Terraform
Terraform is an open-source infrastructure as code (IaC) tool developed by HashiCorp. It enables users to define and provision data center infrastructure using a high-level configuration language.
Terraform allows you to define both cloud and on-premises resources in human-readable configuration files that you can version, reuse, and share. With Terraform, you can use a consistent workflow to provision and manage all of your infrastructure throughout its lifecycle.
Terraform creates and manages resources on cloud platforms and other services through their application programming interfaces (APIs). Providers enable Terraform to work with virtually any platform or service with an accessible API.
HashiCorp and the Terraform community have written thousands of providers to manage many different types of resources and services. You can find all publicly available providers on the Terraform Registry, including Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Kubernetes, Helm, GitHub, Splunk, DataDog, and many more.
The core Terraform workflow consists of three stages:
-
Write: Define resources, which may be across multiple cloud providers and services. For example, you might create a configuration to deploy an application on virtual machines in a Virtual Private Cloud (VPC) network with security groups and a load balancer.
-
Plan: Terraform creates an execution plan describing the infrastructure it will create, update, or destroy based on the existing infrastructure and your configuration.
-
Apply: On approval, Terraform performs the proposed operations in the correct order, respecting any resource dependencies. For example, if you update the properties of a VPC and change the number of virtual machines in that VPC, Terraform will recreate the VPC before scaling the virtual machines.
To install Terraform on your local machine, follow the instructions on the official installation page.
Initialize Terraform
terraform init This command initializes the working directory containing Terraform configuration files. It downloads the necessary provider plugins and sets up the backend.
Format Configuration Files
terraform fmt Formats the configuration files to a canonical format and style.
Validate Configuration
terraform validate Validates the configuration files for syntax and internal consistency.
Plan Configuration Changes
terraform plan Generates an execution plan showing what actions Terraform will take to achieve the desired state.
Apply Configuration
terraform apply Applies the changes required to reach the desired state of the configuration.
Destroy Resources
terraform destroy Destroys the infrastructure managed by Terraform.
Show State
terraform show Displays the current state or a saved plan.
List Resources in State
terraform state list Lists all resources in the state file.
Show Resource Details
terraform state show <resource-name> Displays detailed information about a specific resource in the state.
Remove Resource from State
terraform state rm <resource-name> Removes a resource from the state file.
Import Existing Resource
terraform import <resource-name> <resource-id> Imports an existing resource into Terraform's state.
Upgrade Providers
terraform providers lock -upgrade Upgrades the versions of the providers used in the configuration.
Check Terraform Version
terraform version Displays the current version of Terraform.
Enable Debug Logging
export TF_LOG=DEBUG Sets the log level to DEBUG for detailed logging.
State Management:
-
kubectl: Does not track the state of your resources. Kubernetes itself tracks the state, but kubectl does not provide a direct way to track changes over time.
-
Terraform: Maintains a state file that records the current state of your resources. This allows Terraform to compare the state with your configuration files and apply changes accordingly.
Change Management:
-
kubectl: Applies changes immediately to the cluster based on the configuration files. There’s no built-in mechanism to preview changes before applying them.
-
Terraform: Provides an execution plan (
terraform plan) that shows what changes will be made before applying them. This helps in reviewing and validating changes beforehand.
Integration with Other Services:
-
kubectl: Primarily focused on managing Kubernetes resources.
-
Terraform: Can manage resources across multiple providers and services (e.g., AWS, Azure, GCP, Kubernetes, Helm) from a unified configuration.
Consistency and Automation:
-
kubectl: Configuration management is manual, and tracking changes might involve external tools or scripts.
-
Terraform: Promotes consistency by managing infrastructure as code and integrates well with CI/CD pipelines for automated provisioning and updates.
Multi-Provider Support:
-
kubectl: Limited to Kubernetes.
-
Terraform: Can manage resources across various cloud providers and services using a single configuration.
Note: Terraform retrieves the Kubernetes kubectl context from the provider configuration using the following section:
provider "kubernetes" {
config_path = var.kubeconfig_path
config_context = var.kubeconfig_context
}This configuration allows you to select different Kubernetes contexts by setting the appropriate values for config_path and config_context. As a result, you can apply changes to the specific cluster you want to manage.
For example, you can add Kubernetes contexts for multiple clusters, such as:
- AWS EKS (Elastic Kubernetes Service)
- Azure AKS (Azure Kubernetes Service)
- Google GKE (Google Kubernetes Engine)
- DigitalOcean DOKS (DigitalOcean Kubernetes Service)
-
Local Minikube Clusters:
- Minikube on WSL
- Minikube on Windows
By specifying the desired context in the config_context value, you can seamlessly manage resources across these clusters using Terraform.