Introducing Terraspace Cloud
Posted by Tung Nguyen
on
In this post, you’ll get an introduction to Terraspace Cloud.
What is Terraspace Cloud?
Terraspace Cloud is a nice addition to the Terraspace Framework. Terraspace Cloud adds extra features to Terraspace.
- GUI Dashboard and History: When working with multiple stacks, it can become hard to remember all the stacks you or others on your team have deployed. Terraspace Cloud helps you visualize the stacks by saving them and providing a web dashboard with deployed stacks, history, logging, and resources. Know who deployed what and when.
- Team and Permissions Management: Fine-grain permission control over access. You can create teams and define permission that target dev vs prod environments.
- CI/CD Integration: Integration with popular CI/CD systems like GitHub Actions, GitLab Pipelines, etc. GitHub Pull Request and GitLab Merge Request integration provide a comment with a link to the visual dashboard.
- Real-Time Logging: Terraspace captures logs that you see in your terminal and stream them live to the Dashboard. You can share this url to teammates who have access to the project.
- Cloud Cost Estimation: Terraspace Cloud provides cost estimates for your Terraform resources. Terraspace integrates the infracost estimation reports with the Terraspace Cloud dashboard and Pull Request comments.
Terraspace Cloud provides these additional conveniences as an optional paid managed service. Terraspace Cloud Pricing
Terraspace Cloud Dashboard
Per recommendations from the Terraform team itself, you should have One Workspace Per Environment Per Terraform Configuration. The pros on why you should use separate stacks and statefiles are covered thoroughly in Terraform Statefile Approaches and Thoughts docs. The gist of the pros are:
- Security and Isolation: It reduces the blast radius. Don’t want to do something simple and affect a high-risk component like the VPC on accident.
- Speed: The terraform plan and apply will be faster since there are less resources for terraform to resolve. You don’t want to wait 20-40m for terraform to run 😟 See:
By following the recommendations, it introduces other issues. When dealing with more than one stack, it becomes difficult to keep track of what’s been deployed. Especially, when multiple team members are deploying. Terraspace Cloud was built specifically for the Terraspace Framework and provides a web GUI so you can track your terraform changes. Here’s an example:
Here’s an example of what the dashboard looks like:
And update logs:
Team Management
Terraspace Cloud adds the ability to define Team-based permissions. The permissions are defined in a way that works naturally with Terraspace.
- You create teams and assign users. That’s standard stuff.
- You define permissions that allow access based on rules. This is where things get interesting.
Here’s an example of a permission.
Since Terrapace provides the ability to dynamically build terraform projects and deploy them, it makes sense for a permission system with more power. The envs: dev in the permission means that users in the dev team only have access to TS_ENV=dev stacks. You can specify multiple envs by space-separating them, IE: envs: dev prod. You can finely control the permissions based on varialbles. Terraspace Cloud Permissions system was explicitly designed for Terraspace.
CI/CD Integration
Terraspace Cloud adds some additional support for CI systems like GitHub, GitLab, BitBucket, and CodeBuild.
The CI plugins automatically pull in info like commit sha, branch name, and PR info from the CI environment. These get sent to Terrraspace Cloud and recorded to provide historical tracking information. For the GitLab and GitHub plugins, a PR comment is also added with a link to the Terraspace Cloud plan or update.
Terraspace Cloud approach to CI means bring your own runner, IE: GitHub Actions, GitLab Pipeline, etc. This is similar to Pulumi’s approach to CI/CD. The big pro is that you don’t have to wait for a VM machine to spin up if you’re running Terraspace locally on your machine. It simply just makes API calls to Terraspace Cloud to record the plans and updates. There’s less overhead, so it’s lot faster. That’s probably my favorite part about the way it works. The other advantage is that you have full control over the runner system.
Real-Time Logging
Real-time Logging is supported by the Dashboard now. Terraspace captures logs you see in your terminal and stream them live to the Dashboard. You can share this URL to teammates who have access to the project.
This provides visibility into the stack updates.
Here’s what the logs looks like:
Terraspace also takes the extra steps only to save plans and updates (applies and destroys) when changes are detected. This helps reduce the noise level in the chaotic world we live in. The setting is also adjustable if you prefer to always save plans and updates with no changes.
Cloud Cost Estimation
With cost estimates, you will be able to see how much your infrastructure costs. The estimate is saved to Terraspace cloud for visibility and historical viewing. Here’s what it looks like on the dashboard.
Pull request commenting is also integrated for GitHub and GitLab. Here is an example:
After using it for a while, you get a quite useful feel of cloud resource pricing. A shout out to Infracost. It’s what terraspace uses to achieve this feature.
Summary
In general, Terraspace Cloud does not change how you use Terraspace. The features like Team Management, Permissions, History, a GUI visual interface, and CI/CD integration, Cost Estimation, Real-Time Logging are all optional. The Terraform Framework itself is open source and free to use. Hopefully, Terraspace Cloud also provides a means to support the project financially. You can start using Terraspace Cloud with the Terraspace Framework starting in version 2.0. Docs: Terraspace Cloud Setup
Thanks for reading this far. If you found this article useful, I'd really appreciate it if you share this article so others can find it too! Thanks 😁 Also follow me on Twitter.
Got questions? Check out BoltOps.
You might also like
More tools:
-
Kubes
Kubes: Kubernetes Deployment Tool
Kubes is a Kubernetes Deployment Tool. It builds the docker image, creates the Kubernetes YAML, and runs kubectl apply. It automates the deployment process and saves you precious finger-typing energy.
-
Jets
Jets: The Ruby Serverless Framework
Ruby on Jets allows you to create and deploy serverless services with ease, and to seamlessly glue AWS services together with the most beautiful dynamic language: Ruby. It includes everything you need to build an API and deploy it to AWS Lambda. Jets leverages the power of Ruby to make serverless joyful for everyone.
-
Lono
Lono: The CloudFormation Framework
Building infrastructure-as-code is challenging. Lono makes it much easier and fun. It includes everything you need to manage and deploy infrastructure-as-code.