Final terraform

TERRAFORM – DEVOPS
@2020 copyright KalKey training

TERRAFORM
A. Introduction:
• What is Terrafrom
• Why use Terraform
• Providers
B. Installation & Setting up Lab
• Installing Terraform – Windows users
• Installing Terraform – Linux users
• Setting up AWS Account
C. Deploying Infrastructure with Terraform
• Creating First EC2 Instance with Terraform
• Understanding Resources and Providers
• Destroying Infrastructure with Terraform
• Terraform state

D. Interpolation, Attributes & Variables:
• Attributes and Output Values
• Referencing Cross-Account Resource Attributes
• Terraform Variables
E. Terraform Provisioners
• Understanding Provisioners in
Terraform
• Implementing remote-exec
provisioners
• Implementing local-exec
provisioners
• Integrating Ansible with Terraform

F. Terraform Modules & Workspaces:
• DRY Principle
• Implementing EC2 module with Terraform
• Variables and Terraform Modules
• Terraform Workspace
G. Terraform State:
• Local state & Remote State
• Configuring Remote State File S3
H. Discussions

A. INTRODUCTION
What is Terraform?
• Terraform is a tool for building, changing, and versioning
infrastructure safely and efficiently. Terraform can manage
existing and popular service providers as well as custom in-house
solutions.
• Configuration files describe to Terraform the components
needed to run a single application or your entire datacenter.
Terraform generates an execution plan describing what it will do
to reach the desired state, and then executes it to build the
described infrastructure. As the configuration changes, Terraform
is able to determine what changed and create incremental
execution plans which can be applied.
• The infrastructure Terraform can manage includes low-level
components such as compute instances, storage, and
networking, as well as high-level components such as DNS
entries, SaaS features, etc.

Key Features:
Infrastructure as Code
Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your
datacenter to be versioned and treated as you would any other code. Additionally, infrastructure
can be shared and re-used.
Execution Plans
Terraform has a "planning" step where it generates an execution plan. The execution plan shows
what Terraform will do when you call apply. This lets you avoid any surprises when Terraform
manipulates infrastructure.
Change Automation
Complex changesets can be applied to your infrastructure with minimal human interaction. With
the previously mentioned execution plan and resource graph, you know exactly what Terraform
will change and in what order, avoiding many possible human errors.

B. INSTALLATION & SETTING UP LAB
• yum update
• yum install wget unzip
• sudo wget https://releases.hashicorp.com/terraform/0.12.2/terraform_0.12.2_linux_amd64.zip
• mv terraform_0.12.2_linux_amd64.zip /usr/local/bin/
• cd /usr/local/bin/
• unzip ./terraform_0.12.2_linux_amd64.zip
• terraform –v

C. Deploying Infrastructure with Terraform
• Creating First EC2 Instance with Terraform
1. Go to AWS console and launch an ec2 instance to manage or create the infrastructure . Install terraform on
that and configure the environment path.
2. Now create a file with terraform code with .tf extension to launch an ec2-instance .
3. It can be written in HCL (Hashicorp Configuration Language) or JSON.

Authentication with AWS

• Creating and Configuring IAM User

• Example:
provider "aws" {
region = "us-west-2"
access_key = "PUT-YOUR-ACCESS-KEY-HERE"
secret_key = "PUT-YOUR-SECRET-KEY-HERE"
}
resource "aws_instance" "myec2" {
ami = "ami-082b5a644766e0e6f"
instance_type = "t2.micro"
}
1. $ terraform init // initializing and installing the plugins
2. $ terraform validate // validating the terraform files
3. $ terraform plan //testing the configuration files before run
4. $ terraform apply //applying and running the code mentioned
inside the terraform files
• Commands :

• Destroying Infrastructure with Terraform
terraform destroy // destroy all resources mention in the .tf file
terraform destroy -target aws_instance.myec2 // destroy the target only
=> After destroying the resources do comment out the resources inside terraform file. Otherwise it will
recreate again
Infrastructure managed by Terraform will be destroyed. This will ask for confirmation
before destroying. The terraform destroy command terminates resources
defined in your Terraform configuration. This command is the reverse of terraform apply in that it
terminates all the resources specified by the configuration. It does not destroy resources running
elsewhere that are not described in the current configuration.

• Terraform State
Terraform must store state about your managed infrastructure and configuration. This state is used
by Terraform to map real world resources to your configuration, keep track of metadata, and to improve
performance for large infrastructures. This state is stored by default in a local file named "terraform.
Desired State:
It is the state where you have defined in your configuration, with the actual state of your existing resources.
Current State:
Current configuration which is running in the environment and mentioned in the local file.

To refresh the current state:
terraform refresh
 Scenario:
If you change a parameter manually in any services inside AWS and then you want to roll back to
previous value then it is mandatory to have it inside the desired state files.

• D. Interpolation, Attributes & Variables:
• Attributes and Output Values
Resource instances managed by Terraform each export attributes whose values can be used elsewhere in
configuration. Output values are a way to expose some of that information to the user of your module.
Note: For brevity, output values are often referred to as just "outputs" when the meaning is clear from
context.

provider "aws" {
}
resource "aws_eip" "lb" {
vpc = true
}
output "eip" {
value = aws_eip.lb
}
resource "aws_s3_bucket" "mys3" {
bucket = "kplabs-attribute-demo-001"
}
output "mys3bucket" {
value = aws_s3_bucket.mys3
}

provider "aws" {
}
ami = "ami-082b5a644766e0e6f"
}
resource "aws_eip" "lb" {
vpc = true
}
resource "aws_eip_association" "eip_assoc" {
instance_id = aws_instance.myec2.id
allocation_id = aws_eip.lb.id
}

resource "aws_security_group" "allow_tls" {
name = "kplabs-security-group"
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["${aws_eip.lb.public_ip}/32"]
# cidr_blocks = [aws_eip.lb.public_ip/32]
}
}

Terraform Variables:

resource "aws_security_group" "var_demo" {
name = "kplabs-variables"
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = [var.vpn_ip]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
}
ingress {
from_port = 53
to_port = 53
protocol = "tcp"
}
}

variable "vpn_ip" {
default = "116.50.30.50/32"
}
Source:

Understanding Provisioners in Terraform

ami = "ami-082b5a644766e0e6f"
provisioner "local-exec" {
command = "echo ${aws_instance.myec2.private_ip} >> private_ips.txt"
}
}
LOCAL EXEC PROVISIONERS

ami = "ami-082b5a644766e0e6f"
key_name = "kplabs-terraform"
provisioner "remote-exec" {
inline = [
"sudo amazon-linux-extras install -y nginx1.12",
"sudo systemctl start nginx"
]
connection {
type = "ssh"
user = "ec2-user"
private_key = file("./kplabs-terraform.pem")
host = self.public_ip
}
}
}
Remote Exec Provisioners

Integrating Ansible with Terraform

• Steps:
1. Install Ansible on the system.
2. Write a playbook to install and configure the applications.
3. Copy and paste the pem file which is tagged to the instance.
4. Write your tf code to build and provision the instance . Inside the tf code call
ansible playbook to run it like below.

Files:
nginx.yml

ec2.tf

terrafrom workspace show
terraform workspace list
terraform workspace select dev
terraform workspace new prod

• Example:
Project File ( ec2_web.tf )
provider "aws" {
access_key = "YOUR-ACCESS-KEY-HERE"
secret_key = "YOUR-SECRET-KEY-HERE"
}
module "myec2" {
source = "../../modules/ec2"
}

Modules File ( mod_ec2.tf )
resource "aws_instance" "myweb" {
ami = "ami-bf5540df"
instance_type = "${lookup(var.instance_type, terraform.workspace)}"
security_groups = ["default"]
tags {
Name = "web-server"
}
}
/*
default - t2.nano
dev - t2.micro
prd - m4.large
*/

Modules File ( variables.tf )
variable "instance_type" {
type = "map"
default = {
default = "t2.nano"
dev = "t2.micro"
prd = "m4.large"
}
}

Configuring Remote State File S3

Backend:
Steps:
• Create s3 bucket in AWS.
• Define terraform code for setting remote backend.

THANK YOU
• Q & A Session

Final terraform

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Final terraform

Similaire à Final terraform (20)

Plus de Gourav Varma

Plus de Gourav Varma (20)

Dernier

Dernier (20)

Final terraform