Today, Product Innovators and developers are aware of the concept of DevOps and are utilizing it for delivering products at a better pace. However, catering to the need of the time and the rate at which the demand for these products is growing, having a faster delivery with better upgrades makes the lifecycle slow down. This is critical because only 25% of enterprises feel that their software development and deployment are effective.

Practices such as continuous integration (CI) and continuous deployment  (CD) have the ability to automate the deployment process and make the lifecycle efficient and make the production environment safe, reliable, and error-free. As such, CI/CD is now touted as pillars of success for DevOps. However, ensuring the success of CI/CD is a dream for developers as it needs well-oiled CI pipeline with security embarked at every stage

The only way to avoid these kinds of errors is through automation, and Infrastructure as Code is helping engineers automatically launch cloud environments quickly and without mistakes.

Why Amazon Web Services ?

AWS Lambda and AWS API Gateway have made creating serverless APIs extremely easy. You can simply upload your decision service to AWS Lambda, configure an API Gateway, and start responding to RESTful endpoint calls.

From the security standpoint, Amazon has introduced AWS PrivateLink so you can choose to restrict all your API traffic to stay within your Amazon Virtual Private Cloud (VPC) which can be isolated from the public internet. Now you can create a private API in your Amazon API Gateway that can only be accessed from within your VPC. It eliminates the exposure of data to the public internet by providing private connectivity between VPCs, AWS services, and on-premise applications securely on the Amazon Network.

Why Terraform ?

Terraform is a tool for developing, changing and versioning infrastructure safely and efficiently. It can manage existing and popular service providers as well as custom in-house solutions. Terraform is the first multi-cloud immutable infrastructure tool that was introduced to the world by HashiCorp, released three years ago, and written in Go.

Terraform’s speed and operations are exceptional. One cool thing about it is, it’s plan command lets you see what changes you’re about to apply before you apply them. Code reuse feature and Terraform tends to make most changes faster than similar tools like CloudFormation.

Why Azure DevOps ?

For a software-driven organization, Azure DevOps provides a robust platform on which you can deploy your solutions in a pipeline allowing for continuous integration and deployment.  Whether you are deploying a solution hosted in Azure or even a solution hosted in AWS, the Azure DevOps CICD pipeline can take your solution from development to delivery.

With an extensive marketplace for plugins and integrations, infrastructure-as-code can also be incorporated into the pipeline such that the ambitious systems administrator can automate far-reaching changes to their environments from a single location.

Proposed Architecture

This scenario provides architecture and design guidance for building a continuous integration (CI) and continuous deployment (CD) pipeline. In this example, the CI/CD pipeline deploys a Serverless architecture of an IBM ODM Rule Engine on AWS Lambda using API Gateway Private Endpoints.

Please refer to the Installing IBM ODM on AWS Lambda using API Gateway Private Endpoints use case for more details about the serverless architecture.

Migrating to modern CI/CD processes provides many benefits for application builds, deployments, testing, and monitoring. By using Azure DevOps along with other services such as App Service, organizations can focus on the development of their apps rather than the management of the supporting infrastructure.

The data flows through the scenario as follows:

  1. A developer changes the Terraform application source code.

  2. Application code is committed to the source code repository in Azure Repos.

  3. Continuous integration triggers application build.

  4. Continuous deployment within Azure Pipelines triggers an automated deployment of the Terraform code.

  5. The AWS serverless architecture is provisioned

Proposed Solution

What Should Be Pre-Installed

In order to follow this case study you will need an AWS account and to have Terraform installed. Configure your credentials so that Terraform is able to act on your behalf.

For simplicity here we will assume you are already using a set of IAM credentials with suitable access to create Lambda functions and work with API Gateway. If you aren’t sure and are working in an AWS account used only for development, the simplest approach to get started is to use credentials with full administrative access to the target AWS account.

◊ Following this case study will create objects in your AWS account that will cost you money against your AWS bill.

Please refer to the previous use case, for a detailed explanation on the Terraform Application code

What You Will Do

The use case assumes some basic familiarity with Azure DevOps (CI/CD) concepts but does not assume any pre-existing deployment. It also assumes that you are familiar with the Installation IBM ODM on AWS Lambda using API Gateway Private Endpoints use case; if you’re new to Terraform itself, refer first to the Getting Started guide.

Following step-by-step instructions below, you do the following:

  1. Upload the Terraform code to Azure DevOps Repos.

  2. Create the Build Pipeline

  3. Create the Release Pipeline

Project Directory

The project directory should contain the following files and subdirectories, we went through each file in the previous use case.

. ├── main.tf ├── modules │ ├── lambda_tester │ │ ├── lambda.tf │ │ └── vars.tf │ ├── odm_api │ │ ├── api_gateway.tf │ │ └── lambda.tf | | └── vars.tf │ ├── vpc │ │ ├── demo_vpc.tf │ │ └── endpoint.tf | | └── network.tf | | └── vars.tf ├── providers.tf ├── README.md

Before we continue with this use case, some quick changes need to be done!

  • Browse to the providers.tf file and replace its content with following code
provider "aws" {

Copy the access_key, secret_key and region values to a file as you’ll need them later!

  • Browse to the root of the Project folder and add vars.tf file that contains the following code
variable "AWS_REGION" {}
variable "AWS_ACCESS_KEY_ID" {}

Now, you’re all set to go!

1. Upload the Terraform code to Azure DevOps Repos.

Browse to the Azure DevOps Platform and sign in with your account and click on New Project, a new wizard pops up,

  • In the Project name type Terraform-ODM and set the visibility to Private.
  • Click on Create

You’re now being redirected to the overview of the Terraform-ODM project.

  • In the sidebar, Click on Azure DevOps Repos
  • Under “Push an existing repository from command line”, Click on copy push commands

Save the commands to a file, as you will need them later!

  • Browse to your local Project folder via the terminal and run the following commands:
git init
git add .
git commit -m "first commit"
//past the push commands you just copied to your file
git remote add origin **************************
git push -u origin --all

After the upload is done, you should see the Project folder tree displayed as follow:

Congrats, you’ve completed the first step of the guide successfully!

2. Create the Build Pipeline
  • In the sidebar, Click on Pipelines and choose Pipelines
  • Click on new Pipeline,
  • Click on Use the classic editor in the bottom of the page
  • Select Azure Repos Git as a source, Terraform-ODM as Repository.
  •  Click on Continue
  • Select Empty job
  • Refer to Agent job 1 and click on + to add a new task
  • Add Copy files task by Microsoft Corporation
  • Add Publish build artifacts task by Microsoft Corporation
  • In the Publish build artifacts task, copy the Path to publish value to your clipboard
  • Switch to Copy files task and past the value to Target folder field
  • Click on Save & queue and then Save and run
  • Get back to Pipelines in the sidebar, and click on Terraform-ODM-CI
  • Click on Agent job 1, to see the progress of running the CI pipeline
3. Create the Release Pipeline
  • In the sidebar, Click on Pipelines and choose Releases
  • Click on New pipeline, and select Empty job
  • Click on, Add an artifact
  • In the new wizard, select Build as the source type and Terraform-ODM-CI as Source(build pipeline)
  • Click on Add
  • Click on the thunder logo to enable Continuous deployment trigger as shown below
  • Click on stage 1, to configure the tasks of the pipeline
  • Refer to the variables tab and configure the security credentials
  • Refer to the tasks tab and click on + to add a new task
  • Add Run Terraform Task
  • Configure the task as follow
  • Right-click on Terraform init and select clone task
  • Configure the newly added task as follow
  • Click on, create release and then click on create
  • Get back to releases in the sidebar, and click on your recent release
  • Under stage 1, click on logs
  • You’ll be able to see the detailed progress of your release via each task

A cloud in mind ?
Contact us !

How can we help ?