infrastructure as code with terraform · state terraform stores state about your managed...
TRANSCRIPT
![Page 1: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/1.jpg)
Infrastructure as Code with Terraform
![Page 2: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/2.jpg)
greg@blacksintechnology:~$ whoami
![Page 3: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/3.jpg)
Greg Greenlee
![Page 4: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/4.jpg)
Agenda● What is IaC?
○ Benefits● What is Terraform?● Why do we need Terraform?● How do we use Terraform?
○ Providers○ Resources○ Variables (inputs)○ Outputs○ Data Structures○ Modules○ Conditionals○ Iterations○ Terraform State
● How do I get started?
![Page 5: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/5.jpg)
What Is Infrastructure as Code?
The ability to describe/define your infrastructure and application in source code
![Page 6: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/6.jpg)
Benefits of IaC
● Software methodologies, tools and practices
○ Code reviews○ Automated testing○ linting
![Page 7: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/7.jpg)
Automation
![Page 8: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/8.jpg)
Version Control
![Page 9: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/9.jpg)
![Page 10: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/10.jpg)
RollbackThor-1.0 Thor-1.no
![Page 11: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/11.jpg)
Documentation
![Page 12: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/12.jpg)
Also….
Correlation
Visibility
Traceability
![Page 13: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/13.jpg)
What is Terraform?● Infrastructure as code management tool that uses a declarative language to
build infrastructure● Written in Go● terraform.io
![Page 14: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/14.jpg)
Imperative vs DeclarativeImperative (How)
● Buy chocalate cake mix● Open cake mix box● Pour cake mix in bowl● Add ingredients● Stir● Pour in pan● Preheat oven to 350● Place pan in oven● Bake at 350● etc
Declarative (What)
I need a chocolate cake big enough to feed 20 people
![Page 15: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/15.jpg)
Why do we need Terraform?
![Page 16: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/16.jpg)
Infrastructure is hard!
![Page 17: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/17.jpg)
![Page 18: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/18.jpg)
![Page 19: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/19.jpg)
Idempotent
![Page 20: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/20.jpg)
Cloud agnostic
![Page 21: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/21.jpg)
![Page 22: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/22.jpg)
![Page 23: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/23.jpg)
DEV
STAGING
PRODUCTION
![Page 24: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/24.jpg)
How do we use Terraform?
Installs as a single binary (https://www.terraform.io/downloads.html)
● MacOS● Linux● Windows● FreeBSD● Solaris
![Page 25: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/25.jpg)
Usage● Terraform init
○ initializes terraform directory○ pulls in plugins for specified provider○ Pulls in modules
● Terraform fmt○ Rewrites terraform config files to canonical format and style
● Terraform validate○ Runs checks that verify whether a configuration is syntactically valid and internally consistent
● terraform plan○ A preview of what changes will be made
● Terraform apply○ Applies changes
● Terraform destroy○ Destroys all changes
● Terraform show○ Shows resources from state file
![Page 26: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/26.jpg)
Providers
Way to interact with service providers (which API to use)
![Page 27: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/27.jpg)
# The default provider configuration
provider "aws" {
region = "us-east-1"
}
![Page 28: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/28.jpg)
ResourcesBread and butter that represents the infrastructure components you want to manage
● Virtual machines● Load balancers● Firewall rules● Virtual Networks● Databases● Message queues● Data warehouses● ….etc
![Page 29: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/29.jpg)
Resources - code exampleresource "aws_instance" "web" {
ami = "${data.aws_ami.ubuntu.id}"
instance_type = "t2.micro"
tags = {
Name = "HelloWorld"
}
}
resource "aws_elb" "bar" {
name = "foobar-terraform-elb"
availability_zones = ["us-west-2a" , "us-west-2b" , "us-west-2c" ]
instances = ["${aws_instance.web.id}" ]
tags = {
Name = "foobar-terraform-elb"
}
}
![Page 30: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/30.jpg)
Variables● Environment
○ Begins with TF_VAR_
■ export TF_VAR_somevariable=somevalue
● Inputs
● Ouputs
● Data Structures○ Strings○ Arrays○ Maps
![Page 31: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/31.jpg)
Variable example coderesource "aws_instance" "web" {
instance_type = "t2.micro"
ami = var.image_id
}
variable "image_id" {
type = string
default = "ami-abc123"
}
![Page 32: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/32.jpg)
ConditionalsIf statements
If/else
Boolean operations
![Page 33: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/33.jpg)
Conditional exampleresource "aws_instance" "vpn" {
count = "${var.something ? 1 : 0}"
CONDITION ? TRUEVAL : FALSEVAL
}
![Page 34: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/34.jpg)
Iterationresource "aws_iam_user" "example" {
count = length(var.user_names)
name = var.user_names[count.index]
}
variable “user_names” {
description = “names of users”
type = “list”
![Page 35: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/35.jpg)
ModulesReusable code
Collection of resources
Conforms to D-R-Y (don’t repeat yourself) methodology
![Page 36: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/36.jpg)
Module exampleSQL module (tf_azurem_sql)
resource "azurerm_sql_server" "test" {
name = "${var.sql_server_name}"
resource_group_name = "${var.resource_group_name}"
location = "${var.resource_group_location}"
}
resource "azurerm_sql_database" "test" {
name = "${var.sql_database_name}"
resource_group_name = "${var.resource_group_name}"
location = "${var.resource_group_location}"
server_name = "${var.my_sql_server_name}"
SQL module instantiation
module "sql_server_database" {
source = "git::https://myrepo/sql/_git/tf_azurerm_sql?ref=1.7"
resource_group_name = "my_resource_group"
resource_group_location = "useast1"
sql_server_name = "my_sql_server_name"
sql_database_name = "my-sql-database"
}
![Page 37: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/37.jpg)
Functions● String manipulation● Numeric● Collection● Date and time● ….more
Ex.
> max(12, 54, 3) 54
> join(", ", ["foo", "bar", "baz"]) foo, bar, baz
> timestamp() 2018-05-13T07:44:12Z
> cidrhost("10.12.127.0/20", 16) 10.12.112.16
> concat(["a", ""], ["b", "c"]) ["a","","b","c",]
![Page 38: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/38.jpg)
State● Terraform stores state about your managed infrastructure and configuration.
● Used by Terraform to map
○ real world resources to your configuration
○ keep track of metadata
○ improve performance for large infrastructures.
● This state is stored by default in a local file named "terraform.tfstate"
● can also be stored remotely (works better in a team environment)
● uses local state to create plans and make changes to your infrastructure. Prior to any operation, Terraform does a refresh
to update the state with the real infrastructure.
![Page 39: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/39.jpg)
Current State
![Page 40: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/40.jpg)
Desired State
![Page 41: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/41.jpg)
How do I get started?Understand the resources of the provider (very important)
Get a free tier account with a provider (GCP, AWS, Azure)
Download the binary
Read the docs
Use it
![Page 42: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/42.jpg)
RecommendationsUse terraform plan output
Use remote state
Backup your statefile
Review plans (two sets of eyes)
Use secret management - don’t store secrets directly in tf config files or env variables
Plan structure
![Page 43: Infrastructure as Code with Terraform · State Terraform stores state about your managed infrastructure and configuration. Used by Terraform to map real world resources to your configuration](https://reader034.vdocuments.mx/reader034/viewer/2022042108/5e88df19477fd4360946ac91/html5/thumbnails/43.jpg)
Resources● Terraform.io● The Terraform Book - James Turnbull● Terraform Up and Running - Yevginy Brikman● Me
○ [email protected]○ @BIT_greggreenle