Under Armour Connected Fitness

Empower UA engineers to frictionlessly deliver excellent software experiences directly to our consumers.

• Make the powerful simple.
• Make teammates more effective.
• Things will break; never let them break the same way twice.
• Iteratively create the platform in the open.
• Data is sacred - PTH.

Principles & Problems

The Problem...

Empower any engineering team to create and manage their own infrastructure needs

Principles & Problems

Self-service infrastructure as code

Principles & Problems

• AWS API
• Salt Stack + Boto3
• AWS CloudFormation
• Packer (baked AMI's)
• Terraform

Solutions?

Principles & Problems

Terraform has sticking points

(For anyone not skilled in terraform operation)

• Configuration & state file management
• Common architecture patterns
• Modules and revision tracking
• Sharing WIP changes
• No enforcement of standardized usage

Estate

• File management and grouping
• Templating system
• Terraform as a service
  • UI + REST API
  • Containerized
• Deep Linkable UI
• Run arbitrary commands

High Level Features

Estate

UI & API - Terraform as a Service

• Easily view data
  • Configuration & State files
  • Plan & Apply output
• Deep Linking
  • Shareable url's for all data
• REST API
  • Script import of existing terraform data
• Usage of Terraform standardized
  • No fat fingering commands
  • Automatic plan output usage
  • Enforce Terraform version used

Estate

Configuration & State File Management

• Namespaces: Organize files by a grouping
• ACL on Namespaces
  • Grab lock for editing
• Automatic state file management
• Data stored in a DB
• Bring you own relational datastore
  • MySQL / Postgres / AWS RDS

Estate

Templating System

• Common architecture patterns
  • codified, labeled and logic-enabled
• Logic engine:  Jinja2
• Template body - HCL / YAML / JSON
• HTML Form engine:  JSON Schema
• WYSIWYG Editor
  • test template rendering before you even save!
• Automatic semantic versioning on save
• Diff view on updating a namespace's template
• Data also stored in the DB

Estate

Power User / Admin Features

• Run arbitrary commands from UI
• Extend templates on the fly
• Use any file extension not just .tf
• Customizable command arguments
• Custom react components in template forms
• It's just a Django app
  • customizable, extendable, adaptable

Bootstrapping

• Javascript React + Redux frontend
• Gunicorn + Django Rest Framework backend
• Bring you own relational datastore
  • MySQL / Postgres / AWS RDS
• Cache layer for transient output
  • Memcached / Redis / Elasticache
• Docker socket
  • worker containers running Terraform

Internal Feedback

Estate has helped us make infrastructure changes without needing too much ramp up on terraform or underlying systems

Templates are a great way to simplify the infrastructure creation process and are very flexible

Estate has allowed us to speed up the time to deliver a new service by allowing anyone on the team to provision standardized architectures

Rainbows & Unicorns

• What namespace has this resource
  • elasticsearch?
• Delete is hard
  • DB Data != Cloud Resources
• Provider credentials
  • vault integration?
• Terraform backwards incompatibilities
  • ???