'%3E%3Cpath fill='%233A5C8D' d='M18.08 2H1.93C.87 2 0 2.85 0 3.9v15.5l.22.02c9.75 0 17.7-7.8 17.86-17.42Z' /%3E%3Cpath fill='%233A5C8D' d='M26.33 2H24.2C24.05 14.97 13.35 25.48.22 25.48L0 25.47v2.61C0 29.14.87 30 1.93 30h24.4c1.06 0 1.94-.86 1.94-1.92V3.91c0-1.05-.88-1.9-1.94-1.9Z' /%3E%3Cpath fill='%23262C49' d='M39.27 31.8c-.74-.2-1.28-.74-1.28-1.48 0-.88.67-1.55 1.56-1.55.23 0 .37.03.64.03 1.7 0 2.92-.63 2.92-3.02V10.52c0-1.04.74-1.81 1.8-1.81 1.01 0 1.76.77 1.76 1.81v15.73c0 3.9-2.34 5.75-5.83 5.75a5.1 5.1 0 0 1-1.57-.2Zm8.01-28.87a2.34 2.34 0 0 1-2.37 2.28 2.32 2.32 0 0 1-2.38-2.28 2.31 2.31 0 0 1 2.38-2.3 2.35 2.35 0 0 1 2.37 2.3Zm9.26 14.31a2.62 2.62 0 0 1-2.66 2.57 2.6 2.6 0 0 1-2.67-2.57 2.6 2.6 0 0 1 2.67-2.56 2.63 2.63 0 0 1 2.66 2.56Zm4.56 6.89V1.81C61.1.77 61.84 0 62.9 0c1.01 0 1.76.77 1.76 1.81v22.32c0 1.05-.75 1.82-1.76 1.82-1.02 0-1.8-.77-1.8-1.82Zm21.93-8.53v8.57a1.7 1.7 0 0 1-1.76 1.78 1.73 1.73 0 0 1-1.76-1.78v-.2a6.88 6.88 0 0 1-5.13 1.98c-3.46 0-5.8-1.92-5.8-4.77 0-2.9 2.37-4.7 6.14-4.7h4.72v-1.09c0-2.25-1.3-3.52-3.57-3.52-1.39 0-2.64.5-3.69 1.54-.44.37-.82.54-1.23.54-.84 0-1.55-.7-1.55-1.48 0-.5.23-.97.7-1.44a8.39 8.39 0 0 1 6.08-2.32c4.31 0 6.85 2.55 6.85 6.89Zm-3.6 3.73v-.3h-4.27c-1.93 0-2.95.7-2.95 2.01 0 1.35 1.15 2.19 2.92 2.19 2.4 0 4.3-1.72 4.3-3.9Zm25.67-1.99c0 4.98-3.46 8.61-8.14 8.61-2.38 0-4.38-.9-5.64-2.42v.6c0 1.08-.74 1.82-1.72 1.82-1.06 0-1.8-.77-1.8-1.82V1.81C87.8.77 88.58 0 89.6 0c1.01 0 1.76.74 1.76 1.81v9.32a7.07 7.07 0 0 1 5.56-2.42c4.72 0 8.18 3.66 8.18 8.63Zm-3.66-.03c0-3.09-2.14-5.38-5.1-5.38-3.01 0-5.02 2.19-5.02 5.41 0 3.2 2.04 5.38 5.03 5.38 2.95 0 5.09-2.28 5.09-5.4Zm6.66 6.09c-.34-.3-.51-.67-.51-1.15 0-.84.71-1.54 1.6-1.54.37 0 .74.13 1.11.47a5.66 5.66 0 0 0 3.9 1.71c1.46 0 2.68-.6 2.68-1.85 0-1.07-.98-1.5-2.34-2.05l-1.7-.7c-2.67-1.11-4.34-2.32-4.34-4.81 0-3.06 2.58-4.77 5.88-4.77 2.13 0 4 .77 5.29 2.01.37.34.54.74.54 1.18a1.5 1.5 0 0 1-1.5 1.51c-.37 0-.67-.16-1.11-.5a5.47 5.47 0 0 0-3.3-1.14c-1.32 0-2.27.5-2.27 1.58 0 .9.68 1.34 2.2 1.95l1.6.63c3.02 1.25 4.55 2.56 4.55 4.98 0 3.32-2.85 5.04-6.17 5.04a8.25 8.25 0 0 1-6.11-2.56Z' /%3E%3C/g%3E%3Cdefs%3E%3CclipPath id='a'%3E%3Cpath fill='%23fff' d='M0 0h120.38v32H0z' /%3E%3C/clipPath%3E%3C/defs%3E%3C/svg%3E)
Introduction to Terraform
We have updated this text for you!
Update date: 22.12.2024
Author of the update: Szymon Gamrat
IaC is a key attribute of enabling best practices in DevOps. Developers can be more involved in defining configuration because they can do it the way they are most proficient in – by writing code. Ops teams get involved in the earliest phases of the development process. Tools like Terraform bring visibility to state and configuration, simplify automation by making processes more efficient and less error-prone. In this article, we will learn what Terraform is, how to configure it, how to provide cloud resources with one of the cloud providers.
What is Terraform
Terraform is tool developed by HashiCorp that allows you to define and manage your infrastructure as code (IaC). This means you can write code to set up and manage your cloud resources, such as servers, databases, and networking components, across various cloud providers like AWS, Azure, and Google Cloud Platform.
Key Concepts
- Configuration Files: These are written in HashiCorp Configuration Language (HCL) and define the infrastructure you want to create.
- Providers: Plugins that allow Terraform to interact with different cloud providers and services.
- Resources: The components of your infrastructure, such as virtual machines, storage, and networks.
- State: Terraform keeps track of your
Advantages of Using Terraform
- Automation: Terraform automates the process of setting up and managing infrastructure, reducing the risk of human error and saving time
- Consistency: By defining your infrastructure as code, you ensure that your setup is consistent across different environments (development, testing, production)
- Multi-Cloud Support: Terraform supports multiple cloud providers, giving you the flexibility to manage resources across different platforms
- Version Control: You can version your infrastructure code just like application code, making it easier to track changes and collaborate with team members
- Declarative Language: Terraform uses a simple, declarative language (HCL) that is easy to learn and understand
Extensibility: Terraform is highly extensible with a wide range of plugins and modules available to extend its functionality
Before we begin
You should know the commands that help you build, check, and apply infrastructure code.
Basic Terraform Commands
terraform init
Initializes a Terraform configuration. This command sets up the necessary plugins and prepares your working directory for other Terraform commands.
Usage: Run this command in the directory containing your `.tf` files.
terraform plan
Creates an execution plan, showing what actions Terraform will take to achieve the desired state defined in your configuration files. It’s a dry run, so no changes are made.
Usage: Use this command to review changes before applying them.
terraform apply
Applies the changes required to reach the desired state of the configuration. This command will create, update, or delete resources as necessary.
Usage: After reviewing the plan, use this command to make the changes.
terraform destroy
Destroys the infrastructure managed by Terraform. This command will remove all resources defined in your configuration files.
Usage: Use this command when you want to clean up and remove all resources.
terraform show
Displays the current state or a saved plan. This command helps you understand the current state of your infrastructure.
Usage: Use this command to inspect the state file.
terraform validate
Validates the configuration files in a directory. This command checks for syntax errors and ensures that the configuration is syntactically valid.
Usage: Use this command to validate your configuration before applying it.
terraform fmt
Formats the configuration files to a canonical format and style. This command helps keep your code clean and readable.
Usage: Use this command to format your `.tf` files.
Example Workflow
Initialize: terraform init
Format: terraform fmt
Plan: terraform plan
Validate: terraform validate
Apply: terraform apply
Destroy: terraform destroy
Before we start playing with Terraform we need to set up the Google Cloud project. If you already have one you can use it but it is recommended to create a new one to keep it separated and easy to tear down later. You will be starting with basic resources, which can incur real, although usually minimal, costs. Pay attention to the pricing on the account. If you don’t already have a Google Cloud account, you can sign up for a free trial and get $300 of free credit.
Create a new project:
Create a Service Account…
…and grant the “Owner” role:
Download Service Account credentials in json format. Store them securely.
Install Terraform
To install Terraform, find the appropriate package for your system and download it as a zip archive. After downloading Terraform, unzip the package. Terraform runs as a single binary named terraform. Any other files in the package can be safely removed and Terraform will still function. Finally, make sure that the terraform binary is available on your PATH. This process will differ depending on your operating system. Verify the installation with the following command:
terraform -help
If a help message has been displayed it means that installation was successful and we can go to:
Our first terraform project
If you would like to create different resources than described in this article or you are using an existing project – please verify if a related API is enabled in your project. For new projects Cloud Storage API should be enabled so no action is required. Create a folder in a convenient location and the main.tf file inside. The file name isn’t actually important – as long as it uses a .tf extension. Terraform itself cannot “talk” to different cloud vendors’ API’s instead, it is using sub-programs called providers that translate configuration into API calls. In our case, it will be a “google” provider so the following configuration must be added to main.tf file:
// Configure the Google Cloud provider
provider "google" {
project = "terraform-sandbox-302013"
region = "europe-west3"
}Now we can try to define some resources that we want to create. To keep it simple let’s start with a single Cloud Storage bucket, add the following configuration to the main.tf file:
resource "google_storage_bucket" "default" {
name = "terraform-sandbox-302013-my-storage"
}Now we are almost ready to let terraform do its job. The last thing we need to take care of is authenticating API calls that will be performed by the “google” provider. There are several ways of doing it but the simplest one will be to use the GOOGLE_APPLICATION_CREDENTIALS environment variable, setting the value to the location of the json key file (the one downloaded during the project setup).
Now we can initialize the terraform project:
$ terraform init
Initializing the backend...
Initializing provider plugins...
- Finding latest version of hashicorp/google...
- Installing hashicorp/google v3.52.0...
- Installed hashicorp/google v3.52.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.Now we can check what will be created if we decide to apply this code to the project:
$ terraform plan
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# google_storage_bucket.default will be created
+ resource "google_storage_bucket" "default" {
+ bucket_policy_only = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ location = "US"
+ name = "terraform-sandbox-302013-my-storage"
+ project = (known after apply)
+ self_link = (known after apply)
+ storage_class = "STANDARD"
+ uniform_bucket_level_access = (known after apply)
+ url = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.As we can see from the command output there will be one resource created if we decide to apply this configuration. It matched both our intention and expectation so we can now apply it to our project:
$ terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# google_storage_bucket.default will be created
+ resource "google_storage_bucket" "default" {
+ bucket_policy_only = (known after apply)
+ force_destroy = false
+ id = (known after apply)
+ location = "US"
+ name = "terraform-sandbox-302013-my-storage"
+ project = (known after apply)
+ self_link = (known after apply)
+ storage_class = "STANDARD"
+ uniform_bucket_level_access = (known after apply)
+ url = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
google_storage_bucket.default: Creating...
google_storage_bucket.default: Creation complete after 2s [id=terraform-sandbox-302013-my-storage]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Using web console we can now verify that the bucket really appeared in our GCP project:
When we do not need the bucket any more we can let Terraform to remove it:
$ terraform destroy
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# google_storage_bucket.default will be destroyed
- resource "google_storage_bucket" "default" {
- bucket_policy_only = false -> null
- default_event_based_hold = false -> null
- force_destroy = false -> null
- id = "terraform-sandbox-302013-my-storage" -> null
- location = "US" -> null
- name = "terraform-sandbox-302013-my-storage" -> null
- project = "terraform-sandbox-302013" -> null
- requester_pays = false -> null
- self_link = "https://www.googleapis.com/storage/v1/b/terraform-sandbox-302013-my-storage" -> null
- storage_class = "STANDARD" -> null
- uniform_bucket_level_access = false -> null
- url = "gs://terraform-sandbox-302013-my-storage" -> null
}
Plan: 0 to add, 0 to change, 1 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
google_storage_bucket.default: Destroying... [id=terraform-sandbox-302013-my-storage]
google_storage_bucket.default: Destruction complete after 1s
Destroy complete! Resources: 1 destroyed.Summary
In this article, we have learned what the HashiCorp Terraform is and how we can use it to manage our infrastructure using code safely and predictably.
Links:
https://www.terraform.io/
https://registry.terraform.io/
https://www.geeksforgeeks.org/terraform-cheat-sheet/
https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/getting_started
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket
https://cloud.google.com/
https://cloud.google.com/storage/docs/naming-buckets
Meet the geek-tastic people, and allow us to amaze you with what it's like to work with j‑labs!
Contact us
