What’s Terraform?
Terraform is a tool for building, changing and versioning infrastructure safely and efficiently, locally or in the cloud.
Terraform files have .tf extension
What are the key features of Terraform?
- Infrastructure as Code
Your infrastructure is described using high-level configuration syntax. This allows your infrastructure to be versioned and treated as you would any other code. It can also be shared and re-used - Execution Plans
Terraform generates an execution plan with its “planning” step. This shows what Terraform will do when you apply the configuration. - Resource Graph
Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure. It accomplishes this by building a graph of all your resources. - Change Automation
Complex changes can be applied to your infrastructure with minimal interaction. With the combination of the execution plan and resource graph, you will know exactly what Terraform will change and in what order. This will help avoid many possible human errors.
What’s Terraform written in?
Terraform is written in a HashiCorp configuration language.
Terraform language’s main purpose is to declare resources. This represents infrastructure objects. All the different features are present to accommodate more flexible and convenient resource definition.
- > Blocks are containers for objects like resources
- > arguments assign a value to a name
- > expressions represent a value
Explain the concept of Providers in Terraform
Terraform relies on plugins called “providers” to interact with cloud providers, SaaS providers, and other APIs.
Terraform configurations must declare which providers they require so that Terraform can install and use them.
Every resource type is implemented by a provider; without providers, Terraform can’t manage any kind of infrastructure.
What is the boilerplate of connecting to AWS Provider?
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
# Configure the AWS Provider
provider "aws" {
region = "us-east-1"
}How do you create resources within a provider?
resource “_” “name” {
config options…
= # Argument
}
Example of creating an EC2 Instance
What are the common Terraform CLI commands?
$ terraform init (initializes the directory)
$ terraform -chdir=
$ terraform plan (create an execution plan - it will show what my configuration intends to do)
$ terraform apply (apply changes in the configuration)
$ terraform destroy (destroy the managed infrastructure)
What are Plan, Deploy, and Cleanup Commands for terraform?
$ terraform plan -out (outputs a deployment plan to a file)
$ terraform plan -destroy (output a destroy plan)
$ terraform apply (apply a specific plan)
$ terraform apply -target= (only apply changes to a targeted resource)
$ terraform apply -var my_variable= (pass a variable via the command line)
$ terraform apply -var-file=”testing.tfvars” (pass a tf vars file as an argument)
$ terraform providers (get a provider info used in configuration)
What are Terraform resources?
Resources are the most imporant part of the Terraform language. Resource blocks describe infrastructure objects like virtual networks, compute instances, or components like DNS records.
Resource Types:
- > Providers, which are plugins for Terraform that offer a collection of resources types. (Need to be configurated in the root folder)
- > Arguments, which are specific to the selected resource type.
- > Documentation, which every provider uses to describe its resource types and arguments.
What are meta arguments?
Meta-Arguments can be used with any resource type to change the behaviour of the resource.
depends_on (specify hidden dependencies)
count (create multiple resource instances according to a count)
for_each (create multiple instaces according to a map or a set of strings instead of a number)
provider (select a non-default provider configuration)
lifecycle (set lifecycle customizations)
provisioner and connection (take extra actions after resource creation)
What are operation timeouts?
There are some resource types that provide special timeouts, nested block arguments that allow for customization of how long certain operations are allowed to take before they are deemed failed.
resource "aws_db_instance" "example" {
# ...
timeouts {
create = "60m"
delete = "2h"
}
}How Terraform configuration is applied?
- Create (create resources that exist in the configuration but are not associated with a real infrastructure object in the state.)
- Destroy (destroy resources that exist in the state but no longer exist in the configuration)
- Update in-place (update in-place resources whose arguments have changed)
- Destroy and re-create (Destroy and re-create resources whose arguments have changed, but which cannot be updated in-place due to remote API limitation)
What are Input Variables and how do you use them?
Input variables serve as parameters for a Terraform module. They allow aspects of the module to be customized without altering the actual module.
Declaring an Input Variable:
variables “image_id” {
type = string
}
Optional Arguments: default, type, description, validation, sensitive
How can you assign values to variables:
- In a Terraform Cloud workspace
- Individually, with the -var command like option
- In variable definitions files like .tfvars or .tfvars.json
- As environment variables
A value can b accessed from an expression using var. keyword.
What are Output Variables?
Output Variables are like Return Values.
- A child module can use them to expose a subset of resource attributes to the parent module.
- A root module can use them to print values in the CLI.
- Root module outputs can be accessed by other configurations via the terraform_remote_state data source.
Example:
output “instance_ip_addr” { // valid identifier
value = aws_instance.server.private_ip // takes an expression whose result will be returned to the user
}
What are local values?
Local values are like temporary function’s local variables.
Allow to:
- Assign a name to an expression
- Use the variable multiple times within a module without repeating it.
You can reference them in expressions as local.
Local values can only be accessed in expressions within the module where they were declared.
What are Modules?
Modules are containers for Multiple Resources. A module can consist of a collection of .tf as well as .tf.json files kept together in a directory. Modules are the main way to package and reuse configuration within Terraform.
1) Root module - You need at least one root module
2) Child modules - Modules that are called by the root module
3) Published modules - Modules loaded from a private or public registry.
source is a required attribute
What are Module sources?
Module sources tell Terraform where to look for source code. Below are listed all possible module sources:
1) Local path - must begin with either ./ or ../ to indicate that it is indeed a local path.
module "consul" {
source = "./consul"
}
2) Terraform Registry
3) GitHub
4) Bitbucket
5) Generic Git, Mercurial repositories
6) HTTP URLs
7) S3 buckets
8) GCS bucketsWhat is the difference between expressions and functions?
Expressions are used to reference/compute values within a configuration.
Expressions are literal values like ACG or 1, but the Terraform language also allows more complex expressions, such as references to data exported by resources and a number of built-in functions.
Type values: string number bool list/tuple map/object null
Functions are used to transform and combine values within expressions. (Terraform language includes a number of built-in functions)
What are 7 types of Named Values Available in Terraform
- Resources
- Input Variables (var.name; if variable has type constaint, terraform will automatically convert given value to conform to type constraint)
- Local Values (local.name; can refer to other local values, as long as we don’t introduce circular dependencies)
- Child Module Outputs (module.module_name)
- Data Sources (data.data_type.name)
- Filesystem and Workspace info (path.module, path.root, path.cwd, path.workspace)
- Block-local Values (count.index, each.key, each.value, self)
How do you use conditional expressions?
Syntax:
condition ? true_val : false_val
It’s recommended to use type conversion expressions, if it’s uncertain about the type. Like tostring(). (Utilize the terraform built in functions)
Backend Configuration of Terraform
Each Terraform configuration can specify a backend.
- HashiCorp recommends Terraform beginners to use the default local backend.
- Terraform Includes a built-in selection of backends, and these are the only backends.
- Backend configuration is only used by Terraform CLI. Terraform Cloud and Enterprise always use their own state storage.
- Two areas of behavior are determined by the backend: Where state is stored, Where operations are performed.
Example:
terraform {
backend "remote {
organization = "corp_example"
workspaces {
name = "ex-app-prod"
}
}
}Limitations:
- A configuration can only provide one backend block.
- A backend block cannot refer to named values.
Backend
What are Terraform Data Sources?
Data sources allow Terraform use information defined outside of Terraform, defined by another separate Terraform configuration, or modified by functions.
A data source is accessed via a special kind of resource known as a data resource, declared using a data block:
data “aws_ami” “example” {
most_recent = true
owners = ["self"]
tags = {
Name = "app-server"
Tested = "true"
}
}How do you confiugure Amazon’s S3 Backend
- Also supports state locking
- And Consistency Checking
terraform {
backend "s3" {
bucket = "mybucket"
key = "path/to/my/key"
region ="us-east-1"
}
}S3 Bucket Permissions needed:
- s3:ListBucket
- s3:GetObject
- s3:PutObject
What is State in Terraform?
- Terraform stores state about my managed infrastructure and configuration. (Can be considered as sort of database to map Terraform configuration to the real world)
- Terraform uses its own state structure to map configurations to resources.
This state is stored by default in a local file named “terraform.tfstate”, but it can also be stored remotely, which works better in a team environment.
