But then, I also push for breaking infrastructure ...
# platform-blueprints
But then, I also push for breaking infrastructure into smaller deployable units, rather than a single "terraform apply" or equivalent. A microservices-style approach.
Hi Kief, I have been thinking about packaging/versioning infra code recently as well. Have you done this? If so, what has been your approach. I was thinking of packaging IaC for the entire environment - separate micro services style IaCs all in a docker image along with dependencies etc. and pushing it to an artifact repo. The image will also have the pipeline code (in our case Argo workflow file). When deploying, docker image will be pulled from artifact repo and applied to the appropriate environment and the pipeline code will handle the execution of the code in the appropriate order etc.
Or it could be separate image for each infra component and the pipeline code exists externally.
what I have seen work well - depending on the size of the organization is to segment infrastructure config at the regional level. Assuming you are using terraform or some other IaC equivalent - you have configure global and override in the subdirectories corresponding to a given region(us-west-1, etc.). This also has benefits when devising your disaster recovery plan. There is some inspiration for this from Slack and AWS's approaches to cell-based architecture. There is also a version of this that segments based on business function/domain popularized by Uber.