Learning Terraform

This is a Linux focused guide to Terraform. I will be using CentOS 7 during this guide.

What is Terraform

Terraform is an infrastructure tool for Building, changing and Versioning infrastructure. Often referred to as Infrastructure as Code. It is release by HashiCorp organization.

It works with two coding languages:

  • HashiCorp Config Language (HCL)
  • JSON

In its simpliest form, Terraform can be used to automatically create server infrastructure on a number of different platforms, including :

  • Google Cloud
  • AWS
  • Azure
  • VMware vSphere
  • OpenStack

For a full list of providers see: https://www.terraform.io/docs/providers/index.html

It can also be used as a bulk configuration tool, similar to products like Ansible. It requires a Plan, Execution of the plan and Applying to the infrastructure. There is Minimal human interaction and it is an incredibly powerful tool.

 Prerequisites

In this example I will be using Google Cloud Platform (GCP) and Github to implement terraform infrastructure. GCP will be the cloud provider where I will build the infrastructure, and github is a cloud based code repository to store revisions and versions of code.

You will need an account on GCP and Github.

See the prerequistites below for instructions of how to do this:

Prerequisites – Google Cloud Platform (GCP)

I am using GCP as this is something I already have an account on. You may chose to use AWS or Azure for testing. I also use OpenStack. I will be adding instructions here for those providers at some point in the future.

Download the Google SDK for Linux – https://cloud.google.com/sdk/docs/quickstart-redhat-centos

Configure Google SDK for CentOS

sudo tee -a /etc/yum.repos.d/google-cloud-sdk.repo << EOM
[google-cloud-sdk]
name=Google Cloud SDK
baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOM

Install the Google SDK

sudo yum install google-cloud-sdk


Next initialize the Google SDK and create or select a project.

I am using a Project I have previously created in the Google Cloud Console

gcloud init

Just Exit out CRTL C and we will come back to this later

Prerequisites – Set up Github

If you have not already got a github account sign up at https://github.com

Log into Github and create new repository

Next Steps are :

  • Choose the name of your github repo
  • Choose public or private
  • tick initialize this report and choose the Terrform gitignore and apache licence 2.0
  • The click create repository

Press the Create repository button

then, once created, click the clone repository and copy the github URL

 

 

Next go back to our CentOS installation. I had to install theCentos git applications and pre-req files (I was using CentOS core which doesnt include git by default)

yum install git -y

next Clone the github repo to the CentOS shell

git clone https://github.com/TurboBailey1980/Terraform-Turbogeek.git

You are now synced to your github repo and you can read/write to your github repo.

If you want to learn about github, check out the github website help files

Installing Terraform on Linux (Ubuntu / Centos)

Linux is my preferred Operating System for installing Terraform. It is natively supported. In this example I will be using Centos 7 Core (or Minimal installation)

Terraform also works on Windows 10 Desktop and Windows Server products. Click here for a guide to install on Windows.

Download terraform using curl

curl -O https://releases.hashicorp.com/terraform/0.11.10/terraform_0.11.10_linux_amd64.zip

(You can also download the latest Terraform binaries from the HashiCorp website and FTP to your server)

Next unzip it to your /usr/bin directory (note I am doing this as root)

unzip terraform_0.11.10_linux_amd64.zip -d /usr/bin/

(As I am using a CentOS7 core I needed to yum install unzip first.)

Next test the binary is working as part of your system environment variables

[[email protected] tmp]# terraform -v

Next you need to create a working directory for terraform and an empty terrform config file.

This step is really important and will greatly help organize your projects once you start using Terraform

[[email protected] /]# mkdir terraform-templates && cd terraform-templates

[[email protected] terraform-templates]# touch template.tf

[[email protected] terraform-templates]# terraform apply

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

You now have terraform installed on your Linux distribution, and can execute the terraform command from any location as we have installed direct to /usr/bin system $PATH

type terraform to test this

[[email protected] Terraform-Turbogeek]# terraform

If you want to learn more about the core command lists above – check out this page on my site

Configure Google Cloud Platform (GCP) to work with Terraform

Log into the Google Cloud Platform and create a new project https://console.cloud.google.com

Create an IAM Service Account for Terraform to use.

Select IAM & Admin > Service Accounts > Create Service Account

Enter a name for the service account

Set the role as Service Account Admin

Create a JSON key

Check the key has downloaded to your computer

Copy the JSON file  to the CentOS Server, for ease of use save it “below” your project folder

Now we can write the connections.tf file to “connect” to GCP

I prefer to use vi or nano, but you can use whatever text editor you prefer

[[email protected] Terraform-Turbogeek]# vi connections.tf

update the connections.tf with

provider "google" {
 credentials = "${file("../turbogeek-terraform-d64341070e0c.json")}"
 project = "turbogeek-terraform"
 region = "us-west1"
}

If you have other providers, such as AWS, Azure - you can add them here as well

Next we test the settings are correct by running

[[email protected] Terraform-Turbogeek]# terraform init

Test create a resource on Google Cloud Platform (GCP)

For this test to work – make sure your terraform service account has the following permissions

  • Compute Network Admin
  • Service Account Admin

Next we can test the automated creation of a resource within GCP. We will create a simple network name

resource "google_compute_network" "our_development_network" {
 name = "turbogeek"
 auto_create_subnetworks = true
}

next type

[[email protected] Terraform-Turbogeek]# terraform plan

This will cause terraform to reach out to GCP and see if the turbogeek network already exists

Next type

[[email protected] Terraform-Turbogeek]# terraform apply

Now if you check GCP you will see the automatically created resource

MAKE SURE YOU DELETE THE VPC NETWORK TO ENSURE YOU ARE NOT BILLED BY GOOGLE 

 

 

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow by Email
YouTube
YouTube
Instagram