SlideShare une entreprise Scribd logo

CDK Meetup: Rule the World through IaC

smalltown
smalltown

How CDK for Terraform make developers use favorite program language to implement IaC, and how to face the IaC Day 2 challenge!

Logiciels
1  sur  39
Télécharger pour lire hors ligne
Rule the World Through IaC
WHOA! MaiCoin Lead Site Reliability Engineering Taipei HashiCorp User Group Organizer AWS User Group Taiwan Staff I’m Smalltown
Taipei HashiCorp User Group
INTRODUCTION 01 What is CDK for Terraform? demonstration 02 How CDK for Terraform Work? analysis 03 Dive Into CDK for Terraform conclusion 04 IaC Day 2
INTRODUCTION TO CDK For Terraform 01
What is Terraform? (1/2) Terraform is an open source provisioning tool. It ships as a single binary which is written in Go. Terraform is cross platform and can run on Linux, Windows, or MacOS. Installing terraform is easy. You simply download a zip file, unzip it, and run it.
What is Terraform? (2/2) ● Executable Documentation ● Human and Machine readable ● Easy to Learn ● Test, Share, Re-Use, Automate ● Works on all Major Cloud Providers resource aws_instance "catapp" { ami = data.aws_ami.ubuntu.id instance_type = var.instance_type tags = { Name = "${var.prefix}-meow" } }
Terraform Allows Us to... ● Manage Multi-Cloud & Hybrid Infrastructure ● Manage Third-Party SaaS Through Provider ● Increase Provisioning Speed ● Improve Efficiency & Reduce Risk ● ...
What is Terraform Weaknesses ? ● Require User to Learn a New Custom Language, The HCL (HashiCorp Configuration Language) DSL ● No Loops, Functions, and Classes Concept Like General Programing Language
CDK for Terraform ● Although HCL has been One of The Fastest Growing Languages at GitHub ● Officials have Often Heard The Desire to Provision Infrastructure W/ Familiar Programming Languages ● With the CDK for Terraform Project You Can Define Infrastructure Resources Using TypeScript, Python...
Demonstration CDK For Terraform 02
How CDK for Terraform Work cdktf (JSON)
cdktf.json { "language": "python", "app": "pipenv run ./main.py", "terraformProviders": [ "aws@~> 2.70", "local@~> 1.4", "null@~> 2.1", "random@~> 2.1", "template@~> 2.1" ], "terraformModules": [ "terraform-aws-modules/vpc/aws", "terraform-aws-modules/eks/aws" ], "codeMakerOutput": "imports" }
Terraform Providers provider "aws" { version = "~> 2.70" region = "us-east-1" } from imports.aws import AwsProvider AwsProvider(self, 'Aws', region='us-east-1')
Terraform Modules module "vpc" { source = "terraform-aws-modules/vpc/aws" name = "my-vpc" cidr = "10.0.0.0/16" azs = [“us-west-2a”, “us-west-2b”, “us-west-2c”] private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] enable_nat_gateway = true } from imports.terraform_aws_modules.vpc.aws import Vpc my_vpc = Vpc(self, 'MyVpc', name='my-vpc', cidr='10.0.0.0/16', azs=['us-west-2a', 'us-west-2b', 'us-west-2c'], private_subnets=['10.0.1.0/24', '10.0.2.0/24', '10.0.3.0/24'], public_subnets=['10.0.101.0/24', '10.0.102.0/24', '10.0.103.0/24'], enable_nat_gateway=True )
Terraform Datas data "aws_caller_identity" "current" {} output "'create_user_arn'" { value = data.aws_caller_identity.current.arn } from imports.aws import DataAwsCallerIdentity TerraformOutput(self, 'create_user_arn', value=DataAwsCallerIdentity(self, 'current').arn )
Resource Dependency module "my-cluster" { source = "terraform-aws-modules/eks/aws" cluster_name = "my-eks" subnets = my_vpc.private_subnets vpc_id = my_vpc.vpc_id } my_eks= Eks(self, 'MyEks', cluster_name='my-eks', subnets=Token().as_list(my_vpc.private_subnets_output), vpc_id=Token().as_string(my_vpc.vpc_id_output), manage_aws_auth='false' )
Demonstration
Other Mappings ● Escape Hatch:Passing Meta-Arguments to Resources not Natively Supported or Implemented ● Terraform Remote Backend:Store Terraform State to Remote Backend, Instead of Local Storage ● Terraform Remote State:Extract Value from Exist Terraform State, Avoid Write Fixed Value in Configuration File
Analysis CDK for Terraform 03
What Benefits for CDK ● Manage Multi-Cloud & Hybrid Infrastructure Through Terraform Provider ● Manage Third-Party SaaS Through Terraform Provider ● Increase Provisioning Speed ● Avoid from Open Source to Close Source/Vendor Locking
What Benefits for Terraform Define Infrastructure Resources Using TypeScript, Python...Whatever Program Language You Like
Ready to Go?
Wait a Moment!
Eco System Not Exist Yet ● Define, Import Terraform Provider, Module… ● Then Download Them from Internet… ● Finally JSII Could Help to Transfer Them...
Exhausted Transfer Process ● Poor Performance During ~$ cdk sync ● No Useful Debug Message When Transfer Fail ● Documentation is Still Few
Module Chaos If You Want to Develop a IaC Module… ● Leverage HCL to Develop then Import from CDK? ● Leverage CDK to Develop Directly?
Life will find its way out
Conclusion to IAC 04
What is Infrastructure as Code? Infrastructure as Code (IaC) is the process of managing and provisioning cloud infrastructure with machine-readable definition files. Think of it as executable documentation.
Infrastructure as Code Allows Us to... ● Provide a codified workflow to create infrastructure ● Change and update existing infrastructure ● Safely test changes using terraform plan in dry run mode ● Integrate with application code workflows (Git, CI/CD tools) ● Provide reusable modules for easy sharing and collaboration ● Enforce security policy and organizational standards ● Enable collaboration between different teams
IaC Day 2 ● Develop IaC Along ● Develop IaC W/O Limition ● Develop IaC W/ Service Downtime ● Develop IaC Together ● Develop IaC W/ Org Policy ● Develop IaC W/O Service Downtime
Test Your IaC Module/Construct Developer IaC Tool Terratest Git Service CI/CD Framework Cloud #1 #2 #3 #4 #5 #6 Unit Test
Multiple Account/Project Structure Beta RobotRead Write Prod RobotRead Write Alpha RobotRead Write
Achieve IaC GitOps
Accomplish Policy as Code Audit CodePolicy ☝ Policy as Code
CREDITS: This presentation template was created by Slidesgo, including icons by Flaticon, infographics & images by Freepik and illustrations by Stories THANKS! If You Have Any Questions...
● MaiCoin ○ Backend Engineer ○ Microservice Engineer ○ Site Reliability Engineer We Are Hiring! ● AMIS ○ Backend Engineer ○ Frontend Engineer ○ Full Stack Engineer ○ Researcher
IaC Day 2 Workshop! Developer IaC Tool Terratest Git Service CI/CD Framework Cloud #1 #2 #3 #4 #5 #6 PaC Tool #1 Unit Test Integration Test #2 #3 #5 #4 GitOps GitOps #1 #2 #3 #4

Recommandé

AWS re:Invent re:Cap 2019: My ElasticSearch Journey on AWS
AWS re:Invent re:Cap 2019: My ElasticSearch Journey on AWSAWS re:Invent re:Cap 2019: My ElasticSearch Journey on AWS
AWS re:Invent re:Cap 2019: My ElasticSearch Journey on AWS
smalltown
 
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps WayDevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
smalltown
 
Kubernetes Summit 2020 - DevOps: Where is My PodPod
Kubernetes Summit 2020 - DevOps: Where is My PodPodKubernetes Summit 2020 - DevOps: Where is My PodPod
Kubernetes Summit 2020 - DevOps: Where is My PodPod
smalltown
 
AgileTW Feat. DevOpsTW: 維運 Kubernetes 的兩三事
AgileTW Feat. DevOpsTW: 維運 Kubernetes 的兩三事AgileTW Feat. DevOpsTW: 維運 Kubernetes 的兩三事
AgileTW Feat. DevOpsTW: 維運 Kubernetes 的兩三事
smalltown
 
Kubernetes User Group: 維運 Kubernetes 的兩三事
Kubernetes User Group: 維運 Kubernetes 的兩三事Kubernetes User Group: 維運 Kubernetes 的兩三事
Kubernetes User Group: 維運 Kubernetes 的兩三事
smalltown
 
Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly
Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the UglyKubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly
Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly
smalltown
 
Cloud Native User Group: Prometheus Day 2
Cloud Native User Group: Prometheus Day 2Cloud Native User Group: Prometheus Day 2
Cloud Native User Group: Prometheus Day 2
smalltown
 
Setup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes FederationSetup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes Federation
inwin stack
 

Recommandé

AWS re:Invent re:Cap 2019: My ElasticSearch Journey on AWS
AWS re:Invent re:Cap 2019: My ElasticSearch Journey on AWSAWS re:Invent re:Cap 2019: My ElasticSearch Journey on AWS
AWS re:Invent re:Cap 2019: My ElasticSearch Journey on AWS
smalltown
 
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps WayDevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
DevOpsDays Taipei 2019 - Mastering IaC the DevOps Way
smalltown
 
Kubernetes Summit 2020 - DevOps: Where is My PodPod
Kubernetes Summit 2020 - DevOps: Where is My PodPodKubernetes Summit 2020 - DevOps: Where is My PodPod
Kubernetes Summit 2020 - DevOps: Where is My PodPod
smalltown
 
AgileTW Feat. DevOpsTW: 維運 Kubernetes 的兩三事
AgileTW Feat. DevOpsTW: 維運 Kubernetes 的兩三事AgileTW Feat. DevOpsTW: 維運 Kubernetes 的兩三事
AgileTW Feat. DevOpsTW: 維運 Kubernetes 的兩三事
smalltown
 
Kubernetes User Group: 維運 Kubernetes 的兩三事
Kubernetes User Group: 維運 Kubernetes 的兩三事Kubernetes User Group: 維運 Kubernetes 的兩三事
Kubernetes User Group: 維運 Kubernetes 的兩三事
smalltown
 
Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly
Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the UglyKubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly
Kubernetes Summit 2021: Multi-Cluster - The Good, the Bad and the Ugly
smalltown
 
Cloud Native User Group: Prometheus Day 2
Cloud Native User Group: Prometheus Day 2Cloud Native User Group: Prometheus Day 2
Cloud Native User Group: Prometheus Day 2
smalltown
 
Setup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes FederationSetup Hybrid Clusters Using Kubernetes Federation
Setup Hybrid Clusters Using Kubernetes Federation
inwin stack
 
使用 Prometheus 監控 Kubernetes Cluster
使用 Prometheus 監控 Kubernetes Cluster 使用 Prometheus 監控 Kubernetes Cluster
使用 Prometheus 監控 Kubernetes Cluster
inwin stack
 
Cloud Native User Group: Shift-Left Testing IaC With PaC
Cloud Native User Group: Shift-Left Testing IaC With PaCCloud Native User Group: Shift-Left Testing IaC With PaC
Cloud Native User Group: Shift-Left Testing IaC With PaC
smalltown
 
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsSf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Peter Ss
 
Kubernetes extensibility: crd & operators
Kubernetes extensibility: crd & operators Kubernetes extensibility: crd & operators
Kubernetes extensibility: crd & operators
Giacomo Tirabassi
 
Criteo meetup - S.R.E Tech Talk
Criteo meetup - S.R.E Tech TalkCriteo meetup - S.R.E Tech Talk
Criteo meetup - S.R.E Tech Talk
Pierre Mavro
 
Java Microservices with Netflix OSS & Spring
Java Microservices with Netflix OSS & Spring Java Microservices with Netflix OSS & Spring
Java Microservices with Netflix OSS & Spring
Conor Svensson
 
Deploying Kubernetes without scaring off your security team - KubeCon 2017
Deploying Kubernetes without scaring off your security team - KubeCon 2017Deploying Kubernetes without scaring off your security team - KubeCon 2017
Deploying Kubernetes without scaring off your security team - KubeCon 2017
Major Hayden
 
Kubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes ClusterKubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes Cluster
smalltown
 
Web後端技術的演變
Web後端技術的演變Web後端技術的演變
Web後端技術的演變
inwin stack
 
Spring Cloud and Netflix OSS overview v1
Spring Cloud and Netflix OSS overview v1Spring Cloud and Netflix OSS overview v1
Spring Cloud and Netflix OSS overview v1
Dmitry Skaredov
 
Microservices with Netflix OSS and Spring Cloud
Microservices with Netflix OSS and Spring CloudMicroservices with Netflix OSS and Spring Cloud
Microservices with Netflix OSS and Spring Cloud
acogoluegnes
 
OPNFV & OpenStack
OPNFV & OpenStackOPNFV & OpenStack
OPNFV & OpenStack
openstackindia
 
How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016
How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016
How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016
Cloud Native Day Tel Aviv
 
Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Rob Szumski
 
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
smalltown
 
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
confluent
 
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
distributed matters
 
Cloud Native Microservices with Spring Cloud
Cloud Native Microservices with Spring CloudCloud Native Microservices with Spring Cloud
Cloud Native Microservices with Spring Cloud
Conor Svensson
 
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerSpinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Andrew Phillips
 
Scala, docker and testing, oh my! mario camou
Scala, docker and testing, oh my! mario camouScala, docker and testing, oh my! mario camou
Scala, docker and testing, oh my! mario camou
J On The Beach
 
Dockerization of Azure Platform
Dockerization of Azure PlatformDockerization of Azure Platform
Dockerization of Azure Platform
nirajrules
 
Developing and Deploying PHP with Docker
Developing and Deploying PHP with DockerDeveloping and Deploying PHP with Docker
Developing and Deploying PHP with Docker
Patrick Mizer
 

Contenu connexe

Tendances

Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
confluent
 
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
distributed matters
 

Tendances (19)

使用 Prometheus 監控 Kubernetes Cluster
使用 Prometheus 監控 Kubernetes Cluster 使用 Prometheus 監控 Kubernetes Cluster
使用 Prometheus 監控 Kubernetes Cluster
 
Cloud Native User Group: Shift-Left Testing IaC With PaC
Cloud Native User Group: Shift-Left Testing IaC With PaCCloud Native User Group: Shift-Left Testing IaC With PaC
Cloud Native User Group: Shift-Left Testing IaC With PaC
 
Sf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment modelsSf bay area Kubernetes meetup dec8 2016 - deployment models
Sf bay area Kubernetes meetup dec8 2016 - deployment models
 
Kubernetes extensibility: crd & operators
Kubernetes extensibility: crd & operators Kubernetes extensibility: crd & operators
Kubernetes extensibility: crd & operators
 
Criteo meetup - S.R.E Tech Talk
Criteo meetup - S.R.E Tech TalkCriteo meetup - S.R.E Tech Talk
Criteo meetup - S.R.E Tech Talk
 
Java Microservices with Netflix OSS & Spring
Java Microservices with Netflix OSS & Spring Java Microservices with Netflix OSS & Spring
Java Microservices with Netflix OSS & Spring
 
Deploying Kubernetes without scaring off your security team - KubeCon 2017
Deploying Kubernetes without scaring off your security team - KubeCon 2017Deploying Kubernetes without scaring off your security team - KubeCon 2017
Deploying Kubernetes without scaring off your security team - KubeCon 2017
 
Kubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes ClusterKubernetes Summit 2019 - Harden Your Kubernetes Cluster
Kubernetes Summit 2019 - Harden Your Kubernetes Cluster
 
Web後端技術的演變
Web後端技術的演變Web後端技術的演變
Web後端技術的演變
 
Spring Cloud and Netflix OSS overview v1
Spring Cloud and Netflix OSS overview v1Spring Cloud and Netflix OSS overview v1
Spring Cloud and Netflix OSS overview v1
 
Microservices with Netflix OSS and Spring Cloud
Microservices with Netflix OSS and Spring CloudMicroservices with Netflix OSS and Spring Cloud
Microservices with Netflix OSS and Spring Cloud
 
OPNFV & OpenStack
OPNFV & OpenStackOPNFV & OpenStack
OPNFV & OpenStack
 
How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016
How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016
How OpenStack is Built - Anton Weiss - OpenStack Day Israel 2016
 
Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018Kubernetes Multi-cluster without Federation - Kubecon EU 2018
Kubernetes Multi-cluster without Federation - Kubecon EU 2018
 
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
Kubernetes Day 2017 - Build, Ship and Run Your APP, Production !!
 
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
Kafka on Kubernetes: Keeping It Simple (Nikki Thean, Etsy) Kafka Summit SF 2019
 
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
Microservices with Netflix OSS & Spring Cloud - Arnaud Cogoluègnes
 
Cloud Native Microservices with Spring Cloud
Cloud Native Microservices with Spring CloudCloud Native Microservices with Spring Cloud
Cloud Native Microservices with Spring Cloud
 
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerSpinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
 

Similaire à CDK Meetup: Rule the World through IaC

Scala, docker and testing, oh my! mario camou
Scala, docker and testing, oh my! mario camouScala, docker and testing, oh my! mario camou
Scala, docker and testing, oh my! mario camou
J On The Beach
 
Developing and Deploying PHP with Docker
Developing and Deploying PHP with DockerDeveloping and Deploying PHP with Docker
Developing and Deploying PHP with Docker
Patrick Mizer
 
How to build a cloud adapter
How to build a cloud adapterHow to build a cloud adapter
How to build a cloud adapter
Maarten Smeets
 
Cloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit KubernetesCloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit Kubernetes
QAware GmbH
 
Making Service Deployments to AWS a breeze with Nova
Making Service Deployments to AWS a breeze with NovaMaking Service Deployments to AWS a breeze with Nova
Making Service Deployments to AWS a breeze with Nova
Gregor Heine
 
Apache Druid Auto Scale-out/in for Streaming Data Ingestion on Kubernetes
Apache Druid Auto Scale-out/in for Streaming Data Ingestion on KubernetesApache Druid Auto Scale-out/in for Streaming Data Ingestion on Kubernetes
Apache Druid Auto Scale-out/in for Streaming Data Ingestion on Kubernetes
DataWorks Summit
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep Dive
Kazuto Kusama
 

Similaire à CDK Meetup: Rule the World through IaC (20)

Scala, docker and testing, oh my! mario camou
Scala, docker and testing, oh my! mario camouScala, docker and testing, oh my! mario camou
Scala, docker and testing, oh my! mario camou
 
Dockerization of Azure Platform
Dockerization of Azure PlatformDockerization of Azure Platform
Dockerization of Azure Platform
 
Developing and Deploying PHP with Docker
Developing and Deploying PHP with DockerDeveloping and Deploying PHP with Docker
Developing and Deploying PHP with Docker
 
DevEx | there’s no place like k3s
DevEx | there’s no place like k3sDevEx | there’s no place like k3s
DevEx | there’s no place like k3s
 
How (and why) to roll your own Docker SaaS
How (and why) to roll your own Docker SaaSHow (and why) to roll your own Docker SaaS
How (and why) to roll your own Docker SaaS
 
56k.cloud training
56k.cloud training56k.cloud training
56k.cloud training
 
DR_PRESENT 1
DR_PRESENT 1DR_PRESENT 1
DR_PRESENT 1
 
Automation with Packer and TerraForm
Automation with Packer and TerraFormAutomation with Packer and TerraForm
Automation with Packer and TerraForm
 
I Just Want to Run My Code: Waypoint, Nomad, and Other Things
I Just Want to Run My Code: Waypoint, Nomad, and Other ThingsI Just Want to Run My Code: Waypoint, Nomad, and Other Things
I Just Want to Run My Code: Waypoint, Nomad, and Other Things
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for Government
 
How to build a Oracle cloud adapter SOA, Integration & API's
How to build a Oracle cloud adapter SOA, Integration & API'sHow to build a Oracle cloud adapter SOA, Integration & API's
How to build a Oracle cloud adapter SOA, Integration & API's
 
How to build a cloud adapter
How to build a cloud adapterHow to build a cloud adapter
How to build a cloud adapter
 
[Codelab 2017] Docker 기초 및 활용 방안
[Codelab 2017] Docker 기초 및 활용 방안[Codelab 2017] Docker 기초 및 활용 방안
[Codelab 2017] Docker 기초 및 활용 방안
 
Cloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit KubernetesCloud-native .NET Microservices mit Kubernetes
Cloud-native .NET Microservices mit Kubernetes
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
 
Making Service Deployments to AWS a breeze with Nova
Making Service Deployments to AWS a breeze with NovaMaking Service Deployments to AWS a breeze with Nova
Making Service Deployments to AWS a breeze with Nova
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - Indroduc
 
[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo
 
Apache Druid Auto Scale-out/in for Streaming Data Ingestion on Kubernetes
Apache Druid Auto Scale-out/in for Streaming Data Ingestion on KubernetesApache Druid Auto Scale-out/in for Streaming Data Ingestion on Kubernetes
Apache Druid Auto Scale-out/in for Streaming Data Ingestion on Kubernetes
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep Dive
 

Plus de smalltown

Plus de smalltown (13)

Kubernetes Summit 2023: Head First Kubernetes
Kubernetes Summit 2023: Head First Kubernetes Kubernetes Summit 2023: Head First Kubernetes
Kubernetes Summit 2023: Head First Kubernetes
 
SRE Conference 2022 - How to Build a Healthy On-Call Culture
SRE Conference 2022 - How to Build a Healthy On-Call CultureSRE Conference 2022 - How to Build a Healthy On-Call Culture
SRE Conference 2022 - How to Build a Healthy On-Call Culture
 
DevOpsDays Taipei 2021 - How FinTech Embrace Change Management
DevOpsDays Taipei 2021 - How FinTech Embrace Change ManagementDevOpsDays Taipei 2021 - How FinTech Embrace Change Management
DevOpsDays Taipei 2021 - How FinTech Embrace Change Management
 
HashiCorp Vault Workshop:幫 Credentials 找個窩
HashiCorp Vault Workshop:幫 Credentials 找個窩HashiCorp Vault Workshop:幫 Credentials 找個窩
HashiCorp Vault Workshop:幫 Credentials 找個窩
 
TW SEAT - DevOps: Security 干我何事?
TW SEAT - DevOps: Security 干我何事?TW SEAT - DevOps: Security 干我何事?
TW SEAT - DevOps: Security 干我何事?
 
DevOpsDays - DevOps: Security 干我何事?
DevOpsDays - DevOps: Security 干我何事?DevOpsDays - DevOps: Security 干我何事?
DevOpsDays - DevOps: Security 干我何事?
 
Kubernetes Summit 2018 - Kubernetes: Stateless -> Stateful
Kubernetes Summit 2018 - Kubernetes: Stateless -> StatefulKubernetes Summit 2018 - Kubernetes: Stateless -> Stateful
Kubernetes Summit 2018 - Kubernetes: Stateless -> Stateful
 
Docker Summit 2016 - Kubernetes: Sweets and Bitters
Docker Summit 2016 - Kubernetes: Sweets and BittersDocker Summit 2016 - Kubernetes: Sweets and Bitters
Docker Summit 2016 - Kubernetes: Sweets and Bitters
 
DevOpsDays Taipei 2017 - Terraform: Everything Is Code
DevOpsDays Taipei 2017 - Terraform: Everything Is CodeDevOpsDays Taipei 2017 - Terraform: Everything Is Code
DevOpsDays Taipei 2017 - Terraform: Everything Is Code
 
COSCUP 2017 - infrastructure As Code
COSCUP 2017 - infrastructure As Code COSCUP 2017 - infrastructure As Code
COSCUP 2017 - infrastructure As Code
 
AWS Connect 2017 - Container (feat. AWS)
AWS Connect 2017 - Container (feat. AWS)AWS Connect 2017 - Container (feat. AWS)
AWS Connect 2017 - Container (feat. AWS)
 
DevOps Summit 2016 - The immutable Journey
DevOps Summit 2016 - The immutable JourneyDevOps Summit 2016 - The immutable Journey
DevOps Summit 2016 - The immutable Journey
 
DevOps 2015 - Dancing with Chef
DevOps 2015 - Dancing with ChefDevOps 2015 - Dancing with Chef
DevOps 2015 - Dancing with Chef
 

Dernier

%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
masabamasaba
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Medical / Health Care (+971588192166) Mifepristone and Misoprostol tablets 200mg
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 

Dernier (20)

WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
WSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - KeynoteWSO2Con204 - Hard Rock Presentation - Keynote
WSO2Con204 - Hard Rock Presentation - Keynote
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
Abortion Pills In Pretoria ](+27832195400*)[ 🏥 Women's Abortion Clinic In Pre...
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 

CDK Meetup: Rule the World through IaC

  • 2. WHOA! MaiCoin Lead Site Reliability Engineering Taipei HashiCorp User Group Organizer AWS User Group Taiwan Staff I’m Smalltown
  • 4. INTRODUCTION 01 What is CDK for Terraform? demonstration 02 How CDK for Terraform Work? analysis 03 Dive Into CDK for Terraform conclusion 04 IaC Day 2
  • 5. INTRODUCTION TO CDK For Terraform 01
  • 6. What is Terraform? (1/2) Terraform is an open source provisioning tool. It ships as a single binary which is written in Go. Terraform is cross platform and can run on Linux, Windows, or MacOS. Installing terraform is easy. You simply download a zip file, unzip it, and run it.
  • 7. What is Terraform? (2/2) ● Executable Documentation ● Human and Machine readable ● Easy to Learn ● Test, Share, Re-Use, Automate ● Works on all Major Cloud Providers resource aws_instance "catapp" { ami = data.aws_ami.ubuntu.id instance_type = var.instance_type tags = { Name = "${var.prefix}-meow" } }
  • 8. Terraform Allows Us to... ● Manage Multi-Cloud & Hybrid Infrastructure ● Manage Third-Party SaaS Through Provider ● Increase Provisioning Speed ● Improve Efficiency & Reduce Risk ● ...
  • 9. What is Terraform Weaknesses ? ● Require User to Learn a New Custom Language, The HCL (HashiCorp Configuration Language) DSL ● No Loops, Functions, and Classes Concept Like General Programing Language
  • 10. CDK for Terraform ● Although HCL has been One of The Fastest Growing Languages at GitHub ● Officials have Often Heard The Desire to Provision Infrastructure W/ Familiar Programming Languages ● With the CDK for Terraform Project You Can Define Infrastructure Resources Using TypeScript, Python...
  • 12. How CDK for Terraform Work cdktf (JSON)
  • 13. cdktf.json { "language": "python", "app": "pipenv run ./main.py", "terraformProviders": [ "aws@~> 2.70", "local@~> 1.4", "null@~> 2.1", "random@~> 2.1", "template@~> 2.1" ], "terraformModules": [ "terraform-aws-modules/vpc/aws", "terraform-aws-modules/eks/aws" ], "codeMakerOutput": "imports" }
  • 14. Terraform Providers provider "aws" { version = "~> 2.70" region = "us-east-1" } from imports.aws import AwsProvider AwsProvider(self, 'Aws', region='us-east-1')
  • 15. Terraform Modules module "vpc" { source = "terraform-aws-modules/vpc/aws" name = "my-vpc" cidr = "10.0.0.0/16" azs = [“us-west-2a”, “us-west-2b”, “us-west-2c”] private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"] public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"] enable_nat_gateway = true } from imports.terraform_aws_modules.vpc.aws import Vpc my_vpc = Vpc(self, 'MyVpc', name='my-vpc', cidr='10.0.0.0/16', azs=['us-west-2a', 'us-west-2b', 'us-west-2c'], private_subnets=['10.0.1.0/24', '10.0.2.0/24', '10.0.3.0/24'], public_subnets=['10.0.101.0/24', '10.0.102.0/24', '10.0.103.0/24'], enable_nat_gateway=True )
  • 16. Terraform Datas data "aws_caller_identity" "current" {} output "'create_user_arn'" { value = data.aws_caller_identity.current.arn } from imports.aws import DataAwsCallerIdentity TerraformOutput(self, 'create_user_arn', value=DataAwsCallerIdentity(self, 'current').arn )
  • 17. Resource Dependency module "my-cluster" { source = "terraform-aws-modules/eks/aws" cluster_name = "my-eks" subnets = my_vpc.private_subnets vpc_id = my_vpc.vpc_id } my_eks= Eks(self, 'MyEks', cluster_name='my-eks', subnets=Token().as_list(my_vpc.private_subnets_output), vpc_id=Token().as_string(my_vpc.vpc_id_output), manage_aws_auth='false' )
  • 19. Other Mappings ● Escape Hatch:Passing Meta-Arguments to Resources not Natively Supported or Implemented ● Terraform Remote Backend:Store Terraform State to Remote Backend, Instead of Local Storage ● Terraform Remote State:Extract Value from Exist Terraform State, Avoid Write Fixed Value in Configuration File
  • 21. What Benefits for CDK ● Manage Multi-Cloud & Hybrid Infrastructure Through Terraform Provider ● Manage Third-Party SaaS Through Terraform Provider ● Increase Provisioning Speed ● Avoid from Open Source to Close Source/Vendor Locking
  • 22. What Benefits for Terraform Define Infrastructure Resources Using TypeScript, Python...Whatever Program Language You Like
  • 25. Eco System Not Exist Yet ● Define, Import Terraform Provider, Module… ● Then Download Them from Internet… ● Finally JSII Could Help to Transfer Them...
  • 26. Exhausted Transfer Process ● Poor Performance During ~$ cdk sync ● No Useful Debug Message When Transfer Fail ● Documentation is Still Few
  • 27. Module Chaos If You Want to Develop a IaC Module… ● Leverage HCL to Develop then Import from CDK? ● Leverage CDK to Develop Directly?
  • 28. Life will find its way out
  • 30. What is Infrastructure as Code? Infrastructure as Code (IaC) is the process of managing and provisioning cloud infrastructure with machine-readable definition files. Think of it as executable documentation.
  • 31. Infrastructure as Code Allows Us to... ● Provide a codified workflow to create infrastructure ● Change and update existing infrastructure ● Safely test changes using terraform plan in dry run mode ● Integrate with application code workflows (Git, CI/CD tools) ● Provide reusable modules for easy sharing and collaboration ● Enforce security policy and organizational standards ● Enable collaboration between different teams
  • 32. IaC Day 2 ● Develop IaC Along ● Develop IaC W/O Limition ● Develop IaC W/ Service Downtime ● Develop IaC Together ● Develop IaC W/ Org Policy ● Develop IaC W/O Service Downtime
  • 33. Test Your IaC Module/Construct Developer IaC Tool Terratest Git Service CI/CD Framework Cloud #1 #2 #3 #4 #5 #6 Unit Test
  • 34. Multiple Account/Project Structure Beta RobotRead Write Prod RobotRead Write Alpha RobotRead Write
  • 36. Accomplish Policy as Code Audit CodePolicy ☝ Policy as Code
  • 37. CREDITS: This presentation template was created by Slidesgo, including icons by Flaticon, infographics & images by Freepik and illustrations by Stories THANKS! If You Have Any Questions...
  • 38. ● MaiCoin ○ Backend Engineer ○ Microservice Engineer ○ Site Reliability Engineer We Are Hiring! ● AMIS ○ Backend Engineer ○ Frontend Engineer ○ Full Stack Engineer ○ Researcher
  • 39. IaC Day 2 Workshop! Developer IaC Tool Terratest Git Service CI/CD Framework Cloud #1 #2 #3 #4 #5 #6 PaC Tool #1 Unit Test Integration Test #2 #3 #5 #4 GitOps GitOps #1 #2 #3 #4