Book Image

Terraform Cookbook

By : Mikael Krief
Book Image

Terraform Cookbook

By: Mikael Krief

Overview of this book

HashiCorp Configuration Language (HCL) has changed how we define and provision a data center infrastructure with the launch of Terraform—one of the most popular and powerful products for building Infrastructure as Code. This practical guide will show you how to leverage HashiCorp's Terraform tool to manage a complex infrastructure with ease. Starting with recipes for setting up the environment, this book will gradually guide you in configuring, provisioning, collaborating, and building a multi-environment architecture. Unlike other books, you’ll also be able to explore recipes with real-world examples to provision your Azure infrastructure with Terraform. Once you’ve covered topics such as Azure Template, Azure CLI, Terraform configuration, and Terragrunt, you’ll delve into manual and automated testing with Terraform configurations. The next set of chapters will show you how to manage a balanced and efficient infrastructure and create reusable infrastructure with Terraform modules. Finally, you’ll explore the latest DevOps trends such as continuous integration and continuous delivery (CI/CD) and zero-downtime deployments. By the end of this book, you’ll have developed the skills you need to get the most value out of Terraform and manage your infrastructure effectively.

Related Content you might be interested in

Current Title:

Small book image
Terraform Cookbook
Mikael Krief
Oct, 2020 | 366 pages
Small book image
Learning DevOps
Mikael Krief
Mar, 2022 | 560 pages
Small book image
HashiCorp Infrastructure Automation Certification Guide
Ravi Mishra
Jul, 2021 | 350 pages
Small book image
Learning DevOps.
Mikael Krief
Oct, 2019 | 504 pages
Table of Contents (10 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Setting Up the Terraform Environment
Setting Up the Terraform Environment
Technical requirements
Downloading and installing Terraform manually
Installing Terraform using a script on Linux
Installing Terraform using a script on Windows
Executing Terraform in a Docker container
Writing Terraform configuration in VS Code
Migrating your Terraform configuration to Terraform 0.13
Free Chapter
2
Writing Terraform Configuration
Writing Terraform Configuration
Technical requirements
Configuring Terraform and the provider version to use
Manipulating variables
Using local variables for custom functions
Using outputs to expose Terraform provisioned data
Provisioning infrastructure in multiple environments
Obtaining external data with data sources
Using external resources from other state files
Querying external data with Terraform
Calling Terraform built-in functions
Writing conditional expressions
Manipulating local files with Terraform
Executing local programs with Terraform
Generating passwords with Terraform
3
Building Dynamic Environments with Terraform
Building Dynamic Environments with Terraform
Technical requirements
Provisioning multiple resources with the count property
Using a table of key-value variables with maps
Looping over object collections
Generating multiple blocks with dynamic expressions
4
Using the Terraform CLI
Using the Terraform CLI
Technical requirements
Keeping your Terraform configuration clean
Validating the code syntax
Destroying infrastructure resources
Using workspaces for managing environments
Importing existing resources
Exporting the output in JSON
Tainting resources
Generating the graph dependencies
Debugging the Terraform execution
5
Sharing Terraform Configuration with Modules
Sharing Terraform Configuration with Modules
Technical requirements
Creating a Terraform module and using it locally
Using modules from the public registry
Sharing a Terraform module using GitHub
Using another file inside a custom module
Using the Terraform module generator
Generating module documentation
Using a private Git repository for sharing a Terraform module
Applying a Terrafile pattern for using modules
Testing Terraform module code with Terratest
Building CI/CD for Terraform modules in Azure Pipelines
Building a workflow for Terraform modules using GitHub Actions
6
Provisioning Azure Infrastructure with Terraform
Provisioning Azure Infrastructure with Terraform
Technical requirements
Using Terraform in Azure Cloud Shell
Protecting the Azure credential provider
Protecting the state file in the Azure remote backend
Executing ARM templates in Terraform
Executing Azure CLI commands in Terraform
Using Azure Key Vault with Terraform to protect secrets
Getting a list of Azure resources in Terraform
Provisioning and configuring an Azure VM with Terraform
Building Azure serverless infrastructure with Terraform
Generating a Terraform configuration for existing Azure infrastructure
7
Deep Diving into Terraform
Deep Diving into Terraform
Technical requirements
Creating an Ansible inventory with Terraform
Testing the Terraform configuration using kitchen-terraform
Preventing resources from getting destroyed
Zero-downtime deployment with Terraform
Detecting resources deleted by the plan command
Managing Terraform configuration dependencies using Terragrunt
Using Terragrunt as a wrapper for Terraform
Building CI/CD pipelines for Terraform configurations in Azure Pipelines
Working with workspaces in CI/CD
8
Using Terraform Cloud to Improve Collaboration
Using Terraform Cloud to Improve Collaboration
Technical requirements
Using the remote backend in Terraform Cloud
Using Terraform Cloud as a private module registry
Executing Terraform configuration remotely in Terraform Cloud
Automating Terraform Cloud using APIs
Testing the compliance of Terraform configurations using Sentinel
Using cost estimation for cloud cost resources governance
9
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Using external resources from other state files

In the previous recipe, we saw that it's possible to retrieve information about resources already present in the infrastructure using data blocks.

In this recipe, we will learn that it is also possible to retrieve external information that is present in other Terraform state files.

Getting ready

For this recipe, we will, similar to the previous recipe, use a Terraform configuration that provisions an Azure App Service that must be part of an already provisioned Service Plan.

Unlike the previous recipe, we will not use individual data sources; instead, we will read outputs from an existing Terraform state file that was used to provision the Service Plan.

As a prerequisite, in the Terraform configuration that was used to provision the Service Plan, we must have an output value (see the Using outputs to expose Terraform provisioned data recipe in this chapter) that returns the identifier of the Service Plan, as shown in the following code:

resource "azurerm_app_service_plan" "plan-app" {
  name = "MyServicePlan"
  location = "westeurope"
  resource_group_name = "myrg"
    sku {
     tier = "Standard"
     size = "S1"
     }
}

output "service_plan_id" {
  description = "output Id of the service plan"
  value = azurerm_app_service_plan.plan-app.id
}

In addition, we used a remote backend version of Azure Storage (see the Protecting state files in an Azure remote backend recipe in Chapter 6, Provisioning Azure Infrastructure with Terraform, for more information) to store the Terraform state file of the Service Plan.

How to do it…

Perform the following steps:

  1. In the Terraform configuration that provides the Azure App Service, add and configure the terraform_remote_state block, as follows:
data "terraform_remote_state" "service_plan_tfstate" {
  backend = "azurerm"
  config = {
     resource_group_name = "rg_tfstate"
     storage_account_name = "storstate"
     container_name = "tfbackends"
     key = "serviceplan.tfstate"
  }
}
  1. Then, in the Terraform configuration of the Azure App Service, use the created output of the Service Plan, as follows:
resource "azurerm_app_service" "app" {
  name = "${var.app_name}-${var.environement}"
  location = azurerm_resource_group.rg-app.location
  resource_group_name = azurerm_resource_group.rg-app.name
  app_service_plan_id = data.terraform_remote_state.service_plan_tfstate.service_plan_id
}

How it works…

In step 1, we added the terraform_remote_state block, which allows us to retrieve outputs present in another Terraform state file. In its block, we specified the remote backend information, which is where the given Terraform state is stored (in this recipe, we used Azure Storage).

In step 2, we used the ID returned by the output present in the Terraform state file.

The result of executing this code is exactly the same as what we saw in the Using external resources with data blocks recipe.

There's more…

This technique is very practical when separating the Terraform configuration that deploys a complex infrastructure.

Separating the Terraform configuration is a good practice because it allows better control and maintainability of the Terraform configuration. It also allows us to provision each part separately, without it impacting the rest of the infrastructure.

To know when to use a data block or a terraform_remote_state block, the following recommendations must be kept in mind:

  • The data block is used in the following cases:
    • When external resources have not been provisioned with Terraform configuration (it has been built manually or with a script)
    • When the user providing the resources of our Terraform configuration does not have access to another remote backend
  • The terraform_remote_state block is used in the following cases:
    • External resources have not been provisioned with Terraform configuration
    • When the user providing the resources of our Terraform configuration has read access to the other remote backend
    • When the external Terraform state file contains the output of the property we need in our Terraform configuration

See also

The documentation for the terraform_remote_state block is available at https://www.terraform.io/docs/providers/terraform/d/remote_state.html.

Previous Section
End of Section 9
Next Section