Basics
Basics of Terraform
resource- The infrastructural resources you actually want to create.e.g.,
aws_security_group,aws_lb,aws_instance
provider- Infrastructure provider to be defined with Terraform.output- After provisioning the infrastructure, the resources created can be extracted into theoutput. Theoutputpulled out can be used in theremote statelater.backend- The part that specifies the space to store the state of the terraform.module- The part where common infrastructural codes are gathered and defined. The advantage of usingmoduleis that you can easily create the same resource just by changing a variable.remote state- You can useremote stateto refer to public services such as VPC, IAM and etc. in other services. If you specify thebackendinformation where the.tfstatefile (latest terraform status information) is stored, the terraform obtains theoutputinformation from thebackend.
Ok, whaaat... This just got me rather more confused. Let's dive deeper.
How Terraform Works
You'd really want to understand how Terraform works in order to use it properly. Terraform has 3 forms:
Local code - The code Terraform developers/engineers write.
AWS infrastructure itself - The infrastructure actually deployed on AWS with Terraform.
Status stored in
backend- The latest deployment configuration of terraform code.
Getting through the logic and flow of these three forms will help you understand which each terraform command is for.
The most important point here is to make sure that the AWS physical infrastructure and the state stored on the backend match 100%. Terraform provides several commands like import, state, and etc. to achieve this.
Well, the infrastructure definition starts off with the local codes. Developers define terraform code locally and the provision them for the physical infrastructure.
The word provisioning means:
a series of procedures that are processed to provide a certain service, ranging from service execution to service delivery.
The procedure for assigning and deploying systems to meet user or business requirements and to prepare them for use.
At this time, the developers configure the backend to save the latest code; the logic goes like this:
terraform init
Creates a
.tfstatefile for saving status to the specifiedbackend. Here it saves the latest application of terraform.After completion of the
initoperation, a.terraformfile is created locally containing the contents defined in.tfstate.If an another developer has already defined an infrastructure in
.tfstatefile, you can sync with your local codes throughinit.
terraform plan
Shows predictions in advance of what infrastructures will be created with the code you wrote. Even if there's no error in the predictions of the
plan, errors may still occur when applied in practice.The
plancommand will not affect any of the three forms above.
terraform apply
The command to actually deploy the infrastructures.
On completion of
apply, the specified infrastructures will be created on AWS and the operation results will be saved to.tfstatein thebackend.The results will also be saved in
.terraformlocally.
terraform import
The command to move resources deployed in AWS infrastructure to a terraform state.
It serves to store health information for that resource in the local
.terraform. (This never generates codes for you.)The health information will not be saved in the
backenduntilapply.If you
planafterimport, Terraform will show that the resource will be deleted or changed, since the corresponding code is not present locally. You can write the code based on these results.
If you want to apply terraform with existing infrastructure deployed on AWS, all the resources should be moved with
import.In cases you find it cumbersome, you can, of course, work again from scratch to deploy resources.
But, it can be dangerous to take down an infrastructure that has been deployed and is being serviced in production.
Credits
Thanks again to:
Last updated