Monday, March 23, 2020

HashiTalks2020: Enterprise Deployment to Azure and AWS in Azure DevOps

Hey all! 

Here's my #HashiTalks2020 presentation about my company's transition from single-cloud, single-devops to cloud agnostic Terraform and multicloud Azure DevOps, pipeline and infra-as-code environments. 

This deep dive video is 25 minutes long. 




If you have any notes or comments please let me know! 

Good luck out there!
kyler

Monday, January 13, 2020

Intro to TravisCI With Terraform

Picture-heavy walkthrough of building a TravisCI terraform pipeline. It does everything based on GitHub events.

  • On a new PR created/updated: run a terraform validate and plan, report status back to GitHub.
  • On a PR merge: run a terraform apply, deploy resources.

And it has a kickin' rainbow theme. What else could you ask for? Check it out:

https://medium.com/swlh/intro-to-travisci-with-terraform-80e65cf975fe

Paywall bypass: https://medium.com/swlh/intro-to-travisci-with-terraform-80e65cf975fe?source=friends_link&sk=814896cf82cdac07cba5c2e44c42941b

Friday, January 10, 2020

Azure DevOps YML Terraform Pipeline and Pre-Merge Pull Request Validation



tl;dr: Here’s YML code that will build an Azure DevOps pipeline that can be run automatically as part of pull request validation (pre-merge) and requires manual approval by definably admin groups in order to proceed to touch resources.

Microsoft’s Azure DevOps (ADO) is an incredibly powerful CI/CD platform that is being rapidly developed by $MSFT. However, as with any rapidly-evolving product, the documentation sometimes leaves something to be desired. I solved a few problems with the help of the Azure DevOps development team and I thought I’d share my solutions. Hope they help.

Bootstrapping Azure Cloud to Your Terraform CI/CD

Pairing Terraform with a CI/CD like Azure DevOps, Terraform Cloud, or GitHub Actions can be incredibly empowering. Your team can work on code simultaneously, check it into a central repo, and once code is approved it can be pushed out by your CI/CD and turned into resources in the cloud.


Intro to Cisco ASAv in AWS With Terraform


Cisco, the king of data center networking for 3 decades, is becoming increasingly less important in a cloud-first world. Cloud native networking at AWS, Azure, and Google Cloud (GCP) aren’t great — there’s tons of opportunity, but Cisco has yet to fully commit to bringing their products to a cloud-first world, despite their new moniker as a “cloud-first” company.

Intro to AWS CodeCommit, CodePipeline, and CodeBuild with Terraform


Image courtesy of AWS


AWS CodeCommit is one more CI/CD to enter the increasingly crowded competition for CI/CD products. AWS has provided an entire suite of products:

CodeCommit: A managed git repo. We’ll check our terraform code into a repo hosted in Codecommit. Enough said.

CodeBuild: A managed continuous integration service. It runs job definitions, dynamically spins up and down build servers, and can support your own tooling, i.e. terraform! We’ll write a deploy terraform build in CodeBuild.

CodeDeploy: A managed deployment service that helps push code from a repo to AWS services where it can be executed. This is the only CodeX service from AWS we won’t use.

CodePipeline: A managed deployment service that supports complex deployment processes including code testing, automated deployment all the way to production. We’ll write a pipeline to automate a PR merge → terraform deploy.

Scrape AWS Public IP Json + Ansible + Cisco Firewall




Every data center I’ve ever worked at has had some sort of egress internet filtering for security. This makes perfect sense in a world where partners have static IPs, or even when partners can provide the range of IPs they have registered with IANA. But in the cloud world? Not so much.