Infrastructure as Code with Terraform

06 november 2020 om 10:00 by ParTech Media - Post a comment

In our previous blog titled ‘Deployment of Azure Resources using IaC technique’, we had seen the importance of infrastructure as code and also had a peek into how to deploy Azure resources using Azure Resource Manager templates.

Now consider a scenario - Partech is using multiple cloud providers like Google Cloud, AWS, and Azure. If Partech starts maintaining multiple tools or formats in each cloud then it becomes cumbersome to maintain and understand the infrastructure as code as it varies between tools. So, this becomes an important pain point for DevOps engineers. Adjusting to as many IaC languages as the number of cloud providers becomes tedious. If there is a single language that can support deployments across multiple cloud vendors, then it becomes a lot easier for the DevOps engineers to maintain and upgrade as required.

In this post, we are going to look into Terraform, a tool that can also be used for Infrastructure as a Code (IaC) technique for resource deployment. We will understand in detail what is Terraform and how it is advantageous.

Table of Contents

  1. What is Terraform?
  2. Features of Terraform
  3. Conclusion

Introduction to Terraform

Terraform is an open-source IaC tool created by Hashicorp. It uses the declarative configuration language known as Hashicorp configuration language and it optionally accepts JSON.

Terraform can connect with external resources such as infrastructure as a service, software as a service, and platform as a service with its providers. Terraform has provided a list of official providers. Some community-developed providers can also be used.

Terraform supports cloud providers such as Amazon Web services, Microsoft Azure, IBM Cloud, Google cloud platform, VMware vSphere, and OpenStack.

Features of Terraform

Here are the features of Terraform which makes it a stand-out tool among other similar tools -

Supports multiple providers

As mentioned earlier, the main advantage and selling point of Terraform is the supportability of deployment for multiple cloud providers. This feature would come in handy in scenarios where we deploy a cloud server to a particular vendor and adding a DNS entry in another cloud vendor.

Has support for deploying additional cloud resources

When compared with other IaC tools that are available in the Market, Terraform offers the ability to create/deploy most of the available cloud resources. The following are a few of the resources it supports -

  • Azure Resource Group
  • Storage containers,
  • Queues
  • Tables
  • File shares

Status communication

Terraform clouds can send notifications about the deployment to other systems such as slack for intimating purposes. Terraform can communicate with other systems that accept webhooks.

Version Control Integration

Similar to any other code, Terraform is designed to work with version control systems. Terraform configuration can be added to the repository with a subdirectory of the environment. Once any modifications are made in the Terraform configuration file, the linked workspace automatically runs Terraform plans with the new code.

Sentinel policy

Terraform provides options to control access to the provisioning infrastructure at a granular level. For example, through Terraform, users can define the computing power of VMs, define updates related to maintenance, etc.

Cost Estimation

Terraform can provide the cost estimation as well as the change in cost incurred due to the modified deployment content for the major cloud providers.

Syntax

Terraform has a custom language called Hashicorp Configuration Language (HCL). HCL is human readable as well as machine friendly, it stays exactly in the median between human-readable and machine friendly.

Below is an example of creating a storage account using the Terraform template

resource "azurerm_storage_account" "storage" {

 name = "PARTECHStorage"

 resource_group_name = "${azurerm_resource_group.storageRG.name}"

 location = "${azurerm_resource_group.storageRG.location}"

 account_kind = "Storage"

 account_tier = "${var.storageAccountType}"

 account_replication_type = "${var.storageAccountReplication}"

}

One of the major advantages of using the syntax of Terraform is that it doesn’t worry much about the quotations, reducing the complexity of nesting.

State

One standout feature of Terraform is the maintainability of the state of deployment. Once a deployment happens through Terraform, it creates a state file - terraform.tfstate. This file holds the state of the infrastructure that is deployed. Below are the few benefits of having the state file -

  • As Terraform retains the information of the deployed infrastructure, it makes use of it to delete the resources that are particularly created by Terraform. By running "Terraform Destroy", it will remove the resources that are particularly created by it.
  • State file that is being used in one environment, can be used in another environment for deploying. Which makes it easier for replicating the resources in different environments.
  • State also stores the dependencies between resources. For example, creating a SQL database before creating a virtual machine.
  • State files come in handy in on-premises deployments as we don't have a particular template to store the list of resources that are deployed in an environment.

Blueprint of Runs

This is an indirect advantage of having State features in Terraform. Terraform allows the users to know the changes that the deployment is going to produce to the environment. On running the command "Terraform Plan", the result of the command represents the loss of changes that this template is going to make.

It is not just a summary of the changes, whereas Terraform can make use of this plan and deploy the same in the environment. All the users need to do is, run "Terraform Apply" which will do the deployment in the corresponding environment.

Easy to understand

Users can add the comments in the HCL file which would help everyone to understand what's being done.

Code reusability

Terraform has an in-built option called modules, which helps in achieving code reusability. A module is a Terraform template or set of Terraform templates that are bundled together.

Modules can be called from the main Terraform template using the below syntax

module "frontend" { source = "/modules/my-app" }

Before the users run the main Terraform template which contains the modules. It is necessary to run "Terraform Get" which will fetch the modules from the repository and make it ready for use.

Conclusion

Terraform has some cool features that could ease off your deployment process. Terraform makes it easier for multi-cloud deployment and on-premises deployments with its benefits such as state, dry runs, and modules.