As our data centre is moving from on-premise site to AWS, there is a need to re-organize infra from the very beginnig. So, creating bunch of VPC, Subnets and instances should be carried on. But how..?
There might be some problems.
- If I create all these things manually, then I doubt there should be at least one mistake. For example, I could forget to add Name tag or choose IAM role etc..
- It does take too much time to create all enities. Well.. I can use function provided by AWS to increase setup speed but I’m pretty sure not all the things can be covered.
- Sharing history with my team can be difficult. What if I create a new instance and don’t share this job with my colleagues? Some can find that I created a new one but most of them can’t easily catch it. We can use logs to check history but just simple logs won’t provide versioning or further features that I need.
So.. aren’t there any *fancy* ways/methods to satisfy above points?
Terraform can be an answer!
Then what is it? What does Terraform exactly do?
According to official Terraform site, Terraform is a tool for building, changing and versioning infrastructure safely and efficiently. Terraform has configuration files which include execution plans and literally execute these plans to build the described infrastructure.
Sources:
- https://www.terraform.io/intro/index.html
- https://learn.hashicorp.com/tutorials/terraform/infrastructure-as-code?in=terraform/aws-get-started
Ok, I got a concept of Terraform. Then let’s use it.
How to use Terraform?
- Install Terraform
I will test on my mac so I downloaded file for mac os.
After I downloaded a file, I followed this guide to place terraform correctly.
2. Prepare environment
Need to prepare below stuff.
- Terraform
- AWS CLI: https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-mac.html
- AWS account
- AWS credential (Access key, Secret access key)
In my case, I already have AWS account and installed AWS CLI so I only created AWS credential for this time.
3. Write configuration
# make directory for a test
$ mkdir learn-terraform-aws-instance# move to the directory
$ cd learn-terraform-aws-instance# make terraform configuration file
$ touch main.tf# main.tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.27"
}
}required_version = ">= 0.14.9"
}provider "aws" {
profile = "default"
region = "us-west-2"
}resource "aws_instance" "soniatest" {
subnet_id = "subnet-12345678"
ami = "ami-12345678"
instance_type = "t2.micro"
ebs_block_device {
device_name = "/dev/sda1"
volume_size = 30
volume_type = "gp2"
}
security_groups = ["sg-12345678"]
key_name = "test"
tags = {
Name = "sonia test"
}
volume_tags = {
Name = "sonia test"
}
}
Source: https://learn.hashicorp.com/tutorials/terraform/aws-build?in=terraform/aws-get-started
A Terraform configuration file consists of 3 blocks.
- Terraform: Contains Terraform settings
- Provider: Configures the specified providers, in this case ‘aws’. A provider is a plugin that Terraform uses to create and manage resources.
- Resource: Define components of infrastructures. For example, ec2, subnet, VPC etc..
4. Validate configuration file and run to deploy.
terraform init # create a new configuration file
terraform fmt # print out the names of files it modified
terraform validate # check syntax error
5. Create infrastructure
terraform applyUse web console to check if a new instance has been created.
(In my case, Yes!! I successfully created it without any errors.)
In summary,
a. I installed Terraform on my mac.
b. I also installed AWS CLI on my mac and configured with a command aws configure . (Add my access key, secret access key, default region, profile)
→ Terraform use this information to access aws.
c. Created a new directory in my mac and created a configuration file.
d. Run a few commands to verify configuration file and deploy infrastructure.
As I just mentioned at the beginning, I start using Terraform to make up infrastructure easily and also to share work history with my team efficiently. But.. because Terraform is a powerful tool, I do believe that it can be used beyond what I do.
🍰
