Terraform or ARM Templates
Salam aleikom (Hello), today we will talk about the benefits of using terraform with Azure.
Infrastructure as Code appeared to solve the problem of environment drift in the release pipeline. Without IaC, infrastructure involves manual processes to maintain, to track or to administrate.
Terraform is a tool for building, changing and versioning infrastructure safely. It ensures using a configuration file that describes the needed components to Terraform .
Then, Terraform generates an execution plan that describes what it will do to reach the desired state.
Then builds the described infrastructure.
Some of you will say, it’s cool, but we have an ARM Template and Powershell to do this. Yes, you’re right, but here is a list of advantages of Terraform that I’ve found :
HashiCorp Configuration Language :
Terraform uses a language called Hashicorp Configuration Language — HCL. This language has it’s own configuration but allows for variables and conditionals.
It’s human readable and is easier to read than ARM Template.
The example below shows how to create a virtual network using Terraform :
resource "azurerm_virtual_network" "test" {
name = "mediumcharotvnet"
resource_group_name = "${azurerm_resource_group.test.name}"
address_space = ["10.0.0.0/16"]
location = "West Europe"
dns_servers = ["10.0.0.4", "10.0.0.5"]
subnet {
name = "subnet1"
address_prefix = "10.0.1.0/24"
}
}Easy to read, because it reduces nesting and does not need to specify an API Version.
State file :
Terraform separates the state of the deployment and stores it inside a file “.tfstate” . Cool, but why ?
- Terraform keeps an eye of the resources it deploys, once you run an easy “terraform destroy”, it will destroy everything that it created before.
- The state file can be used as an input data. So you can use it to get details.
- Also you can refresh the state to make sure that it is inline with the existing deployment.
Terraform main Commands :
The 3 main commands of Terraform are:
terraform plan : This command allows to visualize the execution plan (the actions that will be done) without applying them (Dry Run mode).
The “Dry Run” is another advantage of using state file. Before running a deployment we can run “terraform plan”. This gives you a look about what you are about to deploy and the changes that you need to make. This plan can be exportable, so if you don’t have the permission to deploy an Azure resource, you can give it to someone who does.
terraform apply : Enables you to apply the execution plan by creating, updating, or deleting the elements of the managed infrastructure.
terraform destroy : Allows removal of infrastructure elements managed by Terraform.
Terraform Graph :
Terraform builds a graph of all resources used and parallelizes the creation and modification of all independent resources. Thus, deployments are more efficient and OPS team has a view of the interdependencies of their infrastructures.
Note : You can create a Resource Group with Terraform without using PowerShell :D .
Terraform is not heaven. It has some inconvenients too. Not all the resources are available, and there is a delay between the resources released by Microsoft. Luckily, there is a workaround, you can deploy an ARM inside Terraform which is a very bad solution.
An advice : TAKE CARE OF YOUR STATE FILE. IT CONTAINS EVEYRTHING (You can use Storage Account to store Terraform statefile).
This article was just an introduction to Terraform. I will try to show you how to use Terraform to deploy Azure infrastructure and integrates it with Azure DevOps.
Bella Ciao.
