Terraform 101
Again an article which was long overdue. One of the finest tools out there(Terraform)
FAQ’S
- Why should I use Terraform, if I am already using AWS Cloud Formation or Openstack Heat?
- Why should I learn something new (I am happy with what I know, just want to maintain it and retire soon)
- What is Infrastructure Provisioning? (IAC = Infrastructure as Code)
- What the hell is Terraform?
All questions will be answered (Have patience, the only virtue a human being should posses)
Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently.
Terraform is a tool by Hashicorp. (Yes the same company which has given us tools such as Vault, Consul & Packer)
Terraform can provision infrastructure across many different types of cloud providers, including AWS, Azure, Google Cloud, DigitalOcean, and many others. I picked Amazon Web Services (AWS) because of its Free Tier Service. (Ofcourse which others do provide)
The language used by Terraform is HCL(Hashi Corp Configuration Language)
AWS Cloud Formation = AWS CloudFormation is a service that gives developers and businesses an easy way to create a collection of related AWS and third party resources and provision them in an orderly and predictable fashion
Openstack Heat = Heat is the main project of the OpenStack orchestration program. It allows users to describe deployments of complex cloud applications in text files called templates. These templates are then parsed and executed by the Heat engine. Heat was born as the counterpart to the CloudFormation service in AWS
Q) What is HCL?
A) HCL is a configuration language authored by HashiCorp. HCL is used with HashiCorp’s cloud infrastructure automation tools, like Terraform. … It is JSON compatible, which means it is interoperable with other systems outside of the Terraform product line
https://github.com/hashicorp/terraform = It lives here in Github
Initial Release = 2014
Stable Release = 0.12.23 (05/03/2020)
Terraform enables you to safely and predictably create, change, and improve infrastructure.
Terraform will deploy infrastructure for us on any Cloud Service Providers Infrastructure. ( That does not mean Terraform is Cloud Agnostic)
Infrastructure as Code (IaC) automates the provisioning of infrastructure, enabling your organization to develop, deploy, and scale cloud applications with greater speed, less risk, and reduced cost.
Pre-requisites
- AWS Account (Free Tier)
I already have my AWS Account & there are many blogs out there,showing you how to create one.
System Configuration
Cpu = 2vcpu
RAM = 2 GB
HDD = 50 GB
This is my machine configuration. Anything around 1vcpu, 1gb ram and 20 GB HDD space will be fine
I have downloaded terrform_0.11.8.zip
Using unzip tool to extract
Terraform binary
Moving Terraform binary to /usr/local/bin
terraform version
terraform init = Initializes Terraform in an empty directory
The terraform init command is used to initialize a working directory containing Terraform configuration files. This is the first command that should be run after writing a new Terraform configuration or cloning an existing one from version control. It is safe to run this command multiple times
Creating a file base.tf (just a random name, you can change it)
Q) What is .tf ?
A) The Terraform language uses configuration files that are named with the .tf file extension. There is also a JSON based variant of this language,that is named with the .tf.json file extension
Here, I am telling terraform to create an AWS resource for me (aws_instance)
aka EC2/virtual machines
AMI= An Amazon Machine Image is a special type of virtual appliance that is used to create a virtual machine within the Amazon Elastic Compute Cloud
Here I am giving the AMI id.
instance_type = t2.micro
T2 instances are a new low-cost, General Purpose instance type that are designed to provide a baseline level of CPU performance with the ability to burst above the baseline
Simply put, I am telling terraform to create an EC2 instance for me & the instance type should be t2.micro.
region = us-east-1
Regions. AWS has the concept of a Region, which is a physical location around the world where we cluster data centers. We call each group of logical data centers an Availability Zone. Each AWS Region consists of multiple, isolated, and physically separate AZ’s within a geographic area.
Contents inside my base.tf
Q) Why have you erased the access_key/secret_key?
A) When I am telling terraform to create EC2 instance for me. Terraform should know my access_key and secret_key to hit the API and create resources for me.
Hence in the provider section. I am telling terraform, my proivder is aws
and giving me access_key/secret_key
AWS Access Keys. Access Keys are used to sign the requests you send to Amazon S3. Like the Username/Password pair you use to access your AWS Management Console, Access Key Id and Secret Access Key are used for programmatic (API) access to AWS services. You can manage your Access Keys in AWS Management Console
Now to be frank, it is not ideal to declare your access key in a file.
We can use variables or declare access key/secret key as environment variables.( To be discussed in Next Article)
The terraform plan command is used to create an execution plan. Terraform performs a refresh, unless explicitly disabled, and then determines what actions are necessary to achieve the desired state specified in the configuration files
The terraform apply command is used to apply the changes required to reach the desired state of the configuration, or the pre-determined set of actions generated by a terraform plan execution plan
Terraform uses declarative language
Q) What is declarative language?
A) Declarative languages, also called nonprocedural or very high level, are programming languages in which (ideally) a program specifies what is to be done rather than how to do it.
Now you can see ,instance is created.
Q) What is computed? (A big shout out for those who are good observers)
A) It means that the value wont be known until the resource is created
terraform destroy
The terraform destroy command terminates resources defined in your Terraform configuration. This command is the reverse of terraform apply in that it terminates all the resources specified by the configuration. It does not destroy resources running elsewhere that are not described in the current configuration
This is just the tip of iceberg. Terraform has much more to offer which will be discussed in future articles
Folks I feel that’s it for Terraform101 (Part-I). Many more to come. I hope you enjoyed as I did.
For any comments or feedback you can mail me at csemanit2015@gmail.com
Summary
- Terraform Introduction
- Installing Terraform
- Creating EC2 Instance using Terraform HCL
