Infrastructure deployments

Infrastructure is split to two repositories - Infra for portal and infra for sandbox instances.

Currently CICD is not yet used for deployments of infrastructure due security issues with it.

Infrastructure is written with Terraform modules and they are managed and deployed with a wrapper called Terragrunt. Terragrunt treats terraform files as modules and is designed to keep them DRY and reusable.

We use environment specific S3 buckets as a backend to our terraform state.

Usage

Environments are described in the live/ folder, currently playgorund, dev, QA and prod according to AWS Accounts document. For new environment, you can just copy a folder of one environment and change the values. In the live/<environment/env.hcl.

Tools you need

Use cases

NOTE: remember to have needed credentials in place for the environment you are deploying

1. Deployment with terragrunt

  1. Navigate to live/<env>/<module>

  2. When first time using this module or just not sure, run terragrunt init

    1. S3 backend should be on place. If it asks if you shall create one, check that you have your aws credentials in place and role assumed to correct environment.

  3. Validate your configuration with terragrunt validate. Fix what is needed

  4. Say terragrunt plan to see what changes it will do. Check that it looks correct

  5. Lastly, if everything is fine, apply your changes with terragrunt apply. It will run plan again and asks if you want to apply it

  6. Check that your configuration works

NOTE: Terragrunt also has option for terragrunt run-all apply. It propably won’t work.

2. Writing new module

  1. Checkout the repository and create a new branch

  2. Make a new folder for your module to modules/

  3. Write your code. Use variables, they are treated as inputs for the module in terragrunt side.

  4. After it is working, create a Pull Request.

3. Terragrunt for a new module

  1. For the corresponding environment(dev, qa, prod) create a folder for your module like live/<env>/<your_module> and create terragrunt.hcl for that.

  2. This is where the input values are the same as variables in the terraform module

    1. You can look for other modules as an example for it.

  3. Navigate to live/common and create your_module.hcl for settings that apply all environments.

    1. Path to where the module will be found is described here

    2. As before, others can be used as example

    3. Extract the inputs from the env.hcl. and map them to module variables. You can do that like in the other files.

  4. live/<environment>/env.hcl contains variables for environment specific values.

    1. It is good place for i.e. version numbers

4. Completely new setting of all three envs

  1. Fork the repo for your own use

  2. Replace the values on every live/<environment/env.hcl for your corresponding ones. You should propably start with the dev.

  3. Navigate to live/common and change the values for your use also.

  4. Navigate to live/dev/<module> and run terragrunt init

  5. If init is run succesfully, run terragrunt plan and review the results

  6. If results seems to be good, you can run terragrunt apply. It runs plan again and asks you if you want to create them. Say yes.

  7. Repeat from step 4 to to all live/<env>/<module> folders

  8. Congratulations, you now have your own environment

5. Just one new environment

  1. Add a corresponding environment folder like live/<your environment>

  2. Copy files from an already running live/<environment>

  3. Follow the instructions from the previous case from step 2.