Table of contents
If you want to create servers in AWS or in any other cloud provider then, we can either use their console (GUI) to manually create it or use the CLI.
But what if we've to do the same task multiple times?
- We'll create a template & when it runs, it automatically creates resources specified in it.
With Terraform you can create such templates & run in almost every cloud. It uses API given by cloud providers.
Definition
Terraform is a tool for building, changing & versioning infrastructure safely & effectively. It's an Infrastructure as a Code (Iaac).
HCL
Hashicorp created a new language Hashicorp Configuration language (HCL).
Syntax -
< Resource name > < Service name > < Unique Block Identifier > { Identifier (Key) = Expression (Value) }
Commands
1. terraform init - It downloads all modules required to run these scripts.
2. terraform plan - Before executing we create a plan - its like a blueprint, we'll know what all things will be done when it'll be executed.
3. terraform apply - Executes the plan.
4. terraform destroy - Deletes the resources created by terraform.
Best Practices
By Tech-World-With-Nana
Issue - When you're working in a team, how will other team members get access to latest terraform file to make changes to it?
Solution - Always set up a shared remote storage for state file. It can be AWS S3, terraform cloud, Azure Blob storage, google cloud storage.
Issue - How can you prevent changes being made simultaneously?
Solution - Use state locking until an update is fully committed to prevent concurrent runs to your state file. We can configure this in storage backend. If we're using AWS S3, then we can use Dynamo DB to achieve it.
Issue - What if you overwrite data accidentally or the data gets corrupted?
Solution - Always keep a back up of your state file. If you're using AWS S3, then enable versioning in it.
Issue - How will you manage multiple environments (Dev, Test, Prod) with 1 state file?
Solution - Use 1 state file per environment.
Issue - How will you share the terraform code with your team members to achieve effective team collaboration?
Solution - Host terraform scripts in git repository.
Issue - What if someone commits a code with error / vulnerability?
Solution - Have a process to review the terraform code & run automated tests.
Issue - How & who applies those terraform changes?
Solution - Execute terraform changes only through Automated build - continuous deployment pipleine. This way you've a single location from which all infrastructure changes happens.
Issue - How will you make changes to the state file?
Solution - Make Changes to the state file through terraform commands. Do not manually edit the file otherwise, you may get unexpected results.
By Taina Rohweder -
Use Modules to reuse code, specially when creating multiple resources or working with multiple environments.
Use loops like count & for-each to optimize repetitive resource creation inside your modules. Eg. Creating multiple subnets, with 1 block of resource code.
Try not to Hardcode values, inside your resources blocks, Use variables instead & centralize the values with terraform.tfvars file.