Terraweek#Day01-Terraform Basics and Understanding of Iac

Basics of Terraform:

What is Terraform?

Terraform is an infrastructure as code (IaC) tool that allows you to create, manage, and update infrastructure resources such as virtual machines, networks, and storage in a repeatable, scalable, and automated way.

Why Terraform is a popular choice?

The top 5 benefits of using Terraform:

These are my top reasons why you should choose Terraform as the tool of choice when it comes to infrastructure provisioning and automation.

#1. Terraform is OpenSource, platform-agnostic and backed by HashiCorp

Terraform is an OpenSource Infrastructure as Code (IaC) tool, created by HashiCorp, a San Francisco-based company that is the leader in infrastructure automation for multi-cloud environments.

And because Terraform is platform-agnostic, it makes it the best Infrastructure as Code (IaC) solution to configure, test and deploy infrastructure across multiple cloud providers such as AWS, Azure, GCP, DigitanalOcean, and more.

This means that DevOps teams can use one unified, consistent solution to manage each of their cloud infrastructures.

And better still, Terraform is written in Go which is known as one of the most efficient programming languages.

#2. Terraform is Declarative

The Terraform language is declarative which means it describes an intended goal rather than the exact steps needed to reach that goal.

So Terraform itself is responsible for figuring out how to achieve that state without actually defining all the steps because the current state of the infrastructure is fully captured in the code.

State management is a key component of any long-term project, and Terraform keeps track of all changes in the environment.

#3. Terraform is Agentless

Most Infrastructure as Code (IaC) and automation tools are agent-based.

They require you to install agent software on each server that you want to configure.

The agent is typically running in the background on each server and is responsible for installing the latest configuration management updates.

But the beauty of Terraform is that it doesn’t require any software to be installed on the managed infrastructure.

This means that Terraform can be easily installed and used.

#4. Terraform uses a modular structure

Terraform modules are a powerful way to reuse code and stick to the "DRY" principle which means "Do Not Repeat Yourself".

What is a module in Terraform?

Terraform modules are comparable to functions in programming languages.

Using modules you'll have a standard interface for creating resources by providing inputs and returning outputs.

These modules will help you to organize configuration, encapsulate configuration, re-use configuration, provide consistency and ensure best practices.

And because you have the code in a single place and can import that code into different parts of your configuration, you'll also decrease the number of errors.

#5. Terraform has a large community with enterprise support options

When you pick a technology, you are also picking a community to help you learn or use that tool.

You might not think it matters, but the community ecosystem around a project can have a huge impact on your experience with that technology because it determines how many people contribute to the project, how many integrations and extensions are available, how easy it is to find help online on professional forums like StackOverflow, and how easy it is to hire a consultant if you need help.

Infrastructure as Code (IaC):

HashiCorp itself describes Terraform as a freely available Infrastructure-as-Code software. The basic idea is that infrastructure can be defined and configured by software.

For instance, imagine that you have to create different servers, load balancers, VPCs, etc. in the AWS Console and possibly change them again and again. Instead of handling this manually by logging into the AWS Console, you just do it in code. If you need to copy a server, then you just increase the count of your servers inside your Terraform code.

Key Concepts and components in Terraform

The official Terraform documentation describes https://developer.hashicorp.com/terraform/language,Read it carefully to understand the rest of this section.

This section describes key concepts which are used inside the book.

Resource

Resource is aws_vpc, aws_db_instance, etc. A resource belongs to a provider, accepts arguments, outputs attributes, and has a lifecycle. A resource can be created, retrieved, updated, and deleted.

Resource module

Resource module is a collection of connected resources which together perform the common action (for e.g., AWS VPC Terraform module creates VPC, subnets, NAT gateway, etc). It depends on provider configuration, which can be defined in it, or in higher-level structures (e.g., in infrastructure module).

Infrastructure module

An infrastructure module is a collection of resource modules, which can be logically not connected, but in the current situation/project/setup serves the same purpose. It defines the configuration for providers, which is passed to the downstream resource modules and to resources. It is normally limited to work in one entity per logical separator (e.g., AWS Region, Google Project).

For example, terraform-aws-atlantis module uses resource modules like terraform-aws-vpc and terraform-aws-security-group to manage the infrastructure required for running Atlantis on AWS Fargate.

Another example is terraform-aws-cloudquery module where multiple modules by terraform-aws-modules are being used together to manage the infrastructure as well as using Docker resources to build, push, and deploy Docker images. All in one set.

Composition

Composition is a collection of infrastructure modules, which can span across several logically separated areas (e.g.., AWS Regions, several AWS accounts). Composition is used to describe the complete infrastructure required for the whole organization or project.

A composition consists of infrastructure modules, which consist of resources modules, which implement individual resources.

Simple infrastructure composition

Data source

Data source performs a read-only operation and is dependant on provider configuration, it is used in a resource module and an infrastructure module.

Data source terraform_remote_state acts as a glue for higher-level modules and compositions.

The external data source allows an external program to act as a data source, exposing arbitrary data for use elsewhere in the Terraform configuration. Here is an example from the terraform-aws-lambda module where the filename is computed by calling an external Python script.

The http data source makes an HTTP GET request to the given URL and exports information about the response which is often useful to get information from endpoints where a native Terraform provider does not exist.

Remote state

Infrastructure modules and compositions should persist their Terraform state in a remote location where it can be retrieved by others in a controllable way (e.g., specify ACL, versioning, logging).

Provisioner:

Terraform Provisioners are used to performing certain custom actions and tasks either on the local machine or on the remote machine.

The custom actions can vary in nature and it can be -

Running custom shell script on the local machine
Running custom shell script on the remote machine
Copy file to the remote machine

Also there are two types of provisioners -

Generic Provisioners (file, local-exec, and remote-exec)
Vendor Provisioners (chef, habitat, puppet, salt-masterless)

Generic Provisioners - Generally vendor independent and can be used with any cloud vendor(GCP, AWS, AZURE)

Vendor Provisioners - It can only be used only with its vendor. For example, chef provisioner can only be used with chef for automating and provisioning the server configuration.

Providers, which are plugins for Terraform that extend it with support for interacting with various external systems.

Modules, which allow splitting out groups of Terraform configuration constructs (written in the Terraform language) into reusable abstractions.

Installation part:

Refer this link for terraform installation:https://phoenixnap.com/kb/how-to-install-terraform and verify version once installed.

terraform -version

Define your first Terraform config file:

Create an initial Terraform config file, filling in your own values.

Terraform will process any files with a .tf extension. As the configuration becomes more complex, you will want to split the config into separate files and modules. For now, proceed with a single file.

Create the main.tf configuration file and then create and apply an execution plan.
Use init, plan, and apply to finish our configuration.

terraform init — Initialize the working directory.

terraform plan**-**Create a Terraform Plan.

The terraform plan command generates an execution plan, allowing you to see a preview of the infrastructure modifications that Terraform intends to make. As soon as Terraform produces a plan, it:

Reads the current state of any existing remote objects to ensure that the state is up to date.
Compares the current state to the previous state, noting any differences.
Proposes a set of change actions that, if executed, should cause the remote objects to match the configuration

terraform apply — Creates or updates infrastructure depending on the configuration files. By default, a plan will be generated first and will need to be approved before it is applied.

The simplest approach to use terraform apply is to execute it without any arguments at all. In this instance, it will automatically generate a new execution plan (just as if you had executed terraform plan) and then ask for your approval before carrying out the stated actions.