Pages

Wednesday, October 3, 2018

Running Terraform - Playing with Aws ec2 Instances

When we run terraform, it will check in the current working directory for a file with tf extension. We have created a sample file called “template.tf” with no contents.

We will then use a “terraform apply” command. When we run the apply command it will read your templates and will try to configure an infrastructure that we have defined in the template file.

jagadishfirstTemplate$Sun Sep 30@ terraform apply
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

The output will be the number of resources that are added, changed and destroyed.

Terraform providers 
Providers are something that we will configure to get access to a service in order to create resources in that service. Let's say if i want to create a aws instance, i need to first create a aws provider with our credentials and other things to get access to aws.

Now let's see how we can create our aws provider. This will be the first template that we will be writing. The template will be written in a special language called HashiCorp Configuration language ( HCL ).

Create our first aws instance 
Resource are the components or things that exists in the infrastructure. They may range from a virtual server to Dns record. Every resource will belong to a provider. 

The resource definition will be something like this

  resource “provider-name-resource-type” “resource-name” {
         parameter_name =  parameter_name
   }


The parameters that we define inside the resource block can be of three types
Resource specific parameter
Meta parameters
Provisioners

Now lets create our first template for creating a ec2 instance.

Define our provider specific details which includes aws credentials, region details etc.  

#provider configuration
provider “aws” {
    region = “us-east-2b
}  

     Now similar to the region, we can also have access_key and secret_key elements defined with correct values to talk to the aws. It can be something like this,

#provider configuration
provider “aws” {
    access_key = xxxxxxx
    Secret_key = xxxxxxxx
     region = “us-east-2c"
}

This can lead to security breach having the values in the configuration file. If we don’t define the credentials in the provider block, terraform will check the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. If these 2 variables ares set, terraform will use these to connect to aws.

If we dont define the credentials in above ways, we can define a credential file in the ~/.aws location and by default if above both ways are not defined, terraform will use this file to connect to aws.

Now let's create our resource,
resource “aws_instance” “first-instance” {
    Instance_type = “t2.micro”
    ami = “ami-9c0638f9”

    tags {
      Name = “first-instance”
    }

}

The whole configuration will look something like this,
jagadishfirstTemplate$Wed Oct 03@ cat template.tf 
provider "aws" {
  region = "us-east-2"
}

resource "aws_instance" "first-instance" {
  instance_type = "t2.micro"
  ami           = "ami-9c0638f9"

  tags {
    Name = "first-instance-change"
  }
}


First run the "terraform init" to initialise providers which is aws in this case,
jagadishfirstTemplate$Sun Sep 30@ terraform init
Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...
- Downloading plugin for provider "aws" (1.38.0)...

The following providers do not have any version constraints in configuration,
so the latest version was installed.

To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.

* provider.aws: version = "~> 1.38"

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.

Run the "terraform apply" command to create the infrastructure as,
jagadishfirstTemplate$Sun Sep 30@ terraform apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  + aws_instance.first-instance
      id:                          
      ami:                          "ami-9c0638f9"
      arn:                         
      associate_public_ip_address: 
      availability_zone:           
      cpu_core_count:              
      cpu_threads_per_core:        
      ebs_block_device.#:          
      ephemeral_block_device.#:    
      get_password_data:            "false"
      instance_state:              
      instance_type:                "t2.micro"
      ipv6_address_count:          
      ipv6_addresses.#:            
      key_name:                    
      network_interface.#:         
      network_interface_id:        
      password_data:               
      placement_group:             
      primary_network_interface_id:
      private_dns:                 
      private_ip:                  
      public_dns:                  
      public_ip:                   
      root_block_device.#:         
      security_groups.#:           
      source_dest_check:            "true"
      subnet_id:                   
      tags.%:                       "1"
      tags.Name:                    "first-instance"
      tenancy:                     
      volume_tags.%:               
      vpc_security_group_ids.#:    


Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_instance.first-instance: Creating...
  ami:                          "" => "ami-9c0638f9"
  arn:                          "" => ""
  associate_public_ip_address:  "" => ""
  availability_zone:            "" => ""
  cpu_core_count:               "" => ""
  cpu_threads_per_core:         "" => ""
  ebs_block_device.#:           "" => ""
  ephemeral_block_device.#:     "" => ""
  get_password_data:            "" => "false"
  instance_state:               "" => ""
  instance_type:                "" => "t2.micro"
  ipv6_address_count:           "" => ""
  ipv6_addresses.#:             "" => ""
  key_name:                     "" => ""
  network_interface.#:          "" => ""
  network_interface_id:         "" => ""
  password_data:                "" => ""
  placement_group:              "" => ""
  primary_network_interface_id: "" => ""
  private_dns:                  "" => ""
  private_ip:                   "" => ""
  public_dns:                   "" => ""
  public_ip:                    "" => ""
  root_block_device.#:          "" => ""
  security_groups.#:            "" => ""
  source_dest_check:            "" => "true"
  subnet_id:                    "" => ""
  tags.%:                       "" => "1"
  tags.Name:                    "" => "first-instance"
  tenancy:                      "" => ""
  volume_tags.%:                "" => ""
  vpc_security_group_ids.#:     "" => ""
aws_instance.first-instance: Still creating... (10s elapsed)
aws_instance.first-instance: Still creating... (20s elapsed)
aws_instance.first-instance: Still creating... (30s elapsed)
aws_instance.first-instance: Creation complete after 34s (ID: i-0363a956cb5a76b37)

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

While applying , it will ask for a confirmation for which we need to pass "yes". Once the apply is success we can go to the aws console and can see a instance with name first-instance created
More to Come , Happy Learning

1 comment :