Once again I have fallen into a rabbit hole.
One of my random quotes is “Automation shall set you free, but first it will make you miserable.”
This is quite true, in the world of dev-ops, I strive to ensure that the only thing I do manually is create the automation tools that perform all my standard tasks, in a standard way, to a standard specification.
I’ve worked with just about every tool out there, chef, ansible, cloudformation, bash, powershell, etc, etc, etc. All have their uses, and all have their failures, and all seem to either be platform specific, require various amount of dedicated infrastructure, or are rather imperative in functionality.
One tool / system I have found, Terraform, is modular, platform agnostic, and has a declarative nature.
Imperative programming is a paradigm of computer programming where the program describes steps that change the state of the computer. Unlike declarative programming, which describes “what” a program should accomplish, imperative programming explicitly tells the computer “how” to accomplish it.
In this set of missives, I shall examine the various features and capabilities of Terraform as applied to several cloud providers.
Code blocks written to perform a specific function, (say create an AWS VPC, with Internet Gateways, NAT Gateways, Subnets, etc) can be parameterized, and reused in multiple projects.
Terraform provider blocks and modules support a wide array of infrastructure providers, and can pass parameters from provider to provider.
In example, one could define an AWS environment with a VPN gateway, collect the various parameters from said object and apply those to another provider, (say Azure) to programmatically setup a VPN connection between the two environments.
The true power of Terraform, one defines the desired state of a resource, Terraform examines the existing state, and performs actions on the users behalf to accomplish the desired state.
This alone allows quick and easy maintenance of virtualized environments.
With little modifications, the terraform code will run on:
This (excluding some OS pathing quirks, THANKS MICROSOFT) means that once the requirements are met, code can be extracted from a repository and executed by many team members.
Terraform is an open-source infrastructure as code software tool created by HashiCorp. Users define and provision data center infrastructure using a declarative configuration language known as HashiCorp Configuration Language (HCL), or optionally JSON.
Terraform manages external resources (such as public cloud infrastructure, private cloud infrastructure, network appliances, software as a service, and platform as a service) with “providers”.
HashiCorp maintains an extensive list of official providers, and can also integrate with community-developed providers. Users can interact with Terraform providers by declaring resources or by calling data sources.
Rather than using imperative commands to provision resources, Terraform uses declarative configuration to describe the desired final state. Once a user invokes Terraform on a given resource, Terraform will perform actions on the user’s behalf to accomplish the desired state. The infrastructure as code can be written as modules, promoting reusability and maintainability.
Terraform supports a number of cloud infrastructure providers such as :
- Amazon Web Services
- Microsoft Azure
- IBM Cloud
- Google Cloud Platform
- Oracle Cloud Infrastructure
- VMware vSphere
HashiCorp supports a Terraform Module Registry, launched in 2017.