Infrastructure-as-Code with Terraform
November 7, 2018
November 07, 2018 — As businesses shift towards more of a DevOps focused software development methodology, tools that help drive productivity and increase development efficiencies are becoming more and more essential to have. Some tools necessary when shifting methodologies towards DevOps include tools that support containers, microservices, continuous integration & continuous delivery (CI/CD), reliability, monitoring, logging, security, infrastructure-as-code and much more. Tools that solve these problems help organizations do more faster, especially Infrastructure-as-Code.
Why Is Infrastructure-as-Code (IAC) So Important?
Traditionally, when most companies were running their own data centers, system administrators were tasked with provisioning all the custom hardware necessary for their environment. Once deployed, these systems administrators were responsible for maintaining, scaling and ensuring top performance and uptime of this infrastructure. This can be both costly and time-consuming. As these companies would grow, these manual processes would become tedious to manage and misconfiguration and human error would become more prevalent. Nowadays, with companies transitioning from on-premise data centers to a cloud-based infrastructure, Infrastructure-as-Code tools help to alleviate these deployment pains.
Infrastructure-as-Code is responsible for making this process very simple and manageable. IAC allows you to deploy servers with custom images, databases, virtual private networks, security and everything else that could be found in a traditional data center, plus more. In particular, IAC can be used to automate this entire provisioning and deployment process for infrastructure, with the added benefit of applying software development techniques like version control and continuous integration to manage the infrastructure. Currently, there are native infrastructure-as-code tools that work for different platforms like CloudFormation with Amazon Web Services, Resource Manager with Microsoft Azure, Deployment Manager with Google Cloud Platform and others. But there are also third-party or open source tools that can fill this gap, such as Terraform.
What is Terraform?
Terraform is an open source infrastructure-as-code tool that was released in 2014 by HashiCorp in San Francisco. Unlike other IAC tools, Terraform uses its own declarative programming language, known as the HashiCorp Configuration Language. Also known as HCL, it is a very simple and easy-to-write language to code your infrastructure. HashiCorp designed HCL to be both human and machine friendly. Although HCL is preferred, if your team is more familiar with JSON, Terraform can also support those configurations.
The open source variant of Terraform has multiple features that your organization can take advantage of, such as Execution Plans, Resource Graphs and Change Automation. In addition to writing your infrastructure as code, by using execution plans, Terraform will generate a plan that will show you exactly what Terraform will do once you apply your configuration. This helps validate the changes being made, prior to making them. Using the Resource Graph feature, Terraform also has the ability to graph your configuration, so you can have a visual of your environment’s infrastructure and have an idea of their dependencies, which can help deploy infrastructure efficiently. Also, by using change automation, you can prevent human errors while the configurations are being deployed.
Although many of the top cloud providers including AWS, Azure and GCP have their own native infrastructure-as-code tools, Terraform is unique in that it is a cloud agnostic IAC platform. You can use the same tool to provision infrastructure across all three major public clouds, as well as dozens of other platforms that integrate with it. Being able to use Terraform against multiple providers makes it an extremely robust and versatile tool.
How Can You Get Started with Terraform?
Terraform is very simple to use and supports multiple platforms including Linux, Windows and Mac. All commands and configurations can be accessed using simple CLI commands and anyone with basic command line experience can easily pick up the skills needed to write Terraform configuration files. To get started with Terraform, you will need to download and install the binary into your computer’s path. Once you have verified the installation, you can get started with building infrastructure.
From an AWS point of view, in order to allow Terraform to deploy infrastructure on our behalf, we will need to create a New User within AWS IAM and grant it programmatic permissions. Then, we need to download the credentials so that we can enable Terraform to access the AWS environment.
Here are the Permissions we assigned to our New AWS User: reza.sheikh.terraform
Now that we have installed Terraform and created a new user in AWS, we will run a sample Terraform configuration file.
Below, we can see the main.tf file that contains the HCL code to deploy our sample configuration. We will be deploying a Linux Amazon Machine Image onto a single t2.micro instance running in the Oregon region. We have also added tags for identification and management purposes.
We will now switch over to the terminal to deploy the terraform file (main.tf). Navigate to the directory where we saved the .tf files and type “terraform plan.” The output produced is the Execution Plan we mentioned earlier, where it describes any planned changes to be made.
Now type “terraform apply,” then type “yes” to confirm. This will apply the changes to the AWS environment and begin the deployment. We have successfully deployed the infrastructure written in the main.tf file. Below, we can see the new Linux instance running in our AWS environment.
We can also destroy the resources we just created. To destroy the resources in the AWS environment type “terraform destroy” then “yes” to confirm.
A main focus of DevOps is to be able to automate as much of the development process as possible using code, including provisioning and managing infrastructure used for deploying applications. From the simple-to-write HashiCorp Configuration Language, to its multi-cloud configuration platform, HashiCorp’s Terraform has many unique and powerful traits that make it an essential technology to have in your organization’s DevOps toolkit.
Additional Resources on HashiCorp Terraform:
- HashiCorp Terraform Product Overview
- Download Terraform
- Terraform Documentation Guide
- Terraform: Up & Running, Yevgeniy Brikman
Reza Sheikh is a Cloud Engineer at Groupware Technology.