Developer Automation Tools Terraform

Introduction to Terraform

Your applications are code.
The configurations of your servers are now code.

So the next logical step is to have the creation of the machine resources for your application run as code too!

"Terraform provides a common configuration to launch and manage infrastructure. ... Simple file based configuration gives you a single view of your entire infrastructure." Terraform is open source and watched over by creator Mitchell Hashimoto and the team at Hashicorp.

Official Intro to Terraform

Paper plates vs fine china

Think of the analogy of Paper plates vs fine china. The china is *nice*.

Alas the china is also an expensive alternative to the equally functional paper plate.

Your work wants you to be functional, not luxurious. To be functional you need to be fast and efficient. So deploy your app on to the commodity compute resource that is akin to a paper plate. And make your requests for paper plates efficient and repeatable with code!

Infrastructure as Code

This genre of tool goes by the name "Infrastructure as Code". A good tool in this space will have support for all aspects of your provider. We are not just able to request compute resources, but also requesting storage and networking configurations with code!

Aside from Terraform, there are other tools in this space you can research too.

• Scalr
• SparkleFormation
• AWS CloudFormation
• OpenStack Heat Templates
• Azure Resource Manager (ARM) templates

Terraform Providers

The reason I prefer Terraform over some of the alternatives above is because of the thorough support for the leading providers of API based resources - AKA Providers.

• AWS
• And all the resouces in AWS like S3, EC2, IAM roles, Route 53, etc...
• Azure
• VMWare vCloud or vSphere
• GitHub
• New Relic
• DataDog
• PagerDuty
• PostgreSQL
• Docker
• many others

Managing State in Terraform

As much fun as using Terraform is, it has one hard aspect to manage. That is the idea of State.

In order for Terraform to keep track of all the things it is managing it uses state files. On every run after the first, Terraform compares the state files to what is in the Terraform code to determine what has changed and needs to added, modified or deleted from the provider that is being managed.

This becomes a problem as soon as more than one person wants to run the Terraform code. How does user John get the state from when user Jane last ran Terraform? This used to be a difficult prospect that many people would role their own solutions for. But sharing state using "backends" has been added as a first class citizen in Terraform since version 0.7 was released. The following list are some of the supported backends for shared state management.

• Artifactory
• Azure
• AWS S3
• Google Cloud Storage
• Generic HTTP

Extra Reading

Here are some articles from people who have put Terraform through the paces more than I have

• Two Weeks with Terraform by Charity Majors
• Orchestrating Docker with Terraform and Consul by Mitchell Hashimoto
• Terraforming workloads with Docker and Digital Ocean by Long Nguyen

Workout

We are going to complete the following actions

1. Terraform is already installed on our VM. So we are all ready to dive in.
2. Go in to the /vagrant/terraform/tutum directory on the VM.
3. Run the command terraform to verify Terraform is ready to use.
4. Review the tutum-hello-world.tf file that already exists.
5. What Provider is it using? What resources are being created?
6. The first thing we need to do with Terraform is init the project to make sure Terraform has required providers. So run terraform init
7. Check what will happen if Terraform ran this file with the terraform plan command.
8. Now that we know what Terraform will do have Terraform do it by running the terraform apply command.
9. The container will be up and serving out a Hello World page now on localhost:8088.
10. Running Docker containers is often about quantity. So let's now run five of the hello-world container instead of three. Change the tutum-hello-world.tf file to spin up five instances of our container.
11. Verify what is going to change by running terraform plan again.
12. We can make the change happen with terraform apply and verify it is running with the terraform show command.
13. Take note of the terraform.tfstate file now in your working directory. This is how Terraform knows the difference between running terraform commands.
14. Let's put our Terraform state in to a shared location in Artifactory.
15. Go to the Artifactory repository admin section and on the top right click New, to create a Generic repo with the Repository Key of terraform-state
16. Create a new file main.tf with your prefered code editor.
17. Add the following lines of code to the main.tf file. Changing the password to match your Artifactory admin user's password.

    terraform {
          backend "artifactory" {
            username = "admin"
            # never actually put passwords in code, but that's beyond our scope today
            password = "password"
            url      = "http://localhost:8081/artifactory"
            repo     = "terraform-state"
            subpath  = "tutum-demo"
          }
        }

18. Now we need to run terraform init again. You will be prompted to upload your state to Artifactory, type yes when prompted.
19. Done! Even before we plan or apply Terraform has uploaded our current state. Go check it out in Artifactory.
20. We are done with this generic container. Time to destroy everything. Again, verify the work to be done with terraform plan -destory. And then turn off all the containers with the terraform destroy command.