Anybody who has adopted me on Social (or watched my Snack Minute appearances) is aware of that I’ve spent a variety of time speaking about Infrastructure as Code, particularly in relation to HashiCorp and Terraform. The flexibility to outline infrastructure by its supposed end-state – whatever the order during which the assets used to create that state are outlined, and achieve this throughout private and non-private zones – is one thing wonderful to behold. That is very true as a result of these tasks may be contained inside a single folder, with only a few exterior dependencies. (Just one, actually – to have the Terraform binary put in on the system initiating the workflow.)
The problem for infrastructure builders
The contained nature and few dependencies make Terraform configuration one thing that lends itself naturally to being utilized in some type of steady integration/steady deployment (CI/CD) pipeline. Thus, using the identical instruments that software program builders do every day to drive infrastructure automation on the drop of a git push. The problem for infrastructure builders is that customary CI/CD processes must be tailored and examined in depth. The processes must cope with networks and materials requiring well-defined inventories and understanding of the present operating surroundings. State just isn’t one thing that’s typically thought-about when compiling and constructing functions as a result of the total supply of fact exists throughout the venture or repository. This isn’t to trivialize the method of utility CI/CD, however merely to focus on that generally the instruments out there aren’t at all times simple to construct or devour.
Utilizing the usual pull request (PR) workflow to drive automation
There may be a neater reply, nonetheless, and it leverages the usual pull request (PR) workflow that any infrastructure developer is accustomed to to drive automation (and archive the adjustments being made) inside any customary SCM out there (together with on-prem and SaaS variations). By utilizing a bit of software program known as Atlantis, some webhooks, and Terraform HCL, we will carry out Terraform actions (plan, apply) simply by initiating a pull request from the characteristic department into most important with out having to arrange complicated CI/CD steps to outline every stage and motion to be carried out! In a matter of minutes you may setup and take a look at in your native workstation utilizing a GitHub account and ngrok.
When a pull request is imitated from the SCM, a webhook is fired to the Atlantis server, which is able to then pull down the dedicated HCL recordsdata within the characteristic department and carry out a terraform plan command. This output is then displayed throughout the PR workflow as a remark, permitting all contributors within the repo to see the adjustments that shall be comprised of the configuration. No extra native testing or configuration drift.
When all the things appears to be like good, you may apply the adjustments via a easy PR remark…
… which is able to then carry out the configuration change on the tip goal utilizing Terraform and show the outcomes (the identical as could be seen when operating Terraform domestically) throughout the PR.
Guarantee consistency of adjustments
Moreover, Atlantis ensures that a number of PRs can’t be opened concurrently throughout the similar repository, making certain that solely a single change is being processed at anybody time. This ensures consistency of adjustments and a linear archive of all operations archived throughout the PR. As soon as the PR is closed and all adjustments have been made, the lock on the repository is cleared and additional adjustments may be made.
Dwell demo of Atlantis in motion
For extra data, or a stay demo of Atlantis in motion – you’ll want to take a look at my Snack Minute episode (beneath) the place we dive deeper into the setup and operating of Atlantis. Whenever you’re able to attempt it out your self, head over to https://www.runatlantis.io the place you may discover a take a look at drive or tips on how to allow Atlantis pull-request automation inside your individual repositories or group.
See Pull Request Automation in Motion with Cisco Utility Centric Infrastructure.
In the event you’re already utilizing Atlantis (or need assistance getting began), please depart me a remark beneath or tag me on Twitter along with your requests or use instances. I like seeing individuals constructing unbelievable issues with Terraform.
We’d love to listen to what you assume. Ask a query or depart a remark beneath.
And keep linked with Cisco DevNet on social!