An Introduction to Terraform Using AWS

Introduction to Terraform

Terraform is a provisioning declarative tool that is based on infrastructure as a code paradigm. It uses its own syntax – HCL (Hashicorp Configuration Language). It is written in golang. It helps to evolve you infrastructure, safely and predictably. Terraform is Open source and backed by Hashicorp company and Hashicorp Tao (guide/principles/design).

Infrastructure-as-Code

Infrastructure-as-Code (IaC) is a practice that has become mainstream with the growing popularity of public cloud providers, such as AWS, Google, and Microsoft.

In a nutshell, it consists of managing a set of resources (computing, network, storage, etc.) using the same approach developers use to manage application code.

Terraform main commands:

1. terraform init
2. terraform fmt
3. terraform validate
4. terraform plan
5. terraform apply
6. terraform destroy

Terraform Provider

• A provider is responsible for understanding api interactions and exposing resources. Most providers configure a specific infrastructure platform (either cloud or self-hosted). Providers can also offer local utilities for tasks like generating random numbers for unique resource names.
• Some eg : azure ,aws, google cloud alibaba cloud , oracle public cloud etc.

terraform.tfvars

provider.tf

variable.tf

Provisioner

Provisioners can be used to model specific actions on the local machine or on a remote machine in order to prepare servers or other infrastructure objects for service.

Resources in Terraform

• Resources are the most important element in the Terraform language. Each resource block describes one or more infrastructure objects, such as virtual networks, compute instances, or higher-level components such as DNS records.
• Some examples of resources:

1. VPC
2. Subnet
3. Internet gateway
4. Route table
5. Security groups
6. Key pair
7. Instance
8. S3
9. NAT
10. NACL

VPC

It provides vpc resource.

 

 

Subnet

It provides vpc subnet resource.

Internet Gateway

Provides a resource to create a VPC Internet Gateway.

Route Table, Route Table Association

Provides a resource to create a VPC routing table.

Provides a resource to create an association between a route table and a subnet or a route table and an internet gateway or virtual private gateway.

Security Groups

Provides a security group rule resource. Represents a single ingress or egress group rule, which can be added to external Security Groups.

Key Pair

Provides an EC2 key pair resource. A key pair is used to control login access to EC2 instances.

Instance

Provides an EC2 instance resource. This allows instances to be created, updated, and deleted. Instances also support provisioning.

S3

Provides a S3 bucket resource.

Network ACL (NACL)

Provides a resource to manage the default AWS Network ACL. VPC Only.

Output in Terraform

Resource instances managed by Terraform each export attributes whose values can be used elsewhere in configuration. Output values are a way to expose some of that information to the user of your module.

Terraform state (.tfstate)

Terraform must store state about your managed infrastructure and configuration. This state is stored by default in a local file named “terraform.tfstate”, but it can also be stored remotely, which works better in a team environment. Terraform uses this local state to create plans and make changes to your infrastructure. Prior to any operation, Terraform does a refresh to update the state with the real infrastructure.

Backend

A “backend” in Terraform determines how state is loaded and how an operation such as apply is executed. This abstraction enables non-local file state storage, remote execution, etc. By default, Terraform uses the “local” backend, which is the normal behavior of Terraform you’re used to. This is the backend that was being invoked throughout the introduction.

Import

The terraform import command is used to import existing resources into Terraform. This allows you take resources you’ve created by some other means and bring it under Terraform management.

The import cmd is triggered on the terminal to import resources from existing infrastructure.

              $ terraform import aws_instance.instance_name i-abcd1234

Modules

A module is a container for multiple resources that are used together. Modules can be used to create lightweight abstractions, so that you can describe your infrastructure in terms of its architecture, rather than directly in terms of physical objects.

The Terraform Registry hosts a broad collection of publicly available Terraform modules for configuring many kinds of common infrastructure. These modules are free to use, and Terraform can download them automatically if you specify the appropriate source and version in a module call block.

Workspaces

• Terraform starts with a single workspace named “default”.
• Workspaces are managed with the “terraform workspace” set of commands. To create a new workspace and switch to it, you can use “terraform workspace new” to switch workspaces you can use “terraform workspace select”, etc.
• Workspace commands which can be triggered on terminal :

$ terraform workspace new test

$ terraform workspace list

$ terraform workspace select test

$ terraform workspace delete test

$ terraform workspace show