As our infrastructure as code (IaC) setup using Terraform has evolved, it started out pretty manageable. However, with every microservice team adding their own modules and variables, it's getting messy. We're seeing issues with inconsistent naming and lack of clear ownership. What are some best practices for organizing large IaC repositories without resorting to a single centralized structure?
5 Answers
Are you working with a monorepo, or does each service have separate configs? We have a core setup in a central repository that houses template resource definitions. Each project uses these within its own directory. This structure helps maintain consistency in naming conventions and cleanliness. Pre-commit hooks can also enforce standards, which is a great practice to try!
Implement terraform tests to catch regressions and enforce variable standards. Linting via commit hooks can help maintain code quality, and having an examples folder can assist new team members. They can copy from there and adjust inputs to get started.
I manage 35 services using Terraform and Azure DevOps YAML pipelines. I dynamically generate Terraform code based on YAML specs, allowing for consistency while keeping customizations in the YAML files. This setup can be adjusted easily depending on your CI/CD needs.
We've taken a decentralized route - our IaC lives alongside service code in the same repo. The philosophy is that changes related to a service (including non-code components) go through a release pipeline. This keeps everything in sync and standardizes our deployments. Plus, using a microservice template makes it easy to start new services without clutter.
One effective method is relentless refactoring! Regularly take a step back and clean up the repo as new modules come in. This helps keep things tidy and makes sure everyone sticks to the agreed standards.
That sounds like a solid approach! We're using a shared repo now, but I like the idea of common templates. Pre-commit hooks for enforcing naming sounds smart, I might give that a shot.