Terraform Tutorial for Beginners

Terraform Explained: After which, You will have a good overview and understanding of how
Terraform actually works and how it does its job !
What is Terraform?
Terraform allows you to automate and manage :

Your infrastructure

Your platform

And services that run on that platform

It's Open Source

Uses Declarative language

This means that you don't have to define every step of how this automation and management is done .

Declarative = Define WHAT end result you want , and Terraform will figure out how to execute it

This is versus Imperative style where you specify how to execute each step

So, Terraform is a tool for infrastructure provisioning . But What does this mean exactly?

Let's Say you just started a project where you create some application and you want to set up an infrastructure
from scratch where this application will run . How does your infrastructure look like ?

Let's say you want to spin up several servers where you will deploy your five microservice application that
make up your application as docker containers

Also you're going to deploy a database container

You decide to use AWS platform to build your whole infrastructure on

So first step will be to go to AWS and prepare the setup so the applications can be deployed there , This
means:

You create your private network space

You create an EC2 server instances

You install docker on each one of those plus any other tools that you might need for your application

You set up security on your servers like firewalls etc

Once the infrastructure is prepared, You can now deploy your docker applications or docker containers on
that prepared infrastructure

So as you see, these are two different tasks or two separate steps of creating the whole setup :

One is Provisioning the infrastructure

Preparing everything so the application can be deployed

The Second one is actually deploying the applications on it

Terraform Tutorial for Beginners 1

 You might even can two separate teams or two individuals who do these separate tasks

A possible scenario is a DevOps team member configures the infrastructure

And a developer then deploys the applications on the prepared infrastructure

BUT , Where Does Terraform come in this whole thing?

Terraform is used for the first part, where you provision the infrastructure to prepare it for the application
deployment

Creating the VPC

Spinning up the servers

Creating the security

The AWS users and permissions

Maybe installing docker , specific versions on servers etc

And Obviously , all of this needs to be done in a correct order because one task may depends on the
other

Now here, I must mention something that a lot of people ask when it comes to Terraform :

Difference between Terraform and Ansible and When to

use each?
They seem to be doing the same thing especially if you the official definitions or official documentation, they
“sound” like the same tools . So the question is pretty logical , What is the difference between them ? And which
one should you use for your project ?

First Of All, Terraform & Ansible are both Infrastructure as a Code .

This means that they are both used to automate provisioning , configuring and managing the infrastructure

However, Terraform is mainly infrastructure provisioning tool ; that's where its mains power lies .

Terraform also has possibilities to deploy applications in other tools on that infrastructure

Ansible on the other hand , is mainly a configuration tool , so once the infrastructure is provisioned and it's there :

Ansible can now be used to configure it

And deploy applications

Install and Update Software on that infrastructure etc

So as you see, there are overlaps of what each tool does and this creates the confusion. Other differences to
consider in terms of those overlaps are:

Ansible is more mature

And Terraform is relatively new , and because of that , it's also changing dynamically

Terraform is much more advanced in orchestration

To Summarize the difference:

Terraform is a better tool for provisioning infrastructure

Ansible is a better tool for configuring that infrastructure , deploying , installing applications and services on
them

It's a common practice where DevOps engineers use the combination of these tools to cover the whole set up end
to end using both for their own strengths instead of just using one tool

What is Terraform used for ?

Now, let's go back to our use case , where we created the infrastructure using Terraform , and on AWS provisioned
successfully for your project , and you deployed the application on it

Now We decide that you want to add 5 more servers to the existing infrastructure to deploy more micro services ,
because your team developed some more features and they need to be deployed , and you also need to add
some security configuration or maybe remove some stuff that you configured at the beginning

Terraform Tutorial for Beginners 2

 So Now we are in the phase of managing the existing infrastructure , adding some stuff, reconfiguring , removing
etc

By Using Terraform, You can make such adjustments to infrastructure pretty easily

And this task of managing the infrastructure is just as important , because once you've created the initial infrastructure
for your project , you will be continually adjusting and changing it , and because of that, you also need an automation
tool that will do most of the heavy lifting for you so you don't have to manually configure .

So once you are set up with Terraform to create and change or maintain your infrastructure , another useful thing or a
common use case could be: Replicating that infrastructure

Let's say after you've tested the initial set up of development environment , and everything works fine , you
decide that you want to release your application in production environment

So You want to create a production environment that replicates this exact setup and keep the first as a
development environment where you can test new features, new micro services and updates before you
launch it into production . AGAIN, you can use Terraform here to automate that process .

You can easily spin up an identical infrastructure and setup using the same terraform code that you use
for the first development setup

And you can do the same to speed up at identical staging server as well . And that makes this tasks also very
easy !

Terraform Architecture
How does Terraform do all this? How does Terraform actually connect to this infrastructure provider platforms and use
all this technologies to provision stuff?

For example, How does Terraform connect to AWS to create virtual space , start EC2 instances , configure
networking etc ?
In order to do the job , Terraform has two main components that make up its architecture :

The first Component is Terraform's Core

And the Core uses 2 input sources in order to do its job

The 1st Input : TF-Config

So it takes TF-Config ( Terraform Configuration ) , that You as a user writes and where you define what
needs to be created or provisioned

The 2nd Input: Terraform State

Where Terraform keeps up-to-date state of HOW the current setup of the infrastructure looks like

So What Core then does is it takes this 2 inputs ( TF_CONFIG & State) and figures out the plan of what needs
to be done . It compares the state ( what is the current state ) and ( what is the configuration that you desire :
the end result ) and compares that . And when it sees that there's a difference so you want something else
than what the current state is , it figures out what needs to be done to get to that desired state in the

Terraform Tutorial for Beginners 3

 configuration file ; What needs to be created, what needs to be deleted , in which order on that infrastructure
setup

The Second Component and the second part of the architecture are Providers for specific technologies , this
could be :

Cloud Providers like AWS | AZURE or other IAAS ( Infrastructure as a service platforms )

Terraform has also providers for high-level components like Kubernetes or other Platform as a service tools
even some Software as a Service

So it gives you possibility to create stuff on different levels like create an AWS infrastructure then create or
deploy Kubernetes on top of it ,and then create services or components inside that Kubernetes cluster . It
gives you all this possibilities through those providers

Terraform has over 1000 providers for these different technologies

And each provider then gives Terraform user access to its ressources .

So trough AWS provider for example, you have access to hundreds of AWS ressources like EC2
instances, the AWS users etc

With Kubernetes provider , you get access to Kubernetes ressources like services, deployments,
namespaces etc . So This is how this works!

And this way, Terraform tries to help you provision and cover the complete application setup from infrastructure all
the way to the application . But as we mentioned earlier, Terraform's strength is actually in the infrastructure
provisioning , and for the other stuff you can use Ansible or similar tools .

So Once the Core creates an execution plane based on the input from Config file and State , It then uses providers
for specific technologies to execute the plan , to connect to those platforms , and to actually carry out those
execution steps .

To also have an idea of how Terraform Configuration File looks like , this is an example where you see AWS
provider is configured , and through the provider, you now have 2 AWS ressource like VPC

Terraform Tutorial for Beginners 4

 The same way , You have Kubernetes provider here configures , and through that you can create a Kubernetes
namespace ressource where you pass some attributes

The syntax is very intuitive , basically you define the resource of a certain technology or certain provider created ,
and then you define its attribute and that's what Terraform will create or do for you.

Terraform Tutorial for Beginners 5

 Declarative VS Imperative
I mentioned in the beginning about declarative approach that Terraform's Configuration Files are written in . And this is
important to understand !

So What Does Declarative mean exactly ?

When You create a Terraform file, Instead of defining what steps to be executed the VPC or to spin up 5 EC2
instances or create the network configuration , You define the end state you desire in your config. file. So
you say :

5 servers with following network configuration

AWS user with following permissions

Then, Terraform go do that for you . Awesome Huh?

So instead of defining exactly what to do which is an imperative approach , You define what the end result
should be .

Now for the initial setup , this may not make much difference .

When you see the configuration of declarative and imperative approach , it might actually look pretty similar .

But Consider when you are updating your infrastructure :

Like Removing a server

Adding a server

With Imperative, You give instructions!

Whereas with Declarative, It figures out itself what needs to be done to get from the current state to the
desired state . And now you don't have to actually calculate and decide how many servers needs to be
added , You only say that you want 7 servers at the end . Or you don't need to calculate and figure out
how many or which permissions you should add , You just say I want this set of permissions to come out
at the end .

Terraform Tutorial for Beginners 6

 So with the Declarative approach , You just adjust the old configuration file and re-execute it instead of adding the
new set of instructions . This is obviously very comfortable since your configuration file stays clean and small , but
also you always know the current setup just by looking at the configuration file because that's always the end
result .

Whereas with the Imperative approach , you have to somehow add this up and figure out the Delta between all the
changes applied by multiple instructions .

Terraform Basic Commands

So you've created the Terraform configuration file that defines your desired infrastructure setup on AWS . Now, How
do you make Terraform take action ?

Terraform has commands you can execute to go through different stages which is pretty clear and
straightforward .

The first command is :

terraform refresh

The next command is :

terraform plan

Remember the Core is responsible for taking current state in your configuration file as input and decide based on
the difference what needs to be done . That's the plan . So what terraform needs to do in order to achieve that
desired state that you defined in a Terraform configuration file , if it's an initial setup , It figures out all the steps to
create the desired setup , if it's an update, it compares the existing setup with a new desired state and figures out
what changes and adjustments need to be made in which order to create the new desired state . The plan is just a
preview, no changes to real resources

The next command is where the actual execution happens :

terraform apply

So plan command is like a preview of what's going to happen if you execute apply
If you execute apply , obviously Terraform in the background will do the refresh , get the up-to-date state then
create the plan and then apply it , which means if you want to execute the configuration file , you can just execute
the apply command

Another command :

terraform destroy

Destroy is like apply , It will also check what's currently running and then creates a plan of what needs to be
removed , in which order .

Terraform Tutorial for Beginners 7

 This Terraform cheat sheet may be helpful for you :

I hope this gives you a good high level overview of Terraform and how it works !

Written By : DKIER Salma

Terraform Tutorial for Beginners 8