Infrastucture as Code became a critical part of Devops. Some of the Infrastructure management tools that we know are CloudFormation famous for AWS, ARM for Azure, CDM for Google cloud platforms.
Terraform is a IaC tool which can translate HCL (Hasi Corp Language) to API calls which can be interpreted by various cloud platforms. Ths making it cloud-agnostic tool.
Another reason for using Terraform is it has a planning step when compared to other IaC tools. We will look at that feature in this article further down.
CloudFormation(AWS), ARM(Azure) and CDM(Google) are firstparty IaC tools, this means they will handle all infrastructure management tasks specific to that cloud platform. But these tools are not suitable for most of the thirt party service integration. Terraform addresses this issue with cloud-agnostic and better support for thirdparty service integration.
For more details please visit https://www.terraform.io/
Enough with theory lets jum in to practice and do some code, wait. . . . Infrastructure as Code.
Here i will be targeting AWS for now as i have bit of experince with it.
We will quickly install required tools and then perform a quick tasks like create, delete, plan infrasturcture change tasks then we will discuss them in detail.
First download and install below tools:
1. Git - try this link https://git-scm.com/download/win
2. Terraform - try this link https://www.terraform.io/downloads.html
3. AWS Free-Tier subscription. Install AWS CLI on your machine.
You can see that terraform is a single executable file and i will show how we can use it.
I assume you downloaded and installed Git which will create a local git repo and will install Git GUI amd Git bash. We will use Gt Bash here.
Setting up Terraform:
Create a bin file in "C:\Users\xxUserNamexx\" and copy the executable to that bin folder.
Now open edit envirnment variables window, either form system properties or from run.
Now "terraform" will be a executable shell command. You can check by running terraform in any shell.
Task: Lets create a AWS S3 bucket using terraform.
Why you ask? It is the easiest AWS action you can perform.
Once you install AWS CLI, Open AWS console in browser and go to IAM.
Create a user "terraform" with "Adminstrator" access. Please note that this is not a ideal Prod scenario and you should never assign "Adminstrator" permissions to any IAM Users. We just want to keep things simple for our Demo.
Don't forget to download the credetials CSV bfore you click that close button.
This CSV will have both Access key ID and Secret Access key. Copy those values for further use.
Go to "C:\Users\xxUserNamexx\" and you can see a folder ".aws" and inside this folder create a file called "credetials" with no file extension. Like this.
The content of the credentials file be like
[default] aws_access_key_id = XXXXXXXXXXXXXXXXXXXXXXXXXB aws_secret_access_key = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxq
Please use the Access Sey ID and the Secret Access key you saved from CSV file earlier.
Now when ever there is a request to access AWS, they will be executed under the credentials of "terraform" user.
Now lets move to Git.
Open Git bash, and run "git init". This will initialise local git repo and will give sucessfull message like this. Sometimes, if ou are using it for the first time, it may ask you to chnage the config to update emailaddress and username. But dont worry, it will also give the command to execute for those tasks.
Lets create our first terraform code file, but lets do that in a demo folder in %userprofile% folder.
Last command is to create "terraform_s3.tf" file under demo folder. this will create/open file for edit.
Press "i" to enter edit mode which you can see at bottom of the window.
Paste this code and press "esc" and type :wq and enter.
You can see ":wq" command at the bottom of the edit window.
provider "aws" {
profile="default"
region="us-west-2"
}
resource "aws_s3_bucket" "tf_training" {
bucket="prataptfdemos3"
acl="private"
}That should look like this. Lets understand what we are trying to do here. We are creating a AWS S3 bucket with name "prataptfdemos3".
Now the editor window will be closed and you will be back on main bash window.
Run "git add terraform_s3.tf" then run "git commit" commands.
For commit, you can either give comment or press "esc" folloswed by "":wq" + enter to finish commit.
Terraform code file creation is finished and now its time to run it.
Start with "terrafrom init" command. That start something like this.
Now understand next command before execution. It is "terraform apply".
This means you are requesting terraform to create infrastructure , in our case a S3 bucket in AWS using "terraform" user permissisons.
Lets execute the command and see what happens.
Lets understand what it is saying. Terraform will generate a plan of action and show us to verify and confirm the actions it is going to perform. In our case its saying that we have requested to add a resource which is of type S3 bucket with name "prataptfdemos3".
Now type "yes" to continue or "no" to exit.
Once commited , her eis the output.
Here is the AWS S3 bucket created using terraform.
Lets move to next command in terraform. ""terraform destroy". This command deleted the infrastructure which is menioned in "terrafrom_s3.tf" file.
terraform has generated the plan and asking us that we have requested to delete the S3 bucket with name "prataptfdemos3". Type "yes" to continue or "no" to exit.
Here is the out put if you type yes.
Now you can see that the AWS S3 bucket has been deleted as we intended.
Lets check the next command "terraform plan". This command will not either create or delete any infrastructure, but will generate a plan of execution. This plan can be used either to create or delete operations. You can save the plan as a file. Here in the below screen, i have saved the plan as a file "awss3.pln"
The plan shows that we are requesting to create a new S3 bucket. Now lets see how we can use this plan to implement the Infrastructure change.
To use the plan, we need to execute "terraform apply awss3.pln".
This now implements the plan, in this case to create a S3 bucket.
There is no harm in applying the plan again. As it is already implemented, terraform will give an error saying this plan is stale and cannot be executed.
Lastly lets generate the plan to destroy. "terraform plan -destroy -out awss3delete.pln"
We can now implement the plan of detion by applying the "awss3delete.pln".
Command to do that is "terraform apply awss3delete.pln"
With this we have covered the basics.
In next aritcle we will automate the same using Octopus deploy. Here is a taste of it.
No comments:
Post a Comment