Tackling Terraform at Ticketmaster
Download as PPTX, PDF1 like567 views
The document discusses the integration of Fastly with Terraform in managing Ticketmaster's multi-domain configurations. It outlines the challenges faced with Fastly's dashboard management and emphasizes the benefits of using Terraform for version control, automation, and collaborative updates. The approach aims to enhance the efficiency and transparency of the Fastly update process, making it easier for developers to manage configurations as part of their codebase.
Tackling Terraform at Ticketmaster
- 1. Tackling Fastly Terraform @ Ticketmaster Paris Apostolopoulos Lead Software Engineer International Platform Team Ticketmaster, UK + + Terrafor m Fastl y Ticketmaster =
- 2. About me ● @javapapo ● about.me/javapapo ● www.linkedin.com/in/javaneze/ ● javapapo@mac.com ● paris.apostolopoulos@ticketmaster.co.uk
- 3. My first reaction when I heard about Fastly for the first time...some time ago
- 4. After a year using Fastly on a public facing website
- 6. Fastly - more than a CDN to us ● Edge Cache ● Intelligent Router / Cluster load balancing / event based routing ● Image optimization ● Our strongest ally during onsales! ● ~95% cache coverage
- 7. Fastly - our strongest ally ● We must be able to go from a few req/sec to 1000x req/sec instantly. ● We need to be able to do that at any day, any give time, live events never stop! ● Netflix style of traffic BUT - remember we sell a finite resource (tickets) not infinite copies of the same video ;)
- 8. Challenge: Multiple Services / Domains ● We have a large number Fastly Services (domains) ● Different web apps / managed by different teams ● Pre-prod and beta environments ● Production Services
- 9. Challenge: Multiple Services / Domains
- 10. Challenge: How do you effectively manage so many domains? ● Limit access to services to certain teams ● At the same time you want to encourage your dev team to embrace Fastly ● The closer the devops team is to Fastly the more the end product will benefit ● How do you implement change control over your multi- domain fastly configuration?
- 11. The Fastly dashboard is your friend...initially ● We have seen that most of the teams start interacting directly with the Fastly dashboard ● This is to be expected and actually encouraged, especially when you start adding Fastly to your solution ● Fastly’s built-in versioning helps to keep track of who is doing what & revert mistakes ;)
- 12. The Fastly dashboard is your friend...initially
- 13. And then you start making use of more advanced features - VCL ● One of the most powerful features of Fastly is the ability to ‘code’ your edge cache ● When you enter the ‘VCL’ world you become a power user and have total control
- 14. And then you start making use of more advanced features - more VCL , edge dictionaries, shielding
- 15. At some point updating your Fastly configuration through the dashboard becomes a problem ● Too many different changes happening at the same time ● VCL code becomes bigger and bigger, change on logic or even introducing bugs! ● Multiple people, editing the configuration at the same time, too many interim config versions
- 16. At some point maintaining your Fastly configuration through the dashboard becomes a problem
- 17. Fastly Terraform Provider to the rescue!
- 18. Step 0: Basic idea ● Use the Fastly Terraform provider and migrate all the configs and the update process to a Terraform automated pipeline ● Team members should update on git the Terraform config for each domain /service and then kick a build pipeline ● https://www.terraform.io/docs/providers/fastly/index.html
- 19. Step 0 : Basic Idea - Flow
- 20. Step 1: Setup the CI/CD pipeline - Gitlab Gitlab-ci.yml .template: &terraform image: xxxxx/terraform tags: - tm-prod cicd build tickectmasterUk-plan: <<: *terraform stage: plan only: - master script: - | cd ticketmaster-uk terraform init;terraform plan tickectmasterUk-apply: <<: *terraform stage: apply when: manual only: - master script: - | cd ticketmaster-uk terraform init;terraform apply The only thing you need to pass to the `terraform` worker is your API key `FASTLY_KEY` so that it can access Fastly’s public API, and depending on your terraform any keys for storing securing the `tfstate.files`!
- 21. Step 1: Setup the CI/CD pipeline
- 22. Step 2: Setup the terraform project structure Terraform files- all your config is here. Based on the fastly provider All your VCL - you can have multiple files The gitlab-ci pipeline from the previous step
- 23. Step 3: Terraform your fastly dashboard
- 24. Step 3: Terraform your fastly dashboard clicks ● For every section on the Fastly dashboard config, there is a Terraform resource to be used ● https://www.terraform.io/docs/providers/fastly/r/service_v1.ht ml
- 25. Step 3: If you are unsure don't forget you already have the generated VCL from Fastly - use it as reference!
- 26. Step 4: Perform changes through git, commit and trigger the pipeline!
- 27. Done! It's easier than you think! ● Estimated time for migrating any domain is within hours to max 1 day ● Once you migrate one, you have the pipeline for all the others ● Bonus feature - Fastly continues to version your configs internally + you can mix manual updates and subsequent Terraform runs ● The Fastly Terraform provider is expected to improve over time! ● https://github.com/terraform-providers/terraform-provider-fastly
- 28. What you gain ● Changes on your config are versioned on git + fastly ● You can do M.R / P.R and check the quality of the changes ● The terraform pipeline ensures the order of executions ● Your VCL code is properly versioned and you can break it to smaller files, share it among other services ● One pipeline can eventually update multiple related services ● One pipeline per ‘application’ multiple services (prod/beta/dev) ○ Sharing common resources (tf, vcl)
- 29. How it worked for us ● Our Fastly update process is more transparent than ever and is fully automated. ● This means, the chance of making a mistake, is actually very low. ● We treat our Fastly config as part of our code base, developers love automation and version control systems, so this process is very familiar and easily understood by newcomers ● We actually followed the same principle as with our infrastructure, maintaining large corporate AWS accounts using only the web console is not sustainable. The same applies for Fastly.
- 30. Thank you - Happy Terraforming your Fastly configs!