Multi-Cloud Provisioning with HashiCorp Terraform

Transcript

Embracing cloud to run the applications that power your business is guiding many of today's IT initiatives. Oftentimes it's not just the ability to embrace one cloud but multiple clouds. But what is the best approach?

What is the best approach for multi-cloud infrastructure provisioning

The cloud operating model looks different from the static world of private data centers containing relatively homogeneous infrastructure that was provisioned every few months for dedicated teams of users. Dynamic infrastructure in the cloud presents a model where a pool of infrastructure can be provisioned across multiple providers and made available to many teams within an organization, all on-demand.

Provisioning infrastructure in cloud has three core challenges:

• Managing the scale

• Heterogeneity of various infrastructure providers

• The ability to collate and manage dependencies of resources.

How does Terraform OSS enable multi-cloud?

HashiCorp Terraform provides a consistent workflow to provision any infrastructure or any application using infrastructure as code, a safe and efficient workflow, and a set of providers to provision any infrastructure for today and in the future. Let's take a closer look.

Infrastructure as code

Operators ascribe a topology of their desired infrastructure state in the Terraform template using HCL. HCL templates are:

• Easy for operators to get started with

• Both human readable and machine executable

• Allow multiple infrastructure types to be defined, including major cloud providers like AWS, Azure, and GCP, or other types of services such as Kubernetes or Datadog.

The use of variables make it easy to customize the infrastructure as code for things such as cloud credentials and cloud regions. For those looking to get started, the public Terraform registry provides infrastructure modules for many infrastructure resources at registry.terraform.io.

Safe, efficient workflow

The Terraform workflow has two parts, a terraform plan to see what will be provisioned and terraform apply where infrastructure is actually provisioned. Terraform then automatically reconciles resources dependent on one another, provisions those resources in order, and all others as efficiently as possible. There are currently over 100 Terraform providers available in a community of over 1,100 contributors. Each Terraform provider uses the infrastructure-specific APIs to harness the full capabilities of the resources being provisioned.

How does Terraform Enterprise work for an organization?

HashiCorp Terraform Enterprise focuses on increasing productivity of teams through safe, efficient, and collaborative provisioning workflows while enforcing necessary guardrails. This includes:

• A modern user interface for organizational management

• Collaboration workflows for operators

• A central registry to publish and discover infrastructure as code modules

• Policy as code management and governance.

Terraform Pro: Collaboration for operators

Let's take a closer look. Terraform Enterprise Pro provides a GUI for administrators to manage an organization of users. This can be operators or operators and developers.

Terraform Pro: Create a workspace & connect to VCS

Each user can then create a workspace, connect to their version control system, import their infrastructure as code, securely store and edit variables, and initiate a Terraform run.

Start Terraform run

Terraform then manages these remote runs, queues parallel runs, and stores the infrastructure state remotely.

Terraform Enterprise module registry for teams to collaborate

The Terraform Enterprise Module Registry is a centralized registry for operators to publish validated and versioned modules that can be easily discovered by others. Using the configuration designer, modules are combined to build a comprehensive infrastructure stack where users can input their variables to customize the modules. Enabling organizations and teams to provision also means the right guardrails need to be in place.

Terraform Premium: Sentinel policy as code management

Terraform Enterprise Premium offers policy as code management with HashiCorp Sentinel. Policies become code for security, compliance, and operational best practices that are embedded into the provisioning workflow.

Enforce policy in Terraform run

This means policy enforcement automation can now be applied with the same cadence that infrastructure is provisioned, occurring between a Terraform plan and apply with multiple enforcement levels to ensure that the proper next steps are taken.

HashiCorp Terraform and Terraform Enterprise provides:

• Safe and efficient provisioning automation for organizations of any scale

• Infrastructure as code to safely take provisioning time from weeks to minutes

• Multi-cloud approach to easily adopt any cloud infrastructure or service anytime

• A GUI based self-service model for anyone in the organization to provision infrastructure