No video :(

Terraform + Ansible on the Azure Terraform Community Call for 11/2023

Подписаться 4,9 тыс.

Просмотров 1,4 тыс.

50% 1

SPECIAL EPISODE
Join us in this insightful session from our November Azure Terraform Community Call, where we delve into the synergy of Packer, Terraform, and Ansible for cloud infrastructure management. Watch as we navigate the harmonious integration of these powerful tools, showcasing the unparalleled efficiency and flexibility they bring when used in tandem.
During the call, we demonstrate how Packer's immutable infrastructure creation complements Terraform's declarative approach to infrastructure as code, while Ansible's configuration management capabilities ensure that the resulting deployments are precisely configured and managed post-provisioning.
Key highlights of this video include:
A walkthrough of creating a base image with Packer, highlighting its benefits for consistency and speed in deployments.
A guide on deploying this image across Azure's cloud infrastructure using Terraform, showcasing the ease of scaling and managing infrastructure as code.
Practical examples of Ansible's role in the post-deployment phase, ensuring that configurations are automatically and reliably applied across the board.
The presentation not only covers the "how-tos" but also emphasizes the "whys" behind choosing the right tool for each job. It stresses the importance of leveraging each tool's strengths - Packer's image building, Terraform's infrastructure management, and Ansible's configuration application - to create a robust, scalable, and maintainable cloud ecosystem.
Whether you are new to the world of cloud infrastructure or looking to optimize your current processes, this talk is a treasure trove of best practices and expert advice. By the end of this talk, you'll gain a clear understanding of how to employ Packer, Terraform, and Ansible in a complementary fashion for a streamlined workflow that enhances productivity and reduces the potential for errors.
Don't miss out on the Q&A session where our speaker answers some of the community's most pressing questions, providing deeper insights and clarifications.
#AzureTerraform #Packer #Terraform #Ansible #InfrastructureAsCode #DevOps #CloudInfrastructure #CommunityCall
FULL COMMUNITY CALL HERE:
• Terraform on Azure Com...
Follow me on Twitter for quick code snippets and thoughts on Cloud, Automation and other things!
/ marktinderholt
Keep the knowledge flowing!
www.buymeacoff...
Read MORE books! Sign up to Audible! Trust me, it's great!
bit.ly/48MfOOq
Source Code:
github.com/mar...

Опубликовано:

28 авг 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 24

@rucas79 10 месяцев назад

Thanks Mark, great to see an example of a few of the different tools working together.. singing different parts of the same song :)

@azure-terraformer 10 месяцев назад

Thanks! Couldn't agree more! They sing their own parts beautifully. It's about putting them in the right role!!! 😉😁

@ManneyM 10 месяцев назад

Great presentation, Mark... not used Packer or Ansible yet, so look forward to getting my head round what they do from your upcoming videos

@azure-terraformer 10 месяцев назад

Thanks! Stay tuned for more ansible related stuff. There is already a ton of stuff on Packer on my channel. I do an entire minecraft series where I take a run book for a brown field app (minecraft) and I packerize it and then even modernize it.

@CarlintVeld 9 месяцев назад

Red Hat provides this Ansible Automation Platform with AWX as an open source web ui and play book orchestrator. What are your thoughts about this?

@azure-terraformer 9 месяцев назад

I am not too familiar with all of RedHat's offerings but it's something I have been meaning to look into. Back in the day there was 'Ansible Tower'...maybe that's the same thing? Maybe RedHat re-branded it?

@CarlintVeld 9 месяцев назад

@@azure-terraformer AWX is Tower, but then the open source flavor "not suited for production" 😬

@azure-terraformer 7 месяцев назад

Oh yes we need a garauntee on the box. I forgot! 🤣

@CarlintVeld 9 месяцев назад

Have you considered DSC? Azure Automation Accounts provide this natively. Now with DSCv3 released, what are your thoughts?

@azure-terraformer 9 месяцев назад

I have not checked out DSC for many years. Back when I used it it was called Windows DSC...is it now supporting Linux? Is it Azure Only? Thanks for sharing, I'll have to look into it!

@CarlintVeld 9 месяцев назад

@@azure-terraformer it has been supporting linux ever since powershell (core) 6+. And with dscv3 they removed the PowerShell dependency completely 🤯

@azure-terraformer 7 месяцев назад

Nice! I'm not a fan of PowerShell

@abdulazizbarkat1701 9 месяцев назад

So Packer has an Ansible provisioner as well (basically allows you to run Ansible either on the remote VM or on the machine running Packer). I have used this a bit before and the two seem to go pretty well hand in hand. What are your thoughts about it?

@azure-terraformer 9 месяцев назад

Hey that's a good idea. I didn't know that. I'll have to look into it. On my projects we considered actually having packer run the ansible playbook locally but we were concerned about the extra dependencies that would have to be installed and left on the machine after ansible was done. Would love to hear more about your experience with the packer plug-in!

@marsamuk 9 месяцев назад

Hi Mark, I'm using Terraform with workspaces in Azure DevOps and need to prevent concurrent pipeline jobs for the same environment (like 'prod') on a shared self-hosted agent. How can I ensure only one job accesses the state file at a time to avoid lock errors, without restricting the agent's use in other projects? Thanks

@azure-terraformer 9 месяцев назад

Hmmm, the lock of the state file is a safety check to prevent corruption by multiple writers. I'm not sure if the work is worth it. The only solution would be to essentially force a job to check if the state file is locked and wait until it's unlocked. What are all these pipelines doing that they all use the same state file?

@marsamuk 9 месяцев назад

@@azure-terraformer We have a Terraform setup with multiple workspaces corresponding to different deployment environments, such as prod, uat, tst, and dev. Each workspace has its own state file stored in an Azure Storage Account to keep track of the infrastructure it manages. When Dev A initiates a Terraform apply in the prod workspace, a state lock is created for safety. If Dev B triggers another apply in prod simultaneously, it results in a collision with A’s lock, leading to a ‘state already locked’ error. We need a strategy to ensure that only one job per environment can execute at any given time, thereby avoiding these lock conflicts on shared agents.

@azure-terraformer 7 месяцев назад

Yeah I have definitely encountered this. Usually it is only a minor inconvenience from my experience but you would need to configure the pipeline queue mechanism to require that the workspace lock is not present in order for the pipeline to run. However, you can always run into the situation where the plan will be invalidated by the previous developers apply

@CarlintVeld 9 месяцев назад

I would say IaaS i.e. vm based workloads should be last resort. Always go for something higher in the stack: Container Apps, App Service, Kubernetes. I thought good to point this out

@azure-terraformer 9 месяцев назад

Agreed! My preferred service stack is Azure Functions + Cosmos DB!

@CarlintVeld 9 месяцев назад

I am a real fan of the inside out pattern where the vm itself pulls the desired state from some upstream and runs the playbooks. I would say management through ssh should be limited as much as possible. What do you think?

@azure-terraformer 9 месяцев назад

I prefer to bake as much into my Virtual Machine images as possible to get 'traffic ready time' as close to 'OS healthy time', that being said, that approach isn't very inside out ^_^ I am also a big fan of 'agent-less' so for me, Ansible fits the bill!

@CarlintVeld 9 месяцев назад

@@azure-terraformer I would say packer fits in the inside out category so that is at least ok. For ssh I would say a highly privileged ansible server should run the playbooks, potentially a dedicated private agent pool.

@azure-terraformer 9 месяцев назад

@CarlintVeld agreed