Infrastructure as Code[IaC] With Terraform.

Infrastructure as Code[IaC] With Terraform.

In this article, we'll take a look at what Infrastructure as code [IaC] is and how Terraform is an Infrastructure as code tool for building infrastructure in the cloud.

What is Infrastructure as Code?

Infrastructure as Code allows you to define and manage infrastructure using code, instead of clicking through a console of cloud providers like "AWS, GCP, DIGITAL OCEAN" or the command line. This implies that one can manage an entire infrastructure in the same way one manages application code.

There are two approaches to IaC and they are "Imperative" and "Declarative". The Imperative approach defines our configuration as a string of commands that is executed in a certain order.

Example: Running a "Bash script" to provision resources using AWS CLI.

While the Declarative approach defines the desired state of our infrastructure using the resources needed and properties the resources should have.

Examples: Terraform, Ansible, Cloud Formation.

In this article, we will be talking about one of the declarative approaches, Terraform.

What is Terraform?

Terraform is It is an open-source tool written in Golang and it's also HashiCorp's infrastructure as code tool. you can define resources and infrastructure in readable, declarative configuration files, and easily manages your infrastructure's lifecycle. Terraform, helps one to manage infrastructure across multiple cloud providers – AWS, Azure, GCP, Digital Ocean, Alibaba Cloud etc.

With Terraform, you can simply download the Terraform binary, choose which provider to work with, create a configuration for that provider, and get started creating an infrastructure code.

With you defining just the end state, Terraform can figure out a way to achieve it because of its powerful declarative syntax. The use of Terraform has several advantages over manual management of infrastructure and they are:

  1. Terraform supports providers from various cloud platforms such as AWS, GCP, AZURE etc.

  2. The configuration language is readable and easily understood and it helps you write infrastructure code quickly.

  3. Terraform's state allows you to track resource changes throughout your deployments. Terraform always stores states about our infrastructure and configuration.

Manage any Infrastructure

  1. Terraform has built-in plugins called providers which allow Terraform to interact with various cloud platforms and other services through their different application programming interfaces (APIs).

Example:

# AWS
provider "aws" {
  region = "us-east-1"
}

# Azure
provider "azurerm" {
  # Configuration options
}

HashiCorp and Terraform community have written over 1,000 providers to manage resources on Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes, Helm, GitHub, Splunk, and DataDog, etc. Use the Terraform Registry to find the providers and services you already use.

  1. In Terraform, aside from the provider block, there is also the resource block. In this block, you define the resources you wish to deploy concerning the provider such as compute, network, etc.

Example:

# Azure resources
resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

# AWS resources
resource "aws_vpc" "example" {
  cidr_block = "10.0.0.0/16"
}
  1. Terraform data sources allow one to access data from APIs or other Terraform state backends. Examples of data sources include machine image IDs from a cloud provider or Terraform outputs from other configurations. This also helps in making your configuration more flexible, and dynamic and also lets you reference values from other configurations, helping you scope your configuration while still referencing any dependent resource attributes.

Example:

# Data sources for AWS
data "aws_instance" "foo" {
  instance_id = "i-instanceid"

  filter {
    name   = "image-id"
    values = ["ami-xxxxxxxx"]
  }

  filter {
    name   = "tag:Name"
    values = ["instance-name-tag"]
  }
}

# Get Resources from a Resource Group Azure
data "azurerm_resources" "example" {
  resource_group_name = "example-resources"
}

# Get Resources with specific Tags
data "azurerm_resources" "example" {
  resource_group_name = "example-resources"

  required_tags = {
    environment = "production"
    role        = "webserver"
  }
}
  1. As deployment grows more complex on Terrafor, one has to consider modules to make it easier to organize our infrastructure.

An Example would be, Kubernetes clusters for testing and development. Provisioning a Kubernetes cluster in a cloud provider like AWS requires a lot of configuration and resources but with modules, that configuration can be hidden behind a basic configuration interface. one can simply import the module, specify whatever inputs the module author provided, and provision a complete stack.

Example:

# VPC module
module "vpc" {
  source = "terraform-aws-modules/vpc/aws"

  name = "my-vpc"
  cidr = "10.0.0.0/16"

  azs             = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
  private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]

  enable_nat_gateway = true
  enable_vpn_gateway = true

  tags = {
    Terraform = "true"
    Environment = "dev"
  }
}

There are more modules and resources present on Terraform registry, you can find a module that fits your need.

Deployment of infrastructure with Terraform on any provider requires the following steps:

a. Identify the infrastructure for your project. this is also known as the scope and it means the basic structures, systems, and services required for the project. Example: choosing your provider and the resources needed for the project such as provider: AWS or Azure, resources: VPC, Nat Gateway, Ec2 instances, etc.

b. Write the configuration for your infrastructure. In this section you start by defining your provider section as shown above using any text editor of your choice and also defining the resources using code in terraform, making sure terraform is already installed in the machine. check https://medium.com/@divine2142/how-to-download-and-install-terraform-on-your-machine-windows-linux-dc1eb440706 on how to download and install terraform.

c. Install the plugins Terraform needs to manage the infrastructure. After writing the configuration of your infrastructure, use the command terraform init to install the plugins. This plugin is specific to the provider specified.

d. Preview the changes Terraform will make to match your configuration. To preview these changes, we use the command terraform plan , this gives us a list of the resources to be created, destroyed or modified.

e. Make the planned changes. We use the command terraform apply to make the changes shown when we use the terraform plan command.

f. terraform destroy is a command used to destroy the infrastructure built with terraform apply.

Conclusion

Why go through the stress of provisioning infrastructure with clicks and manual processes when we can simply use IaC[Infrastructure as Code]? Infrastructure as Code tools like Terraform means that infrastructure configuration can be brought into the same development processes, allowing for testing, standardization, and scalability. Infrastructure as Code ecosystem has varieties of resources and materials to study, learn and get started. You can deploy your Infrastructure without clicking and doing the manual process.

In my next article, I will write about how to create a VPC, Internet gateway and Route Table on AWS using Terraform.

For more Infomation on Terraform, Check out:

Terraform providers written by Jack Roper

5 Ways to Manage Terraform at Scale – Best Practices written by Kamil Szczygiel