Terraform Getting Started - p-patel/software-engineer-knowledge-base GitHub Wiki

Deploying Your First Terraform Configuration

Automating Infrastructure Deployment: Provisioning resources, Planning updates, Using Source Control, Reusing Templates
Provision some resources and configure them after they are instantiated
Provision infrastructure for a new application as part of a marketing push. A 2-tier app: web frontend, db backend and public DNS record. To be created in AWS using Terraform to automate infrastructure.

Terraform in an execute written and compiled in Golang (therefore no additional drivers, plugins, dlls or registry entries required, i.e. very portable and simple to install!)
Download and install (e.g. using Chocolatey, which will automatically add it to PATH variable)
Then one or more Terraform files which make up desired deployment and configuration
Terraform state file
Terraform preferences
Requirements to deploy infrastructure: AWS credentials (stored in Variables to keep them secure), AWS (a Provider), a server (a Resource), information retrieved from Terraform deploy, e.g. public IP address (an Output)
also note: Data Sources, Provisioners and Modules (covered later)

Examine Terraform file, deploy the configuration, review the results
Demo requirements: AWS account, Terraform software, Demo files
terraform - list available commands
terraform version - display terraform version
terraform plan -var-file='..\terraform.tfvars - runs terraform plan with variable file that defines access key, secret key, private key etc. Outputs changes that will be executed.
terraform apply -var-file='..\terraform.tfvars - runs terraform deployment with variable file that defines access key, secret key, private key etc. terraform destroy -var-file='..\terraform.tfvars - destroys terraform deployment with variable file that defines access key, secret key, private key etc. Requires confirmation.

Predictable - shows changes to be made before they are made
Consistent - idempotent in a single environment and consistent across multiple environments
Handling evolution of the scenario

Planning Updates:
Terrform State file (JSON format, but do not touch!)
Resources mappings and metadata - e.g. last known good state
Locking (during deployment) - local/remote - e.g. local file, S3 bucket
Multiple environments using the same Terraform file
Terraform Planning:
Inspects state (can be refreshed from the live deploymnet)
Inspects configuration file to create dependency graph
Identifies additions and deletions to the dependency graph (requires confirmation)
'Walks the line' - the dependency graph, results in updated deployment

Increase to 2 instances of the app - requires a load balancer which the DNS now points to instead
Round-robin load balancing
For reliability, place sub-nets in separate AWS availability zone's and each app instance in these separate sub-nets
Also set up security groups specified by business InfoSec team

Examine the Terraform file (and state file), deploy the configuration, review the results
Terraform will run all .tf files in a directory as a single configuration
data "aws_availability_zones" "available" {} - query AWS for AZ's
creates .tfstate and .tfstate.lock.info files (lock file during active deployment)
Terraform .tfstate file: stores Terraform version, modules - path, outputs, resources, defines dependencies
moduletwo-update.tf updates - some configuration and 2nd web app instance
run plan/apply moduletwo-update.tf
round-robin load balancer returns response from blue/green web app instances
terrform destroy --var-file="..\terraform.tfvars" --force - destroy provisioned infrastructure