One of the most important tools we use here at NextLink Labs is Hashicorp Terraform. This article is the first of our multi part series featuring Terraform. In this series we will go through:
DevOps practices are adopted in order to increase the velocity that code is delivered through making it simple and automated to deploy your applications/systems, regardless if enhancements to those systems require new infrastructure pieces to be added. Terraform fills an important gap here for DevOps in making provisioning new cloud infrastructure simple and repeatable. Hashicorp Terraform is an open source Infrastructure as Code tool which can be used to provision infrastructure across multiple clouds. While individual cloud providers such as AWS and Azure have tools like Cloudformation and Azure Resource Manager respectively, we prefer to use cloud agnostic tools like Hashicorp Terraform. We will discuss the benefits of using a generic tool like Terraform below, but first let’s talk a little about why Infrastructure as Code is so important to a company's cloud operation strategy.
Before Infrastructure as Code tools, managing IT infrastructure in the cloud was very similar to managing on premise infrastructure: very manual and unwieldy. For companies who have very large workloads on AWS or other public cloud providers the number of resources in their cloud becomes very difficult to manage manually. Using Infrastructure as Code like Terraform provides a number of benefits to software organizations:
Terraform was created by a company called Hashicorp and originally launched in 2014. Terraform is written in Go and it is used to build, change, and version infrastructure across many different cloud providers. It is compatible with many different providers, from the major ones such as Amazon AWS, Azure, and GCP to other tools like Gitlab, Github, and Digital Ocean. A full list of providers can be found at: https://www.terraform.io/docs/providers/index.html
Terraform comes in both open source and enterprise flavors. In this article, we will focus mainly on the open source version although many principles apply to both.
Terraform “code” is a series of configuration files written in HCL (Hashicorp Configuration Language) which describe a desired state of provisioned infrastructure (aka a declarative infrastructure tool). As an example of what this means: we may have a terraform file which describes creating a VPC in AWS as well as attaching an internet gateway to it. This configuration file is descriptive of the desired state and when terraform code runs it automatically will compare the current state vs the desired state to determine what operations need to be run. This is different than many other tools which describe those steps specifically. In our opinion, this is one of the features that makes Terraform so great, you can just describe how you’d like things to be and not have to worry about different environments/applications needing a different set of operations to be run.
The HCL language is meant to be interoperable with json and both human and machine friendly. We feel that Terraform is also very strong in this area, as when used correctly it is simple enough for novices to follow what is happening but is capable of being used to manage fleets of servers
With just some basic configuration files written in HCL we have been able to manage thousands of cloud resources with a very small number of operators. While there are many things that must be learned to use Terraform in a secure, mature, and scalable manner we hope this guide will get you started.
The next article in this series will cover some basic examples of Terraform in AWS for your consumption. We hope by discussing the patterns we've adopted at Nextlink Labs that you will be able to build on our knowledge and previous mistakes. Stay tuned for the next item in our multipart series on Hashicorp Terraform!