Graphical user interface
  • Scripts (platform specific)

Limitations

  • Manual and time-consuming process
  • Error-prone
  • Inconsistency
  • Configuration drift
  • Difficulty to keep multiple environments in lockstep
  • Scalability
  • Difficult to document

4 of 16

What is Infrastructure as Code?

  • Managing and provisioning of infrastructure through code:

  • Allows for automation of the creation and modification of infrastructure
  • Can be imperative or declarative (more on this later)

5 of 16

Benefits of IaC

  • Automation in one and across multi-cloud
  • Speed and efficiency
  • Repeatable and consistent (Dev, SIT, UAT, Prod)
  • Source control and versioning
  • Team collaboration (CI)
  • CI/CD Pipelines
  • Simplify, standardize, and scale at ease
  • Static Application Security Testing (SAST)

6 of 16

Imperative vs Declarative

  • Forward 1 mile
  • Turn right
  • Forward 2 miles
  • Turn left
  • Forward 3 miles
  • Arrive at pizza restaurant
  • Go to the pizza restaurant

What to do.

What is wanted.

7 of 16

Imperative vs Declarative

  • Starting point matters
  • Difficult to audit
  • Difficult to detect drift
  • No version control
  • Not repeatable
  • Requires complex logic
  • Changes to destination requires significant modifications
  • Starting point does not matter
  • Engine determines how to get to destination
  • Idempotent property
  • Repeatable in a pipeline
  • Easy to validate and detect drift
  • Can be version controlled
  • Changes to destination automatically handled

What to do.

What is wanted.

8 of 16

IaC with Terraform

  • Declarative language
  • Cloud agnostic / Multi-cloud support
  • Large list of providers available
  • Source control with Git or Terraform Cloud
  • RBAC workspaces
  • Policy as code (approve and reject automation)

9 of 16

IaC with DevOps Pipelines

  • Leverage DevOps methodology with CI/CD pipelines to deploy infrastructure
  • Seamless integration of software development and IT operations teams
  • Integrate as a component of a pipeline for software development
  • Full automation through build, test, and deploy stages
  • Support for multiple release strategies such as blue/green, canary or rolling releases

10 of 16

Sample Setup

Prerequisites

  • Jenkins installed
  • Install Jenkins Terraform Plugin
  • GitHub Repo with Terraform deployment code
  • Service Principal (IAM) for Jenkins

Configure Jenkins

  • Create Jenkins pipeline
  • Parameterize the Jenkins pipeline
  • Add the pipeline code
  • Build pipeline

11 of 16

Prerequisites

  • Jenkins installed
  • Install Jenkins Terraform Plugin
  • GitHub Repo with Terraform deployment code
  • Service Principal (IAM) for Jenkins

12 of 16

Create Jenkins pipeline

  • Configure stage to obtain Terraform deployment code
  • Configure stage to initialize Terraform
  • Configure stage to apply Terraform

13 of 16

Parameterize the Jenkins pipeline

  • Create a choice parameter named “action”
  • Configure the choices for “apply” and “destroy”
  • Configure a description for the action:

“Choose the action you would like to perform – Terraform Apply or Destroy?”

14 of 16

Add the pipeline code

  • Add the pipeline code to Jenkins pipeline

pipeline {

    agent any

�    stages {

        stage('Checkout') {

            steps {

            checkout([$class: 'GitSCM', branches: [[name: '*/main']], extensions: [], userRemoteConfigs: [[url: 'https://github.com/terenceluk/tf-iac-az-repo']]])            

          }

        }    

        stage ("terraform init") {

            steps {

                sh ('terraform init')

            }

        }

        stage ("terraform plan") {

            steps {

                sh ('terraform plan')

            }

        }

        stage ("terraform Action") {

            steps {

                echo "Terraform action is --> ${action}"

                sh ('terraform ${action} --auto-approve')

           }

        }

    }

}

15 of 16

Build Pipeline

  • Navigate to Build with Parameters and initiate build of infrastructure

16 of 16

Questions and Comments?

Thank you for your time!