Terraform - Use Infrastructure as Code to provision and manage any cloud, infrastructure, or service



Setup (source) :

  1. as non-root :
    version='0.12.10'; tempDir=$(mktemp -d) && cd "$tempDir" && wget "https://releases.hashicorp.com/terraform/$version/terraform_${version}_linux_amd64.zip" && wget "https://releases.hashicorp.com/terraform/$version/terraform_${version}_SHA256SUMS" && sha256sum --ignore-missing -c "terraform_${version}_SHA256SUMS" && unzip "terraform_${version}_linux_amd64.zip" && rm terraform_${version}_{linux_amd64.zip,SHA256SUMS}
  2. as root :
    mv terraform /usr/local/bin
  3. as non-root :
    cd - && [ -d "$tempDir" ] && rmdir "$tempDir"

AWS setup (source) :

Since we're going to experiment on AWS, we'll need a few things first :
  1. Enroll to AWS's Free Tier offer
  2. install and configure AWS CLI

Usage (source) :

Configuration (source, syntax) :

We are going to create the example.tf configuration file containing the following code :
provider "aws" {			provider : who will create and manage resources
  profile    = "default"		this refers to the profile name described in ~/.aws/credentials and ~/.aws/config files
  region     = "us-east-1"

resource "aws_instance" "example" {	resource resourceType resourceName
  ami           = "ami-2757f631"	this is an Ubuntu image
  instance_type = "t2.micro"		something that's included in the Free Tier
The profile named default is the one we declared while configuring AWS CLI. It's part of the best practices to save AWS credentials (aka IAM) outside of Terraform code.
Let's create this now :
workDir="$HOME/terraform"; mkdir -p "$workDir" && cd "$workDir" cat << EOF > example.tf
provider "aws" {
  profile    = "default"
  region     = "us-east-1"

resource "aws_instance" "example" {
  ami           = "ami-2757f631"
  instance_type = "t2.micro"

Initialization (source) :

When starting working on a new configuration, or after checking out an existing one from version control, we must initialize things :
terraform init
Initializing the backend...

Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "aws" (hashicorp/aws) 2.31.0...

The following providers do not have any version constraints in configuration,
so the latest version was installed.

To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.

* provider.aws: version = "~> 2.31"

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
  • The aws provider plugin is downloaded and installed in a subdirectory of the current working directory ($HOME/terraform/.terraform/plugins/...), along with various other book-keeping files.
  • The output specifies which version of the plugin was installed, and suggests specifying that version in configuration to ensure that running terraform init in future will install a compatible version (not necessary here since we're only experimenting)

Apply changes (source) :

  1. show the execution plan (i.e. simulate changes) :
    terraform plan
    Terraform will perform the following actions:
    	# aws_instance.example will be created
    	+ resource "aws_instance" "example" {
    		+ ami                          = "ami-2757f631"
    		+ arn                          = (known after apply)
    		+ associate_public_ip_address  = (known after apply)
    		+ availability_zone            = (known after apply)
    		+ cpu_core_count               = (known after apply)
    		+ cpu_threads_per_core         = (known after apply)
    		+ get_password_data            = false
    		+ host_id                      = (known after apply)
    		+ id                           = (known after apply)
    		+ instance_state               = (known after apply)
    		+ instance_type                = "t2.micro"
    		+ ipv6_address_count           = (known after apply)
  2. apply changes :
    terraform apply
    (same lines as above : the execution plan)
    Do you want to perform these actions?
    	Terraform will perform the actions described above.
    	Only 'yes' will be accepted to approve.
    	Enter a value: yes
    aws_instance.example: Creating...
    aws_instance.example: Still creating... [10s elapsed]
    aws_instance.example: Still creating... [20s elapsed]
    aws_instance.example: Still creating... [30s elapsed]
    aws_instance.example: Creation complete after 38s [id=i-0a7ab5d379ca16819]
    Apply complete! Resources: 1 added, 0 changed, 0 destroyed.