Sumo Logic ahead of the pack
Read articleComplete visibility for DevSecOps
Reduce downtime and move from reactive to proactive monitoring.
August 5, 2020
Automation is a key component in the management of the entire software release lifecycle. While we know it is critical to the Continuous Integration/Continuous Delivery process, it is now becoming equally essential to the underlying infrastructure you depend on. As automation has increased, a new principle for managing infrastructure has emerged to prevent environment drift and ensure your infrastructure is consistently and reliably provisioned.
Infrastructure-as-code (IaC) is a concept where infrastructure is defined using a declarative model and version controlled right along with source code. The desired infrastructure is declared in a higher level descriptive language. Every aspect of the infrastructure, including servers, networks, firewalls and load balancers can be declared using this model. The infrastructure gets provisioned from the defined model automatically with no manual intervention required. This provisioning happens with a tool that interacts with APIs to spin up your infrastructure as needed. IaC ensures that your infrastructure can be created and updated reliably, safely, and consistently anytime you need.
Terraform is an open source IaC tool developed by HashiCorp. It is very popular for teams that create, manage, and update infrastructure across service providers. You can use Terraform to manage anything from physical machines, virtual machines, load balancers, firewalls and many other resources. Terraform accomplishes this by maintaining state information as it creates, updates, and deletes your resources. In Terraform, a “provider” is an extension to Terraform that allows you to define the various resources it supports.
A provider interacts with the various APIs required to create, update, and delete various resources. Terraform is used to manage infrastructure through providers such as AWS, GCP and Azure, but Terraform can also be used to manage Platform as a Service and Software as a Service resources.
That’s why we’re very excited to announce the official Sumo Logic Terraform Provider verified by HashiCorp. This provider lets you manage your Sumo Logic resources in code. Users can leverage it to set up and maintain a wide variety of Sumo Logic resources including users, roles, collectors, sources and other related objects. This Terraform provider can be used along with any other providers you might already be using to quickly set up and link monitoring for your infrastructure all while managing your Sumo Logic environment.
Let’s walk through an example where we create a resource and see how it works. I will be working with the Terraform 0.13, but the provider works for previous versions of Terraform as well (0.11, 0.12).
The first thing we need to do is install Terraform. I will be installing Terraform using Homebrew, a package manager for Mac OSX by running brew install terraform. For detailed instructions refer to this page by HashiCorp.
Add the following code to the top of your main.tf.
terraform { required_providers { sumologic = { source = "SumoLogic/sumologic" version = "2.1.2" } } }
Running terraform init in the same directory as [main.tf](<http://main.tf>;) will install the specified version of the provider.
Access Keys can be defined as environment variables:
$ export SUMOLOGIC_ACCESSID="your-access-id" $ export SUMOLOGIC_ACCESSKEY="your-access-key" $ export SUMOLOGIC_ENVIRONMENT=us2
Add the following to your main.tf
resource "sumologic_role" "role" { name = "example-role" capabilities = [ "viewScheduledViews", "viewPartitions", "viewFields" ] } resource "sumologic_user" "user" { first_name = "Example" last_name = "User" email = "ssain+example@demo.com" role_ids = [sumologic_role.role.id] transfer_to = "" } data "sumologic_personal_folder" "personalFolder" {} resource "sumologic_folder" "folder" { name = "tf-test-folder" parent_id = data.sumologic_personal_folder.personalFolder.id description = "A test folder under the personal folder" } resource "sumologic_content" "content" { parent_id = sumologic_folder.folder.id config = jsonencode({ "type": "SavedSearchWithScheduleSyncDefinition", "name": "Search", "search": { "queryText": "_sourceCategory=api and \\"error\\"", "defaultTimeRange": "-15m", "byReceiptTime": false, "viewName": "", "viewStartTime": "1970-01-01T00:00:00Z", "queryParameters": [], "parsingMode": "Manual" }, "searchSchedule": null, "description": "" }) }
When you run terraform apply Terraform will show you a plan with all the resources that will be created. Typing in yes and hitting enter will confirm the plan and create the resources.
We are using the sumologic_role and the sumologic_user resources to create a new user and role for that user. Terraform knows which order to create these two objects based on the dependency information given in role_ids for the user.
Next, we are utilizing the data source sumologic_personal_folder so we have access to the ID of our personal folder. We then use the sumologic_folder and sumologic_content resources to create a new folder and search within the personal folder.
Refer to the Sumo Logic provider docs for more information on all the available resources.
Terraform will be extremely useful because it will allow you to manage the entire lifecycle of your Sumo resources. You can provision and maintain the various users and roles across your organization that use Sumo Logic. Collectors and sources can be quickly linked and set up in order to monitor your infrastructure along with content such as searches and dashboards so that you can manage your mission critical monitoring solution as code. Before Terraform, everything would have to be set up through the UI which can be very time consuming, or the API which lacks the interoperability with already existing resources.
Setting up Sumo with Terraform is as easy as defining the different resources you want in your Terraform configuration file. In addition, the config file simplifies tracking resources and their properties. Since Terraform maintains state, updates and deletes as well as new resource additions are easy and fast.
We truly believe Terraform will enable customers to more easily set up and use our product. That is why we wanted an easy and scalable way to keep our provider up to date even as the Sumo Logic product constantly evolves. More specifically, we need a way to grow our provider as we continuously introduce new APIs. We developed a code generator that takes in our OpenAPI spec YAML file and generates the corresponding Terraform provider files, which are written in Golang.
When a Sumo feature team is developing an API they now add a few custom tags to the OpenAPI specification, indicating the API endpoints associated with that resource and the properties of the resource object. The code generator parses the OpenAPI specifications of every API and then generates the provider files for the tagged APIs. We built this off the already existing OpenAPI code generator for our custom use case.
In addition to generating the code, we have also automated the testing and deployment of code for our Terraform Provider. We detect if there are any changes in our APIs, whether it is to an existing API or a new API that has been added, and perform the code generation along with acceptance testing against our staging deployments. If everything passes, when the API changes reach production, the provider resources are pushed to our Terraform provider.
Reduce downtime and move from reactive to proactive monitoring.
Build, run, and secure modern applications and cloud infrastructures.
Start free trial