Getting Started with Terraform: Infrastructure as Code
Today I will talk a little about a subject that I am currently studying, the infrastructure as code. This strategy is a good option when we want to make our infrastructure well defined and well maintained
We can say that Infrastructure as code is the process or strategy of provisioning the necessary machines and infrastructure through one (or more) files that can be interpreted.
Some advantages of usage this is: cost reduction, faster execution / provisioning and less risk of errors. Reduces price because it’s not necessary a lot of people looking through the infrastructure to provision new things. We can integrate our Infrastructure as Code (IaC) with some CI / CD tool, reducing execution and provisioning time. With our IaC, we can see all the infrastructure and look for some mistakes and errors before they occur.
Now I will give one example: How to create our first instance with Terraform.
Firsts steps
We need download the terraform package. I will leave the instructions for installation below:
For this example, I’ll use AWS. Since this is not the main point of this post, I will not explain how to set up our aws account for this, but basically we need to create a user and use the “AWS_SECRET_KEY” and “AWS_SECRET_ID” provided.
Creating our Terraform Project
Lets imagine that we are creating this instance for one web application, so we need configure the Security Group of the instance to accept connections on port 80 and in port 22 (for ssh access), so we will need and Security Group Module in our project.
We need the instance module, where we maintain our code to create our instance. We also have the main.tf file in the project source, this file is responsible to create our modules. Below is the folder setup of my project:
The Security Group Module
This module will have only 3 files, main.tf, output.tf and security-group.tf. We use main.tf to set the input variables of our module, output.tf to the output values and the security-group.tf is where we put the security-group configuration
We start our resource with the kind of the resource, in this case “aws_security_group” and the name of the resource (“my_sg”). We are using name and description properties to set name and description of resource in aws.
The ingress property configue the inbound rules, so we are configuring to accept, in port 22, in protocol TCP (protocol 6), only the ip of our machine and in the port 80 to accept any ip.
The egress property configure the outbound rules, in this case, to anywhere (any ip). After configure this, we can create our instance module.
The Instance Module
We will also have three files in this module: main.tf, output.tf and instance.tf.
Here, output and main files has the same reason, input and output of values. The instance.tf file have the configuration of the ami (image) that we will use in the instance (ubuntu 18.04, provided by aws-marketplace), the instance type (t2.micro) and the security group that we configured before.
Final steps
After creating this modules, we need use them in our main.tf file on project source. The file is responsible to load the modules and set the variables
After this, we need only run three comands: terraform init terraform plan (to show what will be create/modified/destroyed) and terraform apply . You will se something like this on your terminal and in amazon ec2 console:
So, that’s all guys, this is the repo that I created, you can use it :)
