Introduction
I recently was working on a fantastic community project. Terraform happened to be a critical piece of technology in that project and we were really out of our depth when it came to Terraform skills. That inspired me to learn Terraform and explore various aspects of AWS infrastructure provisioning and particularly around networking. So thanks to all the folks for inspiring this series of blog posts.
What I discovered was interesting. Terraform is a very structured way of creating cloud resources and has no magic bullet. As a developer, I realised that it was definitely not a mythical beast. Whatever we are doing in AWS console can be pretty much be done via the terraform script there are a few exceptions but not many. That was the easy part. More than Terraform I found you will need to know how deep you want to enter the world of cloud provisioning. Let me tell you – the rabbit hole is deep, really deep, you can let your imagination run wild. But then do you need to know it all – no – well that is why you have documentation :). What you do need to know is enough to keep exploring.
This brings us to this blog series, it is my attempt to document how to learn Terraform and some very interesting aspects around AWS networking – VPCs, Subnets, Routes, Route tables, Security Groups, Peering etc and a lot more.
In this blog series, I would mostly be focusing on the open-source version of Terraform. For the purpose of this blog series, we are using version 0.13 on Ubuntu 20.04 but you can use any of the latest Terraform version available at the time of reading and it should pretty much be okay.
As we go along in these series you will see some code which I can be used to install infrastructure for technologies I have already blogged about like Prometheus, Grafana, Airflow or Redis.
This blog is deliberately kept simple and introduces some concepts using terraform code. It will create a Linux server using AWS EC2 service. The blog has following sections
Installing Terraform
Installing terraform is easy. It can be done by firing these commands.
tar -xvf terraform_0.13.0_linux_amd64.zip
mv terraform /usr/local/bin/.
In addition to installing terraform you would also need the following
- An AWS account
- Install AWS CLI and configure your credentials. You can use this link for install
- Configure credentials. You can use this link for config.
1. Keep in mind not to give out these credentials. They are the keys to your AWS account.
2. Executing the code in these blogs will cost you money. So please be careful.
Creating a simple EC2 instance
Creating an EC2 instance is very easy. Requires a few lines of terraform code. We will discuss what the code does in more detail and lay foundations to discuss some important aspects about security. But let’s dive straight in! See below instance.tf
region = "eu-west-2"
}
resource "aws_instance" "my_test" {
ami = "ami-0fc841be1f929d7d1"
instance_type = "t2.micro"
}
Yep, that’s how simple it is! Let’s look-see now how to execute it.
Open a terminal session and navigate to the directory which has your terraform code and execute the following command.
Terraform init initialises and downloads the plugin and does a few more things. More on that later. But for now, let’s move ahead. There will be a blog entry for this.
Open a terminal session and navigate to the directory which has your terraform code and execute the following command. Enter yes when prompted!
You should see something like this below in your terminal
If you login to your AWS account and goto EC2 instances you would be able to see your EC2 instance running.
Code Analysis
Before we go any further let’s discuss the code. As you can see in the code there are two blocks one which starts with provider and one which starts with resource
- Line 1 – Defines who is going to provide you with infrastructure APIs which terraform is going to use. So in our case, it is aws. There is a list of providers available on this link.
- Line 2 – Defines in which region of the provider you want terraform to provision the infrastructure. In our case, we chose EU/London which is identified by the code eu-west-2. The list of regions for aws is available on this link.
- Line 5 – Defines three things.
- resource – Tells terraform that we want to provision an aws resource.
- resource_type – Tells terraform that what type of resource we want to provision. In this case, it is aws_instance
- name – Gives a name to the resource. In our case it is my-test
- This is a recurring pattern of <resosurce> <resource type><name>
- Line 6 – Defines the AMI(Amazon Machine Image) which you want terraform to use. There are many pre-built AMIs available or you can build your own AMI. You can see the list of AMI using this link
- Line 7 – Define resources for your EC2 instance. In our case, we are going with t2.micro. A complete list of instances is available on this link.
That pretty much explains what this code does. Now let’s talk about what is not said in this code. The security is the big elephant in the room. So this is all okay from introduction perspective but it is open to the world and is hence hackable. Why? because it is created in your default security settings.
In the next blog, we will see how we can secure this instance by adding public-private keys and also using security groups. For now let’s move forward.
Destroying a simple EC2 instance
It is now time to destroy your instance. This can be done easily via the following command in terraform.Enter yes when prompted!
It should just go ahead and destroy our EC2 instance.
This brings us to the end of this first blog entry for terraform. Hope you find this useful. If you like this entry do share it!
2 thoughts on “Terraform – getting started”