Latest revision as of 14:55, 30 September 2019

Terraform

[edit] Installation

[edit] CentOS7

Update cache

~$ sudo yum check-update

Download dependencies

~$ sudo yum install -y wget unzip

Download terraform binary in zip from downloads page.

~$ wget https://releases.hashicorp.com/terraform/0.11.13/terraform_0.11.13_linux_amd64.zip

Extract to PATH directory

~$ sudo unzip ./terraform_0.11.13_linux_amd64.zip -d /usr/local/bin/ 

Verify

~$ terraform -v
Terraform v0.11.13

[edit] Deploy basic ec2

[edit] Setup AWS

If you've not done so already, you will need to install the AWS CLI and create a new account for terraform to access aws programmatically. For this example i've opted to give my terraform user admin rights and it also needs programatic access (just an access id/secret key pair).

[edit] Create folder and files

For terraform you will need a folder with at least (3) files.

~$ mkdir ~/terraform && cd ~/terraform
~$ touch main.tf providers.tf variables.tf

[edit] variables.tf

This is our variable store, it will contain the values for variables we can call from other tf files.

~$ vim variables.tf
variable "aws_access_key" {
  default = "23Y8932D923YHDH2RHR4R"
}

variable "aws_secret_key" {
  default = "DFHuiofh49fyh92h34dfasdryh7893f"
}

variable "aws_region" {
  default = "us-east-1"
}

[edit] providers.tf

This is our providers file, it has detailed information about the cloud provider you will be using.

~$ vim providers.tf
provider "aws" {
  access_key = "${var.aws_access_key}"
  secret_key = "${var.aws_secret_key}"
  region = "${var.aws_region}"
}

[edit] main.tf

This is our main file, it contains the instructions about what we want to setup.

~$ resource "aws_instance" "web" {
  ami = "ami-0b898040803850657"
  instance_type = "t2.micro"

  tags = {
    Name = "r00tedvw"
  }
}

note: Should you need to find the latest Amazon Linux 2 AMI ID, you can use this aws cli query I found here.

~$ aws ec2 describe-images --owners amazon --filters 'Name=name,Values=amzn2-ami-hvm-2.0.????????-x86_64-gp2' 'Name=state,Values=available' --query 'reverse(sort_by(Images, &CreationDate))[:1].ImageId' --output text

[edit] Deploy basic S3 bucket

Same as with the EC2 deployment, you will need a variables.tf and providers.tf.
Within the main.tf you'll want to add this resource:

~$ vim main.tf
resource "aws_s3_bucket" "bucket" {
  bucket = "r00tedvw-test-bucket"
  acl = "private"
  region = "us-east-1"

  tags = {
    Name = "r00tedvw-test-bucket"
    Environment = "r00tedvw"
  }
}

[edit] Deploy basic security group

Building off the prior steps, we can create a security group to allow external access to resources as AWS does not do this by default.
create a new file: security_group.tf

~$ vim security_group.tf
resource "aws_security_group" "instance" {
  name = "r00tedvw-tf-group"

  ingress {
    from_port   = 8888
    to_port     = 8888
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

With that in place, we can call on this new security group using a terraform expression for our EC2 deployment.

~$ vim main.tf
resource "aws_instance" "web" {
  ami = "ami-0b898040803850657"
  instance_type = "t2.micro"
  vpc_security_group_ids = [aws_security_group.instance.id]

  tags = {
    Name = "tf-test-vm"
    Environment = "r00tedvw"
  }
}