Terraform & Infrastructure as Code

Terraform, an open-source tool developed by HashiCorp, stands at the forefront of infrastructure automation, enabling users to codify their infrastructure provisioning across a multitude of service providers such as AWS, Google Cloud, Azure, and notably, Aviatrix. This tool epitomizes the Infrastructure as Code (IaC) philosophy, allowing for the efficient management of resources like virtual machines, networking components, and containers through code rather than manual processes.

What is Infrastructure as Code (IaC)?

The essence of IaC lies in treating infrastructure management tasks as if they were software code. This shift from traditional, manual operations to a code-based approach has been catalyzed by the advent of cloud computing, fostering a more agile, efficient, and error-resistant environment for deploying and managing infrastructure. The convergence of development and operations into DevOps further underscores this transformation, emphasizing the seamless, integrated management of application development and infrastructure provisioning.

Aviatrix & Terraform

The integration of Aviatrix’s secure cloud networking solutions with Terraform’s IaC capabilities presents a compelling synergy. Aviatrix enhances Terraform’s utility by offering specialized providers that manage complex cloud networking scenarios, extending Terraform’s reach into multi-cloud environments. This partnership not only streamlines cloud infrastructure management but also ensures robust security and compliance, resonating with Aviatrix’s mission to deliver enterprise-grade secure cloud networks.

Benefits of Infrastructure as Code

• Automation and Efficiency: Automating cloud infrastructure provisioning with Terraform and Aviatrix reduces manual efforts and speeds up deployment cycles, enabling organizations to focus on strategic initiatives.
• Consistency and Compliance: IaC ensures that every deployment is consistent and adheres to compliance standards, mitigating the risk of configuration drift and non-compliance.
• Scalability and Flexibility: Aviatrix’s cloud networking solutions, coupled with Terraform’s IaC, offer unparalleled scalability and flexibility, allowing businesses to adapt swiftly to changing needs and scale their infrastructure as required.

Infrastructure as a code involves various tools like ad-hoc scripts to automate manual tasks, configuration management tools such as Chef, Puppet, Ansible, etc., infrastructure templating tools such as Docker, Vagrant, etc., and infrastructure provisioning tools like Terraform. The choice of one type of tool vs. others or a combination of one or more tool types would depend on the specific use cases.

Terraform Configuration File

To build and deploy the infrastructure using Terraform, a Terraform configuration file needs to be created. It is a simple text file with a “.tf “extension where you specify the infrastructure resource(s) you want to build. The .tf format is more human-readable, supports comments, and is the recommended format for the Terraform configuration files. (Terraform also supports JSON format but it is less commonly used.)

Terraform configuration is strictly declarative. This means that when you write code, you specify the desired end state, and Terraform will take the steps to achieve that end state. That end state is specified in the configuration file primarily as providers and resources.

Provider

Infrastructure providers (for example AWS, Google Cloud, Azure, Heroku, Aviatrix, etc.) are called “Providers” in Terraform. A provider is responsible for managing resources and handling API interactions for the pieces of infrastructure that they manage. In a terraform configuration file, a provider is initialized with the “provider” keyword.

Resource

A resource is a piece of infrastructure or service that a provider wants to expose and can be provisioned. For example, a VPC is a resource in AWS provider. In a terraform configuration file, a resource is initialized with the “resource” keyword.

Basic Syntax

A basic Terraform configuration file can be written as (see the full specification here):

• provider keyword: It is the keyword used to initialize a Provider like AWS, Google Cloud etc.
• provider_name: Name of the desired provider. For example, the provider name for AWS is “aws”.
• resource keyword: Keyword used to establish a resource block.
• resource_type: The resource type. For example, aws_instance is a resource within aws provider to create an EC2 instance.
• resource_name: The name of the resource. This will be used to reference this resource in the configuration file.
• parameters: Parameters are the end states that you want to define and can be either optional or mandatory.

Basic Terraform commands

Terraform configuration files are executed using the “terraform” binary. The terraform command accepts various subcommands that operate on the configuration file(s) in the current directory. Here are the most commonly used subcommands:

1. terraform init – Initializes a new or existing terraform configuration
2. terraform plan – Generates and shows an execution plan
3. terraform apply – Builds or changes the infrastructure
4. terraform show – Inspects or shows the current state

Terraform State

Terraform records the state of your infrastructure in a state file. This allows you to make incremental changes in the future by simply changing the same configuration file to match your desired end state.

Step-by-Step Configuration Guide

Using what we have learned, let’s build a simple configuration file that provisions a single virtual Private Cloud (VPC) in AWS.

Step 0: Prerequisites

Install Terraform and a text editor of your choice.

Step 1: Open Configuration File

Create an empty text file called main.tf in an empty folder.

Step 2: Initialize the aws Provider

Add the following code to configure the AWS provider:

The above code snippet will authenticate the user using AWS IAM account credentials. It also sets some important environment variables like “region” to tell AWS to build necessary resources in “us-east-1” region. It is important to configure the provider before using it to build resources.

Step 3: Define an aws_vpc Resource

Once the provider is configured, add the code that will define an “aws_vpc” resource. We will refer to this resource as “vpc_name”, but you can call it whatever you like. Inside the resource block, specify values for parameters like cidr_block and instance_tenancy. You can find a complete list of parameters available for every resource in its documentation.

Step 4: Execute the Terraform Configuration file

In our example, Terraform will do the following:

1. init will install any providers that are not yet installed and initialize this new configuration
2. the plan will show you what changes will be applied in the next step
3. apply will use your existing credentials to authenticate you with AWS as the user and create the VPC resource.

Step 5: Update

Change the configuration file to add a “count” parameter in the resource block:

Save the file and apply it again:

Now, you will see 1 additional VPC with the 192.168.0.0/16 CIDR block created.

In summary, the combination of Aviatrix’s cloud networking expertise with Terraform’s automation capabilities offers a robust framework for managing complex cloud infrastructures. This partnership underscores a strategic alignment with the evolving needs of digital transformation, enabling enterprises to navigate the complexities of cloud infrastructure with confidence and agility.