Sqills fast-tracks its Terraform automation with Spacelift

We spoke to Don Pinkster, cloud infrastructure lead at Sqills, about how Spacelift takes care of the company’s Terraform automation. 

Used by leading European transportation operators such as SNCF, Eurostar, SJ, and Renfe, S3 Passenger must be unfailingly available and performant to maintain a consistently efficient service for transport operators. To ensure this reliability and accommodate ongoing and future expansion, Sqills began migrating to the cloud in 2018 and adopted Terraform to manage its cloud infrastructure. 

At the time, their customer base was much smaller than it is today, so it was easy to automate Terraform using a combination of Bash scripts and Makefiles. As cloud infrastructure lead Don Pinkster recalls, “This approach served us well for an extended period, but our growth in the last couple of years has revealed its inefficiencies. Right now we have over 40 production customers across the world. Our software is mission-critical for them to operate their business.”

Each new customer means a multitude of new environments for Sqills, making it impractical for a small team to keep everything up-to-date and automated. “Keeping track of 250 plus environments needing updates and identifying those with configuration drift became more challenging, while the cognitive load also increased with the continual expansion of our infrastructure,” explains Don. “That’s when we started looking into how to automate it more efficiently.”

Sqills started to explore their options for automating Terraform. “We tried Atlantis, but the integration with Bitbucket Datacenter was not optimal. And Terraform Enterprise did not meet our requirements.”

Sqills came across Spacelift at AWS Summit Berlin in 2022. The platform seemed to be a good fit for the company’s needs, so they continued the conversation after the summit, getting a demo and starting a free trial. After further investigation, it became clear that they didn’t need to look any further: They could manage everything through Terraform with Spacelift. Sqills has a pragmatic approach to adopting new products. As Don explains, “if you try it and it’s good enough, and the price is good — then go for it!” 

Audit trails are a big win for Sqills since adopting the Spacelift platform. As a service provider that processes payment card data, Sqills must comply with the Payment Card Industry Data Security Standard (PCI DSS), ISO 9001 and ISO 27001. Given the scale of Sqills’ customers, “trying to manage Terraform with Bash and Makefiles just was not good enough. And because we have multiple audits a year for both PCI and ISA, sometimes they ask for the same things, so we can just show screenshots of our Spacelift implementation or screen-share.”

Policies are another feature of Sqills’ model in terms of enhanced efficiency and control. “We have some policies in place with Spacelift so that if a pull request is merged and it’s an internal test environment, we apply the Terraform without having to review it. But if it’s a production or acceptance environment, two different people have to approve the pull request.” Spacelift’s approval policy means they can create sophisticated run review and approval flows in line with their specific workflow, security, and business objectives. 

Productivity at Sqills has accelerated dramatically. Don explains how adopting Spacelift to automate its Terraform has transformed Sqills’ lead time to change: “Every customer of ours is its own installation of S3 Passenger. So we have a lot of environments — currently more than 250 environments. Previously it could take weeks before we actually applied a change on an environment. But now when we make a change, we get notified automatically by Spacelift. And we can say ‘Apply it all’, for example, because it’s very easy to do instead of checking every environment.”

For Sqills, Spacelift’s transformative effect boils down to automation. “If you integrate properly, you don’t use Spacelift that often — because it just works,” explains Don. And that means Sqills can get on with the business of empowering passenger transport operators around the world, confident that they don’t have to think about their infrastructure.

“If a platform like Spacelift didn’t exist, I think we would have developed something ourselves, but if you look at the price point of Spacelift, it’s just not worth the effort for us to do that,” says Don. “I think many years ago we would have built it ourselves because we were quite small, but we’ve grown a lot in the last couple of years, so it makes more sense to not always build a thing ourselves — no matter how fun it can be!”

For companies that may be outgrowing their current in-house approach to infrastructure management, Don highlights several areas where the Spacelift platform can help. “Spacelift is really worth it if you initially invest your time in configuring it. If you’re not used to policies, they can be hard to get into — but now Spacelift has a repository with examples of policies.” 

He points out that adapting CI/CD tools to manage your infrastructure can work well for smaller organizations — up to a point: “You can do quite a lot with CI/CD pipelines, but it’s the last steps that are really hard to do and take time and effort. And Spacelift does it for you.”

For organizations without dedicated infrastructure teams, Don believes the visualization Spacelift offers can be particularly helpful. “We are a dedicated cloud team, so we work with infrastructure 40 hours a week. But if you don’t have these resources available and you spend, let’s say, 20% of your time on infrastructure, and the rest on development, sometimes you just forget what’s there. Then the visualization Spacelift offers can be really useful.”

Ultimately, Sqills’ automation-first focus allows it to scale its infrastructure as the business demands — while Spacelift minimizes the manual effort required to deliver that infrastructure and embed security and compliance requirements into the delivered services. 

“We are used to the fact that Spacelift just works — so we don’t use it that much. And that’s good,” concludes Don.