DevOps Tools/Configuration/Terraform

From r00tedvw.com wiki
Jump to: navigation, search

Terraform

Contents

 [hide

Installation

CentOS7

Update cache 

~$ sudo yum check-update

Download dependencies 

~$ sudo yum install -y wget unzip

Download terraform binary in zip from downloads page. 

~$ wget https://releases.hashicorp.com/terraform/0.11.13/terraform_0.11.13_linux_amd64.zip

Extract to PATH directory 

~$ sudo unzip ./terraform_0.11.13_linux_amd64.zip -d /usr/local/bin/

Verify 

~$ terraform -v
Terraform v0.11.13

Deploy basic ec2

Setup AWS

If you've not done so already, you will need to install the AWS CLI and create a new account for terraform to access aws programmatically. For this example i've opted to give my terraform user admin rights and it also needs programatic access (just an access id/secret key pair).

Create folder and files

For terraform you will need a folder with at least (3) files. 

~$ mkdir ~/terraform && cd ~/terraform
~$ touch main.tf providers.tf variables.tf

variables.tf

This is our variable store, it will contain the values for variables we can call from other tf files. 

~$ vim variables.tf
variable "aws_access_key" {
  default = "23Y8932D923YHDH2RHR4R"
}

variable "aws_secret_key" {
  default = "DFHuiofh49fyh92h34dfasdryh7893f"
}

variable "aws_region" {
  default = "us-east-1"
}

providers.tf

This is our providers file, it has detailed information about the cloud provider you will be using. 

~$ vim providers.tf
provider "aws" {
  access_key = "${var.aws_access_key}"
  secret_key = "${var.aws_secret_key}"
  region = "${var.aws_region}"
}

main.tf

This is our main file, it contains the instructions about what we want to setup. 

~$ resource "aws_instance" "web" {
  ami = "ami-0b898040803850657"
  instance_type = "t2.micro"

  tags = {
    Name = "r00tedvw"
  }
}

note: Should you need to find the latest Amazon Linux 2 AMI ID, you can use this aws cli query I found here. 

~$ aws ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn2-ami-hvm-2.0.????????-x86_64-gp2' 'Name=state,Values=available' --query 'reverse(sort_by(Images, &CreationDate))[:1].ImageId' --output text

Deploy basic S3 bucket

Same as with the EC2 deployment, you will need a variables.tf and providers.tf.
Within the main.tf you'll want to add this resource: 

~$ vim main.tf
resource "aws_s3_bucket" "bucket" {
  bucket = "r00tedvw-test-bucket"
  acl = "private"
  region = "us-east-1"

  tags = {
    Name = "r00tedvw-test-bucket"
    Environment = "r00tedvw"
  }
}

Deploy basic security group

Building off the prior steps, we can create a security group to allow external access to resources as AWS does not do this by default.
create a new file: security_group.tf 

~$ vim security_group.tf
resource "aws_security_group" "instance" {
  name = "r00tedvw-tf-group"

  ingress {
    from_port   = 8888
    to_port     = 8888
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

With that in place, we can call on this new security group using a terraform expression for our EC2 deployment. 

~$ vim main.tf
resource "aws_instance" "web" {
  ami = "ami-0b898040803850657"
  instance_type = "t2.micro"
  vpc_security_group_ids = [aws_security_group.instance.id]

  tags = {
    Name = "tf-test-vm"
    Environment = "r00tedvw"
  }
}
Retrieved from "https://wiki.r00tedvw.com/index.php?title=DevOps_Tools/Configuration/Terraform&oldid=2858"
Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki