This article addresses
- the benefits of using terraform
- a curated learning path to get up to speed
Why terraform ?
If you deploy cloud resources, on AWS, Azure, GCP or even private cloud, you are already familiar with the web consoles associated with theses services.
Cloud tutorials rely on using the web consoles, as a quick way to create reources (instances, db, storage a.s.o). But this involve manual process, is error prone and difficult to document or share as team. Good to learn but too slow for a practical use.
A necessity for production
As soon as you manage resources at a reasonable scale, you have to
- avoid configuration drift: keep track of what you do in a reproducible way. Reuse to create a additional test instance or copy easily a development environment to production
- allow reversibility: change a setting or apply a patch without fear
- share responsibility and ownership with the team
- integrate external services to support more complex use case
- automate the provisioning
and document for free (!)
Terraform allows you to declare the definition of your entire infrastructure as configuration files. Theses are plain readable text files that you store in git.
You run a command to check the difference between what you requested and the actual state. If needed, terraform propose you to update your cloud resources.
This also means you can revert to a previous point in history and compare versions or variants. It is also a very good learning tool, allowing you to instantiate a complex infrastructure only when you need it.
Have a look at 5 lessons learned from writing over 300 lines of infrastructure as code, all reasons and benefits of IAC are explained.
Terraform is generic
Each cloud vendor offer its own proprietary set of tools to assist us on this task, increasing the complexity…but this is where terraform shines.
Terraform brings a standard way to do infrastructure as code (IAC) and can address almost any platform with a common language and similar patterns. The number of extensions make it truly agnostic and functionalities specific to a vendor are offered as modules.
I use mainly terraform with AWS resources, but interestingly, the framework was sold to me by Microsoft Azure specialists using it to manage containers in Kubernetes clusters.
Terraform is quick to learn
You need 2 hours to get started with terraform…. And it’s more advanced concepts (modules, managing it as a team) are easily learned within a week.
After this you will not dare imagine using something else.
Focus on the following topics:
- terraform syntax
- how to manage terraform state / work as a team
- modularity (use modules and variables to reuse configurations and infrastructure components across several environments or organizations).
Getting the basics
If you are in a rush, start with: an introduction to terraform
The best book on terraform is Terraform up and running by Yevgeniy Brikman (O’Reilly). Covers all aspects in one porgressive and well written tutorial. If you must pick one, pick this one.
If you prefer waiting for the second edition of the book (due mid 2019), have a look at a comprehensive guide to terraform on the author’s blog. This series of blog posts was the base for the book. A very good walk through that covers all aspects of terraform.
Gruntwork blog is packed with very good material.
The official terraform tutorial, shows how to use Terraform to build infrastructure in AWS. 11 bite-sized topics, 80 minutes total.
Use terraform to deploy an nginx image. Terraform can also be manage non cloud services like docker containers. Follow this short (10 min) interactive tutorial on Katakoda.
My colleague Fabian also pointed me to tutorials from Phillip Shipley which are very complete for configuring a Docker environment from scratch on AWS.
- Terraforming Your Docker Environment on AWS
- Shared Resources for Your Terraformed Docker Environment on AWS
- Service Resources for Your Terraformed Docker Environment
Use or create modules
Terraform modules help build a safer infrastructure by reusing maintenaned code. They are similar to Ansible roles will provide you pre-made functionnalities without having to create all code from scratch.
As an example, you will find pre-made modules to create a state of the art security groups or load balancer.
- the recent terraform official registy
- check also a cloud posse repositories. They share a lot of pr-made modules as well as images that integrate terraform with other tools (practical for CI/CD).
Start now !
I hope this post will help you getting started. Terraform is quick to learn… and there is no looking back !
… and get in touch if you think of other resources to add here.