cloud-computing-banner-background-smart-city (1).jpg

AUTOMATE PROVISIONING OF
AWS STORAGE INFRASTRUCTURE ON CLOUD USING TERRAFORM

Explore our Case Studies

pexels-vlada-karpovich-4050349.jpg

Virtual Desktop Infrastructure

Explore how StarOne IT provided Virtual Desktop Infrastructure using Amazon WorkSpaces to on of the prominent Digitization and Imaging Technology Company in Kerala

pexels-edmond-dantès-8068836.jpg

Business Continuity and Disaster Recovery

Explore how StarOne IT provided CloudEndure Disaster Recovery and Business Continuity using Amazon Web Services to one of the leading company in the spices extracts and nutraceutical ingredients market

Explore our Blogs

businessman-using-digital-tablet.jpg

Launch, run, and scale feature-rich and highly-performant file systems with Amazon FSx

cloud-computing-electronic-chip-board-cloud-computer-is-system-transfer-data-information-u

Provide on-premises applications with access to virtually unlimited cloud storage with Amazon Storage Gateway

What is Terraform?

Infrastructure as Code (IaC) is the process of managing and provisioning infrastructure through code instead of manual intervention. Today, IaC is becoming more popular due to the rapid adoption of cloud technologies and the increased focus of companies on DevOps tools and techniques. There are a wide variety of IaC tools available in the market, and a few of them have been listed below.

  • Terraform

  • Pulumi

  • AWS Cloud Formation

  • Azure Resource Manager

  • Google Cloud Deployment manager

  • Ansible

  • Puppet

Among these, Terraform is the most popular tool widely used in many organizations. Terraform is developed by Hashicorp and is written in the Go Programming language. Terraform is cloud agnostic, which means it can work with multiple cloud providers and this is one of the reasons for the wide adoption of this tool. In this blog, we'll concentrate on the key Terraform components and how we can use them to set up an AWS infrastructure.

Providers

Providers are used for API interactions and exposing resources. A sample AWS provider configuration is shown below.

provider "aws" {
region = "us-east-1"
}

All the available providers can be viewed at https://registry.terraform.io/browse/providers

We can hardcode the access and secret keys along with the provider configuration, but it is not a security best practice. Instead, it should be safely stored in a key vault and should be accessed during runtime.
We can do a terraform init to download the plugins associated with the provider and make use of it. We can also explicitly add a version constraint in the provider block, to download that particular version of the provider.

Resources 
A resource block defines the actual resource that is going to be created using terraform like EC2 instance, S3 bucket, etc. A sample resource block for ec2 instance creation is shown below.

resource "aws_s3_bucket" "bucket1" {
  bucket = "my-test-bucket"

  tags = {
    Name        = "Dev - bucket"
    Environment = "Dev"
  }
}

Modules

Terraform modules are used to group resources and reuse them at a later point in time. Every terraform configuration has a root module. A module can call other modules which allow us to include child module resources in the configuration. 

module "servers" {
source = “./app-cluster”
servers = 5
}

Creating Infrastructure using Terraform

Once the terraform configurations are ready, the "terraform fmt" command can be used to rewrite Terraform configuration files to a canonical format and style. "Terraform validate" to check whether the configurations are syntactically correct, or not.
The "Terraform plan" command is used to evaluate the terraform configuration to determine the desired state of all the resources it declares, and then compares that desired state to the real infrastructure objects being managed with the current working directory and workspace. The "terraform apply" command is used to create the resources and update the state file. The "terraform destroy" command is used to destroy the resources created using Terraform. A sample terraform apply is shown below.

$ terraform apply## ... Output truncated ...An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + createTerraform will perform the following actions:# aws_instance.example will be created
  + resource "aws_instance" "example" {
      + ami                          = " ami-1234abcd"
      + arn                          = (known after apply)
      + associate_public_ip_address  = (known after apply)
      + availability_zone            = (known after apply)
      + cpu_core_count               = (known after apply)
      + cpu_threads_per_core         = (known after apply)
      + get_password_data            = false
      + host_id                      = (known after apply)
      + id                           = (known after apply)
      + instance_state               = (known after apply)
      + instance_type                = "t2.micro"
      + ipv6_address_count           = (known after apply)
      + ipv6_addresses               = (known after apply)## ... Output truncated ...Plan: 1 to add, 0 to change, 0 to destroy.

Terraform State

When the terraform apply command is executed, it will create a file known as "terraform.tfstate", which in turn contains the details of the resources which terraform had created. For a production environment, it is recommended to store the state in a safe location preferably in a remote backend like AWS DynamoDB. We can inspect the state using terraform state list command and can alter or delete the state file using terraform state mv and rm commands.

References

Terraform AWS documentation - https://learn.hashicorp.com/collections/terraform/aws-get-started

Terraform language guide - https://www.terraform.io/language/syntax/configuration

Terraform modules - https://learn.hashicorp.com/collections/terraform/modules

Author

Johnson C, StarOne IT