[Jenkins-infra] Request for feedback: IEP-003 - Terraform for describing infrastructure as code

Ben Walding bwalding at cloudbees.com
Fri Nov 18 05:54:23 UTC 2016

On 18 November 2016 at 11:04, R. Tyler Croy <tyler at monkeypox.org> wrote:

> Following the IEP process[0], I would like feedback on this design
> document for
> another integral part of bootstrapping project infrastructure on Azure. In
> this
> proposal I posit that all infrastructure resources on Azure should be
> defined
> via Terraform:
>     <https://github.com/jenkins-infra/iep/tree/terraform-003/
> iep-003/README.adoc>
I think this is a pretty reasonable starting point.
(you are proposing much the same process we use at CloudBees. Caveat - my
Terraform experience is with AWS)

Terraform is a beast to work with for some resource types, but it does what
it says on the box. Mostly.

   - remote state storage is preferred (as you have suggested)
   - sometimes people run the terraform apply but forget to check in / push
   - this is not good - this can be avoided by having a "deployment" server /
   job - but then you have some very powerful credentials stored in the cloud
   - tradeoffs
   - retrofitting terraform is HORRIBLE (i.e. you manually create infra,
   then want to update it via .tf files)
   - it's better than building the tooling yourself.
   - always plan before applying - terraform can be "surprising" when you
   first start with it (especially if someone has not pushed changes!)
   - the latest resource types aren't always in Terraform, but most regular
   infra is manageable by Terraform.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.jenkins-ci.org/pipermail/jenkins-infra/attachments/20161118/39f036e9/attachment.html>

More information about the Jenkins-infra mailing list