[Jenkins-infra] Request for feedback: IEP-003 - Terraform for describing infrastructure as code
Ben Walding
bwalding at cloudbees.com
Fri Nov 18 05:54:23 UTC 2016
On 18 November 2016 at 11:04, R. Tyler Croy <tyler at monkeypox.org> wrote:
>
> Following the IEP process[0], I would like feedback on this design
> document for
> another integral part of bootstrapping project infrastructure on Azure. In
> this
> proposal I posit that all infrastructure resources on Azure should be
> defined
> via Terraform:
>
> <https://github.com/jenkins-infra/iep/tree/terraform-003/
> iep-003/README.adoc>
>
>
I think this is a pretty reasonable starting point.
(you are proposing much the same process we use at CloudBees. Caveat - my
Terraform experience is with AWS)
Terraform is a beast to work with for some resource types, but it does what
it says on the box. Mostly.
- remote state storage is preferred (as you have suggested)
- sometimes people run the terraform apply but forget to check in / push
- this is not good - this can be avoided by having a "deployment" server /
job - but then you have some very powerful credentials stored in the cloud
- tradeoffs
- retrofitting terraform is HORRIBLE (i.e. you manually create infra,
then want to update it via .tf files)
- it's better than building the tooling yourself.
- always plan before applying - terraform can be "surprising" when you
first start with it (especially if someone has not pushed changes!)
- the latest resource types aren't always in Terraform, but most regular
infra is manageable by Terraform.
Cheers,
Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20161118/39f036e9/attachment.html>
More information about the Jenkins-infra
mailing list