Contenu connexe Similaire à AzDevCom2021 - Bicep vs Terraform (20) AzDevCom2021 - Bicep vs Terraform2. whoami
• Philip Welz
• Senior Kubernetes & DevOps Engineer @ white duck
• Kubernetes Certified { A | AD | S }
• Kubernetes, GitOps & Azure
© white duck GmbH 2021
Email: Philip.Welz@whiteduck.de
Twitter: @philip_welz
LinkedIn: https://www.linkedin.com/in/philip-welz
Blog: https://philinthe.cloud
5. Overview
• is the management of infrastructure with declarative
configuration files
• evolved to solve the problem of environment drift
• considered one of the key practices of DevOps and Agile
software development
© white duck GmbH 2021
8. Key principles
• idempotency
• no matter how many times you run your IaC, you will end up
with the same end state
• immutability
• replacing infrastructure instead of change it doesn't
allow configuration drift
© white duck GmbH 2021
12. Azure Resource Manager
• short ARM
• provisioning engine built into Azure exposed as REST API
• authenticates and authorizes requests
• automatically orchestrates the deployment in the correct
order respecting dependencies
• ensures idempotency
© white duck GmbH 2021
15. Overview
• by Hashicorp
• first release = 28 July 2014
• 1.0.0 since 8 June 2021
• written in Go
• CLI and DSL (domain-specific language)
• HCL – Hashicorp Configuration Language
• Open Source but optional paid offers available
© white duck GmbH 2021
16. Key principles
• manage any infrastructure
• standardize your deployment workflow
• track your infrastructure
• community driven
© white duck GmbH 2021
17. Providers
• Azure RM provider
• Azure AD provider
• Azure Stack provider
• Azure DevOps provider
• GitHub provider
• Kubernetes, Helm provider
• Random, template, …
© white duck GmbH 2021
19. State
• necessary requirement for Terraform to function
• records information about what infrastructure it created
• can contain sensitive data
• stored locally or in a backend
• lock mechanism prevents concurrent execution
© white duck GmbH 2021
21. ARM Templates
• implement Infrastructure as Code on Azure
• are JavaScript Object Notation (JSON) files
• uses declarative syntax
• specify the resources and the properties for those resources
• deploy the template(s) through one command
© white duck GmbH 2021
22. Bicep overview
• first release = Fall ’20
• native support by
• Azure CLI since 2.20
• PowerShell AZ module (v5.6.0+)
• written in .NET
• DSL (domain-specific language)
• Open Source
© white duck GmbH 2021
23. Key principles
• transparent abstraction over ARM template JSON
• much simpler syntax compared to equivalent ARM
template JSON
• modularity
• convert existing templates or resources from the portal
© white duck GmbH 2021
26. Focus
• support for all resource types and API versions
• no state or state files to manage
• pre-flight validation
• tooling
• support
• non-goals
• one language to rule them all
• general purpose language to meet any need
© white duck GmbH 2021
29. Deployment modes
• incremental
• leaves unchanged resources that exist in the resource group
but aren't specified in the template
• complete
• deletes resources that exist in the resource group but aren't
specified in the template
© white duck GmbH 2021
31. Real talk - Terraform
• no deployments scopes
• well adopted but feature implementation can take some time
• not Azure-only focused
• can speak with Azure AD
• can do more, but sometimes it shouldn't
• pitfalls
© white duck GmbH 2021
32. Real talk - Bicep
• zero-day support for all Azure resource types & API versions
• first class VSCode integration (IntelliSense)
• less complex due to no state
• convert existing templates and or resources
• API ensures always backwards compatibility
• pitfalls
© white duck GmbH 2021
33. Final verdicts
• IaC != state
• use the tool that suits your needs
• if you are happy with your tooling, stick with it
• no matter what tool you are using, automate your
deployments and execute them regularly
• stay up to date
• use static analysis to enforce cloud governance
© white duck GmbH 2021
Notes de l'éditeur Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit Wiederholbarkeit
Verlässlichkeit
Effizienz
Ersparnisse
Sichtbarkeit