Here’s a page aimed at those that are graduates, changing career paths or even just an interest in other technologies.
The Hashicorp Terraform intro page has a nice overview of what it actually is.
Terraform acts as an orchestration tool, that is it lets you manage a framework, common use cases are infrastructure based (Cloud or On-Premises), management of Fastly (a popular Content Delivery Network) and more.
Terraform is not really a configuration management tool. There should be a clear split between the use of an orchestration tool and a configuration management tool, read on for an example 😄
Firstly, take a look at the Terraform list of providers here and work out your appropriate provider, in this example I’m going to use the AWS provider. I’d have a file called provider.tf
provider “aws” {
region = var.aws_region
}You’ll see there is usage of a variable called aws_region. I’d put variables in their own file, usually variables.tf.
variable “aws_region” {
default = "eu-west-2"
}The default line sets the value of the variable, this isn’t the only way to do this but a nice easy layout.
Incidentally, I could have just done.
provider “aws” {
region = “eu-west-2”
}There are two reasons that I don’t like that approach:
* If any other part of the code you are using elsewhere needs to set the region, you have repetition of hard coded values.
* Once you have a bigger code set, there are more places to look for things. Imagine the scenario of being given the task of changing a value and how it manifests upon creation, if this is in many files, you are far more likely to miss something. Use variables, the down side is that you may end up with a larger variables.tf file but as that’s where you’re looking that’s ok.
Once you have a provider.tf and a variables.tf, you’ll want to add some code for the thing you are actually creating. Let’s start with an AWS VPC and some subnets. In a vpc.tf at an absolute minimum, you would need
resource "aws_vpc" "main" {
cidr_block = var.vpc_cidr
}Let’s take this part by part.
Terraform uses resources to create and define functionality as part of the Terraform lifecycle. The next part is “aws_vpc”, this is the name of the resource and is defined within the AWS provider. The use of “main” here is just an arbitrary name, this can be called anything. The cidr_block needs to be defined to create the VPC, there are further arguments that can be included but this is the only required one. As this is CIDR notation it needs to be full notation, eg “10.0.0.0/16”.
Let’s add some subnets to the VPC. AWS has Availability Zones and an individual subnet cannot span more than one AZ. Above, “eu-west-2” region was used, this has 3 AZ’s, so let’s create 6 subnets (3 public ones and 3 private ones, private ones don’t get a route out to the Internet).
resource "aws_subnet" "subnet1" {
vpc_id = aws_vpc.main.id
cidr_block = var.subnet1_cidr
This can be done 6 times with the appropriate CIDR ranges defined. Mature code would have cleaner definitions for multiple resources but that’s beyond the scope of this.
Note that well planned subnetting takes thought and calculation, I would always advise leaving spare capacity!
Next, let’s create an EC2 Instance (AWS’ name for a virtual machine).
resource "aws_instance" "web" {
ami = var.ami_id
instance_type = var.instance_type
subnet_id = aws_subnet.subnet1.id
}Whilst the subnet_id part isn’t strictly required, controlling where the instance is created is ideal.
There are supporting components that would be added here to make all this work properly, such as routing tables, instance key and a few other things.
There’s one thing missing here and that is access to perform these actions in AWS. For this we would create an IAM user, add an access key. These then go inside an aws/credentials file as part of the aws-cli package (as detailed here). An addition to the provider.tf to include the profile is required, this would be preferred to adding the access keys to your provider.tf directly. Alternatively, each time you wanted to use the keys you could export them as system variables.
I work for AND Digital, as part of Club Murray. We have an interest in STEM and work with Sheffield Hallam University (which is where I graduated). Take a look into what we’re about!
