layout: true --- class: center, middle, title-slide count: false # DON'T CLICK, JUST CODE! ![:scale 60%](images/Terraform_Logo.svg)     ![:scale 23%](images/Amazon_Web_Services_Logo.svg) ##### Build AWS Resources with Infrastructure as Code --- # The Slide Deck
Follow along on your own computer at this link:
https://awsugmm.org/dont-click-just-code/
Demo For Github repo:
https://git.io/JUp6d --- # Agenda 1. Introduction 1. What is Terraform? 1. Nomenclature 1. Terraform Basic 1. Terraform Module 1. Complete Infra Demo 1. Terraform Cloud 1. What's Next? 1. Q&A --- # Introduction ## D Ther Htun * TechOps Platform Engineer * Working at Truemoney Myanmar * A cloud native tech enthusiast * ...so let's learn the basics together! 🙌
--- ## How to Provision an AWS Instance There are a few different ways you could provision a new AWS Instances. Before we start we'll need to gather some basic informations. - Geographical Location (Region) - VPC/Subnet - Operating System (AMI image) - Instance Size/Type - Instance Name - Security Groups --- # Method 1: AWS Console .center[![:scale 100%](images/aws-console.png)] --- # Method 1: AWS Protal .center[![:scale 100%](images/aws-portal.png)] --- ### Method 2: CloudFormation Templates ```json { "AWSTemplateFormatVersion" : "2010-09-09", "Description" : "AWS CloudFormation Sample Template EC2InstanceWithSecurityGroupSample: Create an Amazon EC2 instance running the Amazon Linux AMI." "Parameters" : { "KeyName": { "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance", "Type": "AWS::EC2::KeyPair::KeyName", "ConstraintDescription" : "must be the name of an existing EC2 KeyPair." }, "InstanceType" : { "Description" : "WebServer EC2 instance type", "Type" : "String", "Default" : "t2.small", ... ``` --- ### Method 3: Provision with Terraform ```hcl resource aws_instance "awsugmm" { ami = "ami-01ca03df4a6012157" instance_type = "t2.micro" tags = { Name = "WebServer" } } ``` Example Terraform code for building an AWS instance. --- # What is Terraform? -- * Modern, Infrastructure as code software/tools -- * Building, Changing and Versioning infrastructure safely and efficiently -- * Uses HashiCorp Configuration Language -- * Single binary for multiple operating systems -- * Compiler for infra resources --- # Why Terraform? -- * Free and Open-Source Software -- * Cloud Agnostic -- * Easy to Learn -- * Test, share, re-use, automate -- * Declarative, Idempotent, Push type -- * Import existing resources into Terraform management --- ## But seriously, why **Terraform**? -- * Use HashiCorp Configuration Language (HCL) * Human and machine readable * Human writable -- * full-fledged * Rich Expressions * Highly Extensible * Conditions, Dynamic Block ... -- * Supports on all major cloud providers --- # Terraform vs. JSON CFT JSON: ```json "name": "{ "Fn:Join" : [ "-", [ ServerName, vm ] ] }", ``` Terraform: ```hcl name = join("-", [var.ServerName, "vm"]) ``` or ```hcl name = "${var.ServerName}-vm" ``` --- ## What is infrastructure as Code? .center[![:scale 70%](images/iac.png)] Infrastructure as Code (IaC) is the process of managing and provisioning cloud infrastructure with machine-readable definition files. Think of it as executable documentation. --- # Nomenclature * **Element** - _provider, resource, data, locals, module, outputs, etc..._ * **Type** - _a kind of Terraform resource_ * **Name** - _the resource name_ * **Identifier** - **Type** + **Name** .center[![:scale 80%](images/block.png)] --- # Nomenclature **HCL Block** ```hcl first_label { ... # Attributes + Arguments } ``` ```hcl first_label second_label { ... # Attributes + Arguments } ``` ```hcl first_label second_label third_label { ... # Attributes + Arguments } ``` --- # Nomenclature **Terraform** - _Terraform settings are gathered together into terraform blocks_ ```hcl terraform { required_providers { aws = { source = "hashicorp/aws" } } } ``` --- # Nomenclature * **locals** - _A set of related local values can be declared together in a single locals block_ * _Once a local value is declared, you can reference it in expressions as
`local.
`
._ ```hcl locals { service_name = "web" owner = "Community Team" } ``` .center[![:scale 50%](images/local.png)] --- # Nomenclature * **Provider** – _The resources and data sources used by Terraform are all enabled through the provider system_ * _Includes a way to authenticate to a service, manage resources, and access data sources._ ```hcl provider "aws" { region = "us-east-1" ... } ``` .center[https://www.terraform.io/docs/providers] --- # Nomenclature **[Variables](https://www.terraform.io/docs/configuration/variables.html)** - _Input variables and output variables_ -- ```hcl variable "region" { type = string default = "us-east-1" description = "The AWS region to use for this configuration" } ``` -- ```hcl output "vpc_id" { value = aws_vpc.myvpc.id } ``` --- # Nomenclature * **[Resources](https://www.terraform.io/docs/configuration/resources.html)** - _The most important element in the Terraform language_ * _Each resource block describes one or more infrastructure objects._ ```hcl resource "aws_vpc" "awsugmm" { cidr_block = "10.0.0.0/16 tags { name = "AWSUGMM" } } ``` --- # Nomenclature **[Data](https://www.terraform.io/docs/configuration/data-sources.html)** - _Allow data to be fetched (data sources)_ ```hcl data "aws_subnet_ids" "awsugmm_subnet" { vpc_id = aws_vpc.awsugmm.id } ``` ```hcl data "aws_ami_ids" "ubuntu" { owners = ["099720109477"] filter { name = "virtualization-type" values = ["hvm"] } } ``` --- # Terraform CLI - Terraform commands are either typed in manually or run automatically from a script. - The commands are the same whether you are on Linux or Windows or MacOS. - Terraform has subcommands that perform different actions. ```hcl # Basic Terraform Commands terraform version terraform help terraform init terraform plan terraform apply terraform destroy ``` --- # Terraform Help .center[![:scale 90%](images/tf-help.png)]
`terraform
help`
to view help on a particular subcommand. --- # Terraform Code ```hcl resource aws_vpc "awsugmm" { cidr_block = "10.0.0.0/16" instance_tenancy = "default" tags = { Name = "awsugmm" } } ``` * Terraform Code is a declarative language. * Declarative = Say what you want, not how to do it. --- # Terraform Comments Line comments begin with an pound symbol: # ```hcl # This is a line comment. ``` Block comments are contained between /\* and \*/ symbols. ```html /* This is a block comment. Block comments can span multiple lines. The comment ends with this symbol: */ ``` --- # Terraform Init .center[![:scale 65%](images/tf-init.png)] Fetches any required providers and modules and stores them in the
`.terraform`
directory. --- # Terraform Plan .center[![:scale 60%](images/tf-plan.png)] Preview your changes with
`terraform plan`
before you apply them. --- # Terraform Apply .center[![:scale 65%](images/tf-apply.png)] Runs a plan if you approve, then it applies the changes. --- # Terraform Destroy .center[![:scale 65%](images/tf-destroy.png)] Oppposite of Terraform Apply. If you approve, infra will destroy. --- # Versioning Operators -
`= (or no operator)`
- exact version equality -
`!=`
- version not equal -
`>, >=, <, <=`
- version comparison -
`~>`
- pessimistic constraint, constraining both the oldest and newest version allowed.
`~> 0.9`
is equivalent to
`>= 0.9`, `< 1.0`
, and
`~> 0.8.4`
is equivalent to
`>= 0.8.4, < 0.9`
. --- # Terraform Module * A module is a container for multiple resources that are used together. * It is simply a configuration that defines inputs, resources, and outputs. * Terraform modules can be retrieve using
`terraform get`
or
`terraform init`
. * [Terraform AWS Modules](https://registry.terraform.io/namespaces/terraform-aws-modules) [More information about modules](https://www.terraform.io/docs/configuration/modules.html) --- # Calling A Module ```hcl # Module from local machine module "servers" { source = "./app-cluster" servers = 5 } ``` ```hcl # Module from Terraform Registry module "sg" { source = "DTherHtun/sg/aws" version = "0.2.1" vpc_id = vpc-63754d04 name = "all_allow" } ``` --- # Terraform Code Organization Terraform will read any file in your workspace that ends in a
`.tf`
extension, but the convention is to have a
`main.tf, variables.tf, and outputs.tf`
. You may add more
tf
files if you wish. ```hcl main.tf variables.tf outputs.tf provider.tf ``` --- # Terraform Workflow
.center[![:scale 100%](images/tf-seq-wf.png)]
.center[![:scale 100%](images/tf-workflow.png)] --- class: center, middle ## DEMO: Building Infrastructure on AWS using Terraform --- class: center, middle ### DEMO: INFRASTRUCTURE .center[![:scale 100%](images/demo.png)] --- .center[![:scale 100%](images/wow.gif)] --- ## Terraform Cloud Terraform Cloud is a free to use SaaS application that provides the best workflow for writing and building infrastructure as code with Terraform. .center[![:scale 72%](images/tf-cloud.png)] --- ## Terraform Cloud -- * State storage and management -- * Web UI for viewing and approving Terraform runs -- * Private module registry -- * Version Control System integration -- * CLI, API or GUI driven actions -- * Notifications for run events -- * Full HTTP API for automation --- ## Terraform Cloud .center[![:scale 100%](images/tf-cloud-overview.png)] .center[Workflow Overview] --- class: center, middle # DEMO: Terraform Cloud --- # What we covered -- * Terraform HCL syntax -- * Terraform basic commands -- * Working with Terrafom on AWS -- * Terraform Modules (How we use terraform aws modules) -- * Terraform Cloud --- # Next Steps -- * Try this for yourself! -- * Run through [Learn](https://learn.hashicorp.com/terraform) portal and [guides](https://www.terraform.io/guides/index.html) -- * Check out [documentation](https://www.terraform.io/docs/index.html) -- * Build your own Terraform Modules! -- * Deploy a million Infrastructure resource -- * Take Terraform Associate Exam --- # Shared By Me * [Making Infrastructure AS Code](https://www.mosc-mm.org/blog/presentations-2) (2018) * [Terraform First Step](https://blog.k8smm.org/k8s-related-articles/terraform-1st-step) (2020) * [Hola-Terraform](https://blog.k8smm.org/k8s-related-articles/hola-terraform) (2020) * [Teamwork with Terraform](https://blog.k8smm.org/k8s-related-articles/teamwork-with-terraform) (2020) * [IAC Using Terraform With AWS Code Pipeline](https://blog.awsugmm.org/tutorials/infrastructure-as-code-with-aws-codepipeline#iac-using-terraform-with-aws-code-pipeline) (2020) --- class: center, middle # Q & A # Thanks