Skip to main content

Terraform

                                           

Terraform is not a cloud-agnostic tool It’s not a magic wand that gives you power over all clouds and systems. It embraces all major Cloud Providers and provides a common language to orchestrate your infrastructure resources.

                                        Terraform

 ● A provisioning declarative tool that based on Infrastructure as a Code paradigm 

● Uses own syntax - HCL (Hashicorp Configuration Language)

 ● Written in Golang

● Helps to evolve you infrastructure, safely and predictably

 ● Applies Graph Theory to IaaC 

● Terraform is a multipurpose composition tool: 

○ Composes multiple tiers (SaaS/PaaS/IaaS)

○ A plugin-based architecture model

 ● Open-source. Backed by Hashicorp company and Hashicorp Tao (Guide/Principles/Design)


Terraform Core: Init

 1. This command will never delete your existing configuration or state. 

2. Checkpoint → https://checkpoint.hashicorp.com/ 

3. .terraformrc → enable plugin_cache_dir, disable checkpoint 

4. Parsing configurations, a syntax check

 5. Checking for provisioners/providers (by precedence, only once)→ “.”, terraform_bin_dir, terraform.d/plugins/linux_amd64 .terraform/plugins/linux_amd64

 6. File lock.json contains sha-512 plugin hashes (.terraform) 

7. Loading backend config ( if it’s available, local instead ) Backend Initialization: Storage for Terraform state file. example 

Terraform Core: Plan + Apply

 1. Starting Plugins: Provisioners/Providers 

2. Building graph a. Terraform core traverses each vertex and requests each provider using parallelism 3. Providers syntax check: resource validation

 4. If backend == , use local

 5. If “-out file. plan” provided - save to file - the file is not encrypted 

6. Terraform Core calculates the difference between the last-known state and the current state

 7. Presents this difference as the output of the terraform plan operation to users in their terminal 

Terraform Core: Destroy

 1. Measure twice, cut once 

2. Consider -target flag

 3. Avoid running on production 

4. No “Retain” flag - Remove a resource from the state file instead 

5. terraform destroy tries to evaluate outputs that can refer to non-existing resources #18026 

6. prevent_destroy should let you succeed #3874 

7. You can’t destroy a single resource with the count in the list Terraform Backends

 ● Locking

 ● Workspaces (former known as environments) 

● Encryption at rest

 ● Versioning 

● Note: Backend configuration doesn’t support interpolations.

Comments

Post a Comment

Popular posts from this blog

Packer Environment Variable

Note:  1011  export AWS_ACCESS=AKGQ                         do this on console not on editor  1012  export AWS_SECRET=KfVkt1aurid  1013  echo $AWS_ACCESS  1014  AKVUGQ   vim moon.json {     "variables": {       "aws_access_key": "{{env `AWS_ACCESS`}}",       "aws_secret_key": "{{env `AWS_SECRET`}}"     },        "builders": [            {            "type": "amazon-ebs",            "region": "us-east-1",            "access_key": "{{user `aws_access_key`}}",            "secret_key": "{{user `aws_secret_key`}}",            "instance_type": "t2.micro",            "source_ami": "ami-02e136e904f3da870", ...
Post a Comment
Read more

copying snap from one REGION to another

 while copying snap from one to another we need to change region provider "aws" {   region     = "us-west-1"   access_key = "AGQ"   secret_key = "Kurid" } resource "aws_ebs_snapshot_copy" "example_copy" {   source_snapshot_id = "snap-08bc5c27dad8e82b3"   source_region      = "us-east-1"   tags = {     Name = "HelloWorld_copy_snap"   } }
Post a Comment
Read more

File Provisioner

 Note: file provisioner is used to copy file we have created one file vim clod now how to checck its been copied  go to ami and launch image and create instance  vi pro.json {        "builders": [            {            "type": "amazon-ebs",            "region": "us-east-1",            "access_key": "AUGQ",            "secret_key": "Kurid",            "instance_type": "t2.micro",            "source_ami": "ami-02e136e904f3da870",            "ssh_username": "ec2-user",            "ami_name": "moon-amiii"            }        ],        "provisioners": [                {   ...
Post a Comment
Read more