Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. The presenter discusses the good, bad, and ugly aspects of using Terraform with Azure. The good includes its simple configuration language and ability to integrate with Azure and automate deployments. The bad includes limitations in its language and some errors being difficult to debug. The ugly involves challenges around managing state files and keeping infrastructure definitions well organized. Overall, Terraform provides benefits but also requires understanding its quirks and handling state carefully.
Report
Share
Report
Share
1 of 37
More Related Content
Terraform for azure: the good, the bad and the ugly -
1. Terraform for Azure:
the good, the bad and the ugly
Giulio Vian – DevOps Lead – Glass, Lewis & Co.
10. How it works
Command line tool
terraform init
terraform plan -out temp.dat
terraform apply temp.dat
Providers
Executables
azurerm, azuread, azurestack
State (metadata)
17. Automate
Permit HTTPS to Internet*
Credential (e.g. Service Principal)
Get executable on the agent*
Run apply
There are ready-to use tasks
*optional
26. State management
Myth: State is map of reality
Setup in shared, locked place
Azure Storage or AWS S3
Some changes not sensed
Learn to use
terraform state
27. Stay organized
/ repo root
modules terraform modules
utility general purpose
shared common to multiple applications or environments
application_name internal or public application
non-production can be rebuilt any moment
shared common to multiple environments
e.g. deploy agents, jumpbox
qa Integration test
uat User acceptance test
perf Load testing
production everything here is critical
... details on next slide
28. Stay organized (cont’d)
/ repo root
production everything here is critical
legacy hand made infrastructure e.g. TFS
shared common to main and DR
e.g. networking
live PRODUCTION ENVIRONMENTS
network “everlasting” resources
data-tier long-lived resources
app-tier short-lived resources
app_name resources for an app
dr Disaster recovery site
... As above
29. Folders and state
Each leaf has a state file
Source can refer to existing state files
production
shared production/shared/terraform.tfstate
live
network production/live/network/terraform.tfstate
app-tier production/live/app-tier/terraform.tfstate
30. Three steps to import
Define as regular resources
Add safety clause
lifecycle {
prevent_destroy = true
}
Include in state
terraform import