Kristian Glass - Do I Smell Burning?

Mostly technical things

Infrastructure as Code with AWS CloudFormation and Sceptre

A high-level introduction to two of my favourite AWS automation tools: CloudFormation and Sceptre

Why Infrastructure as Code?

We want the same things from our infrastructure as from our code:

  • Version controlled
  • Tested
  • Reproducible
  • Documented

CloudFormation

  • YAML (or JSON…) templates
  • Define AWS Resources
  • Configuration Parameters
  • Optional Outputs for further use

CloudFormation Basic Example Template

Resources:
  "WebsiteBucket":
    Type: "AWS::S3::Bucket"
    Properties:
      AccessControl: "PublicRead"
      WebsiteConfiguration:
        IndexDocument: "index.html"
        ErrorDocument: "error.html"

CloudFormation Basic Example Usage

$ aws cloudformation create-stack \
    --stack-name mystack \
    --template-body file://template.yaml \
    --parameters \
        ParameterKey=Key1,ParameterValue=Value1 \
        ParameterKey=Key2,ParameterValue=Value2 \
        # etc.

This is not fun

So? Use a wrapper!

  • Everyone realises they want a CloudFormation wrapper quickly
  • Dozens to choose from!

inline

Sceptre!

https://sceptre.cloudreach.com/

Convenient and unintrusive AWS wrapper

  • Write CloudFormation templates as normal
  • Add a small bit of directory structure
  • Add some YAML configuration files

Sceptre Example Directory Structure

$ tree
.
├── config
│   ├── config.yaml
│   ├── live
│   │   └── www.yaml
│   └── www.yaml
└── templates
    └── www.yaml

Sceptre Example Configuration

$ cat config/config.yaml
# General "project" config
region: us-east-1
project_code: www  # Naming prefix for grouping

Sceptre Example Configuration

$ cat config/www.yaml
# Configuration for the www stack
template_name: templates/www.yaml

Sceptre Example Configuration

$ cat config/live/www.yaml
# Configuration for the www stack in the live environment
parameters:
  DomainName: www.example.com

Sceptre Example Usage

$ sceptre launch-env live # Launches/updates all stacks in the live environment
sceptre.stack - live/www - Launching stack
sceptre.stack - live/www - Stack is in the UPDATE_COMPLETE state
sceptre.stack - live/www - Updating stack
sceptre.stack - live/www - No updates to perform.

CircleCI Example Configuration

$ cat circle.yml
test:
    override:
        - sceptre validate-template live www
deployment:
    live:
        branch:
            - master
        commands:
            - sceptre launch-env live
            - sceptre describe-stack-outputs live www

Sceptre - What else?

  • Manage CloudFormation Change Sets
  • Connect Stacks together
  • Source Parameters from external files, environment variables and more
  • Configure hooks to run when Sceptre actions occur

Questions?

mail@doismellburning.co.uk

Comments