Fastly + Terraform : CI/CD


#1

Hello all,

We have about 100 services created manually to go fast, now we would like to use terraform for implementing the new ones and re-import the old one. This part is ok as the fastly terraform provider works fine.

We would like as well use CI/CD so everytime, we commit a change to one our services, it will terraform init/plan and we can apply manually.

We currently use gitlab for that and one global repository with all our services (one service = one folder). Gitlab can only have one gitlab.ci at the root of the repository so it init/apply all the services even when we changed only one service.

I think we are doing something wrong. Do you have any feedback how to us Terraform/Gitlab/Github/CI/CD the easier way possible with a lot of services ? (more than 100).

Thanks,
Alexandre


#2

Hi Alexandre,

Do you have a separate terraform definition for each of your services? If so, terraform should only affect one service when you apply the definition. If you are defining all your services in the same terraform file, then all services will be considered every time you apply the definition. Currently, due to limitations in our terraform provider, services that haven’t changed may still end up largely deleted and recreated because we are not able to understand the changes effectively when building the terraform plan. We are working on improving our provider and expect to be able to do better here soon.

Andrew


#3

Hello Andrew,

For now, we didn’t take any decision about our terraform organization as we are going to start.
But my idea was to do one server=one folder=one terraform file which seems to be what you recommand.

My concern is how to handle CI/CD with so much terraform file and apply them individually. Do you have any feedback from others customers or any recommandation ?

Ideally if we update one terraform file, it should trigger ONLY the associated terraform init & plan. If we commit several terraform file (one by service) > It should trigger all those associated terraform init & plan we updated.
We are starting to use Fastly WAF and very soon PerimeterX and it can definitivelly start to be a mess if we don’t use infrastructure as code correctly.

Does it make sense ?

Thanks
Alexandre


#4

I think the answer here is likely to be specific to your particular workflow and toolchain. If you’re working with a Fastly sales engineer on your onboarding, I’d talk to them about it, otherwise email support@fastly.com and we can get into the weeds with you.