Answering the questions that I received after this publication , today I would like to resolve the endless dispute about the structure of the repository, as well as touch on some problems and their solutions. I'll be using my Terraform-based IaC here, but for the most part it will apply to other technologies as well.
When it comes to infrastructure repositories, there are two well-established options:
- Monorepo. One repository to manage everything. Contains all of your IaC, modules and any auxiliary automation;
- Distributed, "stand-alone" repositories. Contains the components required for the solution you provide. They can link to other repositories for reusable components or variable data.
IaC . , , . , , , , .
, , — . , .
Jaana Dogan . ( ), , . , , , . , , infra-as-code ( , , , ):
- «» « ». , terraform VPC , . , .
- + 1. , . « » « ».
- . Terraform, Ansible, Puppet Kubernetes . , , , , .
- , . Jaana, «» , . , . , . , — — , .
- . . . , «» , , .
«» .
X vs Y, :
— , — .
, , , .
( )
git submodules terraform — , , \\, , , - , . . - — , — - .
- , — , . — , , . provider-module.tf, \. — Terragrunt .
«»
.
, « »? ! git , ? ! , , ? , , .
— . — , . — , . , - — , . , .
?
, ,
, \\ DevOps\SRE\\\\< >, , ( , , -, ...) , . , — . , ( «» , ) . , , .
git , , . , 1.0.234, — .
PR
, . , . — . , review approval , , , .
? , , , , , - ? , , .
- terraform, ELB, . , . , . : , , , .
: , , , Terraform Docs — .
, , , « ». , , , .
1: +
- , . . , , «» , .
«» , . , — . , .
, , , :
module "ecr_<repo_name>" {
source = "git::ssh://<repository/terraform-modules.git//ecr?ref=stable"
environment = var.environment
name = "<repo_name>"
}, , . review, , . , .
2: Monorepo «»
\\ master develop, prod non-prod . , , .
. «»-«». — . , « », . .
, , .
, — « » « », , .