Cloud-Agnostic Design for Fun and Profit


Authors:   Anusha Iyer, Alex Meijer


Tips and tricks for cloud agnostic paradigm using Terraform and Kubernetes
  • Utilizing Terraform in a cloud agnostic paradigm by building modules for each cloud provider
  • Gluing together modules with a common module that has essential code
  • Understanding the importance of resources and limits for the scheduler
  • Being cautious when pulling in elements from the rich world of free source software and understanding the configuration and dials
  • Sharing an anecdote about the importance of watching the dials when introducing a modsec waff into the ingress controllers
When introducing a modsec waff into the ingress controllers, the speaker turned it on in production and started blocking themselves due to poor authentication requests that triggered the defaults in their modsigchar. This was caused by minor differences in the way that different cloud providers implement Kubernetes load balancers. This experience taught them to watch the dials and understand the configuration and dials when pulling in elements from the rich world of free source software.


There is now sufficient competition in the cloud computing space that all the major cloud providers are competing directly on pricing. Like any other market, there are significant opportunities for savings if an organization is willing to periodically switch to more competitive service providers. However, the engineering cost of a cloud provider migration typically negates those savings – but that doesn't have to be the case. This talk will cover a two-year journey spanning several cloud providers, and how to avoid vendor lock-in by making cloud agnostic design a first-class consideration. A case study will be provided on how embracing open source projects like Kubernetes, Terraform, and Helm permitted lightning-fast migration to and from cloud providers driven by economic incentives. The high level details of Corsha's Infrastructure-as-code strategy will be discussed, and how an early commitment to this approach has resulted in flexible and efficient cloud native app deployments.


Post a comment

Related work