HomeCloud ComputingPlacing Your IaC in a Pipeline With out the Plumbing

Placing Your IaC in a Pipeline With out the Plumbing

Anybody who has adopted me on Social (or watched my Snack Minute appearances) is aware of that I’ve spent numerous time speaking about Infrastructure as Code, particularly with regards to HashiCorp and Terraform. The flexibility to outline infrastructure by its supposed end-state – whatever the order through which the sources used to create that state are outlined, and achieve this throughout private and non-private zones – is one thing superb to behold. That is very true as a result of these initiatives might be contained inside a single folder, with only a few exterior dependencies. (Just one, actually – to have the Terraform binary put in on the system initiating the workflow.)

The problem for infrastructure builders

The contained nature and few dependencies make Terraform configuration one thing that lends itself naturally to being utilized in some kind of steady integration/steady deployment (CI/CD) pipeline. Thus, using the identical instruments that software program builders do every day to drive infrastructure automation on the drop of a git push. The problem for infrastructure builders is that commonplace CI/CD processes must be tailored and examined in depth. The processes have to cope with networks and materials requiring well-defined inventories and understanding of the present working setting. State shouldn’t be one thing that’s typically thought of when compiling and constructing functions as a result of the complete supply of reality exists throughout the venture or repository. This isn’t to trivialize the method of utility CI/CD, however merely to spotlight that typically the instruments accessible aren’t all the time straightforward to construct or devour.

Utilizing the usual pull request (PR) workflow to drive automation

There’s a better reply, nonetheless, and it leverages the usual pull request (PR) workflow that any infrastructure developer is accustomed to to drive automation (and archive the modifications being made) inside any commonplace SCM accessible (together with on-prem and SaaS variations). Through the use of a chunk of software program referred to as Atlantis, some webhooks, and Terraform HCL, we will carry out Terraform actions (plan, apply) simply by initiating a pull request from the function department into important with out having to arrange advanced CI/CD steps to outline every stage and motion to be carried out! In a matter of minutes you may setup and take a look at in your native workstation utilizing a GitHub account and ngrok.

When a pull request is imitated from the SCM, a webhook is fired to the Atlantis server, which is able to then pull down the dedicated HCL information within the function department and carry out a terraform plan command. This output is then displayed throughout the PR workflow as a remark, permitting all contributors within the repo to see the modifications that shall be produced from the configuration. No extra native testing or configuration drift.

Quinn pull requests

When every little thing seems good, you may apply the modifications by means of a easy PR remark…

Quinn pull requests

… which is able to then carry out the configuration change on the tip goal utilizing Terraform and show the outcomes (the identical as could be seen when working Terraform regionally) throughout the PR.

Quinn pull requests

Guarantee consistency of modifications

Moreover, Atlantis ensures that a number of PRs can’t be opened concurrently throughout the identical repository, guaranteeing that solely a single change is being processed at anybody time. This ensures consistency of modifications and a linear archive of all operations archived throughout the PR. As soon as the PR is closed and all modifications have been made, the lock on the repository is cleared and additional modifications might be made.

Reside demo of Atlantis in motion

For extra info, or a stay demo of Atlantis in motion – you’ll want to try my Snack Minute episode (under) the place we dive deeper into the setup and working of Atlantis. If you’re able to attempt it out your self, head over to https://www.runatlantis.io the place you may discover a take a look at drive or the way to allow Atlantis pull-request automation inside your personal repositories or group.

See Pull Request Automation in Motion with Cisco Software Centric Infrastructure.

If you happen to’re already utilizing Atlantis (or need assistance getting began), please go away me a remark under or tag me on Twitter together with your requests or use instances. I like seeing individuals constructing unbelievable issues with Terraform.


We’d love to listen to what you suppose. Ask a query or go away a remark under.
And keep linked with Cisco DevNet on social!

LinkedIn | Twitter @CiscoDevNet | Fb Developer Video Channel





Please enter your comment!
Please enter your name here

Most Popular

Recent Comments