Terraform Cloud’s superpower is that it excels at completely abstracting configurations, defining how infrastructure should look, and assigning the appropriate resources all from the same code base, so it’ll work the same way in any environment.
John Weigand, Sr DevOps Engineer, Trimble
Measure twice, cut once
Every builder knows that using the right tools is essential to getting the job done efficiently and effectively. Measuring twice and cutting once is a must to save time and resources on a project, which is exactly why construction giant Trimble’s eBuilder software gives professional project managers and owners everything they need to run their projects with precision and ease.
But keeping up with the evolving demands of its customer base while also staying steps ahead of the competition to retain its leadership title strained eBuilder’s internal development processes, and created new challenges for the team to cut down on redundant and unnecessary manual work.
“Trying to manually spin up new environments to test new features or configure single sign-on parameters for customers could take several days because we had to build it and deploy it all manually, ” says John Weigand, senior DevOps engineer for Trimble eBuilder. “We wanted to reduce the time between when a request hits our board and how soon we could get it done.”
Unnecessary toil creates unwanted delays
In the past, the eBuilder team had to manually build, provision, and configure the infrastructure to support its development operations. The team created new testing, QA, and production environments for each tool, capability, and microservice, which meant delivering new features to customers often saw significant delays.
“Manually building and deploying all the infrastructure made lead time for new projects and new infrastructure very hard to achieve because we spend so much time on toil — repeatable tasks that without documentation or automation consumed almost all of our time,” says Weigand. “We didn’t have a centralized way of managing infrastructure as code or continuous integrations and deployment (CI/CD), which created a number of issues with version conflict that resulted in a lot of additional overhead and some friction among teams.”
Some of that friction came in the form of questions about security and in the effort required for eBuilder to maintain the top-notch security that’s essential to building trust with customers.
“Doing everything manually increased the risk of errors and challenged our ability to maintain compliance with stringent security and compliance standards,” Weigand explains. “Even though security is always a priority, it was also usually a secondary consideration to development, which generally meant our team had to frequently go back and rework builds to meet our corporate and industry security and compliance goals.”
Building and deploying AWS environments by hand made lead times unpredictable, frequently delaying projects
Without centralized logs, compliance checks were drawn out and compliance issues weren’t addressed until the infrastructure was already built
Multiple codebases meant code was difficult to reuse across environments, causing redundant work
Using different versions of code caused excessive friction
With Terraform, we push changes to Dev and it automatically kicks off a Terraform plan for all environments, without having to make that same change in five places.
John Weigand, Sr DevOps Engineer, Trimble
Adaptable, reliable infrastructure built to last
Weigand had wanted to adopt a DevOps approach in previous organizations, but gaining buy-in for architecture upgrades in those organizations had been a challenge. At Trimble, the decision to adopt HashiCorp Terraform Cloud was a major transition for the eBuilder team, but as the production slowdowns became more dire, the need for change became more obvious.
After years of successfully using the open source version of Terraform, Weigand knew that Terraform Cloud offers more robust automation and powerful templating tools that his team and the other teams at Trimble need to improve collaboration, data and access governance, and management for disparate developer teams and software deliverables.
eBuilder can take advantage of Terraform Cloud’s centralized change logs, version control features, and improved GitOps to simplify auditability and consistency for every build and application. Adding HashiCorp’s Sentinel policy as code framework alongside Terraform Cloud helps to solve persistent security and compliance challenges, enabling the team to identify version, performance, and compliance issues earlier and solve them faster.
“With Terraform Cloud, we can point to every commit, pull request, merge, and apply with a full history of what changes were made and what it looked like before those changes,” says Weigand. “Now, rather than deploying something and having to remediate it when it gets picked up in a scan, we simply use Sentinel requirements as guardrails to meet compliance standards, which cuts down on a lot of extra work and headaches.”
A new foundation for building greater success
With Terraform Cloud and Sentinel, eBuilder modernized DevOps and can now bring new features to market faster than ever. The team can build out infrastructure in a rapid, repeatable way.
“Terraform Cloud’s superpower is that it excels at completely abstracting configurations, defining how infrastructure should look, and assigning the appropriate resources all from the same code base, so it’ll work the same way in any environment,” Weigand says. “Now, building out Kubernetes clusters that took two or three days takes 20 minutes in AWS and infrastructure builds can be completed in less than an hour.”
Within a week of buying Terraform Cloud licenses, the eBuilder team had tagged 100% of their resources in AWS via provider-level tagging. They also created a centralized module registry of 30+ modules that could be spun up and wound down as needed for new products and environments, enabling more than 200 applies in just the first three months of use.
“We’ve come full circle with a single, agnostic code base,” Weigand notes. “With Terraform, we push changes to Dev and it automatically kicks off a Terraform plan for all environments, without having to make that same change in five places.”
With over 24 workspaces running on the same code basis and same version, eBuilder DevOps engineers can pick up work they’d done before, change a few variables, and deploy new infrastructure effortlessly and on-demand in virtually any environment. And, with the addition of Sentinel’s embeddable policy as code framework to enable fine-grained, logic-based policy, the team now deals with fewer weekly support tickets, allowing them to focus on developing new functionality and features for their customers.
Weigand says that the HashiCorp software is a must-have for any DevOps team in today’s competitive environment. And while there are many individual point products that could be helpful in accelerating infrastructure deployments and security, using a single integrated technology stack from a trusted provider is still the best way to create compliant, sophisticated, and consistent infrastructure across every environment, saving the team days of work on every project.
“I love working with HashiCorp and Terraform,” he asserts. “It’s by far my favorite tech in my 20-year career. It just clicked for me…the amount of things we’re able to achieve blows my mind because it’s intuitive, automated, and powerful.”
Codified Trimble’s legacy infrastructure within Terraform Cloud, tagged 100% of their resources in AWS, and created 30+ modules in a centralized repository to standardize environment-agnostic code across 24+ workspaces
Created Sentinel policies that control deployment based on specified requirements and help developers identify compliance, security, and governance issues earlier in the development cycle
Reduced weekly tickets, enhancing productivity and improving production timeline estimates
Reduced infrastructure development from 3 days to 1 hour
Cut Kubernetes cluster builds from 3 days to 20 minutes
Compatibility and simplicity across environments were essential for Trimble’s eBuilder team. But while their software made construction management easier for their clients, they struggled with scaling their own infrastructure behind the scenes. Terraform Cloud and Sentinel transformed the development team’s capabilities by bringing them into a true DevOps environment.
With Terraform Cloud, the eBuilder team is empowered to deploy new features faster, improve their software’s functionality, and better meet the ever-changing needs of their customers.
John Weigand Sr DevOps Engineer Trimble
John Weigand is a senior DevOps engineer for the eBuilder division of Trimble, Inc., and is responsible for supporting the various needs of the company’s software development teams. He boasts numerous certifications from major solutions providers like NetApp, HashiCorp, and VMWare. Prior to joining eBuilder, John spent more than 15 years serving in a variety of infrastructure engineering, network administration, and IT project management roles spanning several industries and verticals.
- Workload Type :
- Windows (IIS/.Net), Linux
- Container Runtime:
- Orchestrator :
- AWS ECS and EKS
- Version Control:
- Provisioning :
- HashiCorp Terraform