Introduction to Terraform

How does Terraform work?

Terraform is open source and free tool that creates and manages resources on cloud platforms and other services through their application programming interfaces (APIs). Providers enable Terraform to work with virtually any platform or service with an accessible API - it's very useful piece of software regarding to Infrastructure as Code paradigm.

HashiCorp and the Terraform community have already written more than 1700 providers to manage thousands of different types of resources and services, and this number continues to grow. You can find all publicly available providers on the Terraform Registry, including Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes, Helm, GitHub, Splunk, DataDog, and many more. You can get more advantages of keeping state and code in git repository in our article.

Terraform State

The primary purpose of Terraform state is to keep track of all your infrastructure, Terraform keeps a track of your remote resources and their configuration in this state file. It also keeps a track of resource metadata and their dependencies in state file, this helps Terraform to improve performance for large infrastructures.

Terraform state is a JSON file and provides various backend options to store the state file. Most popular backend is S3 when working with AWS.

Terraform stages

terraform init - command is used to initialize a working directory containing Terraform configuration files. This is the first command that should be run after writing a new Terraform configuration or cloning an existing one from version control.

terraform plan - command creates an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure. By default, when Terraform creates a plan it:

• reads the current state of any already-existing remote objects to make sure that the Terraform state is up-to-date,
• compares the current configuration to the prior state and noting any differences,
• proposes a set of change actions that should, if applied, make the remote objects match the configuration.

terraform apply - command executes the actions proposed in a Terraform plan.

Terraform installation

In many Linux distributions Terraform is available in repositories, but it's better to download the latest Terraform package. Update are published very often and version available in repository might be outdated. Refer to the official download page to get the latest version for the respective OS.

Packages are delviered in ZIP format, you can use this code to install it in Linux environmnet:

$ wget https://releases.hashicorp.com/terraform/1.1.4/terraform_1.1.4_linux_amd64.zip $ unzip terraform_1.1.4_linux_amd64.zip $ sudo mv terraform /usr/local/bin $ terraform -v Terraform v1.1.4 on linux_amd64

Provision resources on AWS using Terraform

Terraform by default scans for all files with .tf extension in working directory, that's why it's recommended to create separated directory per project. Let's do that:

mkdir -p quickstart cd quickstart vim demo.tf

Paste below content in file (Note: ‘secret_key’ used below is from my account, you’ll have to replace it with your own key). Follow this AWS link for generating one.

provider "aws" {  access_key = "AKIA3DRRYIMJKCSKTAMN"  secret_key = "6GdgnoH0N/wkAxOUrwEK4rYCd4N4fH2xxoEiYZot"  region = "us-east-1" } resource "aws_instance" "terraform_demo" {  ami = "ami-0ff8a91507f77f867"  instance_type = "t2.micro" }

Save and exit the file. Now run command: terraform init. You’ll see below output (truncated to make it understandable):

Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/aws... - Installing hashicorp/aws v3.74.0... - Installed hashicorp/aws v3.74.0 (signed by HashiCorp) Terraform has created a lock file .terraform.lock.hcl to record the provider Terraform has been successfully initialized!

Now run: terraform plan. Output will be like (truncated to make it understandable):

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:  + create Terraform will perform the following actions:  # aws_instance.terraform_demo will be created  + resource "aws_instance" "terraform_demo" {      +………………..    } Plan: 1 to add, 0 to change, 0 to destroy.

Next, run terraform apply, to create resource sin AWS.

Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions?  Terraform will perform the actions described above.  Only 'yes' will be accepted to approve.  Enter a value: yes aws_instance.terraform_demo: Creating... aws_instance.terraform_demo: Still creating... [10s elapsed] aws_instance.terraform_demo: Creation complete after 51s [id=i-0a578f946ace27309] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Now if you go to AWS console, you’ll see an EC2 instance with ID: i-0a578f946ace27309 was created.

To destroy the infrastructure, run terraform destroy. Output (truncated to make it understandable):

aws_instance.terraform_demo: Refreshing state... [id=i-0a578f946ace27309] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:  - destroy Terraform will perform the following actions:  # aws_instance.terraform_demo will be destroyed  - resource "aws_instance" "terraform_demo" { } Plan: 0 to add, 0 to change, 1 to destroy. Do you really want to destroy all resources?  Terraform will destroy all your managed infrastructure, as shown above.  There is no undo. Only 'yes' will be accepted to confirm.  Enter a value: yes aws_instance.terraform_demo: Destroying... [id=i-0a578f946ace27309] aws_instance.terraform_demo: Destruction complete after 41s Destroy complete! Resources: 1 destroyed.

Conclusion

The above gives you an idea to get started with Terraform. Go ahead and try out the example I have just shown. More examples you can find in official tutorial.