by Thierry de Pauw on
#cfgmgmtcamp
Many people pretend they have IaC but in fact they have ...
Infrastructure as Bash History
IaC has all of them
Bash script
migrated Bash monolith to Ansible
Single Responsibility: as small pieces of roles
Open-Closed: ability to deploy to both VirtualBox and real prod infra
Liskov Substitution:
JDK -> Java
OpenJDK -> Java
Java -> Ansible playbook
Wildfly -> Ansible playbook
Interface Segregation: in the beginning, we tried to put everything in one playbook
Postgres, Wildfly, Mariadb -> one Anible playbook
=> roles
Dependency Inversion: split infrastructure into simple layers and create contracts between the layers
=> don't create a monolith infrastructure @ultralisc
=> Pair DevOpsing to share knowledge
it didn't really work for us: maybe because we were working remotely
But Mentoring did work for us
Code Review
=> introduce code style
=> tests
from bottom to top
static analysis
shellcheck (bash), ansible lint, pylint, rubocop, tflint
unit tests: Shunit2, Pytest, Rspec
Ansible? Chef? SaltStack?
build infra from simple bricks: Common, OpenJDK, Wildfly
provision VM's (Virtualbox) or Docker containers with a simple brick and run tests against it
Ansible: Testinfra, Molecule (testing roles)
Chef: TestKitchen
Terraform: TerraTest
Pipeline:
- Lint playbooks
- Lint roles
- Check syntax
- Unit test roles
- Integration test playbook
one Ansible playbook to run the e2e tests: creates also the VM
Transcript of the talk: www.goncharov.xyz/iac