Terraform

Question 1

What’s Terraform?

Answer 1

Terraform is a tool for building, changing and versioning infrastructure safely and efficiently, locally or in the cloud.

Terraform files have .tf extension

Question 2

What are the key features of Terraform?

Answer 2

1. Infrastructure as Code
   Your infrastructure is described using high-level configuration syntax. This allows your infrastructure to be versioned and treated as you would any other code. It can also be shared and re-used
2. Execution Plans
   Terraform generates an execution plan with its “planning” step. This shows what Terraform will do when you apply the configuration.
3. Resource Graph
   Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure. It accomplishes this by building a graph of all your resources.
4. Change Automation
   Complex changes can be applied to your infrastructure with minimal interaction. With the combination of the execution plan and resource graph, you will know exactly what Terraform will change and in what order. This will help avoid many possible human errors.

Question 3

What’s Terraform written in?

Answer 3

Terraform is written in a HashiCorp configuration language.

Terraform language’s main purpose is to declare resources. This represents infrastructure objects. All the different features are present to accommodate more flexible and convenient resource definition.

• > Blocks are containers for objects like resources
• > arguments assign a value to a name
• > expressions represent a value

Question 4

Explain the concept of Providers in Terraform

Answer 4

Terraform relies on plugins called “providers” to interact with cloud providers, SaaS providers, and other APIs.

Terraform configurations must declare which providers they require so that Terraform can install and use them.

Every resource type is implemented by a provider; without providers, Terraform can’t manage any kind of infrastructure.

Question 5

What is the boilerplate of connecting to AWS Provider?

Answer 5

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 3.0"
    }
  }
}

# Configure the AWS Provider
provider "aws" {
  region = "us-east-1"
}

Question 6

How do you create resources within a provider?

Answer 6

resource “_” “name” {
config options…
= # Argument
}

Example of creating an EC2 Instance

Question 7

What are the common Terraform CLI commands?

Answer 7

$ terraform init (initializes the directory)
$ terraform -chdir=
$ terraform plan (create an execution plan - it will show what my configuration intends to do)
$ terraform apply (apply changes in the configuration)
$ terraform destroy (destroy the managed infrastructure)

Question 8

What are Plan, Deploy, and Cleanup Commands for terraform?

Answer 8

$ terraform plan -out (outputs a deployment plan to a file)
$ terraform plan -destroy (output a destroy plan)
$ terraform apply (apply a specific plan)
$ terraform apply -target= (only apply changes to a targeted resource)
$ terraform apply -var my_variable= (pass a variable via the command line)
$ terraform apply -var-file=”testing.tfvars” (pass a tf vars file as an argument)
$ terraform providers (get a provider info used in configuration)

Question 9

What are Terraform resources?

Answer 9

Resources are the most imporant part of the Terraform language. Resource blocks describe infrastructure objects like virtual networks, compute instances, or components like DNS records.

Resource Types:

• > Providers, which are plugins for Terraform that offer a collection of resources types. (Need to be configurated in the root folder)
• > Arguments, which are specific to the selected resource type.
• > Documentation, which every provider uses to describe its resource types and arguments.

Question 10

What are meta arguments?

Answer 10

Meta-Arguments can be used with any resource type to change the behaviour of the resource.

depends_on (specify hidden dependencies)
count (create multiple resource instances according to a count)
for_each (create multiple instaces according to a map or a set of strings instead of a number)
provider (select a non-default provider configuration)
lifecycle (set lifecycle customizations)
provisioner and connection (take extra actions after resource creation)

Question 11

What are operation timeouts?

Answer 11

There are some resource types that provide special timeouts, nested block arguments that allow for customization of how long certain operations are allowed to take before they are deemed failed.

resource "aws_db_instance" "example" {
  # ...
  timeouts { 
    create = "60m"
    delete = "2h"
  }
}

Question 12

How Terraform configuration is applied?

Answer 12

• Create (create resources that exist in the configuration but are not associated with a real infrastructure object in the state.)
• Destroy (destroy resources that exist in the state but no longer exist in the configuration)
• Update in-place (update in-place resources whose arguments have changed)
• Destroy and re-create (Destroy and re-create resources whose arguments have changed, but which cannot be updated in-place due to remote API limitation)

Question 13

What are Input Variables and how do you use them?

Answer 13

Input variables serve as parameters for a Terraform module. They allow aspects of the module to be customized without altering the actual module.

Declaring an Input Variable:

variables “image_id” {
type = string
}
Optional Arguments: default, type, description, validation, sensitive

How can you assign values to variables:

• In a Terraform Cloud workspace
• Individually, with the -var command like option
• In variable definitions files like .tfvars or .tfvars.json
• As environment variables

A value can b accessed from an expression using var. keyword.

Question 14

What are Output Variables?

Answer 14

Output Variables are like Return Values.

• A child module can use them to expose a subset of resource attributes to the parent module.
• A root module can use them to print values in the CLI.
• Root module outputs can be accessed by other configurations via the terraform_remote_state data source.

Example:

output “instance_ip_addr” { // valid identifier
value = aws_instance.server.private_ip // takes an expression whose result will be returned to the user
}

Question 15

What are local values?

Answer 15

Local values are like temporary function’s local variables.

Allow to:

• Assign a name to an expression
• Use the variable multiple times within a module without repeating it.

You can reference them in expressions as local.

Local values can only be accessed in expressions within the module where they were declared.

Question 16

What are Modules?

Answer 16

Modules are containers for Multiple Resources.
A module can consist of a collection of .tf as well as .tf.json files kept together in a directory. Modules are the main way to package and reuse configuration within Terraform.

1) Root module - You need at least one root module
2) Child modules - Modules that are called by the root module
3) Published modules - Modules loaded from a private or public registry.

source is a required attribute

Question 17

What are Module sources?

Answer 17

Module sources tell Terraform where to look for source code. Below are listed all possible module sources:

1) Local path - must begin with either ./ or ../ to indicate that it is indeed a local path.

module "consul" {
  source = "./consul"
}
2) Terraform Registry
3) GitHub
4) Bitbucket
5) Generic Git, Mercurial repositories
6) HTTP URLs
7) S3 buckets
8) GCS buckets

Question 18

What is the difference between expressions and functions?

Answer 18

Expressions are used to reference/compute values within a configuration.
Expressions are literal values like ACG or 1, but the Terraform language also allows more complex expressions, such as references to data exported by resources and a number of built-in functions.

Type values:
string
number
bool
list/tuple
map/object
null

Functions are used to transform and combine values within expressions. (Terraform language includes a number of built-in functions)

Question 19

What are 7 types of Named Values Available in Terraform

Answer 19

• Resources
• Input Variables (var.name; if variable has type constaint, terraform will automatically convert given value to conform to type constraint)
• Local Values (local.name; can refer to other local values, as long as we don’t introduce circular dependencies)
• Child Module Outputs (module.module_name)
• Data Sources (data.data_type.name)
• Filesystem and Workspace info (path.module, path.root, path.cwd, path.workspace)
• Block-local Values (count.index, each.key, each.value, self)

Question 20

How do you use conditional expressions?

Answer 20

Syntax:
condition ? true_val : false_val

It’s recommended to use type conversion expressions, if it’s uncertain about the type. Like tostring(). (Utilize the terraform built in functions)

Question 21

Backend Configuration of Terraform

Answer 21

Each Terraform configuration can specify a backend.
- HashiCorp recommends Terraform beginners to use the default local backend.

• Terraform Includes a built-in selection of backends, and these are the only backends.
• Backend configuration is only used by Terraform CLI. Terraform Cloud and Enterprise always use their own state storage.
• Two areas of behavior are determined by the backend: Where state is stored, Where operations are performed.

Example:
terraform {
  backend "remote { 
    organization = "corp_example"
    workspaces {
      name = "ex-app-prod"
    }
  }
}

Limitations:

• A configuration can only provide one backend block.
• A backend block cannot refer to named values.

Backend

Question 22

What are Terraform Data Sources?

Answer 22

Data sources allow Terraform use information defined outside of Terraform, defined by another separate Terraform configuration, or modified by functions.

A data source is accessed via a special kind of resource known as a data resource, declared using a data block:

data “aws_ami” “example” {
most_recent = true

  owners = ["self"]
  tags = {
    Name   = "app-server"
    Tested = "true"
  }
}

Question 23

How do you confiugure Amazon’s S3 Backend

Answer 23

• Also supports state locking
• And Consistency Checking

terraform {
  backend "s3" {
    bucket = "mybucket"
    key = "path/to/my/key"
    region ="us-east-1"
  }
}

S3 Bucket Permissions needed:

• s3:ListBucket
• s3:GetObject
• s3:PutObject

Question 24

What is State in Terraform?

Answer 24

• Terraform stores state about my managed infrastructure and configuration. (Can be considered as sort of database to map Terraform configuration to the real world)
• Terraform uses its own state structure to map configurations to resources.

This state is stored by default in a local file named “terraform.tfstate”, but it can also be stored remotely, which works better in a team environment.

Question 25

What are terraform State CLI Commands and what do they do?

Answer 25

$ terraform state list // lists state
$ terraform state show ‘module.name.foo.worker’ // state show
$ terraform state mv packet.foo packet.bar // move state
$ terraform state rm ‘packet.bar’’ // remove state
$ terraform state pull // download state from remote location

Question 26

What are workspaces?

Answer 26

Workspaces are separate instance of state data that can be used from the same working directory. You can use workspaces to manage multiple non-overlapping groups of resources with the same configuration.

• Every initialized working dir has at least one workspace
• For a given working directory, only one workspace can be selected at a time.
• $ terraform workspace select, to change currently selected workspace.
• $ terraform workspace list, $ terraform workspace new, $ terraform workspace delete, to manage the available workspaces in the current working directory.

Question 27

What are terraforms helper commands that can help us format and validate terraform code

Answer 27

$ terraform fmt -recursive

$ terraform validate