Terraform-Quick overview
Terraform, a tool created by Hashicorp in 2014 is written in Go. This tool aims to build, change and version control your infrastructure. This tool has a powerful and very intuitive Command Line Interface.
Section-1 — Installation
Step1: Download the zip file into the machine using the below command
wget https://releases.hashicorp.com/terraform/0.13.4/terraform_0.13.4_linux_amd64.zip
Step2: Unzip the downloaded file to /usr/local/bin directory using the below command and check the version of terraform (command- terraform -v) for confirmation of software.
unzip ./terraform_0.13.4_linux_amd64.zip -d /usr/local/bin/
If zip is not available in machine, install using the below command.
sudo yum install wget unzip
rm terraform_0.11.10_linux_amd64.zip
Step3: Setup your AWS account with terraform
Pre-requisites — AWS Account & AWS User credentials — AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
For AWS user, make sure you provide the EC2 access to the user in AWS. I have provided the AmazonEC2FullAccess to the user.
After creating the user, please download the user credentials csv file where we have the access key and secret key
Now, we save this csv file to pass user credentials in two ways — one in the provider section of our terraform script and second we can also use command like below.
Section-2 — Usage/Practice on Terraform
Now we are ready with the setup and credentials, we will now jump to provisioning infrastructure.
We start with writing a provider (responsible for communicating with external APIs of a particular service/technology) and a resource (each resource corresponds to a particular infrastructure element viz., server or a load balancer)
terraform — version
- This command will show us what version of terraform we are using.
terraform init
- This command is used to create a terraform template. This will download all the plugins necessary for provider for the terraform template to execute. Each provider is developed and distributed by terraform or terraform community. Basically it downloads all the plugins necessary for provider.
terraform plan
- This command will show us what our terraform script will do.
- To store the plan to a output file, we can write our command as below
terraform plan -out <filename>.out
- When you execute terraform plan command, terraform will scan all *.tf files in your directory and will create the plan.
terraform apply
- This command will apply the plan that is created through script above. By default this command will tell what terraform will do and then ask for confirmation from user.
- To store the applied plan to a output file, we can write our command as below
terraform apply plan.out
- To apply only a specific module using the template, we can use -target option as below,
terraform apply -target=module.s3
terraform destroy
- Delete all the resources created using the terraform apply command.
- -target option allow to destroy only one resource, for example to destroy the S3 bucket,
terraform destroy -target aws_s3_bucket.<bucket-name>
terraform console
- The Terraform console command is useful for testing interpolations before using them in configurations.
terraform validate
- Validate command is used to validate/check the syntax of the Terraform files. A syntax check is done on all the terraform files in the directory, and will display an error if any of the files doesn’t validate.
terraform state pull
- Pull remote state in a local copy.
terraform state pull > terraform.tfstate
terraform.tfstate, This is the file that is kept by terraform to keep the state of the resources related.
terraform state push
- Push state in remote backend storage.
terraform state push
This command is usefull if for example you originally use a local tf state and then you define a backend storage, in S3 or Consul…
terraform import
- If you have an existing resource in your infrastructure provider, and you want to it in your Terraform state, then we use terraform import command.
terraform import aws_iam_policy.elastic_post arn:aws:iam::123456789:policy/elastic_post
terraform workspace
- To manage multiple distinct sets of infrastructure resources/environments we use terraform workspace. Instead of creating a whole new directory for each environment, we need to just create needed workspace and use them.
terraform workspace new dev — This command creates a new workspace and then automatically selects it
terraform workspace select dev — This command selects a workspace
terraform workspace list — This command lists workspaces, output as below,
default
* dev
prelive
terraform workspace show — This command shows current workspace.
terraform init
terraform plan
terraform apply
Tag name changed and reapplied
Instance Destroyed
Small introduction regarding how variables are declared and handled
Below is the sample code that we can write in the variables file.
variable “region” {
default = “ap-southeast-1”
}
variable “ami_id” { #(considered as object)
default = {
ap-southeast-1 = “ami-03faaf9cde2b38e9f”
ap-southeast-2 = “ami-076e39b6b14e3bb20”
ap-south-1 = “ami-026669ec456129a70”
}
}
To test this, how can we read the values in the main terraform plan, we can practice the code through terraform console. Terraform console is an interactive mode feature given in terraform where we can test interpolation. Run the below commands,
terraform console
To get the Map value from the Map variable,
var.ami_id[var.region]
To get the value from the lookup function
lookup(var.ami_id, var.region)
The below code snippet shows, how we can declare a listvariable
variable “listvariable” {
default = [“t2.nano”, “t2.micro”, “t2.small”, “t2.medium”] #(tuple)
}
Run the below commands,
terraform console
To get the value from the list variable,
var.listvariable[1]
To get the value from the element function
element(var.listvariable,3)
Here you can get the terraform code related to the above examples
Okay, that’s it for now.
Keep reading and blogging.
