Services

Resources

Company

Our Work

Blog

Back to Blog

Jun 2, 2024 | 5 min read

Automating Terraform Pull Requests with Atlantis

Automating Terraform Pull Requests with Atlantis

Rahul H Bhatia

SRE @One2N

Back to Blog

Jun 2, 2024 | 5 min read

Automating Terraform Pull Requests with Atlantis

Rahul H Bhatia

SRE @One2N

Back to Blog

Jun 2, 2024 | 5 min read

Automating Terraform Pull Requests with Atlantis

Rahul H Bhatia

SRE @One2N

At One2N, we specialize in helping clients achieve infrastructure reliability and efficiency. Terraform is a key component of our approach as an SRE team. Recently, I integrated Atlantis into the development process for a large-scale client project, streamlining their Terraform workflows and improving security. This guide outlines the process and the benefits Atlantis brings.

Not Published

What is Atlantis?

Atlantis is a powerful tool that enables automation and collaboration in infrastructure management using Terraform. It acts as a pull request (PR) automation tool specifically designed for Terraform workflows. By integrating Atlantis with version control systems like GitLab, teams can manage their infrastructure as code (IaC) efficiently.

Why Use It?

Atlantis streamlines the process of managing Terraform configurations by automating common tasks like terraform plan, apply and destroy through a simple pull request workflow. It ensures that infrastructure changes are reviewed and approved before being applied, thus enhancing the security and stability of the infrastructure.

How Atlantis Works:

https://lh7-us.googleusercontent.com/kitxMY10HKmNFXqAArT5cJdDqNkt4D8odZELmxAfvN3MhTWKXbkmO8D_j-ZGcGR23l7Xx7qRBpGWcKKxo4DIi5BLMM1o6EvP0Exzn0KRHWrvlP2B-QE1donbknbKbtfWMhgt44XR51jzElCkSJQx_78

source

Atlantis listens for events triggered by pull requests in the version control system. When a pull request is opened or updated, Atlantis automatically comments on the PR with a plan of the proposed changes. This allows team members to review the changes and provide feedback. Once approved, Atlantis applies the changes to the infrastructure.

Atlantis Deployment in Cluster:

While I used Kubernetes for this client project due to their existing infrastructure, Atlantis also supports deployment on AWS Fargate, Nomad, or even as a standalone server instance. The core concepts remain the same.

1. GCP Service Account

A Service account is created on GCP with the required permissions that Atlantis can perform on GCP.

resource "google_service_account" "service_accounts" {
   + account_id  = "atlantis"
   + disabled   = false
   + display_name = "Atlantis"
   + email    = atlantis@<GCP_PROJECT_ID>.iam.gserviceaccount.com
   + project   = "<GCP_PROJECT_ID>"
}

2. Atlantis Deployment

Our client had an existing Kubernetes cluster – the perfect spot for Atlantis. A simple Helm chart made deployment a breeze.

helm repo add runatlantis https://runatlantis.github.io/helm-charts
helm install atlantis runatlantis/atlantis -f values.yaml

Customize values.yaml with service account details from Step 1

Atlantis provides documentation on different deployment methods. Refer to their official guides for instructions on Fargate, Nomad, or standalone server setup

3. Getting Connected (DNS):

To ensure Atlantis could communicate with their GitLab, I set up a DNS entry within their preferred cloud DNS provider.

Integration with Gitlab:

Within the client's GitLab repository, I configured a webhook that triggers Atlantis actions based on events like code pushes and merge requests.

Share

Jump to Section

Also Checkout

Also Checkout

Also Checkout

December 3, 2024 | 7 min read

Accessing Private EC2 Instances without Keys or Passwords

Adarsh Raj

SRE @One2N

December 3, 2024 | 7 min read

Accessing Private EC2 Instances without Keys or Passwords
Traditional methods of accessing Amazon EC2 instances, such as SSH keys and passwords, while effective can be cumbersome especially in large-scale environments, managing them is complex and prone to errors. In this blog, we explore how to use AWS Systems Manager Session Manager to securely access your private EC2 instances without the need for SSH keys or passwords.

Adarsh Raj

SRE @One2N

December 2, 2024 | 5 min read

Using UTM and Vagrant to Spin Up Dev Environments on Apple Silicon Macs

Srivatsa RV

SRE @One2N

December 2, 2024 | 5 min read

Using UTM and Vagrant to Spin Up Dev Environments on Apple Silicon Macs
Learn how to set up a local development environment on M-series Macs using Vagrant and UTM, overcoming VirtualBox limitations and enabling seamless virtualization, containerization, and internetworking. This guide provides a step-by-step approach to integrating UTM with Vagrant for a production-like setup.

Srivatsa RV

SRE @One2N

November 8, 2024 | 7 min read

Karpenter vs Cluster Autoscaler: A Comprehensive Guide to Kubernetes Node Scaling

Rahul H Bhatia

SRE @One2N

November 8, 2024 | 7 min read

Karpenter vs Cluster Autoscaler: A Comprehensive Guide to Kubernetes Node Scaling
Discover the key differences between Karpenter and Cluster Autoscaler for Kubernetes node scaling. Learn how each tool handles dynamic workloads, node provisioning, and cost optimization to choose the best solution for your cloud-native environment.

Rahul H Bhatia

SRE @One2N

December 3, 2024 | 7 min read

Accessing Private EC2 Instances without Keys or Passwords
Traditional methods of accessing Amazon EC2 instances, such as SSH keys and passwords, while effective can be cumbersome especially in large-scale environments, managing them is complex and prone to errors. In this blog, we explore how to use AWS Systems Manager Session Manager to securely access your private EC2 instances without the need for SSH keys or passwords.

Adarsh Raj

SRE @One2N

December 2, 2024 | 5 min read

Using UTM and Vagrant to Spin Up Dev Environments on Apple Silicon Macs
Learn how to set up a local development environment on M-series Macs using Vagrant and UTM, overcoming VirtualBox limitations and enabling seamless virtualization, containerization, and internetworking. This guide provides a step-by-step approach to integrating UTM with Vagrant for a production-like setup.

Srivatsa RV

SRE @One2N

November 8, 2024 | 7 min read

Karpenter vs Cluster Autoscaler: A Comprehensive Guide to Kubernetes Node Scaling
Discover the key differences between Karpenter and Cluster Autoscaler for Kubernetes node scaling. Learn how each tool handles dynamic workloads, node provisioning, and cost optimization to choose the best solution for your cloud-native environment.

Rahul H Bhatia

SRE @One2N

October 8, 2024 | 9 min read

Exploring Retrieval-Augmented Generation (RAG): Enhancing LLMs with External Knowledge
Discover Retrieval-Augmented Generation (RAG), a technique that enhances Large Language Models (LLMs) by integrating external knowledge bases to provide more accurate, up-to-date, and contextually relevant responses. RAG combines information retrieval with generative AI to address issues like hallucinations and outdated training data, ensuring LLMs stay relevant and current. Learn how RAG works and its benefits

Harsh Mishra

SRE-Intern @One2N

Blog

Blog

Subscribe for more such content

Stay updated with the latest insights and best practices in software engineering and site reliability engineering by subscribing to our content.

Subscribe for more such content

Stay updated with the latest insights and best practices in software engineering and site reliability engineering by subscribing to our content.

Subscribe for more such content

Stay updated with the latest insights and best practices in software engineering and site reliability engineering by subscribing to our content.

Subscribe for more such content

Stay updated with the latest insights and best practices in software engineering and site reliability engineering by subscribing to our content.