Terraform is a DevOps tool used extensively and I would say it is the favourite tool of engineers to provision/create the infrastructure for their application using a declarative approach. Infrastructure can comprise of any service or resource relating to that deployment platform; for example AWS, Azure,Vmware,Kubernetes etc. One of the key features of Terraform is its ability to support multiple cloud providers. This means that organizations can use Terraform to manage their infrastructure no matter where it is deployed – whether that’s on-premises, in the cloud, or across multiple clouds. This level of versatility and support for multiple platforms makes Terraform an ideal solution for organizations with complex, multi-cloud infrastructure environments.
Generally whenever we want to create or provision any resource on any platform , we do it with the help of the graphical user interface of that platform but terraform is all about a declarative approach to create infrastructure.
The question comes here “Why Terraform!!“
It all comes down to “Infrastructure as code “,now instead of manual provision of resources by the sysadmins ,we can write a declarative template containing all my infrastructure resources as a “Code”. This code template is really easy to understand and written in Hashicorp language by the user and then executed with the help of terraform cli commands. The below snippet gives a brief idea of how this declarative code template looks like :
So, now instead of manually doing all the deployments, we can mention all the components of our infrastructure as infrastructure as code as show above and keep infrastructure intact.
Advantages of using terraform as Infrastructure as Code:
- Maintains the state and Refreshes the state before each apply action. Terraform state is the source of truth. If a change is made or a resource is appended to a configuration, Terraform compares those changes with the state file to determine what changes result in a new resource or resource modifications.
- You can automate the creation and deployment of the resources using IAC instead of creating them manually through graphical user interface.
- Now, there is no need to track what changes we have done in our deployments nor any need to memorize what implementations we have done while provisioning as we can track the state of our documented declarative infrastructure code easily.
- You can store the desired state of your infrastructure (your IAC code ) in your source code repositories so that in case of any failure or if someone did any changes in your infrastructure , you can revert it anytime as you already have your whole infrastructure as a declarative code.
- You can audit your infrastructure time to time so that no new resource is being added or configured and revert it back to our desired state in the way we declared it in our IAC code with just few clicks and types.
- You can use the reusable, documented, infrastructure code that makes it easier to scale your application infrastructure.
Terraform’s Peers in the industry:
Now lets discuss about the peers of terraform tool in the IT industry nowadays . Some of the most trendy ones are listed below:
- Chef
- Puppet
- Ansible
- Pulumi
- Cloudformation
Today’s world is a world of fierce competetion and a great business differentiator is what all the above tools are aiming for , but WHAT TO CHOOSE !!! As all of above listed tools are Infrastructure as Code management tools and can provide you with best results in your organistations , lets try to get into a slight more detail to decide when to choose which tool.
What and when to choose !!
When we want to deploy our application , the first thing we need is a resource . Generally the process of creation of a resource whether its for any platform (AWS, azure, GCP, kubernetes, etc) is called Provisioning . So the tools which are currently used for provisioning purpose are CloudFormation, Heat, Pulumi, and Terraform. You can provision any resource in your environment (load balancers, Iam users , S3 bucket , virtual machines , network security groups , etc )
Now when the resources are created ,they need to be configured as well. For and example , consider you have deployed 50 servers using a provisioning tool like CloudFormation, Heat, Pulumi, or Terraform , now you need to find a way to automated the configuration on those resources ( servers ) as well. This job is being done by Configuration management tools. This configuration can be any change or software deployment on all the provisioned servers at once .
This process of configuring all the resources at once is called Configuration management and is being achieved by the tools like Chef, Puppet, and Ansible.
Terraform architecture and operations:
A terraform code is divided into set of particular blocks in which we as a user add the required information according to the provider we are using . Provider here refers to which deployment platform we want our resources to get created on .
Lets see that with an example in which we will create an ec2-instance using terraform with simple steps listed below :
Note: Ec2-instance is an AWS based resource (virtual machine/server)
1. Terraform installation:
Terraform can be installed on various environments be it windows or linux. The steps to install terraform are given on hashicorp’s website in the following link: https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
Note: The above snippet is taken from terraform’s official website
2. Writing of IAC code :
After installing terraform in our environment, you will see the below message:
No, we will go ahead with writing our IAC code based on hashicorp language.
Terraform software read only the files which are in .tf file extension, so we have to take care of that while creating our declarative code for our server.
3. Use the below code and create a file ec2.tf having it as content using vi/nano editor:
provider “aws” {
region = “us-east-1”
access_key = “AKIAZ7FSO3B54HBORTGA”
secret_key = “qD7pspO2UigROMWrJBq+RDukGl+nytfe5cv7I3JA”
}resource “aws_instance” “myec2” {
ami = “ami-0dfcb1ef8550277af”
instance_type = “t2.micro”
tags= {
Name= “myfirstserver”
}
}
•There are two blocks mentioned over here above :
Provider block: A provider is responsible for understanding API interactions and exposing resources over to a particular cloud service provider. Most providers configure a specific infrastructure platform (either cloud or self-hosted).
The following snippet shows a clear interpretation of provider:
Note: Digital ocean here is a cloud service provider.
Resource block: A resource block declares a resource of a given type (“aws_instance”) with a given local name (“myec2”). The resource block consist of resources we want to create in our infra.
4. Terraform code execution commands:
Now as a final step of ours , we will execute the IAC code that we created to provision our server/ec2-instance.
There are a set of basic commands we use to execute terraform operations as listed below :
- Terraform validate:
Terraform validate will validate the terraform configuration file for the syntax of the code. - Terraform init:
Terraform init will initialize the modules and plugins.
- Terraform plan:
Terraform plan will create an execution plan and will update you what changes it going to make. It’ll update you upfront what its gonna add, change or destroy.
- Terraform apply:
Terraform apply will apply the changes and create the ec2-instance for you in your environment.It will create a tfstate file as well which basically tracks for any change in the actual state after provisioning of the resource.
5. Now, lets confirm over our AWS console if the resource is showing up over there!!
So, we were successfully able to provision a resource in our AWS environment using Terraform.
Thanks!!!
