Terraform Infrastructure as a Code

Jul 13, 2020

You may have heard infrastructure as code(IaC), But do you know what infrastructure is? Why do we need infrastructure as code? What are the benefits of infrastructure as code? Is it safe and secure? 

 

What is Infrastructure as Code(IoC)?
Infrastructure as code (IaC) means to manage and upgrade your environments as infrastructure using configuration files. Terraform provides infrastructure as code for provisioning, compliance, and management across any public cloud, private data center, and third-party service.

Enables teams to write, share, manage, and automate any infrastructure using version control With automated policy enforcement for security, compliance, and operational best practices and Enable developers to provision their desired infrastructure from within their workflows.

IOC has a high impact on the Business perspective by providing Increased Productivity, Reduced Risk, Reduced Cost

 

Why do we use Infrastructure as Code(IoC)?

  • Terraform is a simple human-readable configuration language, to define the desired topology of infrastructure resources

  • VCS Integration
    Write, version, review, and collaborate on Terraform code using your preferred version control system

  • Workspaces
    Workspaces decompose monolithic infrastructure into smaller components, or "micro-infrastructures". These workspaces can be aligned to teams for role-based access control.

  • Variables
    Granular variables allow easy reuse of code and enable dynamic changes to scale resources and deploy new versions.

  • Runs
    Terraform uses two-phased provisioning a plan (dry run) & apply (execution). Plans can be inspected before execution to ensure expected behavior and safety.

  • Infrastructure State
    The state file is a record of currently provisioned resources. State files enable a versioned history of the infrastructure and are encrypted at rest. Versions can be inspected to see incremental changes.

  • Policy as Code
    Sentinel is a policy as a code framework to automate multi-cloud governance.

 

What are the benefits of Infrastructure as Code(IoC)?

  • Infrastructure as Code enables Infrastructure teams to test the applications in staging environments or development environment early - likely in the development cycle

  • Infrastructure as Code Saves You Time and Money

We can have a version history like when the infrastructure is upgraded and who has done it from the code itself. Else we have to ask to check the Infrastructure admin to look into logs and which is very time-consuming.
We can check it into version control and I get versioning. Now we can see an incremental history of who changed what

Use Infrastructure as Code to build update and manage any cloud, infrastructure, or services
Terraform makes it easy to re-use configurations for the environment for similar infrastructure, helping you avoid mistakes and save time.

We can use the same configuration code for the different staging Production and development environments.

Terraform supports many Providers to be built from just a simple and less line of code.

Major providers are as follows

  1. AWS
  2. Azure
  3. GitHub
  4. GitLab
  5. Google Cloud Platform
  6. VMWare
  7. Docker 
    and  200+ more.

A Simple example to create an Ec2 Instance with just a few lines of code.

resource "aws_instance" "ec2_instance" {
  ami = "ami-*******"
  instance_type = "t2.micro"
  vpc_security_group_ids = ["${aws_security_group.*****.id}"]
  key_name = "${aws_key_pair.****.id}"
  tags {
    Name = "New-EC2-Instance"
  }
}

But First, we have to write code for which provider we are writing our code.
To do so  here is the simple basic code to assign a provider

provider "aws" {
  region = "us-west-2"
  ## PROVIDE CREDENTIALS
}

Now to Create your Ec2 Instance in AWS. We have to run the commands.
So terraform has Four commands to check and apply the infrastructure changes,

  1. Init

  2. Plan

  3. Apply

  4. Destroy.

 

1. Init $ terraform init

We can understand from the name of the command that is used to initialize something.
So here terraform will be initialized in our code. which will create some basic backend and tfstate files in folders for internal use.

2. Plan $ terraform plan

As we do compile in some code languages, it will check for the compilation errors and plan what is going to happen when we run the script to generate infrastructure code. It will show you what resources are going to be created and what will be the configuration.

3. Apply $ terraform apply

It is time to run the script and check what is being generated from the scripts. So the command will execute the script and apply the changes in our infrastructure, which will generate some resources for what we have written in the code. 

4. Destroy $ terraform destroy

This command is used when we want to remove or destroy the resource. After some time we don't need that resource then we just run the command which will destroy the resource. And your money is saved.

Kishan Parmar

About the Author

Kishan Parmar

Team Leader at MagnusMinds IT Solution
Team Leader with a demonstrated history of working in the computer software industry. Skilled in Asp.net MVC 4.0, C#, WPF Development, Terraform, Infrastructure as a code, AWS, Azure, IONIC, Node JS, Asp. Net Core, Web API MVC, .NET Core Web API, Application Programming Interfaces, and Raspberry Pi.
Strong engineering professional with a Bachelor of Engineering (B.E.) focused on Computer Engineering.