I'm currently using Terraform to manage my AWS infrastructure across various projects, and I've got a functioning VPC along with other networking components. I'm considering a shift to OpenTofu and moving our CI/CD process from Jenkins to Bitbucket pipelines. My main concern is whether I should create a new VPC in a mono-repo for this transition or just continue using my existing VPC.
Additionally, I'm planning to move all staging environments on-site, utilizing NGINX and an ALB to direct traffic to the appropriate resources, while keeping production services on AWS. I'd really appreciate any advice on whether to leverage the current setup or start fresh!
4 Answers
Reusing your existing VPC might be the best choice if it’s well set up already with subnets and security groups. Creating a new one adds unnecessary work unless you need complete isolation. Your plan of having staging on-prem and production on AWS sounds viable, just watch out for latency issues with ALB and NGINX. Also, I suggest not to overhaul everything at once—it could turn chaotic quickly! If you’re updating your AWS knowledge, practice tests can really help identify areas to focus on.
No need to create a new VPC; just reuse the existing one. OpenTofu is compatible, so it shouldn't be a hassle to swap out. Focusing on AWS for production is a smart cost-saving move, just ensure that your staging doesn’t stray too far from production standards. What's your issue with Jenkins, by the way?
From a safety perspective, I recommend doing your Jenkins-to-Bitbucket migration on separate infrastructure to keep things clean. Once everything is working smoothly, you can transition the existing VPC to the new setup. Plus, making more VPCs is free, so don’t hesitate to create as many as you need—just delete them when you're done! Regarding your staging setup, going on-premise makes sense if that's what suits your needs best. Just be wary of how staging parallels production.
If both your pipelines can access the same state file in the same backend, you should be fine making the transition without issues. But maybe if you think they're going to diverge significantly, set them up in separate states.
But keep in mind, they'll be using different state files. Just something to consider!
Absolutely! It's smart to keep costs down and having on-prem staging is the way to go for us right now.