Rootconf Pune edition

On security, network engineering and distributed systems


“Infrastructure as Code” (IaC) via Azure DevOps (CI Server) pipeline using Terraform (Provisioning) & Salt Stack (Configuration) tool

Submitted by Sachin Shinde (@sachinshinde) on Friday, 2 August 2019

Section: Full talk (40 mins) Category: Automation Status: Awaiting details


In today’s fast paced software development world, we need underlying Infrastructure delivery also at same paced, that provide consistency , quality delivery of infrastructure component without compromising security requirements. Today we are living in cloud computing era, were the elasticity of the cloud paradigm and disposability of cloud machines should be truly leveraged.
Building production grade infrastructure is hard. And Stressful. And time consuming. Very time consuming. That’s were “Infrastructure as Code” (IaC) plays a vital role. The basic principle is that operator should not log in to a new machine and configure it from documentation. Rather, code should be written to describe the desired state of the new machine.
Trying to solve above problem with Single pipeline which is cloud agnostic to manage production ready infrastructure deployment using “Infrastructure as Code” for consistent & quality delivery of component with standards enforcement using Azure DevOps (CI Server), Terraform (Provisioning) & Salt Stack (Configuration) tool in shared environment.
The key takeaways for the talk are
1. Best practices for IaC
2. Difference between workflow of deploying Application and Infrastructure code
3. Choices of available Provisioning and Configuration Management (CM) tools
4. CI Server best practices. Tools and Technique to help teams to build a continuous delivery pipeline.

The intended audience for this talk are those who are starting their journey on cloud or already using cloud to deploy their infrastructure.


The focus of this session is to provide tools, techniques and various consideration while building stringent pipeline to deploy production ready infrastructure into cloud environment. Consideration include source control, reusable code, abstraction layer, least privileged approach and quick re-provisioning for Disaster recovery.
1. Our use case of infrastructure deployment on multi cloud environment
2. Provisioning Vs Configuration Management tool – Imperative Vs Declarative
3. Tools and techniques to be included in your development and delivery workflow
4. IaC security consideration and change management

Speaker bio

Sachin Shinde
Cloud Technologies Specialist | Schlumberger PITC | Data Platform

Shehzad Shaikh
Infrastructure Admin | Schlumberger PITC | Data Platform



  •   Zainab Bawa (@zainabbawa) Reviewer 7 months ago

    Thanks for the submission, Sachin. Note that we only accept one speaker per session.

    Secondly, I’d like to understand two things:

    1. Who is this talk targeted at? Is it folks who are unaware about IaC or is folks who are already practising IaC? This part is unclear from your abstract.
    2. The proposal is very prescriptive because there is mention of how the talk will share best practices for IaC and other aspects. What is the basis of the best practices?
      My point here is that when a proposal is prescriptive, in that it claims to know the best way of doing things, the question comes up as to what is the basis of the prescriptions? There can be numerous best approaches to solving any infra problem. You have to explain why you approach is better than others by comparing existing approaches and showing what is the one innovation of your approach which you consider as a big win.

    In summary then, you have to modify this proposal to include:

    1. Explaining the basis of your approach by showing why you chose this approach for your organization and how it compares with other approaches?
    2. Why did you pick the tools that you mention?
    3. Outcomes of your approach by showing metrics and explaining before-after scenario.

    Share draft slides, incorporating the above details, by or before 15 August so that we can close the decision on your proposal.

  •   Sachin Shinde (@sachinshinde) Proposer 7 months ago

    Who is this talk targeted at? Is it folks who are unaware about IaC or is folks who are already practicing IaC
    - Target audience who could essentially benefit from session are people who unaware or inexperience in IaC practices however, IaC practitioner can also take advantage from our use case, approach and mixture of tools that we have included in our IaC pipeline/automation.

    Innovation of your approach which you consider as a big win.
    - Reduced deployment time drastically from 12-15 hours to 30 mins, stable and streamlined infrastructure provision, configuration and release management.

    why you chose this approach for your organization and how it compares with other approaches?
    Why did you pick the tools that you mention?
    - Our approach on tool selection was “Open source, cloud-agnostic tool that support immutable infrastructure and a declarative language”
    Presentation will cover comparison matrix, pros & cons of configuration tool and the reason why we choose specific tool for our use case.

    We will get back to you with Presentation slide by 15 Aug.

Login with Twitter or Google to leave a comment