TechEvent Infrastructure as Code on Azure
Download as PPTX, PDF2 likes508 views
This document provides an overview of Infrastructure as Code (IaC) on Azure using ARM templates and Terraform. It discusses the benefits of IaC for consistency, version control, and faster deployments. ARM templates are the native Microsoft solution for Azure resources defined in JSON, while Terraform uses a declarative language and manages dependencies automatically. Both tools were compared, with ARM templates having better integration with Azure services and security features, while Terraform excels with its plan preview and dependency management. Advanced IaC concepts like environments and centralized repositories were also covered.
![ARM Templates – Code – Creating a Storage Account
Infrastructure as Code on Azure22 9/26/2018
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2018-03-01",
"location": "westeurope",
"name": "[parameters('storageAccountName')]",
"kind": "Storage",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"properties": {
"supportsHttpsTrafficOnly": true,
},
"dependsOn": []
}](https://image.slidesharecdn.com/dhijwriaconazurearmvsterraform-180926111951/85/TechEvent-Infrastructure-as-Code-on-Azure-19-320.jpg)
TechEvent Infrastructure as Code on Azure
- 1. BASEL BERN BRUGG DÜSSELDORF FRANKFURT A.M. FREIBURG I.BR. GENF HAMBURG KOPENHAGEN LAUSANNE MÜNCHEN STUTTGART WIEN ZÜRICH Infrastructure as Code on Azure ARM Templates vs Terraform Daniel Hillinger, Jonas Wanninger @daniel8192, @JonasWanninger
- 2. Daniel Hillinger Consultant at Trivadis GmbH Munich Focus: Oracle (RAC, Grid Infrastructure, Exadata, Dataguard) Unix/Linux (OEL, RedHat, Solaris) Azure (Automation, Design and Security) daniel8192.wordpress.com 9/26/2018 Infrastructure as Code on Azure2
- 3. Jonas Wanninger Infrastructure as Code on Azure3 9/26/2018 Consultant at Trivadis GmbH Munich Focus: Development (.NET, SQL, PowerShell) Microsoft SQL Server DevOps (CI/CD, Automated Infrastructure) Azure (Automation, Design and Security) @JonasWanninger
- 4. Agenda Infrastructure as Code on Azure4 9/26/2018 1. What is IaC 2. Terraform 3. ARM Templates 4. Advanced IaC concepts 5. Conclusion
- 5. What is IaC Infrastructure as Code on Azure5 9/26/2018 Cloud Operator
- 6. What is IaC Infrastructure as Code on Azure6 9/26/2018 “Infrastructure as code (IaC) is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools” – Wikipedia
- 7. Why is IaC is cool? Infrastructure as Code on Azure7 9/26/2018 Provides consistency across all deployments and stages Version control Faster deployments and recovery Just in time deployments Documentation is already included to a certain degree
- 8. But IaC is not the solution for everything… Infrastructure as Code on Azure8 9/26/2018 Change Management still needs to be done Configuration management Apply IAM inside the Infastructure / Plattform / Service Automated validation
- 9. Infrastructure as Code on Azure9 9/26/2018 Terraform
- 10. HashiCorp Infrastructure as Code on Azure11 9/26/2018 Founded 2012 by Mitchell Hashimoto and Armon Dadgar Open Source /hashicorp
- 11. Terraform Infrastructure as Code on Azure12 9/26/2018 Declarative language Tries to be cloud independent Dependencies evaluated automatically based on a graph Tracks cloud resources inside a local state file (.tf.state) – Contains sensible data Lacks security features Agenda Code Plan feature
- 12. Terraform and Azure Infrastructure as Code on Azure13 9/26/2018 Partnership with Microsoft Based on „azure sdk for go”
- 13. Terraform - Code Infrastructure as Code on Azure14 9/26/2018 Create basic StorageAccount resource "azurerm_storage_account" "testsa123" { name = "mytestaccount123" resource_group_name = location = "${azurerm_resource_group.testrg.location}" account_tier = account_replication_type = "GRS" tags { environment = "staging" } } "${azurerm_resource_group.testrg.name}" "${var.account_tier}"
- 14. Terraform - Plans Infrastructure as Code on Azure15 9/26/2018 Unique test / plan feature Check syntax Build dependency graph Base for validation Terraform will perform the following actions: ~ azurerm_cosmosdb_account.db consistency_policy.0.max_interval_in_seconds: "10" => "20" Plan: 0 to add, 1 to change, 0 to destroy.
- 15. Infrastructure as Code on Azure18 9/26/2018 ARM Templates
- 16. ARM Templates Infrastructure as Code on Azure19 9/26/2018 Microsoft native IaC solution Declarative templates written in JSON format Azure Cloud and Azure Stack only Generate ARM templates from the Azure Portal for any resource Manual dependency handling Great integration with other Azure services (e.g. KeyVault, StorageAccounts)
- 17. ARM Templates and the Azure Resource Manager Infrastructure as Code on Azure20 9/26/2018 Describe infrastructure inside JSON file Deployment possible in many different languages (PowerShell, Bash, .NET, Ruby, Python, JavaScript or via REST API)
- 18. ARM Templates and the Azure Resource Manager Infrastructure as Code on Azure21 9/26/2018 Resource Manager is the core component for all deployments Resource Manager takes care of – Provisioning and configuring – Parallelizing the deployment – Validating the resources
- 19. ARM Templates – Code – Creating a Storage Account Infrastructure as Code on Azure22 9/26/2018 { "type": "Microsoft.Storage/storageAccounts", "apiVersion": "2018-03-01", "location": "westeurope", "name": "[parameters('storageAccountName')]", "kind": "Storage", "sku": { "name": "Standard_LRS", "tier": "Standard" }, "properties": { "supportsHttpsTrafficOnly": true, }, "dependsOn": [] }
- 20. ARM Templates – Special Features – Key Vault Infrastructure as Code on Azure27 9/26/2018 … "administratorLoginPassword": { "reference": { "keyVault": { "id": "/subscriptions/<subscription-id>/resourceGroups/examplegroup/ providers/Microsoft.KeyVault/vaults/<vault-name>" }, "secretName": "examplesecret" } }
- 21. Infrastructure as Code on Azure28 9/26/2018 Advanced IaC concepts
- 22. Advanced IaC concepts Infrastructure as Code on Azure29 9/26/2018 Dev Staging Prod Developer Central Repo Validation Deployment
- 23. Infrastructure as Code on Azure30 9/26/2018 Conclusion
- 24. Conclusion – ARM vs. Terraform Infrastructure as Code on Azure31 9/26/2018 Terraform + Plan feature + Dependency managment - Statefile - Security features ARM + Microsoft native + Security features - Plan feature - Dependency managment
- 25. Conclusion - IaC Infrastructure as Code on Azure32 9/26/2018 Automate your deployment and recovery process • Speed and simplicity Provides consistency across all deployments and stages Minimize risks Necessary in large environments
- 26. Questions and answers … Daniel Hillinger Tel. +49 89 992 759 333 [email protected] 9/26/2018 Infrastructure as Code on Azure33 Jonas Wanninger Tel. +49 89 992 759 324 [email protected]
- 27. Session Feedback – now Infrastructure as Code on Azure34 9/26/2018 Please use the Trivadis Events mobile app to give feedback on each session Use "My schedule" if you have registered for a session Otherwise use "Agenda" and the search function If the mobile app does not work (or if you have a Windows smartphone), use your smartphone browser – URL: http://trivadis.quickmobileplatform.eu/ – User name: <your_loginname> (such as "svv") – Password: sent by e-mail...