IAAC — Introduction to Terraform

aditya goel
11 min readAug 7, 2022

In this blog, we shall be looking majorly on following two concepts :-

  • Traditional IT Workflows.
  • Interaction with Cloud.
  • Introduction to Terraform.
  • Terraform Workflow.
  • Introduction to “Local Provider” terraform plugin.
  • Creating single resource (local_file resource type) using Terraform.
  • Setting custom file_permissions for Files generated through Terraform.
  • Creating multiple resources (local_file resource type) using Terraform.
  • Introduction to “Random Provider” terraform plugin.
  • Using Random_Integer resource type using Terraform.
  • Using Random_String resource type using Terraform.

Question:- How does traditional IT workflow looks like ?

Answer:- Here is how the application development lifecycle works in a traditional IT setup :-

  • First thing is business always create a requirement of very, very high level requirement, detailing about the features that needs to be added to the application.
  • The role of being a business analyst come into picture who converts your requirement into some kind of very high level technical detail.
  • Next thing is either Technical Architect or any Senior technical person will create infrastructure design detailing the resources required for provisioning inside the cloud or in company’s own data-centre.
  • If project demands more hardware, definitely we shall need to contact our procurement team and buying new hardware in a data-center may take weeks to months.
  • Once infrastructure is procured by Infrastructure team, the same shall be handed over to the development team, so that they can start on deployment plan for the application.

Question:- What are the problems with company’s own data-center ?

Answer:- Following can be probable issues in owning an own data-centre :-

  • This flow has a very, very slow deployment cycle.
  • It’s expensive also, and it has a scaling issue also because it’s not like a public cloud that it’s highly elastic in nature. If you need more of it, you might need to wait four weeks or even two months or so.
  • And because there are lots of teams being involved throughout this complete lifecycle, so definitely human error will be involved.

Question:- What’s the solution to overcome the aforementioned problem ?

Answer:-

  • Going to a cloud based infrastructure can probably solve these problems. In cloud, this resource provisioning is very much fast.
  • From months to meet in a matter of weeks or within a matter of days, if the budget has been allocated, you can immediately create those resources.

Question:- How do we interact with the cloud ?

Answer:- There are two options for the same :-

  • Either you can use website like a cloud console or a portal through which you can interact with, but it is good enough if you are managing a limited resource. For example, let’s say you are just managing five different little machines. That’s good enough.
  • But let’s say you need to manage thousands of different resources. In that case, this click based approach will not be a good solution. So, there is another way to interact with our public cloud i.e. programmatically through Application Programming Interface (API).

Question:- What are available tools for Infrastructure Provisioning ?

Answer:- There are many tools available for infrastructure provisioning inside the cloud :-

  • Docker
  • Puppet
  • Ansible
  • TerraForm.
  • Packer.

Question:- What can be the easy way to do Infrastructure Provisioning ?

Answer:- By using shell-script, we can provision infrastructure too, for example, creating a virtual machine. So, that is nothing but you are creating infrastructure as a code, but writing and maintaining such a code inside the shell script or Python script will be a very much tedious task.

And that’s why we need some more robust language to work with this.

Question:- What do we mean by Infrastructure Provisioning ?

Answer:- For example, say we wanted to perform below mentioned steps into the Google Cloud Environment :-

Note: Above steps can be very well scripted through Shell-script or Python.

Question:- What’s Terraform ?

Answer:-

  • TerraForm is one of the most popular tools currently available in the market for infrastructure provisioning.
  • It’s a completely free, of course, and it’s open source.
  • It is being developed by Hashicorp Organisation.
  • We use a language called as HashiCorp Configuration Language, for this purpose.

Question:- Does Terraform provides support for multiple clouds as well ?

Answer:-

  • Terraform does provides support for different cloud- vendors like AWS or Azure or GCP.
  • We don’t need to write code differently for each cloud provider.

Question:- What can be the possible things, that we can perform through Terraform ?

Answer:- Following can be the possible things, that we can perform through Terraform :-

  • Network provisioning.
  • DNS provisioning.
  • Firewall creation.
  • Databases maintenance.
  • Database creation.

Here is a sample script for Terraform :-

Question:- What are other differences between Infra Provisioning through Python Vs Infra Provisioning through HCL ?

Answer:-

1.) Let’s say you write a script in a python or something in a shell script to create some virtual machine inside the Google Cloud platform. You executed the script three times. So, definitely resources shall be created for 3 times and it is going to cost you three times.

2.) In contrast, with HCL script for TerraForm, It will only going to create one resource even if you run this script three times, so it will not cost you three times and It is just going to create one resource and it will cost you for one single resource only.

Question:- Does Cloud Providers provide any native tools, as well for Infra Provisioning and where does Terraform fits in ?

Answer:- A lot of native tools are available inside the public cloud for creating infrastructure. For example :-

  • Note that, whatever you learn for Google Cloud’s Deployment Manager will not be applicable to the AWS’s Cloud formation. So, there is no unifying common approach.
  • TerraForm TerraForm is a cloud agnostic. It’s independent of cloud, but it has a multiple providers’s support available.
  • You can create a resource with uniform programming language, unifying approach for infrastructure creation.

So, that is the basic idea behind the terraform. TerraForm is not a native solution. It’s a cloud agnostic solution.

Question:- Can you explain the Terraform Workflow ?

Answer:- Here is how the sample workflow with Terraform looks like :-

  • Scoping → To identify the infrastructure for your project i.e. what are the different resources you are going to create inside the infrastructure?
  • Authoring → Next one is you need to write the configuration file for your infrastructure. Now, depending on what infrastructure you are going to create, you need to create a configuration file and this configuration files are written in HCL i.e. HashiCorp Configuration Language.
  • Initialise → Here we are going to download all the plugins required to manage your infrastructure.
  • Plan and apply → Plan will tell us our execution plan that, what are the changes you are going to make in your remote infrastructure And last, you are actually going to apply all those changes.

Question:- Can you share some examples for scoping ?

Answer:-

  • Creating a virtual machine inside the Google Cloud platform.
  • Create a big table inside the Google Cloud platform.
  • Create a very simple local file by writing some content inside it. (Most Simple).

Question:- Can you show the code for creating a simple local file using TF ?

Answer:- We are going to create this sample file and writing some content inside it.

  • resource → This resource is nothing but a block. We are going to create the file-name as mentioned in resource block
  • resource type → Here, we are going to create a resource of local_file type.
  • resource name → So, for each individual infrastructure creation or any resource creation, we shall define the properties for the same. Here resourceName is : sample_res. We have to provide some arguments like name, permissions and content, etc. to this resource.

Question :- What types of resources can we create through a local provider ?

Answer:- We can only create resource of type local_file through the use of local provider.

Question:- Can you explain init, plan and apply steps of the Terraform Workflow ?

Answer:- Following are the details for each of the steps :-

1.) init → This is the very first command.

  • We need to execute after writing our configuration file.
  • During this step, it shall download the required plugins, for e.g. local provider plugin shall be downloaded.

Note :- Above step also creates an additional file named “.terraform.lock.hcl”, which contains details about all the plugins that has been downloaded so far.

2.) plan → This step creates execution plan.

  • It doesn’t mean any infrastructure, but it will tell us that what are the necessary change you are going to apply?
  • For example : What different resource you are going to create ? What are the properties of resources you are going to update or do some kind of necessary changes OR what resource or how many resource you are going to destroy, right?
  • If we are satisfied with this plan, we can go ahead with the apply step.

3.) apply → This step will execute all the changes provisioned resources in a specified configuration file.

On the left hand side, you can see there is a two more file gets created :-

  • One file which we actually want to create i.e. sample.txt.
  • Another file is terraform.tfstate

Question:- What are various arguments with the local_file resource ?

Question:- Demonstrate the use of file_permission argument for the file ?

Step #1.) Note here that, we have specified to create a new file with name as “newFile.txt” and permission as 0700. We go ahead and init with terraform.

Step #2.) Next, we want to see the plan with terraform. Note below that, one create option is there, which is suggesting that one local file with below shown properties shall be formed.

Step #3.) Next, we wanted to apply with terraform i.e. we wanted to execute the action and as a result of which we see that, our desired resource has been created.

Step #4.) Finally, we can observe that, the permissions of file being created is 700 i.e. :-

  • User have got all full permissions of RWX.
  • Group have got all NIL permissions.
  • Others have got all NIL permissions.

Question:- Demonstrate generation of multiple resources through use of Terraform ?

Step #1.) terraform init → Note here that, we have specified to create two new files with following names :-

  • cat.txt
  • dog.txt

Note :- Above step also creates an additional file named “.terraform.lock.hcl”, which contains details about all the plugins that has been downloaded so far.

Step #2.) plan → This step creates execution plan and would tell us that what are the different resources we are going to create ?

Step #3.) apply → This step will execute all the changes provisioned resources in a specified configuration file.

On the left hand side, you can see that, our requested files have been created.

Question:- Demonstrate use of random-provider through use of Terraform ?

Answer:- Terraform provides the “random-provider” plugin.

It provides the variety of resources, which can be generated using TF :-

Question:- Demonstrate use of random_integer resource through use of Terraform ?

Step #1.) init → Note the imp points :-

  • Range has been pre-defined i.e. minimum and maximum from which random integer could be generated.
  • Output shall be stored as value and would be displayed in output.

Step #2.) plan →

Step #3.) apply → Observe the output of 7840, has been generated below :-

Also, we can investigate the tfstate file :-

Question:- Demonstrate use of random_string resource through use of Terraform ?

Step #1.) init → Note the imp points :-

  • length has been defined upfront and it can very well contain upper characters.
  • Output shall be stored as value and would be displayed in output.

Step #2.) plan →

Step #3.) apply → Observe the output of 7840, has been generated below :-

That’s all in this section. If you liked reading this blog, kindly do press on clap button multiple times, to indicate your appreciation. We would see you in next part of this series with HashiCorp Terraform.

References :-

--

--

aditya goel

Software Engineer for Big Data distributed systems