{"id":548,"date":"2021-01-10T21:03:59","date_gmt":"2021-01-10T21:03:59","guid":{"rendered":"https:\/\/blog.thomarite.uk\/?p=548"},"modified":"2021-01-10T21:03:59","modified_gmt":"2021-01-10T21:03:59","slug":"terraform-part1","status":"publish","type":"post","link":"https:\/\/blog.thomarite.uk\/index.php\/2021\/01\/10\/terraform-part1\/","title":{"rendered":"Terraform-Part1"},"content":{"rendered":"\n

After learning about kubernetes from kodekloud<\/a>. I want to take a look at Terraform.<\/p>\n\n\n\n

These are my notes that I am taking along the course.<\/p>\n\n\n\n

1- Intro<\/strong>:<\/h2>\n\n\n\n

A- config mgmt: ansible, puppet, saltstack<\/p>\n\n\n\n

Design to install and manage sw<\/p>\n\n\n\n

B- Server Templating: docker, packer, vagrant.<\/p>\n\n\n\n

Pre install sw and dependencies<\/p>\n\n\n\n

vm or docker images<\/p>\n\n\n\n

immutable infra<\/p>\n\n\n\n

C- Provision tools: terraform<\/strong>, cloudformation<\/p>\n\n\n\n

deploy immutable infra resources<\/p>\n\n\n\n

servers, dbs, net components<\/p>\n\n\n\n

multiple providers.<\/p>\n\n\n\n

<\/p>\n\n\n\n

Terraform is available in AWS, GCP, Azure and physical machines. Multiple providers like cloudflare, paloalto, dns, infoblox, grafana, influxdb, mongodb, etc<\/p>\n\n\n\n

It uses a declarative<\/strong> code HCL<\/strong> = HashiCorp Config Language: *.tf<\/p>\n\n\n\n

Phases<\/strong>: Init, plan and apply.<\/p>\n\n\n\n

2- Install and Basics<\/h2>\n\n\n\n

I am going to use my laptop initially, so I will follow the official instructions<\/a> using a precompiled binary. So download the zip file (terraform_0.14.3_linux_amd64.zip), unzip and move the binary somewhere active in your path. I decided to use \/usr\/bin and install autocompletion.<\/p>\n\n\n\n

\/terraform\/test1$ which terraform\n \/usr\/bin\/terraform\n\n\/terraform\/test1$ terraform version\n Terraform v0.14.3\n provider registry.terraform.io\/hashicorp\/local v2.0.0 \n\n\/terraform\/test1$ terraform -install-autocomplete<\/pre>\n\n\n\n
HCL Basics:<\/p>\n\n\n\n
<block> <parameters> {\n  key1 = value1\n  key2 = value2\n }<\/pre>\n\n\n\n
Examples:<\/p>\n\n\n\n
\/\/ This one use the resource \"local_file\". We call it \"hello\". It creates a file with specific content\n$ vim local.tf\n resource<\/strong> \"local_file<\/strong>\" \"hello<\/strong>\" {\n  filename<\/strong> = \"\/tmp\/hello-terra.txt\"\n  content<\/strong> = \"hello world1\"\n }\n\nBased on the above:\n block_name -> resource<\/strong>\n provider type -> local<\/strong>\n resource type -> file<\/strong>\n resource_name: hello<\/strong>\n   arguments: filename<\/strong> and content<\/strong>\n\n\n\/\/ The next ones use AWS provider types\n\n$ vim aws-ec2.tf\n resource \"aws_instance\" \"webserver\" {\n  ami = \"ami-asdfasdf\"\n  instance_type = \"t2.micro\"\n }\n\n$ vim aws-s3.tf\n resource \"aws_s3_bucket\" \"data\" {\n   bucket = \"webserver-bucket-org-2207\"\n   acl = \"private\"\n }<\/pre>\n\n\n\n
Deployment process:<\/p>\n\n\n\n
 0- create *.tf file\n 1- terraform init --> prepare env \/ install pluggins, etc\n 2- terraform plan --> steps to be done \/\/ review\n 3- terraform apply -> execute steps from plan\n 4- terraform show<\/pre>\n\n\n\n
Example using “local_file” resource:<\/p>\n\n\n\n
\/terraform\/test1$ terraform init \n Initializing the backend\u2026\n Initializing provider plugins\u2026\n Reusing previous version of hashicorp\/local from the dependency lock file\n Installing hashicorp\/local v2.0.0\u2026\n Installed hashicorp\/local v2.0.0 (signed by HashiCorp) \n Terraform has been successfully initialized!\n You may now begin working with Terraform. Try running \"terraform plan\" to see\n any changes that are required for your infrastructure. All Terraform commands\n should now work.\n If you ever set or change modules or backend configuration for Terraform,\n rerun this command to reinitialize your working directory. If you forget, other\n commands will detect it and remind you to do so if necessary.\n\/terraform\/test1$ \n\/terraform\/test1$ terraform plan \n local_file.hello: Refreshing state\u2026 [id=c25325615b8492da77c2280a425a3aa82efda6d3]\n An execution plan has been generated and is shown below.\n Resource actions are indicated with the following symbols:\n create \n Terraform will perform the following actions:\n # local_file.hello will be created\n resource \"local_file\" \"hello\" { content              = \"hello world1\"\n directory_permission = \"0777\"\n file_permission      = \"0700\"\n filename             = \"\/tmp\/hello-terra.txt\"\n id                   = (known after apply)\n } \n Plan: 1 to add, 0 to change, 0 to destroy.\n \n Note: You didn't specify an \"-out\" parameter to save this plan, so Terraform\n can't guarantee that exactly these actions will be performed if\n \"terraform apply\" is subsequently run.\n\/terraform\/test1$ \n\/terraform\/test1$ terraform apply \n local_file.hello: Refreshing state\u2026 [id=c25325615b8492da77c2280a425a3aa82efda6d3]\n An execution plan has been generated and is shown below.\n Resource actions are indicated with the following symbols:\n create \n Terraform will perform the following actions:\n # local_file.hello will be created\n resource \"local_file\" \"hello\" { content              = \"hello world1\"\n directory_permission = \"0777\"\n file_permission      = \"0700\"\n filename             = \"\/tmp\/hello-terra.txt\"\n id                   = (known after apply)\n } \n Plan: 1 to add, 0 to change, 0 to destroy.\n Do you want to perform these actions?\n   Terraform will perform the actions described above.\n   Only 'yes' will be accepted to approve.\n Enter a value: yes\n local_file.hello: Creating\u2026\n local_file.hello: Creation complete after 0s [id=c25325615b8492da77c2280a425a3aa82efda6d3]\n Apply complete! Resources: 1 added, 0 changed, 0 destroyed.\n\/terraform\/test1$ \n\/terraform\/test1$ cat \/tmp\/hello-terra.txt \n hello world1<\/pre>\n\n\n\n
Update\/Destroy:<\/p>\n\n\n\n
\n $ update tf file\n $ terraform apply   -> apply the changes\nor\n $ terraform destroy -> shows the destroy plan and then you need to confirm<\/pre>\n\n\n\n
Providers:<\/p>\n\n\n\n
https:\/\/registry.terraform.io\/\n  oficial: aws, gcp, local, etc\n  verified (3rdparty): bigip, heroku, digitalocena\n  community: activedirectory, ucloud, netapp-gcps\n \n$ terraform init -> show the providers installed\n\n plugin name format:\n  * registry.terraform.io\/hashicorp\/local\n           ^                ^         ^\n       hostname      org namespace   type \n \nplugins installed in .terraform\/plugins\n\nhttps:\/\/registry.terraform.io\/providers\/hashicorp\/local\/latest\/docs\/resources\/file#sensitive_content\n main.tf: resource definition\n variables.tf: variable declarations\n outputs.tf: outouts from resources\n provider.tf: providers definition<\/pre>\n\n\n\n
Variables:<\/p>\n\n\n\n
filename\ncontent\nprefix\nseparator\nlength\n\n* type is optional\n type: string    \"tst\"\n       number    1\n       bool      true\/false\n       any       whatever\n       list      [\"cat\",\"dog\"]\n       map       pet1=cat\n       object    mix of the above\n       tuple     like a list of types\n       set       (it is like a list but can't have duplicate values!) \n\nExamples:\n\nvim varibles.ttf<\/strong>\n\/\/ List<\/strong>\nvariable \"prefix\" {\n  default = [\"Mr\", \"Mrs\", \"Sir\"]   **default is optional!!!\n  type = list(string)\n }\n\n\/\/ Map<\/strong>\n variable file-content {\n  type = map(string)\n  default = {\n   \"state1\" = \"test1\"\n   \"state2\" = \"test2\"\n  }\n }\n\n\/\/ Set<\/strong>\n variable \"prefix\" {\n  default = [\"10\",\"11\",\"12\"]\n  type = set(number)\n }\n\n\/\/ Object<\/strong>\n variable \"bella\" {\n type = object({\n   name = string\n   age = number\n   food = list(string)\n   alive = bool\n  })\n default = {\n   name = \"bella\"\n   age = 21\n   food = [\"pasta\", \"tuna\"]\n   alive = true\n  }\n }\n\n\/\/ Tuple<\/strong>\n variable kitty {\n  type = tuple([string, number, bool)]\n  default = [\"cat\", 7, true]\n }\n\nUsing variables<\/em><\/strong>\n\nvim main.tf<\/strong>\n resource \"random_pet\" \"my-pet\" {\n  prefix = var.prefix[0]\n }\n resource local_file my-file {\n  filename = \"\/tmp\/test1.txt\"\n  content = var.file-content[\"state1\"]\n }<\/pre>\n\n\n\n
Example using vars:<\/p>\n\n\n\n
\/terraform\/vars$ cat variables.tf<\/em><\/strong>\nvariable \"filename\" {\n  default = \"\/tmp\/test-var.txt\"\n  type = string\n  description = \"xx\"\n }\n variable \"content\" {\n  default = \"hello test var\"\n }\n\/terraform\/vars$ cat main.tf<\/em><\/strong>\nresource \"local_file\" \"test1\" {\n  filename = var.filename\n  content = var.content\n }\n\/terraform\/vars$ \n\/terraform\/vars$ terraform init <\/strong><\/em>\n Initializing the backend\u2026\n Initializing provider plugins\u2026\n Finding latest version of hashicorp\/local\u2026\n Installing hashicorp\/local v2.0.0\u2026\n Installed hashicorp\/local v2.0.0 (signed by HashiCorp) \n Terraform has created a lock file .terraform.lock.hcl to record the provider\n selections it made above. Include this file in your version control repository\n so that Terraform can guarantee to make the same selections by default when\n you run \"terraform init\" in the future.\n Terraform has been successfully initialized!\n You may now begin working with Terraform. Try running \"terraform plan\" to see\n any changes that are required for your infrastructure. All Terraform commands\n should now work.\n If you ever set or change modules or backend configuration for Terraform,\n rerun this command to reinitialize your working directory. If you forget, other\n commands will detect it and remind you to do so if necessary.\n\/terraform\/vars$ \n\/terraform\/vars$ terraform plan<\/em><\/strong>\n An execution plan has been generated and is shown below.\n Resource actions are indicated with the following symbols:\n create \n Terraform will perform the following actions:\n # local_file.test1 will be created\n resource \"local_file\" \"test1\" { content              = \"hello test var\"\n directory_permission = \"0777\"\n file_permission      = \"0777\"\n filename             = \"\/tmp\/test-var.txt\"\n id                   = (known after apply)\n } \n Plan: 1 to add, 0 to change, 0 to destroy.\n \n Note: You didn't specify an \"-out\" parameter to save this plan, so Terraform\n can't guarantee that exactly these actions will be performed if\n \"terraform apply\" is subsequently run.\n\/terraform\/vars$ \n\/terraform\/vars$ terraform apply <\/em><\/strong>\n An execution plan has been generated and is shown below.\n Resource actions are indicated with the following symbols:\n create \n Terraform will perform the following actions:\n # local_file.test1 will be created\n resource \"local_file\" \"test1\" { content              = \"hello test var\"\n directory_permission = \"0777\"\n file_permission      = \"0777\"\n filename             = \"\/tmp\/test-var.txt\"\n id                   = (known after apply)\n } \n Plan: 1 to add, 0 to change, 0 to destroy.\n Do you want to perform these actions?\n   Terraform will perform the actions described above.\n   Only 'yes' will be accepted to approve.\n Enter a value: yes\n local_file.test1: Creating\u2026\n local_file.test1: Creation complete after 0s [id=9f5d7ee95aa30648a2fb6f8e523e0547b7ecb78e]\n Apply complete! Resources: 1 added, 0 changed, 0 destroyed.\n\/terraform\/vars$ \n\/terraform\/vars$ \n\/terraform\/vars$ cat \/tmp\/test-var.txt <\/em><\/strong>\n hello test var<\/pre>\n\n\n\n
Pass var values:<\/p>\n\n\n\n
\n 1- if there is no values for var, when running \"terrafom apply\" it will ask for the values interactivily!\n 2- cli params\n    $ terraform apply -var \"filename=\/root\/test.tst\" -var \"content=My Test\"\n 3- env vars  TF_VAR_xxx=xxx\n    $ export TF_VAR_filename=\"\/root\/test.tst\"\n    $ terraform apply\n 4- var files:\n    autoloaded: terraform.tfvars, terraform.tfvars.json, *.auto.tfvars, *.auto.tvars.json\n    explicit NAME.tfvars\n    $ cat terraform.tfvars\n      filename=\"\/root\/test.tst\"\n    $ terraform apply\n    $ terraform -var-file NAME.tfvars\n\nVAR PRECEDENCE<\/strong>: less -> more\n 1 env vars\n 2 terraform.tfvars\n 3 *.auto.tfvars (alphabetic order)\n 4 -var -r -var-file (cli flags)     --> highest priority!!!! it overrides all above options\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
After learning about kubernetes from kodekloud. I want to take a look at Terraform. These are my notes that I am taking along the course. 1- Intro: A- config mgmt: ansible, puppet, saltstack Design to install and manage sw B- Server Templating: docker, packer, vagrant. Pre install sw and dependencies vm or docker images immutable … Continue reading “Terraform-Part1”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[],"class_list":["post-548","post","type-post","status-publish","format-standard","hentry","category-automation"],"_links":{"self":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/548","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/comments?post=548"}],"version-history":[{"count":1,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/548\/revisions"}],"predecessor-version":[{"id":549,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/posts\/548\/revisions\/549"}],"wp:attachment":[{"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/media?parent=548"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/categories?post=548"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.thomarite.uk\/index.php\/wp-json\/wp\/v2\/tags?post=548"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}