Download as PDF, PPTX
![- [x] Terraform modules
- [ ] How to structure Terraform configurations?
- [ ] Terraform workspaces
- [ ] Terraform 0.12
@antonbabenko](https://image.slidesharecdn.com/terraform-best-practices-talk-october-2019-191010085712/75/Terraform-Best-Practices-DevOps-Unicorns-2019-58-2048.jpg)
![- [x] Terraform modules - Yes, must-have!
- [x] How to structure Terraform configurations?
- [x] One-in-one + terragrunt
- [x] Terraform workspaces - No, please!
- [x] More directories are easier to work with
- [ ] Terraform 0.12 - How it should help us?
@antonbabenko
Summary](https://image.slidesharecdn.com/terraform-best-practices-talk-october-2019-191010085712/75/Terraform-Best-Practices-DevOps-Unicorns-2019-71-2048.jpg)
![- [x] Terraform 0.12 - Awesome!
- [x] 90% of benefits for Terraform developers
- [x] 10% of benefits for Terraform users
@antonbabenko
Summary](https://image.slidesharecdn.com/terraform-best-practices-talk-october-2019-191010085712/75/Terraform-Best-Practices-DevOps-Unicorns-2019-79-2048.jpg)
![- [x] Terraform modules
- [ ] How to structure Terraform configurations?
- [ ] Terraform workspaces
- [ ] Terraform 0.12
@antonbabenko](https://crownmelresort.com/image.slidesharecdn.com/terraform-best-practices-talk-october-2019-191010085712/75/Terraform-Best-Practices-DevOps-Unicorns-2019-58-2048.jpg)
![- [x] Terraform modules - Yes, must-have!
- [x] How to structure Terraform configurations?
- [x] One-in-one + terragrunt
- [x] Terraform workspaces - No, please!
- [x] More directories are easier to work with
- [ ] Terraform 0.12 - How it should help us?
@antonbabenko
Summary](https://crownmelresort.com/image.slidesharecdn.com/terraform-best-practices-talk-october-2019-191010085712/75/Terraform-Best-Practices-DevOps-Unicorns-2019-71-2048.jpg)
![- [x] Terraform 0.12 - Awesome!
- [x] 90% of benefits for Terraform developers
- [x] 10% of benefits for Terraform users
@antonbabenko
Summary](https://crownmelresort.com/image.slidesharecdn.com/terraform-best-practices-talk-october-2019-191010085712/75/Terraform-Best-Practices-DevOps-Unicorns-2019-79-2048.jpg)
Uploaded byAnton Babenko
Terraform Best Practices - DevOps Unicorns 2019
Terraform best practices include using modules to break infrastructure into reusable components, structuring configurations in a one-in-one approach with directories for each module, and avoiding workspaces in favor of additional modules. Terraform 0.12 benefits developers most through features like loops and conditionals that enable more flexible modules, while users appreciate minor syntax improvements. The presentation emphasizes reusability, separation of concerns, and standardization through open-source modules.
More Related Content
Similar to Terraform Best Practices - DevOps Unicorns 2019
![Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]](https://cdn.slidesharecdn.com/ss_thumbnails/agenticcommunityseries-day3-cfd-251120170304-ddef8112-thumbnail.jpg?width=640&height=640&fit=bounds)
Terraform Best Practices - DevOps Unicorns 2019
- 1. Terraform Best Practices AntonBabenko @antonbabenko October 2019
- 2. Anton Babenko AWS CommunityHero / Certified Terraform fanatic since 2015 Organiser of HashiCorp UG, AWS UG, DevOps Norway, DevOpsDays Oslo I 💚 open-source: terraform-community-modules + terraform-aws-modules antonbabenko/pre-commit-terraform — clean code and documentation antonbabenko/tfvars-annotations — update terraform.tfvars using annotations antonbabenko/modules.tf-lambda — generate Terraform code from visual diagrams antonbabenko/terragrunt-reference-architecture — Terragrunt reference architecture www.terraform-best-practices.com medium.com/@anton.babenko @antonbabenko — Twitter, GitHub, Linkedin
- 3. What do Ido? All-things Terraform + AWS + DevOps Consulting Workshops Trainings Mentorship My interview: https://medium.com/@anton.babenko/my-terraform-aws-journey-hashitimes-interview-73d1b542fcc0 My email: anton@antonbabenko.com LinkedIn: https://www.linkedin.com/in/antonbabenko
- 4. Collection of open-sourceTerraform AWS modules supported by the community. More than 5 mil. downloads since September 2017. (VPC, Autoscaling, RDS, Security Groups, ELB, ALB, Redshift, SNS, SQS, IAM, EKS, ECS…) github.com/terraform-aws-modules registry.terraform.io/modules/terraform-aws-modules @antonbabenko
- 5. Cloudcraft.co — thebest way to draw AWS diagrams @antonbabenko
- 6. cloudcraft.co features • Managecomponents in browser (EC2 instances, autoscaling groups, RDS, etc) • Connect components • Import live AWS infrastructure • Calculate the budget • Share link to a blueprint • Export as image • Embed drawing to wiki, Confluence, etc @antonbabenko
- 7. Infrastructure as codemakes DevOps possible Key benefits: • Treat infrastructure like application code • Always know what changed • Validate infrastructure before deployment https://dzone.com/articles/infrastructure-as-code-the-benefits @antonbabenko
- 8. Tool for building,changing and versioning infrastructure safely and efficiently. www.terraform.io @antonbabenko
- 9.
- 10.
- 11.
- 12.
- 13. Configuration Management Tools Google Cloud DeploymentManager Azure Resource Manager @antonbabenko
- 14.
- 15. Why Terraform andnot AWS CloudFormation, Azure ARM, Google Cloud Deployment Manager? @antonbabenko Terraform supports 250+ providers, has easier syntax (HCL), has native support for modules and remote states, has teamwork related features, is an open-source project Provides a high-level abstraction of infrastructure, unifies the view of resources Supports the modern datacenter (IaaS, PaaS, SaaS) Separates planning from execution (dry-run) Provides a workflow which is technology agnostic Manages anything with an API
- 16. Terraform — universaltool for everything with an API Google G Suite Dropbox files and access New Relic metrics Datadog users and metrics Jira issues Minecraft, or even order Domino’s pizza All Terraform providers — https://www.terraform.io/docs/providers/index.html @antonbabenko
- 17. Terraform 0.12 HCL2 —simplified syntax Loops ("for") Dynamic blocks ("for_each") Correct conditional operators (… ? … : …) Extended types of variables Templates in values Links between resources are supported (depends_on everywhere) Read more — https://www.hashicorp.com/blog/announcing-terraform-0-1-2-beta @antonbabenko
- 18.
- 19. "Let’s manage AWSnetwork stack" @antonbabenko
- 20.
- 21.
- 22.
- 23.
- 24.
- 25.
- 26. Emerging issues Code sizeis increasing Dependencies between resources become complicated @antonbabenko
- 27.
- 28. – What isTerraform module? “Modules in Terraform are self-contained packages of Terraform configurations that are managed as a group.” @antonbabenko
- 29. Types of Terraformmodules Resource modules (github.com/terraform-aws-modules , for eg) Infrastructure modules @antonbabenko
- 30. Resource modules Create resourcesin a very flexible configuration Open-source @antonbabenko
- 31.
- 32.
- 33.
- 34.
- 35. Would you useTerraform module to manage AWS EC2 security group? @antonbabenko
- 36.
- 37. Would you useTerraform module to manage AWS EC2 security group? Yes :) @antonbabenko
- 38. Infrastructure modules Also knownas "curated modules" and "company-wide modules" Consist of resource modules Enforce tags and company standards In 0.11 — use preprocessors, jsonnet, cookiecutter In 0.12 — may implement complex logic (conditions, loops, nested blocks) @antonbabenko
- 39.
- 40.
- 41.
- 42.
- 43. Terraform modules: doand don’t @antonbabenko
- 44. Terraform Registry Check registry.terraform.iobefore writing any Terraform modules @antonbabenko
- 45. Very Frequent Problem: Terraformmodules can’t be re-used, because they are very specific @antonbabenko
- 46. Exception: logical providers(template, random, local, http, external) Providers in modules — evil @antonbabenko
- 47.
- 48. Provisioner — evil Avoidprovisioner in all resources @antonbabenko
- 49. Provisioner — evil Avoidprovisioner in all resources @antonbabenko
- 50. Provisioner — evil Avoidprovisioner even in EC2 resources @antonbabenko
- 51. Provisioner — evil Avoidprovisioner even in EC2 resources @antonbabenko
- 52.
- 53.
- 54. null_resource provisioner —good @antonbabenko
- 55. Traits of goodTerraform modules Documentation and examples Feature rich Sane defaults Clean code Tests Read more: http://bit.ly/common-traits-in-terraform-modules @antonbabenko
- 56. Are Terraform modulesenough? @antonbabenko
- 57. No, Terraform moduleis the beginning. @antonbabenko
- 58.
- 59. How to structureTerraform configurations? How to call them? @antonbabenko
- 60. Call Terraform modules UseTerraform modules, because amount of resources and code is increasing How to organize Terraform configurations and invoke them? How to orchestrate modules? @antonbabenko
- 61. All-in-one Good: Declare variables andoutputs in fewer places Bad: Large blast radius Everything is blocked at once Impossible to specify dependencies between modules (depends_on) @antonbabenko
- 62. 1-in-1 Good: Smaller blast radius Possibleto join invocation Easier and faster to work with Bad: Declare variables and outputs in more places @antonbabenko
- 63. Which way doyou group your code? All-in-one or 1-in-1? @antonbabenko
- 64.
- 65. Correct MFA (Most FrequentAnswer): Somewhere in between @antonbabenko
- 66. All-in-one Undefined project scope Fastprototyping and initial development phase Small number of resources & developers Tightly connected resources 1-in-1 Defined project scope Different types of developers can be involved Code reuse is encouraged (across organization and environments) Use Terragrunt @antonbabenko
- 67. What about Terraformworkspaces? @antonbabenko
- 68. – What isa Terraform workspace? “Workspaces allow the use of multiple states with a single configuration directory.” @antonbabenko
- 69. Problems with Terraformworkspaces Terraform Workspaces aren’t infrastructure-as-code friendly. You can’t answer straight from the code: "How many workspaces do you have?" "What infrastructure has been deployed in workspaceX?" "What is the difference between workspaceX and workspaceY?" Introducing complexity almost in all cases. @antonbabenko
- 70. Solution — usere-usable modules instead of workspaces @antonbabenko
- 71.
- 72. Terraform 0.12 What doesit mean for us? @antonbabenko
- 73. Who are you? Terraformusers vs developers @antonbabenko
- 74. Types of Terraformusers Terraform developers Terraform users (everyone else) @antonbabenko
- 75. Terraform developers Write andsupport Terraform modules Implement company’s standards (security, encryption, integrations) Maintain reference architectures @antonbabenko
- 76. Terraform users (everyone) UseTerraform modules by specifying correct values Domain experts May not have "Terraform" in LinkedIn profile @antonbabenko
- 77. Terraform 0.12 fordevelopers DevOps&Terraform developers Allow to implement flexible/dynamic/reusable Terraform modules @antonbabenko
- 78. Terraform 0.12 forusers Terraform users Like HCL2 lightweight syntax more @antonbabenko
- 79.
- 80.