DevOps Tools/Configuration/Terraform
Terraform
Contents |
Installation
CentOS7
Update cache
~$ sudo yum check-update
Download dependencies
~$ sudo yum install -y wget unzip
Download terraform binary in zip from downloads page.
~$ wget https://releases.hashicorp.com/terraform/0.11.13/terraform_0.11.13_linux_amd64.zip
Extract to PATH directory
~$ sudo unzip ./terraform_0.11.13_linux_amd64.zip -d /usr/local/bin/
Verify
~$ terraform -v Terraform v0.11.13
Deploy basic ec2
Setup AWS
If you've not done so already, you will need to install the AWS CLI and create a new account for terraform to access aws programmatically. For this example i've opted to give my terraform user admin rights and it also needs programatic access (just an access id/secret key pair).
Create folder and files
For terraform you will need a folder with at least (3) files.
~$ mkdir ~/terraform && cd ~/terraform ~$ touch main.tf providers.tf variables.tf
variables.tf
This is our variable store, it will contain the values for variables we can call from other tf files.
~$ vim variables.tf
variable "aws_access_key" {
default = "23Y8932D923YHDH2RHR4R"
}
variable "aws_secret_key" {
default = "DFHuiofh49fyh92h34dfasdryh7893f"
}
variable "aws_region" {
default = "us-east-1"
}
providers.tf
This is our providers file, it has detailed information about the cloud provider you will be using.
~$ vim providers.tf
provider "aws" {
access_key = "${var.aws_access_key}"
secret_key = "${var.aws_secret_key}"
region = "${var.aws_region}"
}
main.tf
This is our main file, it contains the instructions about what we want to setup.
~$ resource "aws_instance" "web" {
ami = "ami-0b898040803850657"
instance_type = "t2.micro"
tags = {
Name = "r00tedvw"
}
}
note: Should you need to find the latest Amazon Linux 2 AMI ID, you can use this aws cli query I found here.
~$ aws ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn2-ami-hvm-2.0.????????-x86_64-gp2' 'Name=state,Values=available' --query 'reverse(sort_by(Images, &CreationDate))[:1].ImageId' --output text
Deploy basic S3 bucket
Same as with the EC2 deployment, you will need a variables.tf and providers.tf.
Within the main.tf you'll want to add this resource:
~$ vim main.tf
resource "aws_s3_bucket" "bucket" {
bucket = "r00tedvw-test-bucket"
acl = "private"
region = "us-east-1"
tags = {
Name = "r00tedvw-test-bucket"
Environment = "r00tedvw"
}
}
Deploy basic security group
Building off the prior steps, we can create a security group to allow external access to resources as AWS does not do this by default.
create a new file: security_group.tf
~$ vim security_group.tf
resource "aws_security_group" "instance" {
name = "r00tedvw-tf-group"
ingress {
from_port = 8888
to_port = 8888
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
With that in place, we can call on this new security group using a terraform expression for our EC2 deployment.
~$ vim main.tf
resource "aws_instance" "web" {
ami = "ami-0b898040803850657"
instance_type = "t2.micro"
vpc_security_group_ids = [aws_security_group.instance.id]
tags = {
Name = "tf-test-vm"
Environment = "r00tedvw"
}
}
