Build Infrastructures with Terraform

Outline

Terraform is a tool for Infrastructure as Code, and there are many types of similar tools. Why do people choose Terraform then? In this article, I will explain the following topics.

• What is Terraform?
• Why Terraform is necessary?
• How to build infrastructures with Terraform.
• Different usage of Terraform and other tools.

What is Terraform ?

Outline

Terraform is a tool for Infrastructure as Code （Herein after I will say IaC） as I mentioned already is developed by HashiCorp, a company which is famous for Vagrant.

Terraform allows you to manage infrastructures such as cloud platform, AWS, Azure and GCP. And also, OpenStack.

Terraform builds infrastructures from your code. Below are advantages of IaC. (I will not talk about IaC here)

• You can check the changed history by using the version control tool.
• You can use the setting over and over again.

Also, specific advantages of Terraform are listed below.

• Dependency of every resource is controlled.
• Store the current status of infrastructures.
• Applicable to major cloud platforms.

Next, I will talk about specific advantages of Terraform in detail.

Dependency of every resource is controlled

When you manage infrastructures at a certain level of scale, you have to deal with various components. Even with a simple circumstance or while just managing multiple servers with AWS, there will be the following components.

• VPC
  • subnet
  • routing
• EC2
  • instance
  • IP address
  • Security group

When you have to deal with various components and when you change one of these settings, influence between each component is unrecognizable.

When you change one of the settings, Terraform allows you to know the influence between components. This means that you are able to know what you have to take care of in advance such as restart or rebuild resources.

Retain the current status of infrastructures.

Terraform retains the current status of infrastructures. In other tools, it is uncertain if the content of a config file is applied to the current infrastructures. On the contrary, Terraform keeps “State” in a file. This means when you make some changes in infrastructures, by comparing with the current “State” and new one, Terraform applies only the difference between those two.

Please refer the page below for the details.

State – Terraform by HashiCorp

Applicable to main cloud platforms

Terraform is applicable to the main cloud platforms such as AWS, Azure and GCP. This is not a big advantage as other tools are the same. However, Terraform enables you to set them with similar writings regardless of the sort of infrastructures. This makes building multi-vendor infrastructures or switching to another vendor easier.

Why Terraform is necessary

Why do we choose Terraform instead of many other similar tools? I will explain a few things based on the official documentation below.

Terraform vs. Other Software – Terraform by HashiCorp

Chef, Puppet etc.

Chef, Puppet are the configuration management systems. These are suitable to install software or set the changes to a certain machine.

Personally, I have stopped using Chef because of its complexity. The popularity of Chef seems to have declined recently. As for Puppet, I have never tried.

Ansible is often used as a configuration management tool; even the official web site explains, “App deployment, configuration management and orchestration – all from one system”. So, I consider it as the same category as Chef and Puppet.

CloudFormation, Heat etc.

CloudFormation and Heat are the similar to Terraform function wise. The CloudFormation is only applicable to AWS and Heat is only applicable to OpenStack. On the other hand, Terraform is applicable to various cloud platforms. This is the biggest difference.

I had used CloudFormation a little bit. Even though its function is enough, it seems to require a lot of time to learn it. Only being applicable to AWS is a big disadvantage.

In contrast, Terraform is pretty simple and applicable to various platforms. So I recommend that you use Terraform.

How to build infrastructures with Terraform

The main subject starts from here. Make sure that installation is finished.

The usage of Terraform is written in the pages below.

Build Infrastructure – Terraform by HashiCorp

The basic flow of settings is below.

• Create a file named *.tf 
• Initialize with terraform init 
• Apply the settings to infrastructures with terraform apply 
• Whenever you modify *.tf , execute terraform apply every time.

State and Remote State

After you hit terraform apply, a file named terraform.tfstate will be created. This holds the State. Since this is a very important file, please keep it safe.

I recommend that you build a Remote State system and put the file in S3 as the shared file if multiple people use the infrastructures. (Normally, this is the case.)

The usage of Remote State is written below but more information is needed.

State: Remote Storage – Terraform by HashiCorp

So I will explain the settings.

First, use an extension file with .tf  save with any filename such as
s3-backend.tf .

terraform {
  backend "s3" {
    bucket  = "a-bucket-for-provisioning"
    key     = "terraform.tfstate"
    region  = "ap-northeast-1"
  }
}

By hitting terraform init , *.tfstate   the file will be saved on S3.

Workspace

Terraform has a concept of “Workspace”.

Typical usages are to create development, staging, production on  Workspace and switch them to appropriate Workspace.

Inside of workspace, you have to store a state file and other files in each workspace directory.

Please use the command below to use workspace.

# Create a workspace name foo, and switch to it.
terraform workspace new foo
# Create a workspace name bar, and switch to it.
terraform workspace new bar
# Switch to workspace name foo.
terraform workspace select foo

Within the setting file, you can use workspace name in the instance name.

Below is the example of setting cited from the official site.

resource "aws_instance" "example" {
  tags {
    Name = "web - ${terraform.workspace}"
  }

  # ... other arguments
}

Till here, the basic tasks to build infrastructures with Terraform are covered.

Different usage of Terraform with other tools

In the beginning, I wrote the difference between Terraform and other tools. Here, I will write different usages compared to other tools.

Personally, I use it as below. Below is the example of AWS but other cloud vender would be very similar to this.

• To define AWS infrastructures (EC2, ELB, VPC, RDS, etc） is mainly Terraform.
• Installation of software to EC2 is Ansible
• Lambda itself and resources definition that Lambda function use will be Serverless

Ideally, I would like to use Terraform for all the AWS infrastructures. However, to define lambda function with Terraform was pretty bothersome. As for Lambda, I recommend you to use Serverless, which I introduced before.

The opportunity to use EC2 has gradually decreased. I assume that Ansible will be unnecessary in the near future. Instead, Kubernetes will be used for containers.

I found an interesting article at the end of last year. (Written in Japanese)

This article said that trying to cover everything by using one tool would not be a good sdea since automated tools are easily replaced by other ones.

Therefore, I recommend you to combine Terraform and other tools especially the areas that Terraform cannot cover well.

Please write the settings of Lambda function in the Functions section. Here, define only general settings such as function name. Please write the actual program code in the other file.

Conclusion

There are many tools for IaC. Terraform, a configuration management tool for main cloud platform, is suitable to define and build infrastructure itself.

However, we have to make sure that there are certain areas where Terraform doesn’t cover. So the best way is to use it with the other tools