Approaching Infrastructure As Code With Terraform As Beginners
Terraform is a great configuration management tool used in the cloud world to provision resources in the cloud. It is one of the greatest automation tools when it concerns managing and orchestrating architectures in the cloud. It has the ability to imbibe databases, CI/Cd and lots of other cool stuff that makes application architecture way easier to handle and manage. Terraform is very declarative and just refreshes state; does not repeat the resources.
Core Concepts
Provider
In connecting terraform to any cloud provider, database, pipeline or any other external service, it is necessary to have the provider file. It is directly responsible for any understanding of the platform API. in layman terms, it knows how to talk to any external technology and you could check the documentation for some details of the different technologies and their providers. More like translates the terraform code to something that the third party provider would understand.
Example:provider “aws” {region = “us-west-2”access_key = “my-access-key”secret_key = “my-secret-key”}
Resources
The services and resources to be used and orchestrated on the cloud will need to be rightly defined in this code block of your terraform file. It is where you describe the vpc, subnets and other types of resources. The syntax is “name of resource” “internal variable name”; the first part is given by AWS while the second is defined by the engineer.
Example:resource “provider-prefix_name-of-resources” “internal-preffered-name” {count = 3vpc = true}
Data
While creating resources, there will be a need to filter some queries to specify certain resources for special follow-up actions and that is where the data comes into play.
Example:data “provider-prefix_name-of-resources” “internal-preffered-name” {default = true}
Then you can create a resource block right after to perform any required action.
Output
This is used to display a certain result after the terraform apply command has gone through and the infrastructure/resources is already running; it can be used to display subnet ID, VPC ID and others.
Exampleoutput “reource-id” {value = “”}
Variable
Used to declare certain values that can be referenced at all part of the syntax. You can assign a value to the variable by using terraform apply and inserting the value manually. Also, you can assign the value by passing it as an argument with terraform apply command. Lastly, you can do this by assigning the values with a variable file and this is best practice
Example:variable “image_id” {type = string}
Terraform Commands
Terraform initThis is to initialize the working directory and many times very useful when modularizing terraform configurations.
Terraform planThis command will compared the desired state and the current state and give you a draft of what will be deleted, changed, created or replaced.
Terraform applyThis command just creates the neccessary resources and ensures desired state is accomplished.
Terraform destroyIf there is a case where you have to clear all the resources maybe on a cloud provider or something, this command could help delete them safely.
N/B
Use terraform plan to see the resources for Checking the difference between the current state and desired state from the config file. You can pass in -auto-approve flag for the apply command to let it apply automatically. For destroy command, if you want to specify a certain resource then you can add a flag
Setting Credentials
Setting credentials is as important as the configuration process because it gives the rudimentary access to the platform in question. There are two major methods that could be used to achieve this while setting up on AWS and they include:
- Exporting all the credentials via this format :
access_secret_key=”XXXX” Then you can apply the terraform resources without issues.
- Configure the credentials in the ./aws directory in your local machine then run:
aws configureand follow the steps laid out.
Version Control
This is used to follow up with the code on a repository and it's very important to maintaining the realities of infrastructure as code. It is good to open a repository and push the code as required, if you don't know how to push then check this documentation. Also, some of the files do not have to go to the repository but to the .gitignore file like the .terrform/provider, state files, tf variable files and others. Some of the reasons for VCS include:
- Safekeeping.
- History changes.
- Team collaboration.
- Reviewing infrastructure with merge requests.
Top 10 Best Practices In Using Terraform
- Parameterize the configuration to make the code re-usable with input variables so it can be called at different sections of the codebase
- For variables, you can do this by assigning the values with a variable file; terraform.tfvars. This could help to replicate the infrastaructure in different environments.
- Use the equal sign when assigning variables in the variable block.
- Don't hard code credentials and secrets in the main file but use the terraform.tfvars to store them.
- Learn to use terraform plan before applying to know the difference in states.
- Don't push secret files to git.
- Modularize your terraform configurations.
- Store remote files in a storage unit like S3 and other object storage options available.
- Generate README for each module with input and output variables.
- Enable version control on terraform state files bucket.
In summary, Terraform gives you an opputunity to learn what works and what doesn’t, then apply it to your next infrastructure and repeat.
Also, there will be more articles on Terraform, stay around. Now, remember, this article is not only for experts in the software space, even newbies could hop in and learn a lot and that is why I try to make everything clear both in layman and professional terms, so if you have any questions, shoot or you can also reach out to me on Twitter or find me on GitHub.
Thanks for reading ❤️
Please leave a comment if you have any thoughts about the topic — I am open to learning and knowledge explorations.
