Terraform : Chaos to code

IaaC is the hot word now days. You may-may not know why but even so let me tell you that.
Imagine a situation where had to provision a server, well secured, well maintained and to very custom requirements of whoever requested it. It wouldn’t be daunting as such. But what if I told you, you gotta do it for 100 times?? with exact same attributes and norms followed? By the time you reach 20 you might have made some mistakes and unless you are a super-human savant you might as well be flipping some tables and birds 😋 It’s only natural and nobody should be judged for that!
For this repeatability and precise but flexible redundancy of a situation, what you need is a magic wand. That magic wand is HashiCorp’s Terraform.
On their landing page they define Terraform

Terraform is an open-source infrastructure as code software tool that provides a consistent CLI workflow to manage hundreds of cloud services. Terraform codifies cloud APIs into declarative configuration files.


For those who are new to coding, words like API, CLI might sound daunting. Even if those are in definition of terraform, to learn terraform is pretty logical and easy and you don’t have to worry about under-the-hood workflow, at least in the beginning. To summarize it in plain English : You declare what you want , from whom you want , how much and that’s all done in small code. Repeat code repeat infrastructure. Repeat as many times you like.
But wait.. there is one problem. What if you do not want that code to make clones? But be intelligent and only change the desired parameters? So you can make 100 resources but when you reapply code, it doesn’t create another 100 but update those which require change, destroy obsolete and create only purely new ones?
It’s called Idempotency and terraform is very much Idempotent if used correctly.
Codifying your demands to provision the resources is the crux of Infrastructure as a Code. (It’s in the name, right there, isn’t it?)

So what it exactly does and How does it work?

Terraform uses HCL LANGUAGE it’s HashiCorp Configuration Language (and no, it isn’t Hashi Corp Language, although logically you can say it like that!)
HCL is declarative configuration language, pretty much looks like good ol’ JSON and it’s JSON compatible. It’s unique and Terraform is based on it, making terraform unique and much easier than a lot of other tools. (A nice article on HCL by Octopus Deploy is a good read!)

Infrastructure has a lot of needs.. Servers, databases, backend Storages, IAM policies, networks, monitors, loggers… and what not. There is a lot and in the end we are looking at chaos of tools and demands and configurations.

Image Courtesy : Yevgeniy Brikman (HashiConf)

And this gets worse as we need to repeat this infrastructure again and again as per project needs. And to top it we have to maintain this all to whatever time it needs. Maybe forever. And as technology grows, so does the tastes of people and demands and needs, and way of doing stuff.
Sometimes we need those two fine little changes, but to make them we break thousand other things and end up cursing ourselves.
IaaS (Infrastructure as a Service) is not new. About a decade ago it solved the problem of provisioning things on premise at scale. IaaC now solving the same problem just on cloud, IaaS.
IaaS + PaaS was a norm up until few years ago. Platforms like Heroku provided nice solutions, write bunch of lines of code and your app is online. But they are always limited by these PaaS platforms for their own reasons and logical boundaries.
So what do we do? As a programmer you know, everything can be done better with little more implementation and a little more code. The developers fixed the PaaS (well almost!) problem with tools Like Terraform.

Terraform is a tool for defining and managing infrastructure as a code.
It’s simple yet robust. It in a broader sense has three stages

  1. terraform init
  2. terrform plan
  3. terraform apply

Terraform init (terraform initialize)

What terraform initialize `terraform init` does is, it initializes (duh!) working directory with Terraform configuration files (obviously!😑)
This command can be run for multiple times, It’s control to initialize an operational index that contains terraform pattern files and this control can be looped multiple times. That jargon aside in simple English. It starts terraform in your current working directory and pulls-copies bunch of files from repositories.(you need to source those.) Thus making your life easier for that hot minute!
It initializes various terraform stuff.. like providers, modules, plugins, backends etc.

terraform init command

Terraform Plan

Terraform plan basically gives an overview of what’s going to happen, should you choose to execute your terraform code. An execution plan.
is it going to create something? ✨
is it going to destroy something?💥
is it going to modify something?♻
is it going to destroy, modify and re-create something?💥♻✨
If any of that holds, what are the attributes/properties, the said infrastructure is going to possess?
These are all answered in the terraform plan command’s output. Observe the images. It’s a blueprint of sorts, if your design has error syntactical or otherwise this command is going to let you know with error or warning messages.

The command not only creates an execution plan, but it also checks for any pre-existing plans (states) in same working directory to keep it up-to-date. It also gives the speculative before-after changes in same plan, which is very useful in team environment, to check for current changes in plan against expected.

Terraform apply

The terraform apply as the name “declares”, applies the proposed changes to infrastructure as was shown in plan. Thereby “provisioning” or creating or destroying or modifying or re-creating, (whatever have you) infrastructure.
It could be a simple local fil or huge server in cloud. You planned it , it will execute for you, saving you hassle-tussle of manual work.

There are many more commands and many more options. After all this is a language in itself. But these three terraform init , terraform plan , terraform apply are the crux of it. Terraform is fun to learn and very young tool on today’s Devops scene. As the norm goes, HashiCorp has maintained a pretty good documentations.
Terraform has it’s own registry (repository) maintained by HashiCorp, participating “Verified ” Companies (aws, gcp, heroku and many others), and also you and me.. “the community”. Which makes it a nice pool of go-to-knowledge/reference source. Code is easy to read and that’s something you can’t say to (for) every tool.

So have fun learning terraform. I will follow up with some basic tutorials and go-this-direction blogs (like this blog) as I live and learn my journey. Till then Adieu!! ✌