What is it?
HashiCorp Terraform is an Infrastructure as Code tool that allows you to provision resources in your cloud provider of choice or on-prem in a human-readable configuration.
What is the power of Terraform?
The power of Terraform lies in its ability to be versioned, be reused across multiple projects with the only differences being the variable input, share in the open-source community and scale easily if written with that in mind.
A few points of interest:
- If you write all your infrastructure in Terraform you are giving yourself the ability, in the event of a disaster, to redeploy everything in a few moments.
- You have granular control of the infrastructure you're provisioning.
- Scaleability, if required you can provision for example hundreds of virtual machines in a few lines of code.
- Cloud agnostic, to mention a few AWS, Azure, Google Cloud, Oracle, Digital ocean, etc...
What is Terraform State?
Terraform state is used to map real-world resources to your configuration, this tracks any changes made to both new and existing infrastructure.
When initiating Terraform state locally you will see a file populate in your file system called
terraform.tfstate. At the same time, it performs a ‘refresh’ which updates the state with the current state of the existing infrastructure, so when you create a plan any changes that would affect the existing infrastructure are shown including any new infrastructure.
Using state remotely means this
terraform.tfstate file is stored externally (Terraform Cloud, AWS S3, Azure storage account) so that when you execute any Terraform commands it communicates to this remotely placed state and stores any changes and depending on your setup versioning can be enabled.
Can Terraform be used collaboratively?
Yes, it can be used in collaboration via Version control (GitHub, Gitlab, Bitbucket etc), a few things to be aware of though, if you are planning on working with Terraform with multiple people you should look to place Terraform's state management system remotely, Too many people writing to state at the same time can cause the state file to become corrupted. You should look to enable state locking (in S3 this is called Object Lock under Advanced Settings) this means when one person is communicating changes the state file locks until those changes are made, the state file unlocks once the commands being run are completed.
I'm not going to go over every Terraform command but here are the basics.
terraform init: This initialises the terraform installing all dependencies (AWS Provider versions, 3rd party modules, this is run before any other commands.
terraform plan: This will show you any additions, deletions or substitutions that will affect your cloud account when running the next stage
terraform apply: This will show you a
planagain but this time with a
nooption to continue as this will begin the provisioning process of your Terraformed infrastructure.
terraform fmt and
terraform validate are great to run before anything to ensure everything is formatted and validated.
Terraform is a powerful tool that gives you the ability to orchestrate real-world infrastructure as code. It gives you an intimate understanding and control of the infrastructure you are provisioning with a backup of your infrastructure that you can deploy in a single command (depending on how much of your infrastructure is written in Terraform). The availability to version your infrastructure and work in every major cloud provider with a single language.
Hello, Just a short thank you for taking the time to read my blog, I'm planning on doing write-ups once a week and covering topics across the DevOps and SRE space.
DevOps and SRE @ Cyber-Duck