Jam Notes #1: Infrastructure
as Code Best Practices

Contributions by Mark Smith and Hardik Desai

Welcome to our note series on our weekly Jam sessions, where we cover relevant DevOps topics with rotating guest speakers.

To save you time and energy, we’ll be uploading each Jam session topic’s notes, along with helpful tips.

For the week of April 28th, we covered a far-reaching topic: Infrastructure as Code (IaC) best practices. We talked with Mark Smith and Hardik Desai about their tips for best practices, including structuring IaC, creating a naming convention, handling Terraform state files…and more.

Join our Slack to stay in the loop about our future weekly Jam Sessions on DevOps topics ranging from IaC to Terrraform Templates.

Infrastructure as Code Best Practices
by Mark Smith

1. Structuring

$ tree terraform_project/

terraform_project/

├── dev

│ ├── main.tf

│ ├── outputs.tf

│ └── variables.tf

├── modules

│ ├── ec2

│ │ ├── ec2.tf

│ │ └── main.tf

│ └── vpc

│ ├── main.tf

│ └── vpc.tf

├── prod

│ ├── main.tf

│ ├── outputs.tf

│ └── variables.tf

└── uat

├── main.tf

├── outputs.tf

└── variables.tf

2. Naming Convention

3. Use Shared Modules

module "vpc_example_simple-vpc" {
source
= "terraform-aws-modules/vpc/aws//examples/simple-vpc"
version = "2.48.0"
}

4. Backup System State

terraform {
backend "s3" {
bucket = "s3-terraform-bucket"
key = "terraform.tfstate"
region = "us-east-1"
encrypt = true
dynamodb_table = "terraform_locks"
}
}

5. Lock State File

terraform {
backend "s3" {
bucket = "s3-terraform-bucket"
key = "terraform.tfstate"
region = "us-east-1"
encrypt = true
dynamodb_table = "terraform_locks"
}
}

6. Use Self Variable

connection {
host = self.ipv4_address
type = "ssh"
user = var.users[2]
private_key = file(var.private_key_path)
}

7. Minimize Blast Radius

Infrastructure as Code Best Practices
by Hardik Desai

1. Integrate IaC into the CI/CD Pipeline

2. Immutable infrastructure is important

3. Microservices architecture best suits IaC

IaC use cases:

  • For multi-cloud deployment
  • In disposable environments
  • To create immutable infrastructure
  • For disaster recovery and backup
  • For resource provisioning, for example, replicating environments
  • For blue/green deployment

Terraform Best Practices:

1. Use reusable modules to create/replicate cloud resources without duplication of code

2. Store Terraform remote state files in S3 bucket or any other cloud storage

Below is a table comparing 3 IaC tools: Terraform, CloudFormation, Pulumi

Conclusion

If you’re looking to try a new (free) tool to spin up your infrastructure easily, we recommend that you check out InfraSketch.

And, if you’re looking to get more Infrastructure as Code tips? Join our Slack community to connect with other DevOps professionals.

PS: Did you know we have weekly Jam sessions on DevOps topics? The weekly invites go out on our Slack and Twitter channels. We hope to see you there!

Founder at InfraCode — customizable, reliable Infrastructure as Code tools. Simplifying the lives of DevOps professionals. www.infrastructurecode.io