Infrastructure as a code– When we start using cloud solutions such as, Google Cloud Engine or Microsoft Azure it is difficult not to feel overwhelmed by the number of features provided by each cloud provider. Starting from this premise, we have to consider that the initial configurations in a new cloud provider can be cumbersome: a great amount of configurations and hours discovering how each one of the different pieces works.
With tools like Terraform, we discovered that building a new infrastructure becomes easier and more manageable. But let’s start from the beginning.
What is infrastructure as a code?
The term “Infrastructure as a code” refers to the practice of using scripts to configure the infrastructure, instead of performing a manual configuration of the machines / instances. This practice treats the configuration of the infrastructure as if it were programming software . In fact, with this type of practice, you can begin not to distinguish the limits between the writing of applications and the creation of the environments where they are executed. It is a fundamental part of the development of computing in the cloud , and is an essential part of the DevOps framework.
What are the advantages of infrastructure as a code?
The infrastructure as a code allows the instances to be managed in a programmed manner. This eliminates the need to make, for example, configurations of the different components that we declare. This makes the infrastructure “elastic”, that is, scalable and replicable.
A single person can implement and manage a complex infrastructure with 600 instances using the same block of code, and using different cloud providers . With this practice, we achieve speed, cost savings and risk reduction when implementing our infrastructure.
What is Terraform?
Terraform is a tool provided by Hashicorp that allows us to perform the codification of the infrastructure depending on our needs , the services we want to provide and presents a variety of cloud providers to host our infrastructure.
With tools like Terraform, building our infrastructure becomes easier and more manageable . Basically, it allows system administrators to create code with all the infrastructure we need and connect the different parts, as if they were assignments of variables in a programming language. In this post, I will guide you through an example of Infrastructure as a code to deploy a web application on AWS.
Assuming that we already have Terraform installed on our machine and that we have the credentials necessary to access AWS on our machine as well we can start doing the different configurations to achieve our mission.
In this way, we declare that we want to use AWS as a provider , that we want to use “eu-west-1” (Ireland) as a region, that we want to obtain the credentials of the “credentials” file within the “~ / .aws” directory and, Within this file, we want you to choose the profile “example-post”.
As a good practice, when we have extensive and complex infrastructures, it is a good pattern to separate by functional layers or services , such as 000-base.tf, 010-vpc.tf or 020-ec2.tf, since Terraform includes all the “.tf” files of a project.
We also have to create a file “state_backend.tf”. With this file, we save the state of the infrastructure in an S3 bucket. With this we get the infrastructure can be operated by different people without conflicts in it.
With this command, the “.terraform” directory will be created and the provider with which we want to work will be downloaded (in this case, AWS).
The default variables that will be used to deploy our infrastructure, so Terraform will not ask us to define them when the time comes to deploy.
If we want to overwrite the content of the variables by environment (for example, Development and Production environment) we can use the “.tfvars” files:
Roles and Policies
To define and create the role and the policy that we want to add to this project, we can use a series of templates that will be imported and called from the “.tf” file where the next step will be defined, security groups, etc.
For this case study, after creating all the necessary infrastructure, we will pass an Ansible role to install Apache. Due to this, and since we are using an instance of “Ubuntu 14.04”, which does not have Python by default, we will have to install it during the start of the instance.
SG’s and instances
Finally, we will create the Security Groups and Instances necessary to run Apache. In this case, we only need a Security Group that opens ports 22 (to run Ansible) and 80 (to access the web server through the browser). Regarding the instance, it will be created taking into account all the resources already created and specifying that it has an associated Public IP.
Once we have configured all the resources that we want to create in our infrastructure, it is necessary to execute a “terraform plan” . With this, we see what resources we are going to create, modify and / or delete and once we observe that the changes that are going to be made are correct, we execute the “terraform apply” command.
It will ask us if, indeed, we want to apply the changes. Enter “Yes” and start the deployment and, once finished, we can go to our AWS account and see that, really, the new resources are up.
To finish the example, we will run a role in Ansible that Apache will install. Once executed, we can verify that there is an apache running in our instance.
In conclusion, infrastructure as a code i would say that, thanks to tools such as Terraform, it is possible that teams can deliver environments quickly and designed to scale.
With this type of tools, the manual configuration of the environments is avoided, as well as making the implementations repeatable, and problems caused by lags in the configuration or missing dependencies are avoided.
DevOps teams can work in a group , with a unified set of practices and tools, managing to deliver applications along with their infrastructure quickly and reliably.