In this lightboard lesson, I show how you can move from the manual work of traditional app deployments to the automated goodness of zero touch app deployments!
This demo solution was shown in a Hashicorp webinar featuring our own Eric Chen, and utilizes Hashicorp's Terraform and Consul applications, as well as the AS3 component of the F5 Automation Toolchain.
First I always enjoy your Lightboard Lessons!
Even before CVE-2020-5902 exposing mgmt to the Internet was a bad idea. It's much here I don't understand.
OK, so it's only a DEMO to show case the products. Still I think it would just be a small bump in the road to
include the VPN access in the Terraform setup. AWS provides OpenVPN - that would secure
access(encrypt and reduce exposure) to any MGMT service. It would add more cost for sure - still I think
it would be worth it.
With Route domains added that would enable one to seperate Service and MGMT traffic. It would still be
a one interface service - since you can't really remove the dedicated MGMT interface .
My $0.05 cents.
a good suggestion on how to improve the demo. Thank you for your feedback.