Day60:Terraform

Day60:Terraform

Hello learners, you guys are doing every task by creating an EC2 instance (mostly). Today, let’s automate this process. How do I do it? Well, Terraform is the solution.

Infrastructure as code

Infrastructure as code (IaC) is the art of describing infrastructure configurations as code, allowing them to be understood, replicated, and enforced with less manual work.

IaC is also a powerful way to convert tribal knowledge into technical knowledge. It allows organizations to automate tasks and processes that would otherwise be performed manually, like managing infrastructure and provisioning resources, with benefits that have extending to platform engineering, security and compliance, network administration, and so much more.

How Does Infrastructure as Code Work?

The process of IaC starts with the writing of scripts that describe the desired state of the infrastructure. These scripts use a declarative language that describes what the infrastructure should look like, not how to achieve it and stores it in a structured way that can be reviewed, tested, and deployed automatically using version control.

Once the scripts have been written and saved, an IaC tool is used to apply them to the actual infrastructure. These tools interpret the scripts, assess the desired state of the infrastructure, and then implement the necessary changes to achieve that state.

This process can be run multiple times, and each time it will ensure that the infrastructure is in the desired state. This ensures consistency across deployments and reduces the chance of manual error.

What is Terraform?

Terraform is one of the tools we use to manage the complete lifetime of infrastructure using infrastructure as code. This entails specifying infrastructure components in configuration files, which Terraform then uses to deploy, change, and tear down infrastructure across multiple cloud providers, including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

Terraform architecture

🔹 Assume you are working in AWS and want to launch numerous Elastic Compute Cloud (EC2) instances of a specific type. In a configuration file, you specify the kind and number of instances.

# Define provider (in this case, AWS)
provider "aws" {
  region = "us-east-1"
}

# Define variables
variable "instance_count" {
  description = "Number of EC2 instances to launch"
  default     = 3
}

# Define EC2 instances
resource "aws_instance" "example" {
  count         = var.instance_count
  ami           = "ami-0c55b159cbfafe1f0" // AMI ID for the instance
  instance_type = "t2.micro"               // Instance type
}

In this example:

  • We specify that we're using AWS as the cloud provider and set the region to us-east-1.

  • We define a variable instance_count to specify the number of EC2 instances to launch. By default, it's set to 3.

  • We use the aws_instance resource type and set its count attribute to the value of var.instance_count, which means Terraform will create multiple instances based on the specified count.

  • Each EC2 instance will have the same AMI (ami-0c55b159cbfafe1f0) and instance type (t2.micro).

  • You can customize the ami and instance_type attributes according to your requirements. After creating this configuration file, follow the standard Terraform workflow to initialize, plan, and apply the changes.

🔹 Terraform utilizes that information to construct those instances via the AWS application programming interface (API). The same file can then be used to modify the configuration, such as adding or decreasing the number of instances.

🔹 Because infrastructure generally consists of many more components than just compute instances, we apply a Terraform feature called modules to group various infrastructure components into large, reusable, and shareable blocks.

Workflow of Terraform:

Terraform's process typically consists of multiple steps, including initialization, planning, implementing changes, and potentially removing resources. Here's an example workflow for Terraform to provision infrastructure on AWS:

Define Infrastructure:

Set up a directory for your Terraform project and specify your infrastructure with Terraform configuration files.

These files specify the desired state of your infrastructure resources, including virtual machines, networks, databases, and so on. The primary configuration file is typically named main.tf, although you can divide the configuration into numerous files as needed.

Terraform Work Flow

Terraform Initialize:

To initialize Terraform, execute Terraform init from the project directory. This command downloads the necessary provider plugins and configures the backend. The backend setting specifies where Terraform maintains its state file, which keeps track of the current status of your infrastructure. Run the terraform init command in the terminal, as indicated in the figure below.

terraform init

Terraform Validate

The Terraform validate command is used to validate the syntax and configuration of your Terraform files without actually applying or modifying any infrastructure. It performs a static analysis of your code and checks for any errors or warnings in the configuration.

Note: Note that terraform validation only checks for syntax errors and basic configuration issues. It does not perform any validation against the actual resources or services you are provisioning.

Terraform plan:

Run Terraform plan to generate an execution plan. This command evaluates your configuration and compares it to the current state to determine the modifications required to achieve the desired state.

It gives an overview of which resources will be added, updated, or removed. Now, add the Terraform plan command, and you will see the execution plan by Terraform.

terraform plan

Terraform Apply:

To execute the plan and make changes to your infrastructure, use Terraform apply. Terraform seeks for confirmation before proceeding. Once confirmed, it provisioned the resources based on your settings and updated the state file.

Now, when you run the Terraform apply command, you will see this as output, along with the resource you specified.

terraform apply

Verification & Modification:

After applying changes, you can verify that the infrastructure was provisioned correctly by checking the cloud provider's console, using CLI tools, or running tests against the deployed resources. If necessary, iterate on your configuration by making modifications to the Terraform files and repeating steps (plan, validate, apply again)

Destroying Resources:

When you no longer need the provisioned infrastructure, you can use Terraform to destroy the resources. This step is important to avoid incurring unnecessary costs.

terraform destroy

Why we use Terraform?

Terraform is a powerful tool for managing infrastructure as code, offering various features:

  1. Declarative Syntax: Terraform uses a declarative configuration language (HCL or JSON) to define the desired state of infrastructure. Users specify what resources they want, and Terraform figures out how to create, update, or destroy those resources to match the desired state.

  2. Infrastructure as Code (IaC): With Terraform, infrastructure is managed through code, allowing for version control, collaboration, and automation. This approach improves consistency, reproducibility, and scalability of infrastructure deployments.

  3. Multi-Cloud Support: Terraform supports multiple cloud providers (such as AWS, Azure, Google Cloud Platform, and more), as well as on-premises infrastructure (using providers like VMware, OpenStack, or Kubernetes), enabling users to manage diverse environments from a single configuration.

  4. Resource Graph: Terraform builds a dependency graph based on the declared resources and their dependencies. This graph enables Terraform to determine the optimal order for creating, updating, or deleting resources to ensure consistency and minimize errors.

  5. Modularity and Reusability: Terraform configurations can be modularized using modules, which encapsulate reusable sets of resources with configurable inputs and outputs. Modules promote code reuse, simplify configuration management, and facilitate the creation of reusable infrastructure components.

  6. Integration with CI/CD: Terraform integrates seamlessly with continuous integration and continuous delivery (CI/CD) pipelines, allowing infrastructure changes to be automatically tested, validated, and deployed alongside application code changes. This ensures consistent and reliable infrastructure deployments as part of the software delivery process.

Key components of Terraform:

  1. Configuration Files: Terraform uses configuration files written in HashiCorp Configuration Language (HCL) or optionally in JSON format. These files define the desired state of the infrastructure, including resources to create, configure, and manage.

    terraform config files

  2. Providers: Providers are plugins that interface with various infrastructure platforms, such as public cloud providers (e.g., AWS, Azure, GCP), private cloud environments (e.g., VMware, OpenStack), SaaS applications (e.g., GitHub, Slack), and more. Each provider offers resource types that represent infrastructure components (e.g., virtual machines, networks, databases) that Terraform can manage.

     provider "aws" {
      region = "us-east-1"
     }
    
  3. Resources: Resources are the fundamental building blocks of infrastructure managed by Terraform. They represent individual components such as virtual machines, storage buckets, databases, network interfaces, and more. Resources are defined in Terraform configuration files and are created, updated, or destroyed based on the declared configuration.

     resource "aws_instance" "example" {
       ami           = "ami-0c55b159cbfafe1f0"
       instance_type = "t2.micro"
     }
    
  4. Modules: Modules are reusable, shareable units of Terraform configurations that encapsulate a set of resources and their associated configurations. Modules enable users to organize and abstract infrastructure components, promoting code reuse, maintainability, and collaboration.

     module "web_server" {
       source = "./modules/web_server"
    
       instance_count = 2
       instance_type  = "t2.micro"
     }
    
  5. Outputs: Outputs allow you to expose certain values from your Terraform configuration after it's applied. This could be useful for getting IP addresses, DNS names, or other attributes of created resources.

    •   output "instance_public_ip" {
          value = aws_instance.example.public_ip
        }
      
  6. Variables: Terraform variables are similar to variables in any other programming language. They are used to better organize your code, make it easier to change its behavior, and make your configuration reusable. In Terraform, variables can have the following types: string, number, bool, list, set, map, object, and null.

    You cannot use variables to hold expression values built from resources or data sources. For that, you should use a local variable.

     variable "vpc_name" {
      description = "name of the vpc"
      type        = string
      default     = "vpc1"
     }
    
  7. Data Sources: Data sources allow Terraform to fetch information from external sources, such as AWS AMIs, VPCs, or subnets, and use that information in your configurations.

    • Example: Getting information about the latest AWS AMI for Ubuntu:

        data "aws_ami" "ubuntu" {
          most_recent = true
          filter {
            name   = "name"
            values = ["ubuntu/images/*ubuntu-xenial-16.04-amd64-server-*"]
          }
          owners = ["099720109477"] # Canonical
        }
      
  8. CLI (Command-Line Interface): The Terraform CLI is the primary interface for interacting with Terraform. It provides commands for initializing Terraform configurations, planning infrastructure changes, applying configurations, and managing state. The CLI also offers options for scripting and automation, making it suitable for integration with CI/CD pipelines and other automation workflows.

    What is State file in terraform? What’s the importance of it ?

    Terraform stores information about the resources it creates in a state file. This allows Terraform to determine which resources are under its control and when to update and destroy them. Terraform.tfstate is the default name for the terraform state file, which is stored in the same directory as Terraform. It is produced after executing Terraform apply.

    The content of this file is a JSON-formatted mapping of the resources defined in the configuration to those available in your infrastructure. When Terraform is executed, it can utilize this mapping to compare infrastructure to code and make any necessary changes.

    Terraform state files contain each and every detail of any resources along with their current status whether it is “ACTIVE”, “DELETED” or “PROVISIONING” etc.

    Assume you have a Terraform configuration that defines an AWS EC2 instance:

     provider "aws" {
       region = "us-east-1"
     }
    
     resource "aws_instance" "example" {
       ami           = "ami-0c55b159cbfafe1f0"
       instance_type = "t2.micro"
     }
    

    After running terraform apply, Terraform will create the EC2 instance and generate a state file (by default named terraform.tfstate). Here's a simplified example of what the state file might look like:

     jsonCopy code{
       "version": 4,
       "terraform_version": "1.0.0",
       "serial": 1,
       "lineage": "d112b502-4d89-4988-a019-c4f79e9e0173",
       "outputs": {},
       "resources": [
         {
           "mode": "managed",
           "type": "aws_instance",
           "name": "example",
           "provider": "provider.aws",
           "instances": [
             {
               "schema_version": 0,
               "attributes": {
                 "ami": "ami-0c55b159cbfafe1f0",
                 "instance_type": "t2.micro",
                 "id": "i-0123456789abcdef0",
                 "public_ip": "203.0.113.10",
                 // Other attributes...
               },
               "private": "..."
             }
           ]
         }
       ]
     }
    

    In this example:

    • The state file contains metadata such as the Terraform version, state file version, and a unique lineage identifier.

    • It lists the resources managed by Terraform, including their type, name, and provider.

    • For each resource, it includes attributes such as the AMI ID, instance type, instance ID, public IP address, and any other relevant information.

    • The state file is in JSON format, making it readable and machine-readable.

The state file is crucial for Terraform to understand the current state of your infrastructure. It's used during subsequent operations (like terraform plan or terraform apply) to determine what changes need to be made to bring the infrastructure into the desired state specified in your configuration files.

Here's why the state file is important:

  1. State Tracking: The state file keeps track of the actual resources provisioned in your infrastructure. It records information such as resource IDs, attributes, dependencies, and metadata necessary for managing and updating your infrastructure.

  2. Resource Dependency Graph: Terraform uses the state file to build a dependency graph of your infrastructure resources. This graph determines the order in which resources are created, updated, or destroyed to maintain consistency and avoid conflicts.

  3. Idempotent Operations: Terraform uses the state file to determine whether infrastructure changes are necessary. By comparing the desired state defined in your configuration files with the current state recorded in the state file, Terraform can identify which actions need to be taken to bring the infrastructure into the desired state.

  4. Concurrency and Locking: The state file helps manage concurrent Terraform operations from multiple users or automation systems. Terraform uses locking mechanisms to prevent concurrent modifications to the state file, ensuring consistency and preventing conflicts.

  5. Remote State Management: Terraform supports various backends for storing the state file, including local files, remote storage services like AWS S3, Azure Blob Storage, or Terraform Cloud. Using a remote backend ensures that the state file is securely stored, accessible to all team members, and protected against data loss.

What is Desired and Current State?

"Desired state" and "current state" are concepts fundamental to infrastructure management, especially in the context of tools like Terraform

Current state: Terraform .tfstate is a JSON file that contains information about the current state of infrastructure that Terraform manages. It also contains the details of the resources that has created, modified, or destroyed by terraform in a particular environment. tfstate files also include metadata, and that metadata describes the resources' dependencies and relationships, which Terraform uses to manage infrastructure changes effectively.

Desired State: This refers to the configuration and settings specified in the Terraform code that describes the desired end state of the infrastructure. It represents the state you want your infrastructure to be in, such as the resources to create, modify, or delete their properties, and their relationships.

Task1:

Install Terraform on your system

step1: Create an EC2 instance in the AWS management console.

step2: Visit the official Terraform website to get the installation : Install Terraform

Step 3: Use the below commands to install terraform:

sudo apt-get update

wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg

echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list

sudo apt update && sudo apt install terraform -y

Step 4: Verify that Terraform is installed correctly by running the following command:

terraform --version

Conclusion

Terraform is a infrastructure as code (IaC) tool that enables efficient and scalable management of cloud resources. It provides a declarative approach to infrastructure provisioning and configuration, allowing users to define their desired state and automatically apply changes to bring the infrastructure in line with that state.

  • Terraform allows you to interact with multiple cloud platforms such as AWS, Azure, and GCP, as well as other services such as GitHub, Kubernetes, Helm, etc.

  • Terraform makes it simple to provision and destroy infrastructure across a variety of cloud platforms. By maintaining a state file that records all resource changes within the infrastructure, Terraform keeps track of all infrastructure.

  • Additionally, by committing Terraform code to a version control system, multiple developers can easily collaborate.

  • Terraform can be configured to work with AWS using hard-coded credentials, environment variables, or IAM roles as well.

Thank you for 📖reading my blog, 👍Like it and share it 🔄 with your friends .Hope you find it helpful🤞

Happy learning😊😊