jq1.io

Finally published to the Terraform Cloud public registry Mar 4, 2023 Hey everyone, Great news! The Terraform modules that power the TNT Architecture and Super Router projects for “scaling” VPCs and TGWs in AWS have been published to the Terraform Cloud public registry at v1.0.0, like FINALLY! They can be composed together to build a decentralized hub spoke topology with automatic peering and routing for cross-region and intra-region VPC and TGW connectivity. Tiered VPC-NG Centralized Router (includes Generate Routes to Other VPCs) Super Router Intra VPC Security Group Rule Super Intra VPC Security Group Rules The modules are mostly the same as what’s in my Terraform development repo at v1. ... ➦

Slappin' chrome on the WIP Jan 28, 2023 Reflection in the Rear-View: Initially, I thought the TNT Architecture project and Super Router project were “good enough” to scale VPCs and TGWs in AWS. But, after looking back on what was built there were so many areas for improvement that I could not resist the extended refinement and discovery. I went ahead and gave the most useful Terraform networking modules a clean chrome wrapping with encoded engravings. Most of the work went into internal module changes and consolidating my favorite patterns to use. ... ➦

$init super refactor Oct 11, 2022 Aaaand we’re back with another heavy hitting round of super refactorization in Terraform! I think the first iteration of Super Router for AWS went well. It allowed us to peer and route both intra-region and cross-region TGWs and VPCs with a single module. But there was one really annoying flaw. The caveat in the design is that the peer TGWs will have to go through the Super Router’s local provider region to get to other peer TGWs. ... ➦

Super Powered, Super Sharp, Super Router! Aug 13, 2022 What’s up world?! Welcome back for moar spicy cloud networking Terraform takes because we servin’ them HOT over here so let’s dig in! This is a follow up to the generating routes blog post. TNT Architecture Recap The Terraform Networking Trifecta project demonstrated the ability to “scale” AWS VPCs in Terraform code by adding VPC objects to a list. Example VPC architecture but with auto named subnets: With Tiered VPCs we can narrow down the context (ie app, cicd, general) and maximize the use of smaller network sizes. ... ➦

Building a generate routes function using Terraform test Mar 5, 2022 Welcome to the next episode of thinking out loud to route in the cloud, you know my steez! Earlier this season we abstracted a TGW Centralized Router. Part of it’s responsibility is to manage routes between Tiered VPCs within a single region. It will create routes to other VPC networks in private and public route tables for each VPC (except itself). # snippet variable "vpcs" { type = map(object({ network = string az_to_private_route_table_id = map(string) az_to_public_route_table_id = map(string) })) } locals { # { vpc-1-network => [ "vpc-1-private-rtb-id-1", "vpc-1-public-rtb-id-1", . ... ➦

Terraform Opinion #23: Use list of objects over map of maps Nov 19, 2021 Lately, I’ve seen quite a bit of Terraform snippets that use a static map of maps to directly configure resources. For example: locals { map_of_maps = { name1 = { attribute1 = "name1-value1" attribute2 = "name1-value2" attribute3 = "name1-value3" } name2 = { attribute1 = "name2-value1" attribute2 = "name2-value2" attribute3 = "name2-value3" } name3 = { attribute1 = "name3-value1" attribute2 = "name3-value2" attribute3 = "name3-value3" } } } resource "some_resource" "this" { for_each = local. ... ➦

Terraform Networking Trifecta Jul 22, 2021 Intro Initially I’d planned to blog more than just about Terraform but it hasn’t turned out that way due to lack of time. But that’s OK because I really do enjoy creating and writing about networking topics with Terraform in the cloud. Content generation is hard so hats off to those who are consistently generating it. This project is for all the Terraform headz building networks in the cloud! It’s building on my previous Tiered VPC idea but by adding a couple more abstractions we can build flexible networking between multiple AWS VPCs with minimal code. ... ➦

Synthesizing Tiered VPC in Terraform Jan 12, 2021 Today’s Mathematics Dynamic VPC x Tiered Subnet Calculator = Tiered VPC Observing Abstractions In hindsight, the Dynamic VPC module should instead be called Simple VPC. It provides a general VPC tier including a public subnet (/24), a private subnet (/24) and NAT Gateways per AZ. The interface is simple because there is minimal focus on subnetting due to the internal subnet generation. Routing is automatic and the module outputs can be consumed for peering. ... ➦

Tiered Subnet Calculator in Terraform Dec 1, 2020 I’ve been thinking about adding support for building tiered subnets of any valid size for the next iteration of the Dynamic VPC Module (which ended up being called Tiered VPC-NG). It occurred to me that auto subnet generation inside the module actually makes the subnetting less dynamic. Furthermore, auto subnet calculation should be in assistance to the process of allocating subnets and should not be fed directly as input to the VPC module. ... ➦

Hash Server 9000 in Go Oct 10, 2020 I took an internal dev challenge at work a while back because I wanted to learn more Go since I have an OO background and was not familiar with the procedural way of thinking. The goal was to build a simple non-persistent password hashing service using only the standard library while demonstrating the use of concurrency with the endpoint requirements below. Reading the blue and white book was definitely key to gaining deeper insight. ... ➦