DevOps For Developers

Staging With Terraform

Kirk Haines

kirk.haines@joshsoftware.com

Production....

Production

Stable, customer facing environment

Development....

Development....

Development....

Development....

Development....

Staging!

There are a lot of varying definitions.

 

At the core, though, staging is a production-like environment where software can be deployed for testing and validation before it goes to production.

Staging

Controversial?

The use of staging environments has some controversy.

Staging

Benefits

  1. Isolation from production makes testing dangerous things easier.
  2. Performance testing without impacting production.
  3. Single central running system lets distributed stakeholders all view the same thing.
  4. Development environments aren't like production, and some bugs require production-like configuration to manifest.

Staging

Drawbacks

  1. It is difficult to keep staging looking like production.
  2. Wasted resources. Looking like production may not be cheap, and staging resources aren't actively servicing customers.
  3. Staging implies interactive testing and live UAT. This can be helpful, but often misses as many things as it catches.
  4. The use of staging and the "It's done, let QA make sure that it works." mindset can be actively harmful.

Staging

Automation Can Help

  1. It is difficult to keep staging looking like production.
  2. Wasted resources. Looking like production may not be cheap, and staging resources aren't actively servicing customers.
  3. Staging implies interactive testing and live UAT. This can be helpful, but often misses as many things as it catches.
  4. The use of staging and the "It's done, let QA make sure that it works." mindset can be actively harmful.

Staging

Before Talking About That....

The alternative to staging servers is extensive, comprehensive tests, leveraging CI/CD processes, real code reviews before merging, and feature flagging ALL major code changes.

Staging

The Biggest Problem With Staging

Staging environments tend to create expense from the work to maintain them, and from running systems that aren't doing anything useful most of the time.

$₹¥€$

Staging

The Other Big Problem

Staging environments tend to diverge from production, which feeds back into the issue that they can be functionally expensive.

Staging

Automation Helps...

If a staging environment can be created on demand, without needing a person to build it,

 

and...

Staging

Automation Helps...

If automation that can build it on demand can also destroy it on command, so that it doesn't carry an expense when it isn't being used,

 

then...

Staging

Automation Helps...

Staging servers become much more useful, both practically and economically.

Introducing

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

-- Hashicorp

Terraform

Infrastructure as Code

Infrastructure is defined using a rich configuration language.

 

Declarative -- define what you want, and let Terraform figure out what it needs to do to deliver that.

Terraform

Vendor agnostic.

 

AWS, GCP, Azure, DigitalOcean, Heroku, and dozens of other providers are supported.

Terraform

Change Automation

Terraform is stateful

 

Iterative changes to a configuration will result in iterative changes to the environment to match, without needing to rebuild the whole thing.

Terraform

Idempotent

Won't make unneeded changes.

Environment can be destroyed, and when rebuilt, the new environment should look just like the previous one.

Terraform

Infrastructure in Git!

Because infrastructure is defined in files, revision control can be applied to infrastructure management.

Using Terraform

Installation

Written in Go; binaries available for all major platforms.

 

https://www.terraform.io/downloads.html

Using Terraform

The Basics -- write some files

Using Terraform

Initialize

Terraform binary doesn't ship with any vendor-specific support. Initialization step downloads extra needed modules.

Using Terraform

Using Terraform

Plan     

Using Terraform

Apply

Using Terraform

Elaboration

That example is very simple. It's just a vanilla Ubuntu 20.04 instance running in us-east-2.

 

It isn't very useful.

Using Terraform

Security Groups

Default security groups mean that the server can't be accessed from the outside world.

 

No SSH.  No anything. Terraform config can handle this.

Using Terraform

Security Group

Using Terraform

SSH       

Using Terraform

System Setup & Software Deployment

Terraform can SSH on your behalf and can run commands or transfer and run scripts.

Using Terraform

Using Terraform

Let's Run It!

Using Terraform

Terraform IS

Infrastructure as Code

Using Terraform

Terraform IS NOT

Configuration Management

Using Terraform

Terraform IS NOT

Configuration Management

 

It doesn't replace a tool like Chef or Itamae

Using Terraform

It can invoke those tools

Using Terraform

When Done; Shut it Down

Using Terraform

Makes Infrastructure Repeatable

Infrastructure setup and teardown is fast.

It is precise and repeatable.

It can be version controlled.

 

It can work with configuration management for a complete solution to deploying and managing testing and staging instances.

Using Terraform

Questions?