Use Terraform to automate your infrastructure configurations
“It is rare that the team gets really excited about some new solution we bump into on the web.”
We take great pride in staying on top of our game and always using the latest technology stacks. Keeping an eye open and watching the latest trends helps in keeping us fresh but I have to admit that after a while it is a bit like having yet another new screwdriver in the toolbox so it is rare that the team gets really excited about some new solution we bump into on the web.
Terraform was one of the more rare and refreshing cases as I saw genuine excitement, there was chit-chat about it in coffee breaks, some unstoppable brainstorming during our regular dev meetings and I felt that our guys are just really motivated to dive into it on their own. This made me really curious as it turned out that there is something new under the sun after all.
What is Terraform?
Terraform is an infrastructure-as-code solution meaning that the (virtual) server architecture is described in text-based configuration files. There is a binary file that can be run from a command line and this helps in creating and modifying the resources we defined in the config file.
Some of the main advantages of Terraform are its ability to provision infrastructure across multiple cloud and on-premises data centers (AWS, Google Cloud.. etc.), and that it can safely and efficiently re-provision infrastructure in response to configuration changes. These options and its fairly simple syntax make it one of the most popular infrastructure automation tools available today.
If your organization plans to deploy a hybrid cloud or multicloud environment, you’ll likely want to get to know Terraform better.
Why Infrastructure as Code (IaC)?
Infrastructure as Code (IaC) allows teams to codify infrastructure in a way that makes provisioning automated, faster, and repeatable which makes it a key component in Agile and DevOps practices such as version control, continuous integration, and continuous deployment.
Infrastructure as code provides some major advantages:
- Boost speed: automation is a lot faster than manually deploying and connecting resources.
- Avoid configuration drift: configuration drift occurs when the configuration that provisioned your environment no longer matches the actual environment. IaC helps with handling that automatically.
- Improve reliability: as your infrastructure grows, it naturally becomes more and more complex so it is far more likely that a configuration error will show up somewhere. IaC prevents this as the resources are always provisioned and configured exactly as declared.
- Enable experimentation, testing, and optimization: as IaC makes provisioning new infrastructure much faster and easier, it becomes much easier to test experimental changes without actually investing lots of time and resources. Also, if the results are successful, you can quickly scale up the new infrastructure for production.
There are a few key reasons that make Terraform a preferable pick over some of the other IaC tools.
- Terraform is open-source so regardless of which cloud provider you use, it’s easy to find plugins, extensions, and paid or even community support. This also ensures that Terraform evolves quickly, with new updates and improvements getting added consistently.
- It is platform agnostic so it can be used with all the major providers even within the same projects and can also work with Docker and Kubernetes as well. It uses the official command line clients in the background allowing developers to use it with the accounts created on the given platform.
- It is based-on configuration files that have a number of added benefits like: easy to read and follow, versioning is straightforward, it is centralized and uniform (as opposed to the platform specific resources and their handling), makes parts reusable as templates, duplicating existing infrastructures (like dev and production) is essentially just a copy paste. The files can be run on MacOS, Windows and Linux as well as enable comparing planned modifications with the current state.
- It creates an immutable infrastructure which means that with each change to the environment, the current configuration is replaced with a new one that accounts for the given change, and the infrastructure is always reprovisioned. On top of that previous configurations can be retained as versions to enable rollbacks if necessary or desired. Compared to that, most other IoC tools create a mutable infrastructure so the infrastructure can change to accommodate changes such as a middleware upgrade or new storage server but it creates the danger of configuration drift. Changes pile up, the actual provisioning of different servers or other infrastructure elements ‘drifts’ further from the original configuration and this makes tracking bugs or performance issues really difficult to find and correct.
- Supports collaborative or parallel work as the applied changes (so the current state of the system) are stored in a “state” (JSON) file. This file can be stored in the cloud so multiple developers can work on the same system.
- As mentioned previously it is evolving swiftly but all “breaking change” level updates are handled in the binary files to help developers work and ensure compatibility.
- These binary files don’t need to be installed, they don’t have dependencies, can be used locally from the command line during development and can be integrated into more complex build and deployment processes (for example combined with Jenkins).
Here is a short video from our friends at IMB explaining this with some simple analogies:
Terraform modules and providers
Terraform modules were created to enable complex resources to be automated with re-usable and configurable constructs. The modules are essentially small, reusable Terraform configurations for multiple infrastructure resources that are used together.
Even a very simple Terraform file can result in a module and a module can call other modules (so called child modules) making assembling configuration faster and more concise. Modules like building blocks can be called multiple times, either within the same configuration or in a separate configuration making them super versatile.
Terraform providers help us in detecting and identifying resources in the configuration and such providers contain all the code needed to authenticate and connect to a service. You can find providers for almost any cloud platform and service, add them to your configuration, and then use their resources to provision infrastructure. These providers are supported by the Terraform community or individual organizations and are available for nearly every major cloud provider, SaaS offering..etc.
You can refer to the Terraform documentation for a more detailed list.
Terraform vs. Kubernetes
Sometimes we see confusion between Terraform and Kubernetes and their functions but the truth is that they are not alternatives and actually work effectively together.
Terraform as mentioned is an Infrastructure as Code tool with a broader reach. It lets developers automate a complete infrastructure that spans through multiple public clouds and private clouds.
Kubernetes on the other hand is an open-source container orchestration system that lets developers schedule deployments onto nodes in a compute cluster and actively manages containerized workloads to ensure that their state matches the users’ intentions. You can use Terraform to automate the provisioning of Kubernetes (managed Kubernetes clusters on cloud platforms in particular) and to automate the deployment of applications into a cluster.
Terraform can automate and manage Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), or even Software-as-a-Service (SaaS) level capabilities and build all these resources across all those providers in parallel.
Are you interested in moving to the cloud? You think a hybrid cloud solution would fit your company the best? Reach out to us and lets find together the setup that works the best for your product or company.