Friday, 10 February 2023

Terraform - IaC ( Infrastructure as code)

 

Terraform - IaC ( Infrastructure as code)
What is Terraform

Terraform is an open-source software tool to manage end to end lifecycle of your IT infrastructure. Terraform provides a consistent CLI workflow to manage hundreds of cloud services.

What is Terraform

Latest Terraform Articles

Installing Terraform

Terraform CLI

terraform version

terraform init

terraform plan

terraform get

terraform apply

terraform destroy

terraform refresh

terraform show

terraform validate

terraform providers

terraform state

terraform graph

terraform fmt

terraform taint

terraform import

terraform workspaces

Terraform Default Plugin Directories

Terraform Variable Assignment

 

Installing Terraform

You can download the Terraform software from HashiCorp’s download page https://www.terraform.io/downloads.html

and use native installation methods for your operating system. Also you can install Terraform using the package managers like yumapthomebrew, Chocolatey (choco) etc.

Refer install Terraform page

https://learn.hashicorp.com/tutorials/terraform/install-cli

 for the appropriate method for your operating system.

Terraform CLI

terraform version

$ terraform version
Terraform v1.0.1
on darwin_amd64

terraform init

$ terraform init

Ask for input if necessary. If false, will error if input was required.

$ terraform init -input=false

You can also change the backend details using -backend-config option. 
-reconfigure will reconfigure the backend, ignoring any saved configuration.

$ terraform init -backend-config=PATH/TO/CONFIGURATION_FILE -reconfigure

terraform plan

The plan will check the configuration files (basically all the *.tf files in the directory) and will show you the items or changes going to made on target infrastructure or resources.

Please note, this command will not actually perform the planned actions.

$ terraform plan

You can optionally save the plan to a file, (example as below)

which you can then pass to the apply command to perform exactly the actions described in the plan.

$ terraform plan -out plan.out

terraform get

Downloads and installs modules needed for the configuration given by PATH. get recursively downloads all modules needed,

such as modules imported by ………..modules imported by the root and so on.

Module installation also happens automatically by default as part of
the “terraform init” command, so you should rarely need to run this command separately.

$ terraform get

You can update the already downloaded modules using -update=true option.

$ terraform get -update=true

terraform apply

apply will do the actual operation on the infrastructure resources. 

apply will show the plan and actions in detail.

$ terraform apply

apply will ask for your confirmation to proceed with changes.

You can use -auto-approve for auto-confirmation.

$ terraform apply -auto-approve

You can pass different variables  or  variable files.( as example below)

$ terraform plan -var="instancetype=t2.small"
$ terraform plan -var-file="custom.tfvars

You can use -target option to target specific

resources,   modules,  or  collections of resources.

$ terraform apply -target="aws_s3_bucket_object.objects"

terraform destroy

Warning: destroy will delete all resource but with confirmation.

$ terraform destroy

You can create a deletion plan as below.

$ terraform plan –destroy

Use the -target to destroy a specific resource.( example as below)

$ terraform destroy -target="aws_s3_bucket_object.objects"

Also note,

you can comment out the resource,

then terraform will detect it as not part of config

and will remove when you do plan or apply.

terraform refresh

You can update the terraform state file with metadata that matches the physical resources they are tracking.

$ terraform refresh

terraform show

Show the terraform state information in a human readable format.

You can also use it for displaying information from plan file.

$ terraform show

terraform validate

You can check the syntax and validate the configuration using validate subcommand.

$ terraform validate
Success! The configuration is valid.

 

terraform providers

You can see the providers in use by the modules and configurations in your Terraform files.

$ terraform providers
 
Providers required by configuration:
.
└── provider[registry.terraform.io/hashicorp/aws]

terraform state

terraform state has multiple subcommands to manage the terraform state. You can moverm (delete), list or show the resource state.

Subcommands:
    list                List resources in the state
    mv                  Move an item in the state
    pull                Pull current state and output to stdout
    push                Update remote state from a local state file
    replace-provider    Replace provider in the state
    rm                  Remove instances from the state
    show                Show a resource in the state

Example usages

# List state
$ terraform state list
aws_iam_user.lb
aws_instance.myec2
 
# Show resource
$ terraform state show aws_instance.myec2
 
# Push terraform state to remote backend
$ tarraform state push
 
# Pull the remote terraform state to a local copy
$ terraform state pull > terraform.tfstate
 
# Update and tell terraform that packet_device.worker has been renamed to packet_device.helper
$ terraform state mv packet_device.worker packet_device.helper
 
# Move the resource block into the child module configuration
$ terraform state mv packet_device.worker module.worker.packet_device.worker
 
 
 
# Remove the resource from state 
but it will not remove the resource from cloud/provider.
$ terraform state rm aws_instance.myec2

Remove the resource from state but it will not remove the resource from cloud/provider.

But next time when you run terraform plan or apply,

Terraform will recreate the instance as again as the resource definition is still there.

$ terraform state rm aws_instance.myec2

Removed aws_instance.myec2

Successfully removed 1 resource instance(s).

terraform graph

graph will generate the visual graph of your infrastructure based on Terraform configuration files.

Outputs the visual execution graph of Terraform resources according to
either the current configuration or an execution plan.

$ terraform graph

The output of terraform graph will be in DOT format and you can use tools like dot to generate image files from dot files.

sudo apt-get install graphviz

# or

sudo yum install graphviz

 

$ terraform graph | dot –Tpng > graph.png

terraform fmt

Rewrites all Terraform configuration files to a canonical format with appropriate indentation and styling. (JSON files (.tf.json  or  .tfvars.json) are not modified.)

$ terraform fmt

terraform taint

You can manually mark a terraform managed resource as tainted(corrupt) and forcing it to be destroyed and recreated on the next apply. 

terraform taint command will make modification in the tfstate file

and

recreate action will happen in next apply.

Please noteterraform taint command will not modify the .tf file or the infrastructure.

$ terraform taint aws_instance.myec2

terraform import

You can import your existing infrastructure into Terraform and manage using Terraform.

# Importing VMWare VM to terraform

$ terraform import vsphere_virtual_machine.vm /DC1/vm/DEV/DEV2

terraform workspaces

Terraform Workspaces will help to manage same terraform configurations for different environments

 (eg: dev, staging, production) in the same project directory.

# Check the workspace

$ terraform workspace show

default

 

# Create new workspace

$ terraform workspace new dev

Created and switched to workspace "dev"!

 

# List all workspaces

$ terraform workspace list

  default

* dev

 

# Switch to a specific workspace

$ terraform workspace select dev

Switched to workspace "dev".

Terraform will create separate terraform.tfstate files

in terraform.tfstate.d/WORKSPACE_NAME/ directories  in the project directory.

$ tree terraform.tfstate.d/

terraform.tfstate.d/

├── dev

   └── terraform.tfstate

├── prod

└── stage

    └── terraform.tfstate

 

3 directories, 2 files

 

 

Terraform Default Plugin Directories

  • Windows: %APPDATA%\terraform.d\plugins
  • All other systems:  ~/.terraform.d/plugins

 

Terraform Variable Assignment

You can pass variables to Terraform in different methods.

1. Environment variables – with a prefix TF_VAR_

$ export TF_VAR_instance_type=t2.micro

2. Command Line Flags

$ terraform plan -var="instancetype=t2.small"

3. From a variable file – use terraform.tfvars – terraform will load all variables from this file.

 If different var files to be used then,

$ terraform plan -var-file="custom.tfvars"

4. Variable Defaults – can keep variable default in another .tf file.

$ cat variables.tf

variable "my_ip" {

default = "10.1.10.10/32"

}

  • if no value mentioned, then default value will be used.
  • if default value not defined, then terraform will ask for variable when you do apply or plan operation.

 

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

How to Install Kubernetes How to Install Kubernetes? What is a Pod? previously , I discussed on what is Kubernetes, and its architecture. He...

  • Devops: EVERYTHING KUBERNETES: A PRACTICAL GUIDE
    EVERYTHING KUBERNETES: A PRACTICAL GUIDE INTRODUCTION KUBERNETES — BIRD’S EYE VIEW HIGH LEVEL ARCHITECTURE KUBERNETES BUILDING BLOCKS  THE B...
  • API guide - Reference
     API guide - Reference Access Control HTTP Handers Caching un API Calls  HTTP Request Methods  HTTP Status Codes  HTTP Headers  REST API
  • Azure
            Comparison of GCP Anthos, AWS Outpost and Azure Arc/Azure Stack Feature wise comparison Pricing Comparison of GCP Anthos, AWS Outpos...