Terraform from scratch

When it comes to building corporate network infrastructure there are two main possibilities

On-premise
Cloud

What is On-premise infrastructure?

Managing IT infrastructure was a manual process. People would physically put servers in place and configure them. Only after the machines were configured to the correct setting required by the OS and applications would those people deploy the application. Unsurprisingly, this manual process would often result in several problems like cost, scalability and availability, monitoring the performance and inconsistency

What is Cloud infrastructure?

With cloud infrastructure, rather than using your own servers, all networking resources are run and fully managed by third-party providers on their servers, like AWS, Azure etc.

Cloud infrastructure vs on-premise: which should use?

In recent years the cloud has grown in popularity because the deployment process is much easier than on-premise.

Not only can cloud infrastructure scale easily to meet our demands, but you only pay for the resources you use, and without any physical infrastructure required by you.

What benefits of cloud infrastructure?

The main benefits of using cloud infrastructure are-

Cost reduction.
Increase in speed of deployment.
Reduce Error.
Improve infrastructure consistency
Eliminate configuration errors.

The downside of cloud.

It is simple but it requires a manual process to set up the requirements. You have to create tens of components, configure each component in a specific way and make sure that everything works together efficiently and securely, so, to overcome that issue the concept of IAC tools comes.

What is infrastructure-as-code?

Infrastructure as code (IaC) means managing your IT infrastructure using configuration files.

There is no need for manual configuration. Instead, DevOps, teams can automatically manage, monitor and provision resources by configuration files. By using IaC, the provisioning code becomes easy to edit, copy and distribute.

Infrastructure as Code vs Automation

Infrastructure as Code and automation are two closely related terms, but mean very different things. Infrastructure as code is concerned with maintaining the configuration or state of the data center infrastructure in a known way. Automation deals more with the process of automatically pushing that state into the infrastructure and maintaining it.

Some popular IAC tools are-

Terraform
Ansible
AWS Cloud Formation
Azure resource manager
Google Cloud deployment managers
Chef
Puppet
Saltstack

What is AWS Cloud formation?

AWS CloudFormation is an AWS service that uses template files to automate the setup of AWS resources.

It can also be described as an infrastructure automation or Infrastructure-as-Code (IaC) tool and a cloud automation solution, because it can automate the setup and deployment of various Infrastructure-as-a-Service (IaaS) offerings on the AWS CloudFormation, supports virtually every service that runs in AWS. (A full list of supported services is available here.)

You can use CloudFormation to automate the configuration of workloads that run on the most popular AWS services like the EC2 compute service, the S3 storage service, and the IAM service for configuring access control.

What are Third-party IAC tools?

The main advantage of choosing an alternative to CloudFormation is that most third-party IaC tools can configure resources running on various public clouds, not just AWS. If you use multiple clouds at once -- in other words if you run some workloads on AWS and others on Microsoft Azure -- a third-party IaC tool platform is convenient because it allows you to use the same configuration management tool for all of your workloads and you don't need to learn 2 different tools.

On the other hand, as AWS's native IaC platform, CloudFormation offers the deepest level of integration with the AWS cloud, including features like Designer, which lets you create and modify CloudFormation templates directly on the AWS website.

The most popular Third-party IAC tool is Terraform.

What is Terraform?

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can help with multi-cloud by having one workflow for all clouds. The infrastructure Terraform manages can be hosted on public clouds like Amazon Web Services, Microsoft Azure, and Google Cloud Platform, or on-prem in private clouds such as VMWare vSphere, OpenStack, or CloudStack. Terraform treats infrastructure as code (IaC) so you never have to worry about your infrastructure drifting away from its desired configuration.

What Terraform does once you write the configuration files and then Terraform will take the configuration file and create an API for it and then submit the API to the target cloud providers.

Advantage of Terraform

Manage any infrastructure - You can manage any kind of infrastructure with the help of Terraform whether it is an existing cloud or any new cloud that comes into the future.
Track your infrastructure - you don't have to log in to the cloud provider and check what type of infrastructure you have created you can simply log in to your Terraform machine and you can look into the state machine.
Automate changes - whenever you want to make any changes you can put your terraform file in a git repository with the help of git you can change the resources of your EC2 instances, instead of the manual process you can go to your git and you update your terraform file.
Standardize configuration - It means there is a standard that you are maintaining with TF files with all cloud providers.

Terraform Life Cycle

Terraform mainly consists of - init, plan, apply, and destroy

Terraform Tutorial for Beginners : Everything You Should Know

It is the first step to write Terraform configuration files you can follow the Hasicorp docs and search for the provider you want, from there you can find each and every example of the resource you want to create

Terraform init (To initialize) - After writing your Terraform configuration file, the Terraform init command is the first command you should use to initialize the working directory. it performs several different initialization steps in order to prepare the current working directory for use with Terraform.
Plan - Terraform supports dry run with this you can see what going to happen when you actually execute.
Apply - Terraform provision your infrastructure and update the state file.
Terraform Destroy - It will delete all resources that are governed by this specific terraform environment.

Install Terraform

For mac -

Use this commands

brew tap hashicorp/tap

brew install hashicorp/tap/terraform

To check whether Terraform is installed or not use this command

terraform --version

Terraform has been successfully installed in your mac system.

For Linux

First, install repository addition dependencies

sudo apt update
sudo apt install  software-properties-common gnupg2 curl

Now import GPG keys,

  curl https://apt.releases.hashicorp.com/gpg | gpg --dearmor > hashicorp.gpg
  sudo install -o root -g root -m 644 hashicorp.gpg /etc/apt/trusted.gpg.d/

With the key imported now add Hashicorp repository to your Ubuntu system.

  sudo apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main"

Now install terraform
```
  sudo apt install terraform
```
Check the version of Terraform installed on your system
```
  terraform --version
```
Terraform has been successfully installed in your system.

Terraform File -

Terraform is written in Hashicorp Configuration Language (HCL), which is a fully functional and immutable-based programming language.

Code in the Terraform language is stored in plain text files with the .tf file extension.

first, when you write the .tf file you need to provide the provider's details without the provider's details your terraform is of no use. when we initialize our .tf file it will first look for the provider's details.

Below is an example of how cloud providers' details look like

What is State File?

When you run terraform apply the command to create an infrastructure on the cloud, Terraform creates a state file called “terraform.tfstate”. This State File contains full details of resources in our terraform code. When you modify something on your code and apply it on the cloud, terraform will look into the state file, and compare the changes made in the code from that state file and the changes to the infrastructure based on the state file.

State file good practices

You should never store your state file local machine and source control like git
You should store the state file in the remote backend server
Do not manipulate the state file stored locally
Only give read permission to the state file
Isolate the state file to reduce the complexity (like separate state file as dev and prod)

What is terraform module?

One or more than one configuration file in any directory is known as a module

Even when you don't create a module intentionally, if you use Terraform, you are already writing a module known as the root module

Any other subdirectory having a configuration file is known as a child module

Problem with Terraform

The state file is a single source of truth.
Manual changes to the cloud provider cannot be identified and auto-corrected.
Not GitOps friendly tools.
Can become very complex and difficult to manage.
Trying to use it as a configuration tool.

Run your first terraform project

In our first terraform project we will try to create EC2 instances with the help of terraform file.

prerequisites -

Terraform installed locally
An AWS account
AWS CLI installed
Your AWS credentials are configured locally with your access keys and a default region

So, First, we will create our terraform file which will create an aws ec2 instance, we will provide all details of AWS cloud providers and resources, you can refer to the terraform documentation for AWS.

Let's start,

first, create a separate directory and then write your tf file on that specific directory you can use Vim or VS code to write Terraform file.

the TF file looks like this

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.16"
    }
  }

  required_version = ">= 1.2.0"
}

provider "aws" {
  region  = "us-east-1"
}

resource "aws_instance" "app_server" {
  ami           = "ami-007855ac798b5175e"
  instance_type = "t2.micro"

  tags = {
    Name = "Terraform_Demo"
  }
}

after writing your TF file save it with the .tf extension

Then open your terminal and change the directory to that location where your .tf is saved (I saved my tf file in the terraform-aws folder as main.tf )
After that, you have to first initialize your terraform file for that use this command
```
  terraform init
```

You will get this type of output Terraform has been successfully initialized!

After initialization, us this command
```
  terraform plan
```
- In our Terraform file, we are creating an ec2 Instance in the us-east-1 region, as you can see that there are no instances running in my AWS console
- When we applyterraform apply command it is actually going to create the ec2 instance
- Again in your terminal execute
```
  terraform apply
```
  It will start executing the required resources, it will ask you to approve the action, for that you have to enter the value as yes
  - When you hit enter it will start creating an ec2 instance in the us-east-1 region
  - Now when you again go to your AWS console now you can see that instance with terraform_demo is created
  - At last, make sure to stop/terminate the instance.