Search This Blog

Terraform Basics

What is Terraform?

  • Terrafrom is a tool for infrastructure provisioning.
  • Terraform automate and manage your infrastructure, your platform, and services that run on that platform.
  • Terraform can manage existing and popular service providers as well as custom in-house solutions.

    Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied.
  • Terrafrom is opensource and use declarative language.

Terraform Architecture


 Type of files

  • tf --> configuration files
  • tfvar --> holds variable value
  • tfplan --> create a complete plan to create resources
  • tfstate --> Current state of provisioned resources 

Terraform State

Terraform maps resources and their configuration on specified infrastructure by storing their state. Any change in infrastructure first compared with existing state and accordingly it creates a plan to create or modify resources on target infrastructure (on prim or cloud).
  • Local
  • Remote: Azure, AWS, NFS, Terraform Cloud
  • Locked while changes take place

Terraform Providers

  • Collection of Resources and Data Sources
  • Available for IaaS, PaaS & SaaS offerings
  • All Providers are  open source and written by the community or by HashiCorp
  • Written in Go language 
  • Can create multiple instances of the same provider
  • Terraform supports 100s of providers and each provider gives access to their resources.

Terraform Provisioner

  • Used to configure resources after resource creation.
  • Local or Remote
  • Last resort
  • Used for creation or destruction 
  • Can use multiple improvisers (order is important)
  • If anything goes wrong we need to destroy resources manually. Terraform will just stop the process.
  • Puppet and Chef configuration management framework can be used instead of Terraform Provisioners.
provisioner "file" {
    Connection{
    }
}
  • File Provisioner - with in line file content
provisioner "file" {
    Content = <<EOF
    key = value
    key1 = value1
    EOF
    destination ="/home/ec2-user/.s3cfg"
}
  • Remote execution provisioner - To execute cmaands
provisioner "remote-exec" {
    inline = [
    "sudo yum install nginx"
    "sudo service nginx start"
    ]
}

 

Variables

  • Name, type, default. Name is mandatory, type and default is optional. If default value is not deterministic Terraform will ask it on command prompt. 

variable "environment_name" {

    type= string

    default = "development"

environment_name = "uat"

#Specify variable in-line

terraform plan -var 'environment_name=production'

  • Value Type 
    • Terraform 12 onward, it support more value type then string
    • String string ="mehta"
    • Number number =1
    • Boolean bool = true
    • List list = ["Vipul", "Mehta"]. All values must be of string type
    • Map map = {name = "Vipul", age = 42, vegiterian = true }. Key value pair. All key values can be of different value type.
  • Reference Type
    • local.loopCount
    • local.employees[2]
    • local.employee["Vipul"]
  • Multiple sources
    • File
    • Environment Variable
    • var option
  • Overriding variables and precedence
    • Environment, file, command line

Terraform Syntax

  • Using HashiCorp configuration language
  • Comment using #
  • Not JSON --> not friendly, not human-readable or editable
  • Not YAML --> Due to support for configuration syntax & expressions
  • Support conditionals, functions, template, etc.
  • Blocks 
    • could be variable | data source | resource
    • Can have embedded block
    • Contains key-value pair
  • Interpolation
    • temp = "${var.subject}-template" 
  • Functions
    • In-line into configuration.
    • Func_Name(arg1, arg2...)
    • Arguments can be optional
    • Arguments are position not named
    • Supports nested function calls
    • Sub-command "console" to evaluate functions
    • Function is divided into several categories after version 12
      • Numeric
      • String
      • Collection --> work with list and maps
        • merge
      • Filesystem
      • IP Network
      • Date and time function
        • timestamp()
  • Terrafrom support heredoc syntax for strings using << operator
  • Resource Arguments
    • depends_on
    • count
    • for_each
    • provider
 
block1 typeName localName{
key = value ,
key1 = value1
}

Commands 

terraform version

 

terraform init 
  • initialize provider
terraform plan -out m3.ftplan 
  • The execution plan shows what Terraform will do when you call apply.
  • look into config in the present working directory, check the environment. create a plan to create/modify resources.
  • look for tf file and create a plan to provision resources 

terraform apply m3.tfplan  
  • execute what is there in the plan.
  • Stores state in terraform state file in the same directory
  • Terraform builds a graph of all your resources, and parallelizes the creation and modification of any non-dependent resources. Because of this, Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure. 
  • provision resource and create a state file, so that changes can be matched for next time. 
terraform show

terraform output


Secret Management

  • Variable files
  • environment variables
  • secretes management solutions
 
Notes: If you are creating/modifying resources using terraform always use terraform. Do not mix and make manual modifications.

By
Labels: , , ,