=========== Terraform =========== => Developed by Hashicorp => To create/provision infrastructure in cloud platform => IAC software (infrastructure as code) => Supports all most all cloud platforms => It is free and open source => Terraform will use HCL language HCL : Hashicorp configuration language ============================== Terraform Vs Cloud Formation ============================== => Cloud Formation is used to create infrastructure only in aws cloud => Terraform supports all cloud platforms available in the market ======================== Terraform Installation ======================== => Official Website URL : https://developer.hashicorp.com/terraform/install#linux 1) Create Linux VM in AWs Cloud (Ami : Amazon Linux) 2) Connect with Linux VM using MobaXterm/Putty/Gitbash 3) Execute below commands to setup Terraform in Linux VM sudo yum install -y yum-utils shadow-utils sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo sudo yum -y install terraform 4) Verify terraform installation terraform -v ========================= Terraform Architecture ======================== => Terraform will use HCL => Terraform script we will save with .tf extension .tf => init => fmt => validate => plan => apply => destory => Below are the terraform commands terraform init : Initialize terraform script (.tf file) terraform fmt : Format terraform script indent spacing (optional) terraform validate: Verify terraform script syntax is valid or not (optional) terraform plan : Create Execution plan for the terraform script terraform apply : Create actual resource in cloud based on given plan terraform destory : It is used to delete the resources created with our terraform script. ### Terraform AWS Documentation : https://registry.terraform.io/providers/hashicorp/aws/latest/docs ========================================== Terraform Script To create EC2 Instance ========================================== provider "aws" { region = "ap-south-1" access_key = "AKIATCKANCFDNX" secret_key = "fl7Ss+b5iIkqQgchv89yQevPE3S" } resource "aws_instance" "linux-vm" { ami = "ami-09298640a92b2d12c" instance_type = "t2.micro" key_name = "terraform" security_groups = ["default"] tags = { Name = "AshokIT-Linux-VM" } } $ terraform init $ terraform validate $ terraform fmt $ terraform plan $ terraform apply $ terraform destory ====================================== Dealing with Access Key & Secret key ====================================== => Instead of configuring access key & secret in terraform script file we can configure them as environment variables. $ export AWS_ACCESS_KEY_ID="AKIA74XTWFDNX" $ export AWS_SECRET_ACCESS_KEY="fl7Ss0XiCDJiQgchv89yQevPE3S" => Verify environment variable values $ echo $AWS_ACCESS_KEY_ID $ echo $AWS_SECRET_ACCESS_KEY ================================= Creating EC2 VM with User data ================================= // create script file $ vi installHttpd.sh #! /bin/bash sudo su yum install httpd -y cd /var/www/html echo "

Life Insurance Server - 2

" > index.html service httpd start // provide execute permission for script file $ chmod u+x installHttpd.sh // create resource file (main.tf) provider "aws"{ region = "ap-south-1" } resource "aws_instance" "linux-vm" { ami = "ami-09298640a92b2d12c" instance_type = "t2.micro" key_name = "terraform" security_groups = ["default"] user_data = file("installHttpd.sh") tags = { Name = "AshokIT-Linux-VM" } } ========================= Variables in Terraform ========================= => Variables are used to store data in key-value format id = 101 name = ashok => We can remove hard coded values from resources script using variables => Variables we can maintain in seperate tf file $ vi vars.tf variable "ami" { description = "Amazon machine image value" default = "ami-09298640a92b2d12c" } variable "instance_type" { description = "Represents type of instance" default = "t2.micro" } $ main.tf resource "aws_instance" "linux-vm" { ami = "${var.ami}" instance_type = "${var.instance_type}" key_name = "terraform" security_groups = ["default"] user_data = file("installHttpd.sh") tags = { Name = "Linux-VM" } } $ vi provider.tf provider "aws"{ region = "ap-south-1" } ================================= Types of variables in terraform ================================= 1) Input Variable 2) Output Variable => Input variables are used to supply values to the terraform script => Output variables are used to get the values from terraform script after execution Ex-1 : After EC2 VM created, print ec2-vm public ip Ex-2 : After S3 bucket got created, print bucket info Ex-3 : After RDS instance got created, print DB endpoint Ex-4 : After IAM user got created print IAM user info ================================================= Terraform Script with Input & Output Variables ================================================= ## Step-1: create provider.tf provider "aws" { region = "ap-south-1" } ## Step-2: Create input-vars.tf variable "ami" { description = "Amazon machine image value" default = "ami-09298640a92b2d12c" } variable "instance_type" { description = "Represents type of instance" default = "t2.micro" } ## Step-3: Create main.tf with resource information resource "aws_instance" "linux_vm" { ami = var.ami instance_type = var.instance_type key_name = "terraform" security_groups = ["default"] tags = { Name = "AIT-Linux-VM" } } ## Step-4: Create output.tf output "ec2_vm_public_ip" { value = aws_instance.linux_vm.public_ip } output "ec2_vm_private_ip" { value = aws_instance.linux_vm.private_ip } output "ec2_vm_state" { value = aws_instance.linux_vm.instance_state } output "ec2_vm_info" { value = aws_instance.linux_vm } ==================== Creating S3 Bucket =================== resource "aws_s3_bucket" "aits3bucket" { bucket = "ait009890" acl = "private" versioning { enabled = true } } ================== Create IAM User ================== resource "aws_iam_user" "my_user" { name = "my-iam-user" } ============================================================================================= Assignment-1 : Create RDS instance and print DB instance endpoint url using terraform Assignment-2 : Create Custom VPC using terraform ============================================================================================= ================== Terraform Modules =================== => A Terraform module is a set of Terraform configuration files in a single directory. => Even a simple configuration consisting of a single directory with one or more .tf files is a module. => One root module can have any no.of child modules in terraform. Ex: inside project we can take ec2, s3, rds as child modules Note: We will run terraform commands from root module and root module will invoke child modules for execution. . ├── LICENSE ├── README.md ├── main.tf ├── variables.tf ├── outputs.tf ====================================== Terraform project setup with Modules ====================================== ----------------------------------------------------- ### Step-1 : Create Project directory ----------------------------------------------------- Ex : $ mkdir 05-terraform-modules-project ----------------------------------------------------------------- ### Step-2 : Create "modules" directory inside project directory ---------------------------------------------------------------- Ex : $ mkdir 05-terraform-modules-project/modules ---------------------------------------------------------------- ### Step-3 : Create "ec2" & "s3" directories inside modules ---------------------------------------------------------------- $ mkdir 05-terraform-modules-project/modules/ec2 $ mkdir 05-terraform-modules-project/modules/s3 ---------------------------------------------------------------- ### Step-4 : Create below files inside ec2 directory ---------------------------------------------------------------- inputs.tf main.tf outputs.tf ---------------------------------------------------------------- ### Step-5 : Create below files inside s3 directory ---------------------------------------------------------------- inputs.tf main.tf outputs.tf #### Note: Write terraform script in above files ##### ----------------------------------------------------------------- ### Step-6 : Create provider.tf in project root module ---------------------------------------------------------------- $ vi provider.tf ------------------------------------------------------------------- ### Step-7: Create main.tf in project root module ------------------------------------------------------------------- $ vi main.tf ------------------------------------------------------------------- module "my_ec2" { source = "./modules/ec2" ami = "ami-09298640a92b2d12c" instance_type = "t2.micro" } module "my_s3" { source = "./modules/s3" } ----------------------------------------------------------------------------------------------- ### Step-8: Create ouputs.tf in project root module and access child modules related output ----------------------------------------------------------------------------------------------- output "ec2_vm_public_ip" { value = module.my_ec2.public_ip } output "ec2_vm_private_ip" { value = module.my_ec2.private_ip } =========================================== Working With Terraform in Windows Machine ========================================= Step-1 : Download terraform for windows & extract zip file Note: We can see terraform.exe file Step-2 : Set path for terraform s/w in System environment variables Step-3 : Configure AWS credentials in System Environment variables AWS_ACCESS_KEY_ID = AKIATCKANWFDNX AWS_SECRET_ACCESS_KEY = fl7Ss+b5iIkqDJiQgchv89yQevPE3S Step-4 : Download and install VS CODE IDE to write terraform scripts URL : https://code.visualstudio.com/download ======================================= 1) What is lock file in terraform ? 2) What is state file in terraform ? 3) What is taint & untaint in terraform ? 4) What is workspace in terraform 5) Terraform vault ======================================== ================================ Environments of the project =============================== => Env means the platform that is required to run our application Ex: Servers, Database, Storage, Network.... => One project contains multiple envs Ex: DEV, QA, UAT, PILOT, PROD env Dev Env : Developers will use it for code integration testing QA Env : Testers will use it for System Integration Testing UAT Env: Client will use it for Acceptance testing Pilot Env : Pre-Prod testing. Prod Env : Live Environment. $ terraform apply --var-file=dev.tfvars $ terraform apply --var-file=qa.tfvars ========================= Workspace in terraform ========================== => To manage infrastructure for multiple environments we will use Terraform workspace concept => When we use workspace, it will maintain seperate state file for every workspace Note: We can execute same script for multiple environments. $ terraform workspace show $ terraform workspace new dev $ terraform workspace new qa $ terraform workspace new prod $ terraform workspace list $ terraform workspace select dev ======================== Terraform Summary ======================== 1) Infrastructure as code (IAC) 2) Terraform Introduction 3) Terraform Setup (Linux & Windows) 4) Terraform Architecture 5) Terraform Scripts (HCL) 6) Variables (input & output) 7) EC2 VM creation 8) S3 Bucket 9) IAM User 10) RDS 11) VPC 12) Terraform Modules 13) State File & Lock File 14) Resource Taint & Un Taint 15) Terraform Workspaces 16) Terraform Vault (pending)