DocsUse Cases

​Automate ​Infrastructure

DevOps and engineering teams automate infrastructure to ensure consistency across environments, avoid manual errors, and scale resources on demand. With Kestra, you can orchestrate Docker builds, Terraform deployments, Ansible playbooks, and cloud provisioning in a unified workflow — triggered by schedules, code changes, or external events.

What is Infrastructure Automation?

Infrastructure automation is the process of codifying and orchestrating infrastructure tasks to manage cloud resources, build container images, and deploy applications. Kestra handles dependencies, retries, and scaling so you can:

  • Provision resources dynamically (e.g., spin up cloud VM instances via Terraform)
  • Build and deploy containers for critical applications
  • Scale workloads using task runners (AWS ECS Fargate, Azure Batch, Kubernetes) or dedicated worker groups
  • Roll back code changes to a previous revision if some infrastructure workflows fail.

Why Use Kestra for Infrastructure Automation?

  1. Unified Platform – Combine Docker, Terraform, Ansible, and cloud CLI tools in a declarative YAML flow.
  2. Dynamic Scaling – Task runners provision containers on-demand (e.g., AWS Fargate) for heavy containerized workloads
  3. State Management – Securely pass secrets, variables, and outputs between tasks (e.g., Docker image tag → Terraform config).
  4. Failure Handling – Retry failed Terraform plans or Docker builds with custom retry policies, and get alerts on failures.
  5. GitOps – Sync infrastructure-as-code (IaC) workflows with Git for version control and auditability.
  6. Security – Inject cloud credentials via secrets and manage access controls across teams.
  7. Multi-Cloud – Avoid lock-in by orchestrating AWS, GCP, Azure, or on-premises infrastructure in the same flow.

Example: Infrastructure Automation Flow

This workflow builds a Docker image, runs a container, provisions cloud resources with Terraform, and logs the results:

yaml
id: infrastructure_automation
namespace: devops

inputs:
  - id: docker_image
    type: STRING
    defaults: kestra/myimage:latest

tasks:
  - id: build_image
    type: io.kestra.plugin.docker.Build
    dockerfile: |
      FROM python:3.11-alpine
      RUN pip install --no-cache-dir kestra
    tags:
      - "{{ inputs.docker_image }}"
    push: false # change this to true after adding credentials
    credentials:
      registry: https://index.docker.io/v1/
      username: "{{ kv('DOCKERHUB_USERNAME') }}"
      password: "{{ kv('DOCKERHUB_PASSWORD') }}"

  - id: run_container
    type: io.kestra.plugin.docker.Run
    pullPolicy: NEVER # to use the local image we've just built
    containerImage: "{{ inputs.docker_image }}"
    commands:
      - pip
      - show
      - kestra

  - id: run_terraform
    type: io.kestra.plugin.terraform.cli.TerraformCLI
    beforeCommands:
      - terraform init
    commands:
      - terraform plan 2>&1 | tee plan_output.txt
      - terraform apply -auto-approve 2>&1 | tee apply_output.txt
    outputFiles:
      - "*.txt"
    inputFiles:
      main.tf: |
        terraform {
          required_providers {
            http = {
              source = "hashicorp/http"
            }
            local = {
              source = "hashicorp/local"
            }
          }
        }

        provider "http" {}
        provider "local" {}

        variable "pokemon_names" {
          type    = list(string)
          default = ["pikachu", "psyduck", "charmander", "bulbasaur"]
        }

        data "http" "pokemon" {
          count = length(var.pokemon_names)
          url   = "https://pokeapi.co/api/v2/pokemon/${var.pokemon_names[count.index]}"
        }

        locals {
          pokemon_details = [for i in range(length(var.pokemon_names)) : {
            name  = jsondecode(data.http.pokemon[i].response_body)["name"]
            types = join(", ", [for type in jsondecode(data.http.pokemon[i].response_body)["types"] : type["type"]["name"]])
          }]

          file_content = join("\n\n", [for detail in local.pokemon_details : "Name: ${detail.name}\nTypes: ${detail.types}"])
        }

        resource "local_file" "pokemon_details_file" {
          filename = "${path.module}/pokemon.txt"
          content  = local.file_content
        }

        output "file_path" {
          value = local_file.pokemon_details_file.filename
        }

  - id: log_pokemon
    type: io.kestra.plugin.core.log.Log
    message: "{{ read(outputs.run_terraform.outputFiles['pokemon.txt']) }}"

Getting Started with Infrastructure Automation

  1. Install Kestra – Follow the quick start guide or the full installation instructions for production environments.
  2. Write Your Workflows – Configure your flow in YAML, declaring inputs, tasks, and triggers. Tasks can be anything from Docker, Terraform and Ansible plugins, to tasks running CLI commands on AWS/GCP, custom scipts in any language, queries to databases, or API calls. Add retry, timeout, concurrency or taskRunner settings to scale tasks dynamically and manage the orchestration logic.
  3. Add Triggers – Execute flows manually, on schedules (e.g., nightly redeploys), or via event triggers (e.g., GitHub webhooks, S3 file uploads).
  4. Observe and Manage – Use Kestra’s UI to track Terraform plan or Ansible playbook outputs, Docker build logs, resource usage, logs, execution states, and dependencies across systems.

Next Steps

  • Explore plugins for Docker, Terraform, Ansible, Script tasks (Python, Go, Shell, Powershell, Ruby and more), and cloud providers.
  • Explore Task Runners for scaling custom scripts and containers.
  • Read how-to guides on how to integrate with Grafana, Prometheus, and other monitoring tools.
  • Explore video tutorials on our YouTube channel.
  • Join Slack to ask questions or contribute bug reports and feature requests.
  • Book a demo to discuss how Kestra can help orchestrate your infrastructure workflows.

Was this page helpful?