Automation & IaC Integration
Leveraging Your Infrastructure Model for Automation and Infrastructure as Code
Building the graph is the first step. The true power of rescile is unlocked when you treat this graph as a dynamic,
queryable model of your entire hybrid estate. It becomes the single source of truth that drives automation,
provides deep architectural insights, and enables continuous compliance. This section explores several powerful ways
to use the data you’ve just modeled.
Automation and Infrastructure as Code (IaC)
Your infrastructure graph can directly feed your automation toolchains, ensuring that your declared architecture is what gets deployed.
-
Generating Terraform Variables: Instead of manually maintaining
.tfvarsfiles, you can generate them dynamically. A script can query the GraphQL API for all resources of a certain type and environment, and format the output as aterraform.tfvars.jsonfile. For a complete walkthrough, see the Output Developer Guide — Terraform Variable Generation.Example GraphQL Query for Terraform:
query GetProdServersForTerraform { server(filter: { managed_by: "team-alpha" }) { name os # Imagine these properties were added via your models instance_type memory_gb } }This query fetches all servers managed by
team-alpha. The output can be directly transformed into a list of server configurations for a Terraform module to provision, ensuring perfect alignment between your model and reality. -
Dynamic Ansible Inventories: Create an Ansible dynamic inventory script that queries the
rescileAPI. This allows you to target hosts based on any attribute in the graph, such as the application they run, the business owner, or their compliance status. -
Driving Provider CLIs: Use the graph to generate shell scripts or commands for provider-specific command-line interfaces (e.g.,
aws,az,gcloud). You can query for all resources with a specific tag or belonging to a certain application and pipe the results into a loop to perform bulk operations, such as security audits or configuration updates. -
Intelligent Kubernetes Deployments: In a large cluster, tracking which
Deploymentsuse whichConfigMapsacross many Helm charts is a common challenge. Updating a sharedConfigMapoften leads to risky, cluster-wide rollouts. By ingesting Kubernetes manifests,rescilecan build a live dependency graph. An automation script can then query this graph to identify exactly whichDeploymentsmount a specificConfigMapand dynamically generate a targetedKustomizepatch orHelmvalues to safely update only the affected workloads.
Architectural Insight and Impact Analysis
The graph provides a holistic view of your systems and their interdependencies, enabling powerful analysis that is impossible with siloed tools.
-
Generating Diagrams and Reports: Define Output definitions in TOML to generate structured data artifacts (like JSON or YAML) directly from the graph. These reports are created as new resources in the graph and can be queried to produce service catalogs, compliance evidence, or configuration for other systems.
-
Blast Radius Analysis: Before performing maintenance or in the event of an outage, you can instantly determine the potential impact.
Example GraphQL Query for Impact Analysis:
query BillingDatabaseImpact { # If this database goes down... database(filter: {name: "billing-db-prod"}) { name # ...which applications are affected? application { name owner } } }
graph TD
subgraph "Blast Radius for billing-db-prod"
DB["database<br><b>billing-db-prod</b>"]
App1["application<br><b>billing-api</b><br>{owner: team-alpha}"]
App2["application<br><b>reporting-service</b><br>{owner: team-gamma}"]
App1 -- "depends on" --> DB
App2 -- "depends on" --> DB
end
This simple traversal query immediately tells you which applications depend on a critical component, allowing you to notify the correct teams.