how hashicorp platform tools can make the difference in … · 2019-04-26 · how hashicorp...

How HashiCorp platform tools can make the difference in development and deployment

Dmytro Mykhailov

Dmytro Mykhailov

Solution Architect

• 3,5 years in EPAM

• >12 years in IT

• Microsoft Stack:• .NET• Azure

skype: dmitry.mikhaylov

email: dmytro_mykhailov@epam.com

blog: https://devraccoon.com/

Problems in applications

• Holy Server

• Messy configuration

• Slow environments setup

• Works-on-my-machine syndrome

• Expensive resources that do nothing

• Hard non-consistent integration and end-to-end test environments

• Where is your disaster recovery?

• Are your secrets safe?

Holy Server

• Thing that can be treated as benefits:

- Easy to setup

- No need of delivery infrastructure upfront

- No need of tools knowledge

• Drawbacks:

- Hard to maintain

- Service failure is a catastrophe

- Custom knowledge of how to configure similar server

Immutable Infrastructure for Rescue

Immutable infrastructure is an approach to managing services and software deployments on IT resources wherein components are replaced rather than changed. An application or services is effectively redeployed each time any change occurs.

© WhatIs.com

Immutable Infrastructure for Rescue

Image of WEBv32.2

Public portal v4.3Admin portal v1.2

Database v2.1

New feature CI ToolNotify Build

Developer

DBA

DevOps

Immutable Infrastructure for Rescue

WEB v32.1

WEB v32.1

Backend Service A v12.34APIGW

LB

Backend Service B v3.2

Database A

Database B

WEB v32.1

Messy Configuration –Reactive Configuration Database

Config

Config

Configuration Data

Dev

QA

Prod

Messy Configuration –Reactive Configuration Database

Config

Config

Dev

Config DB

Config DB

Config DB

QA

Prod

Common Config Seed

Messy Configuration –Reactive Configuration Database

ConfigDB Master

ConfigDB Agent

ConfigDB Agent

ConfigDB Agent

Environments Setup, Disaster Recovery -Infrastructure-as-a-Code

Tests, Works-on-my-machine syndrome –Containers and Images

Local Dev Machine

MacOS

CI/CD Pipeline

Build

Run

Test

QA Server

Linux

Build

Deploy Run

Tests, Works-on-my-machine syndrome –Containers and Images

Local Dev Machine

MacOS

CI/CD Pipeline Dev Virtual Server

Linux

Build

Deploy Run

Expensive not-used resources –Elastic cluster setup

17%

CPU

10%

CPU

55%

CPU

Expensive not-used resources –Elastic cluster setup

Cluster Scheduler

CPU

55%72%

CPU

40%

Requests forallocation and deploy

Secrets management

Configuration Data

Dev

QA

Prod

Config

ConfigAudit?Manage?Revoke?Where?How?

Secrets management - Vault

Configuration Data

Dev

QA

Prod

Config

ConfigAuditManageRevoke

Vault

Security Management - Vaults

ConfigDB Master

Vault

AuditManageRevoke

Autopilot Pattern less or none application modification for containers

Application

Autopilot Process

Service Discovery & Health Check

On Start Post Stop

Health Health

On Change

Pre Stop

Tao of HashiCorp

• Workflows, Not Technologies• Simple, Modular, Composable• Communicating Sequential Processes• Immutability• Versioning through Codification• Automation through Codification• Resilient Systems• Pragmatism

Packer for Immutable Infrastructure

https://www.packer.io/

Packer is an open source tool for creating identical machine images for multiple platforms from a single source configuration.

Packer for Immutable Infrastructure

https://www.packer.io/

Build Automated Machine Images

Terraform for Infrastructure-as-a-Code

https://www.terraform.io/

Write, Plan, and Create Infrastructure as Code

Terraform enables you to safely and predictably create, change, and improve production infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.

Consul for Service Discovery, Health Checking

https://www.consul.io/

Service Discovery and Configuration Made Easy

Nomad for cluster scheduling

https://www.nomadproject.io/

Easily deploy applications at any scale

Vagrant against works-on-my-machine syndrome

https://www.vagrantup.com/

Development Environments Made Easy

Vault for sensitive data

https://www.vaultproject.io/

A Tool for Managing Secrets

HashiCorp Tools Ecosystem – Small Scale

Local Dev Machine

</>

CI Pipeline Work Environment

VM Image Repository

CD Pipeline

HashiCorp Tools Ecosystem – Large Scale

Local Dev Machine

</>

CI Pipeline

Server

CD Pipeline

Server

Nomad Cluster

VM Images

Questions?

dmytro_mykhailov@epam.com https://www.linkedin.com/in/dmitry-mikhaylov-03b78971/blog: https://devraccoon.com

Dmytro Mykhailov

Thank you!