Navigation
 
You are here: Home / News / Terraform on BastionLinux

Terraform on BastionLinux

by Alan Milligan last modified Sep 09, 2019 06:04 AM
BastionLinux/Terraform and best practice for deployment and usage
Terraform on BastionLinux

So - we all use Terraform right? Well some of us not so new to DevOps are still heavily invested in Chef and Puppet infrastructures - but asides that...

We've been shipping Terraform for some years, so installation is simple:

$ dnf install hashicorp-terraform

We also ship a bunch of the most popular providers (and can package more on demand) - check them out here. These are similarly simple to install:

$ dnf install 'terraform(provider.aws)'
$ terraform providers 
.
└── provider.aws

If yours is a completely greenfield installation, Terraform may be the only orchestration tool you need (we're still doubtful), but it's very likely that you'll have a mix of tools, and as such a complete/single Terraform desired state configuration definition/hierarchy will not be appropriate.

Regardless, you do not want every member of your operations team to be coordinating/updating their own Terraform state database whenever Terraform'ing anything. Sure, you can use a remote backend to assure a single global view, but the smart thing is not to allow Terraform on the desktop at all, and instead to wrap it in your CI/CD pipeline(s). We're promoters of Jenkins for this - not that other tools aren't sufficient - but that there's such an extensive ecosystem of plugins for Jenkins, that there's nothing that cannot be thrown at it.

Jenkins Job Builder may be used to define each pipeline to be terraform'ed. Terraform state may reside in the working directory for each build job. You could still use a remote backend, but some do not archive, whereas this is implicit in that each Jenkins build has this as an artifact. It is simple enough to reapply any given builds Terraform state.

It is trivial to create and manage a multitude of Terraform'ing slaves with our BastionLinux/Terraform infrastructure, and these have ongoing lifecycle management apropos our enterprise Linux.

The above sketches an outline over what is clearly a complex topic and of course to accommodate the technologies and processes you have in your shop. Do reach out to discuss how we can help you.
Our Office
407 The Foundry
181 Lawson Street
Darlington, Sydney 2008
+61 (0) 2 9045 3064
ABN: 31 120 285 261