Understanding DevOps and Cloud Maturity Models: A Guide to Elevating Your IT Strategy
In today’s fast-paced technological landscape, DevOps and Cloud practices are integral to accelerating software delivery and optimizing cloud resources. But as
This post is the first part of a series of posts on Hashicorp Terraform.
With the rise of Infrastructure as a Service (IaaS), it is possible to set up new servers, or instances, on-demand in just a few seconds. Offerings like Amazon Web Services (AWS) give us tools that let us easily create IT resources. All our dreams of seamless scaling finally came true!
However, just creating a cloud instance is not good enough! You will want to set security rules on that instance. You will want to connect it to specific networks, attach a load balancer, setup health checks and configure rules for automatic scaling. And what about the other tiers of your multi-tier application?
"Creating IT resources is fast, configuring them is what still takes a lot of time."
If you do this manually, you are in for a lot of work. You must navigate through AWSs bloated web console or use the CLI tool. A complex setup will take quite some time to create. Especially, if you need to reproduce it again for a test or production environment, you must do the same manual tasks all over again.
Maybe you also want to re-create this setup for another project? Too bad this other project doesn't use AWS. It runs on Microsoft Azure. You will not only have to re-create your desired setup, you will also have to learn how to set this up with a different cloud service.
As you can see, creating IT resources is fast, configuring them is what still takes a lot of time.
If you work in IT, and especially with infrastructure, you have probably heard of Hashicorp. The company behind great tools like Vagrant, Packer, Consul or Vault also has a solution for the above problem: Terraform.
Terraform is a tool for managing infrastructure. You can build, change and version infrastructure. All is done "as code". You simply write configuration and apply it to your IaaS provider.
Here is an example of how a Terraform configuration looks like:
1provider "aws" {
2 region = "us-east-1"
3}
4
5resource "aws_instance" "example" {
6 ami = "ami-2757f631"
7 instance_type = "t2.micro"
8}
The above example creates an instance with a specific image and instance_type in an AWS account. The credentials for the AWS account are taken from the shell environment that Terraform is run in.
Terraform configuration can
And the best thing: Terraform is platform independent. That means you write your configuration once, and can apply it to Amazon Web Services, Microsoft Azure, Google App Engine, AliCloud, OpenStack and many more. You can even configure it to use multiple platforms at the same time.
Configurations are stored inside Terraform configuration files. They use a .tf file ending. You can have these files under version control in e.g. Git. This means you will always have a backup, your team can collaborate on the creation of these files and you have a common truth and documentation about your infrastructure.
"This means you will always have a backup, your team can collaborate on the creation of these files and you have a common truth and documentation about your infrastructure."
The Terraform configuration files also bring more advantages. Not are they totally cloud-agnostic, they are easier to grasp as Heat (OpenStack) or CloudFormation (AWS) templates. They also enable the use of 3rd party tools like DNSimple or CloudFlare.
And to top it all off, Terraform provides you with a CLI tool that will help you with the creation and the application of these configuration files.
Let's look at more AWS examples of Terraform.
Creating a VPC to launch our instances into:
1resource "aws_vpc" "default" {
2 cidr_block = "10.0.0.0/16"
3}
Creating an internet gateway to give our subnet access to the outside world:
1resource "aws_internet_gateway" "default" {
2 vpc_id = "${aws_vpc.default.id}"
3}
As you can see, we can also use variables inside the configuration files.
Creating security group for an ELB so it is accessible via the web:
1resource "aws_security_group" "elb" {
2 name = "terraform_example_elb"
3 description = "Used in the terraform"
4 vpc_id = "${aws_vpc.default.id}"
5
6 # HTTP access from anywhere
7 ingress {
8 from_port = 80
9 to_port = 80
10 protocol = "tcp"
11 cidr_blocks = ["0.0.0.0/0"]
12 }
13
14 # outbound internet access
15 egress {
16 from_port = 0
17 to_port = 0
18 protocol = "-1"
19 cidr_blocks = ["0.0.0.0/0"]
20 }
21}
If you have ever used a different cloud management tool, you will appreciate the clear syntax of Terraform!
The problem we discussed is of course apparent to the cloud providers. They provide their own tools to solve it.
AWS provides you with Cloud Formation. It also lets you define your infrastructure through code. However, it only works on AWS. So, if you have to re-produce your setup somewhere else, you have to start over again.
I have used Cloud Formation in many projects and can say that its format (JSON or YAML) can get confusing very quickly if you configure a very complex setup. Sometimes you are looking for hours for that missing closing bracket in the JSON configuration.
A big plus is that it supports new AWS projects almost always right from the start. The Terraform team has to incorporate new AWS functionality after their release. This can take some time.
"The Terraform team has to incorporate new AWS functionality after their release."
The same goes for Microsoft's Azure Resource Manager. It also can only be applied to the Azure Cloud and is using JSON only.
We will be taking a look at Terraform in action. You will learn how to install and use Terraform on your local workstation and how to create, modify and destroy resource in the cloud with it.
If you simply cannot wait any longer to try Terraform, please check out this great tutorials by Hashicorp: Terraform Getting Started
Maybe Terraform and a Infrastructure as a Service is something that you want to implement in your company as well? We would be happy to hear from you and help you implement it.
I am also happy to answer any questions that you might have. Either on LinkedIn, Twitter (@jaybrueder) or via Email jbrueder@infralovers.com.
You are interested in our courses or you simply have a question that needs answering? You can contact us at anytime! We will do our best to answer all your questions.
Contact us