Getting started with Terraform
Infrastructure as Code(IaC) as the name stands is a practice, where resources in the cloud are maintained as code, so they can be treated like code; manage different versions, collaboration, backup and consistency, naming few. Infrastructure as code can really come in handy in the situations where same setup of resources are deployed on different environments, or where resources are required temporarily, for instance, a test environment for a particular feature, or to create for instance, a pilot-light DR environment, where few major components are kept running, and rest of the resources could be created automatically with Infrastructure as code. This assures lower costs, consistency, is less prone to human error, and speed.
There are few Infrastructure as Code tools available and Terraform is by far the most popular one. Terraform supports configuration for almost all the major Cloud Service providers; AWS, Azure, GCP, to name a few. We are going to start a journey of creating infrastructure in AWS with Terraform where we would begin by installing Terraform and then move towards Terraform best practices. We will be using Ubuntu 20.04 and Terraform version Terraform v1.0.11.
Terraform will create resources in AWS. We will try to remain inside the Free-tier throughout the course, but some of the resources do not lie on the AWS Free tier so it might cost you. Do not forget to destroy the resources immediately after you are done. I will be creating an EC2 instance and run terraform from there. You can do the same as well or install it on your machine as well.
- Terraform uses the CLI client and that requires some familiarity with one of the command line tools.
- Terraform creates resources on AWS itself, hence an AWS account is required to follow through the tutorial.
- This tutorial requires enough experience of building resources on AWS manually.
- In the later part of the series, we are going to build VPCs and use Subnets. So, you are expected to have a good understanding of how networking is done inside an AWS environment.
- Using remote repositories is one of the most fascinating and crucial parts of IaC. So, you should have a Github account and are expected to know how git works and basic git commands.
Now that we have all the prerequisites explained, let’s start the tutorial by installing Terraform.
Install Terraform on Ubuntu
I am going to install Terraform on my own machine. You can create an EC2 instance and install Terraform there as well.
To verify the installation
You could go through following link to look into installing Terraform on Windows and OS X.
Now that we have installed terraform, let’s start creating the simplest of architecture to get started with on AWS to see exactly how Terraform works.
Create infrastructure using Terraform
To create resources with Terraform, the least requirement is to specify the resource and cloud provider. Let’s separate them into two different files; provider.tf and main.tf.
Keep in mind that the terraform files within an infrastructure should always be maintained inside a directory. Terraform files have extensions of .tf. So while we run terraform, it will look for all the files inside the directory. The files provider.tf and main.tf are not mandatory but are a general practice.
Following is the content of provider.tf. In provider file, we specify the cloud provider, AWS in this case and the default region we want to build our resources. You can find more about AWS regions and Availability Zones here.
A better practice is to separate the variables from the main resource file. Variables in terraform are used as in any other programming language, to hold the value for configuration. The same configuration could be structured as:
And the variables file, variables.tf:
The filename variables.tf is a standard/general name for variable files. Terraform knows this filename and can take variables from them directly. If you want to name your variable something else, you can define your variable file while running terraform as
terraform apply -var-file=”<file-path>”
Finally, our file structure looks like:
For Terraform to understand the configuration, it must be first initialized inside the directory that contains our code. Once terraform is initialized it can look into our configuration and create plan to build our resources accordingly. The steps to create any infrastructure with Terraform are; terraform init, terraform plan and terraform apply in that order.
terraform init initializes terraform state inside the directory according to the provider, AWS in this case.
terraform plan does a dry run with the provided instructions and shows the overview of the resources that are going to be built with the provided configuration. If there are errors while in the code somewhere, it shows errors and doesn’t complete the plan.
Apply terraform changes
If the output of the dry run is what we need, we can now go ahead and build our resources using terraform apply. If you log into the AWS console, you should be able to see the EC2 instance we just created.
Terraform state files
If you look inside your directory Terraform, you should be able to see a new file being created, named terraform.tfstate. This file is the terraform state file, which is in the json format that contains the information about all the resources that terraform created.
So now let’s add another block for a second instance as a backend instance of our application in the same file and see how terraform state works. Save the file and hit terraform plan. The main.tf looks like this now;
And variables.tf as:
Terraform looks into its state file and understands that it has already created a web instance and it needs to create the resource for the only block that has been added. That’s why it creates a resource for the resource block that was added recently. Go ahead and run terraform apply to create the resource.
State files allow terraform to complete the deployment of resources if the build process fails for one or more reasons. Terraform can look into the state file and can resume the deployment from where it was interrupted.
Destroying the resource
Now we have understood how the state files work in terraform, we can now go ahead to understand how “destroying” terraform works. When “terraform destroy” is hit, terraform looks into its state file and destroys all the resources that exist in the terraform state file.
There are other operations you could to with terraform destroy using targets which are mentioned in more detail at Destroy Command — How to Destroy Resources from Terraform
Pushing to code to the Github repository
As discussed earlier as well, one of the most fascinating features of IaC is that it can be treated as code. So, let’s put that into practice and create a remote repository to store our code. We are using Github but any other remote repository is just as fine.
Before pushing our changes to Github, let’s create a README.md file with details about our code and how to run the code.
Contents of README.md
Let’s create a repository on github and initialize it in our directory.
There you go ! You built your first infrastructure on AWS using terraform.
Now that we have looked into the basics, let’s move to better practices and more advanced stuff.