Introduction to Terraform – The CI/CD Journey
Jul 25, 2022by, Jerin Jayaraj
Terraform is an open source tool developed by HashiCorp which uses Infrastructure as Code (IaC) as the underlying principle. Infrastructure as Code (IaC) is a terminology among DevOps engineers which is actually the process of managing and provisioning the complete IT infrastructure using code.
Terraform enables us to automate and manage infrastructure and platforms and services. It uses declarative language for this purpose. Let’s understand the declarative approach using an example. Suppose we need to travel from point A to point B, we take directions such as turning left or right, go straight etc. to reach the destination. This is an imperative approach to automation. Suppose if we take a taxi and tell the driver we need to travel to point B, the taxi driver will take care of the rest. This is called the declarative approach and this is the approach terraform uses for provisioning resources.
Terraform – How does it work?
In cloud environments, two things mainly happen. One is provisioning the infrastructure which is done by DevOps engineers and the next is deployment done by the Software Development team. The role of Terraform comes in Infrastructure provisioning. In Infrastructure provisioning 3 tasks are done,
- Creating the Infrastructure – Here we select the service providers eg. AWS, Azure, GCP etc. and then spin up the servers.
- Managing the Infrastructure – Suppose we already have a VPC Infrastructure, we can add new servers and changes to existing infrastructure can be done.
- Replicating the Infrastructure – In Software Development, three environments are created. One is the production environment, where the end users use the application. To get to this output, there will be testing and staging environments.
Testing environment is used for software developers and the staging environment is the replica of the production environment used by internal users for testing purposes. So Terraform can be used for replicating these environments to avoid any incompatibilities in setting up these three different environments.
Now we will discuss the process using an example.
Suppose we need to spin up three different resources ( a VM, a Kubernetes Cluster and they are networked using a VPC ) as part of our infrastructure. So in the current state, nothing is there and the desired state is the set of Infrastructure. In Terraform these happen in 3 major phases.
In the Code phase, we have to write code in the terraform file. So in this file we write about VM and the arguments for that. Similarly for Kubernetes Cluster and VPC, the same procedure is done. So this is the coding phase.
Next is the Plan Phase. Here we run a terraform command ‘terraform plan’. It actually compares the desired state to what exists. Currently we have got nothing. On running this command VM, Kubernetes Cluster and VPC is created.
Third and final phase is the Apply Phase, where it takes each of these resources and spins them up and produces output variables, url etc.
Terraform is pluggable by design. It is made up of modules and resources such that we put an input variable and output comes out and there are cloud providers to enable us to connect to any cloud and automate infrastructure there. In the above three phases we actually set up a Terraform module. Terraform module is a way of grouping together some terraform automation which takes a set of inputs and produces output. We also define “cloud providers” such as AWS, Azure, GCP etc. It also supports IaaS, PaaS and SaaS providers.
Another advantage is that it enables us to have the best practices for DevOps. Suppose we have the above mentioned infrastructure (VM, Kubernetes Cluster and VPC). We want to add a load balancer. So in our code, we add it. In Plan Phase, it checks the current state and understands we already have VM, Kubernetes Cluster and VPC and realises that only load balancer is missing. And then in the Apply Phase it is applied. This is called DevOps first approach and this will allow us to eliminate “configuration drift”. As long as all the changes go through the terraform file and terraform pipeline, we can eliminate the risk of configuration drift. Another advantage is the code we write in the terraform file is reusable. We can manage different versions of this file using version control systems like Git.
init – It is used for initializing the code. It also downloads providers from the registry.
validate – It will catch errors like syntax error, version errors etc. and this command is run before plan and apply command.
plan – It is used to look at how the infrastructure is.
apply – This command is used to actually create the infrastructure.
destroy – To destroy the infrastructure.
Terraform is a tool for infrastructure provisioning and monitoring. It allows us to manage infrastructure, platform and the services that are running on the platform. Terraform supports Cloud providers and Software-as-a-service providers. The providers are specified in the Terraform configuration code, telling Terraform which services it needs to interact with. The declarative language makes it easy to describe exactly the infrastructure you want to create. These features have led Terraform to become one of the leading IaC tools.
Disclaimer: The opinions expressed in this article are those of the author(s) and do not necessarily reflect the positions of Dexlock.