Github repositories with cookiecutters, using Terraform

Creating repositories with ease My second holiday project this year is publishing this module. With RevDB, we have to manage dozens if not hundreds of Github repositories, in many different organizations with a variety of contributors. Find the referenced modules at the Github repository and the Terraform registry for some insights. There is nothing surprising in the fact that we use Terraform to do that. However, creating and managing so many repositories, forced us to get creative around them. Generally, Read more…

How to create a bastion host on AWS using Terraform

What will you need Bastion (or jumpbox) hosts are typically used, to provide a door into your private network. The fact that you are reading this, means you probably already know that. Answering the question on how to setup a bastion host on aws using Terraform, takes a lot of components.. AMI selection Security groups and routing IAM roles, roles and policies Instance types Users, keys and login Hostname setup That’s a lot of things, lets see how can we Read more…

Managing domains and zones with terraform

Why manage your zones with terraform Infrastructure as code gives us a set of possibilities that, that otherwise difficult to accomplish, such as testing changes before committing and of course, CI/CD options. All of those are great to have, but not every team [feels like they] need testing, before making changes to records of a zone. However, almost everyone wants to use those domains for different purposes.  I will guide you through my favorite example of this, having an EC2 Read more…

Why manage GitHub with Terraform

We established already that Infrastructure as Code is the right way to manage the databases at scale. That means, you have to deal with a lot of code. There will be different kind of software: Terraform modules, and live repositories, Chef cookbooks, Python provisioning tools and many more. The code needs to be hosted somewhere and GitHub is one of common choices (GitLab or BitBucket are possible alternatives). But why do you need Terraform to manage GitHub? As with any Read more…

Highly available Chef Server

What’s a highly available Chef Server To be honest with you, I feel like the title is a little bit of a click bait. There is already a description of how to create and operate chef clusters on chef.io. However, clusters of that size and complexity can be a little bit over the top and require additional effort, monitoring and possibly dedicated engineers. That’s being said, the solution I will show you here isn’t the same. Chef Server is rather Read more…

Testing Terraform

In this post I’d like to talk about testing Terraform. It will be about general principles, methodology, and give practical examples of tools and workflows that we actually use for our database solutions. I wrote before about great potential of Infrastructure as Code principles for databases. I truly believe the industry will develop in this direction, there is simply no alternative. Of course, assuming predictions of high amount of data and high count of database instances are true. Now, if Read more…

How to set up MySQL RDS with Terraform

Goal of this guide In this how to guide we will go through the basics of setting up MySQL RDS with Terraform. To do this, the minimum we have to do is: Create a network (VPC) Create a security group to allow incoming MySQL traffic Create the RDS instance Launch an EC2 instance to test the database server Creating your network This is the most complicated part of this guide, to be able to create an RDS instance, you will Read more…

PCI DSS compliance with Infrastructure as Code

Have you ever thought about what is the most boring part of your job? If you are like me, that would be talking to auditors. It is hard to imagine more mundane task than proving PCI DSS compliance. The work is highly manual, very hard to automate. Yet, the result is not tangible. It’s not a new shiny feature, your infrastructure is just being secure. It is important aspect of our job though. Indeed, data breaches are not fun. A Read more…

terraform and chef

How to backup and restore chef server

What do we need chef backup and restore for In my last blog post, that you can find here, I wrote about how to build a Chef server. The post uses Terraform and a git repository. That means, whenever you want, you can easily just build another one for yourself. Thanks to infrastructure as code, you can easily bring up another one, but what about availability during upgrades? As I will go through this series of Chef related blog posts, Read more…

How to deploy chef server

Overview of the content Our very own Aleks Kuzminsky, have blogged about the next set of challenges we face in the MySQL World. Getting our hands dirty, the first step is to have a solid and reliable way to manage our servers. This is a special need of any service that must deal with persistent data. In this article, I will show you how to deploy a chef server of your own aws infrastructure. This isn’t a simple task by Read more…