The book, Go Faster has proven to be the perfect aide memoire for me, reflecting how I learned Golang. As a result, it’s a simple way for me to recap when I forget since the content just makes sense to me. I hope it’s working like that for the people who’ve invested in it too!
So, I’ve decided to do something similar for other technical topics that keep going in and out of my mind, depending on the technologies I’m with working with at the time.
Not a book, no, the goal is a single page on this blog, that gives me (and you) just the bones of it.
First up in the series is Terraform. Let me know in the comments if the style and content work for you!
Introducing Terraform
Terraform is a popular infrastructure as code (IaC) tool that enables developers and operations teams to provision, manage, and modify infrastructure resources in a cloud environment.
It uses a declarative syntax to define the desired state of infrastructure (as opposed to all of the steps necessary to achieve it) and automates the creation, modification, and deletion of resources to achieve that state.
The “state” is tracked, so Terraform needs only to make the changes which transform the current state of infrastructure into the desired state. Terraform’s state is stored in a `terraform.tfstate` file, either locally, or online, if a team of people need to collaborate to manage infrastructure.
Terraform uses its own custom configuration language called HCL (Hashicorp Configuration Language) which is human-readable and unopinionated on formatting.
Both Terraform and its provider plugins are written in Go. In principle, any cloud provider which offers an API to manage resources (most of them) can be supported by a Terraform provider plugin and so managed with Terraform.
Key Concepts
Provider: A plugin that allows Terraform to interact with a specific cloud or service provider (e.g. AWS, Azure, Google Cloud, GitHub, GitLab, BitBucket).
Resource: A single piece of infrastructure managed by Terraform (e.g. virtual machine, or database service).
Module: A reusable group of resources that can be included in multiple Terraform configurations.
Getting Started
To get started with Terraform there are basically five steps:
Install Terraform on your machine or server.
Initialise a Terraform working directory.
Provide access credentials for your cloud providers to Terraform (consult the provider documentation for assistance).
Create a Terraform configuration file (with a .tf extension) that defines the resources you want to provision.
Apply the configuration to create and update your infrastructure.
Terraform Commands
init -Initialises a working directory by downloading the necessary provider plugins.
plan - Generates an execution plan that describes the actions Terraform will take to achieve the desired state.
apply - Applies the changes necessary to achieve the desired state.
destroy - Destroys the infrastructure managed by Terraform.
validate - Validates the syntax of a Terraform configuration file.
state - Displays the current state of managed resources.
Best Practice
Use version control to manage Terraform configurations.
Create reusable modules for frequently used configurations.
Use variables to make configurations more flexible.
Separate environments (e.g. development, production) into separate Terraform workspaces.
Use remote state storage to manage infrastructure state across multiple users and machines.
Remember to destroy any test infrastructure you create while learning (ouch).
An Example
We’ll conclude the topic with an example which demonstrates how to configure several resources using the AWS Terraform provider. A walkthrough of the syntax follows the example code.
# define the AWS provider
provider "aws" {
region = "us-east-1"
}
# create a new VPC
resource "aws_vpc" "example_vpc" {
cidr_block = "10.0.0.0/16"
}
# create a new subnet within the VPC
resource "aws_subnet" "example_subnet" {
cidr_block = "10.0.1.0/24"
vpc_id = aws_vpc.example_vpc.id
}
# create a new security group for the VM
resource "aws_security_group" "example_sg" {
name_prefix = "example-sg"
vpc_id = aws_vpc.example_vpc.id
ingress {
description = "Allow HTTPS traffic"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
# create a new virtual machine instance
resource "aws_instance" "example_instance" {
ami = "ami-0c55b159cbfafe1f0"
instance_type = "t2.micro"
subnet_id = aws_subnet.example_subnet.id
vpc_security_group_ids = [
aws_security_group.example_sg.id
]
tags = {
Name = "example-instance"
}
}
We create an AWS VPC and subnet, then define a security group that only allows HTTPS traffic. We then create a new virtual machine instance, specifying the AMI ID, instance type, subnet ID, and the ID of the security group we created. Finally, we assign a tag to the instance for easy identification.
Summary
Terraform is a popular tool for managing infrastructure as code due to its flexibility, portability, and ability to integrate with a wide variety of cloud providers.
Development and Operations teams alike, can work with a single configuration language across multiple cloud providers, instead of vendor-specific alternatives like CloudFormation and ARM.
Hopefully, the basics outlined in this post are sufficient to get you started with Terraform!
Useful links
Terraform Website - https://terraform.io
Terraform documentation - https://developer.hashicorp.com/terraform/intro
Terraform provider registry - https://registry.terraform.io/