SAE & Terraform implements IaC-style deployment of applications
With the development of enterprise scale and business form, an application needs to combine multiple cloud resources to provide external services. In order to facilitate the development and debugging of R&D personnel, each application needs to be deployed to multiple sets of environments. Simply manually managing cloud resources will make the burden of infrastructure management personnel continue to increase.
Therefore, more and more enterprises choose to use code (rather than manual process) to define infrastructure, namely IaC (Infrastructure as Code), and treat infrastructure as application software, which can not only avoid complicated manual operations, but also take advantage of the versioning and abstraction capabilities brought by code configuration.
In the era of cloud computing, application deployment often depends on multiple infrastructure (computing, storage, network). Enterprises often need a PaaS platform to deliver their own applications, but the development and maintenance of the PaaS platform requires large technical and human investment. For fast-growing enterprises, they hope to focus on their core businesses.
Alibaba Cloud Serverless Application Engine SAE (Serverless App Engine) is an application-oriented Serverless PaaS platform, which naturally supports the creation and management of IaC. Terraform, as the de facto standard in the field of IaC, has become the preferred tool for enterprise IaC management. The combination of Terraform and SAE will cause some wonderful chemical reactions. Enterprises can use an ADaC (Application Deploy as Code) method, Manage enterprise applications through simple code configuration files.
Next, we will briefly introduce the tremendous convenience that IaC and SAE have brought to enterprises, and experience the impact of SAE&Terraform on traditional enterprise IT facility management through an example of using Terraform to create SAE applications.
Infrastructure is code
Development history of enterprise infrastructure management
The normal external service of applications depends on basic resources such as computing, storage and network. They are the basic context for the normal operation of the application. These resources are also known as environmental infrastructure. Under the traditional management mode, most companies will have special operation and maintenance teams to manage their formal production and test environments. With the upgrading of the business and the growth of the company's size, the operation and maintenance team will experience about three stages in basic resource management:
• Manual operation and maintenance: In the early stage of enterprise development, the business type and scale of the enterprise are in the initial stage, and the basic environment belongs to the resources with relatively low frequency of change. The operation and maintenance team can often set up the basic resources required for the service through manual management, and the enterprise using cloud services can complete the creation of cloud resources through mouse operation on the console of the cloud manufacturer. At this stage, the infrastructure needs of R&D personnel are very low, and the operation and maintenance personnel can meet them through manual operation and maintenance.
• Scripting of operation and maintenance: With the development of enterprise scale and business, the operation and maintenance team will receive more and more requests for environment creation. Most of the members of the operation and maintenance team will spontaneously write standardized documents and scripts to improve the efficiency of environment creation, or use the CLI to assist in the creation of resources, but because a service often requires the cooperation of multiple infrastructure resources to provide services normally, Scripts cannot simply deal with the dependencies between different infrastructures, and the creation of environment by operation and maintenance personnel will gradually become a tedious and inefficient work.
• Infrastructure is code: manual operation and maintenance and document scripting have greatly affected development efficiency. The enterprise will gradually abstract the infrastructure into code, configure the infrastructure in the way of code management, version control and rollback the environment infrastructure like the code, and reuse the same code modules between multiple environments to achieve rapid delivery of the environment infrastructure.
Terraform came into being
In 2014, HashiCorp launched its product Terraform, which is a tool that can safely and efficiently build, change, and version management infrastructure. Today, Terraform is absolutely the king in the IaC field. Using Terraform to manage enterprise infrastructure can bring many benefits to enterprises:
• Use declarative IaC management infrastructure: declarative description can ensure that the code can reach a consistent state even if it is executed many times. Using code to describe the basic resources can show the differences between different environments more vividly and directly. No matter what environment has problems, it can quickly reproduce a new environment.
• Rich modules ecosystem: it contains almost all cloud resources of cloud vendors. Users can use various high-quality modules provided by the government and the community in the officially maintained module warehouse Terraform Registry. It allows users to continuously improve and expand the Terraform ecosystem by taking advantage of the ability of the open source community without having to repeatedly write modules from other cloud vendors.
• Resource dependency management: Terraform will build DAG topology diagram of all resources according to the definition in the template. For resources with dependent resources, they will be executed in order according to the dependency. For resources without any dependency, they will be created in parallel to ensure the efficiency of execution.
Enterprise application deployment in the cloud computing era
Application deployment often involves VPC network management and division, virtual machine creation, and exposure of application service addresses through load balancing. Today, with the prevalence of micro-service architecture, enterprises also need to deploy and operate and maintain some micro-service components to provide service discovery, configuration management, lossless online and offline functions to ensure that applications can provide stable and uninterrupted services. In order to monitor the running status of the application, it is essential to understand the application health status through Trace, Metrics, Logs and other information.
A healthy application needs the ability to combine a series of infrastructure. The testing and launching of each application will consume a lot of energy of R&D and operation and maintenance management personnel. In fact, it is not difficult to find that the dependent resources of each application are similar, and many differences are only reflected in some configuration items.
If a product can combine these infrastructure capabilities and provide external application concepts, the R&D personnel only need to care about the writing of business code, and the operation and maintenance management personnel do not need to manage and maintain a large number of infrastructure, and the enterprise's R&D efficiency will be greatly improved.
The Serverless application engine SAE provided by Alibaba Cloud is such a product that reduces the mind of enterprise IT personnel.
SAE is an application-oriented Serverless PaaS platform, which can help PaaS layer users free of operation and maintenance IaaS, use on demand, and pay by volume, and achieve low-threshold micro-service applications on the cloud. Compared with other Serverless products, it abstracts the concept of application, helps enterprises shield the creation and management of a large number of infrastructure, and provides a complete set of microservice solutions, supports mainstream microservice development frameworks such as Spring Cloud, Dubbo, HSF, and realizes the perfect combination of Serverless architecture and microservice architecture.
SAE provides nanny level hosting services. R&D personnel can deploy an application with a full set of microservice experience by providing a compiled JAR package or WAR package. Infrastructure managers do not need to manage a large number of infrastructure.
SAE&Terraform, application is code
Now you can use Terraform to create and manage applications on SAE, and combine Terraform IaC and SAE's application-centric capabilities, so that enterprises can code all the configuration of applications, easily describe and manage applications. When applications are in an unhealthy or unavailable state due to human or other unexpected factors, we can quickly reproduce the same application to minimize the impact.
Terraform uses declarative HCL language to describe the infrastructure. The programmer tells Terraform the resource status I want to obtain, and the rest is left to Terraform to create. However, Terraform does not care about the running status of the created application. The normal operation of the services running on the resources created by Terraform needs to be guaranteed by the R&D personnel. The underlying layer of SAE is based on Kubernetes. By using the declarative capabilities of Kubernetes, SAE can ensure that the application services remain in the declared state and provide services normally. Terraform combined with SAE gives better play to the ability of declarative description of application resources.
Next, please keep up with us and feel the charm of IaC together.
This section shows you how to use Terraform's IaC and dependency management capabilities to quickly pull up applications in different environments and combine SAE and other cloud resources to build your applications.
Before we begin, let's clone the demo-related code to the local:
git clone firstname.lastname@example.org :yangsoon/terraform-sae.git
Expose AK and SK necessary for creating cloud resources to environment variables. (Terraform will use the AK and SK specified in the environment variable to create cloud assets when creating cloud assets).
export ALICLOUD_ ACCESS_ KEY=(your access key id)
export ALICLOUD_ SECRET_ KEY=(your secret access key)
Quickly create multi-environment applications
Go to the root directory of the project and simply look at the directory structure of the project. The modules folder contains encapsulated environment infrastructure modules, including lb that uses Alibaba Cloud SLB to achieve load balancing and internet access capability, network module that provides VPC, and webserver module that further encapsulates Alibaba Cloud SAE resources, so that users can directly reuse and reduce unnecessary code copies when creating applications in different environments.
Stage and prod store the resource configuration of the enterprise in the pre-release environment and production environment respectively. There are great differences between the environmental infrastructure of the pre-release environment and the production environment, and the resource allocation of the production environment has higher security requirements. In order to prevent the resources of the production environment from being damaged due to misoperation, we isolate them through the file layout.
Open/ Stage/webserver/main.tf file, you can see that in the pre-release environment we specify to use webserver components to create applications.
This step will help you initialize the Terraform sub-module and install the necessary plug-ins. After successful execution, the following information will be displayed
View the type and number of resources created by the pre-release environment
After executing the terraform plan, there are many output contents. Some information is intercepted here. You can see that the pre-release environment will create 6 resources, and the output results will display the specific configuration information of the newly created resources.
After confirmation, we start to create the resources required for the pre-release environment.
Terraform apply will show you the resource information created during this execution again. After confirmation, enter yes, and Terraform will really create the resource for you.
Wait here for a while, and wait for the resource creation to complete. You can log in to the Alibaba Cloud console to view the newly created application.
After a series of debugging tests are verified, you can continue to create resources for the production environment.
Open/ The prod/webserver/main.tf file shows that we can directly reuse the webserver module and modify some application names and application images to the configuration related to the production environment. In addition, we have created a new SLB to allow the application to be accessed by the outside world. Let's continue to create applications for production environment.
Use Terraform's dependency management capabilities to efficiently combine SAE and other cloud resources
SAE has a higher level of play in the Terraform ecosystem. You can combine other cloud resources at will. Take RDS as an example. You can inject some connection information of RDS into the SAE application in the form of environment variables. After the application is started, you can connect to the target database through the information of environment variables.
Open/ Prod/webserver-with-db/main.tf, we introduced the mysql module to help us create an Alibaba Cloud RDS instance. The database connection information after the creation of RDS is injected into the SAE application in the form of environment variables.
The combination of SAE and Terraform can help enterprises manage their own applications like code, and the operation of resources become auditable, traceable, and rollable, while also reducing the risk of human operation. SAE abstracts the concept of application, helps enterprises shield the creation and management of a large number of environmental infrastructure, reduces the threshold for users to use, and helps enterprises quickly go to the cloud.
Knowledge Base Team
Knowledge Base Team
Knowledge Base Team
Knowledge Base Team
Explore More Special Offers
50,000 email package starts as low as USD 1.99, 120 short messages start at only USD 1.00