update terraform workshop
This commit is contained in:
parent
2ccd58cbb2
commit
ebdac33de9
|
@ -30,7 +30,7 @@ in a declarative manner. It targets all major cloud platforms (GCP, AWS, Azure,
|
||||||
|
|
||||||
## Human-Readible Configuration Language
|
## Human-Readible Configuration Language
|
||||||
|
|
||||||
* HashiCorp Configuration Language (HCL) or JSON
|
HashiCorp Configuration Language (HCL) or JSON
|
||||||
|
|
||||||
```
|
```
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
|
@ -54,10 +54,12 @@ output "instance_public_ip" {
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## Workflow
|
# Workflow
|
||||||
|
|
||||||
* Write your configuration file
|
* Write your configuration file
|
||||||
|
|
||||||
|
* Use `terraform init` to initialize a Terraform workspace
|
||||||
|
|
||||||
* Use the the `terraform plan` action to simulate deployment of resources and assess the outcome
|
* Use the the `terraform plan` action to simulate deployment of resources and assess the outcome
|
||||||
|
|
||||||
* Use `terraform apply` to actually deploy resources
|
* Use `terraform apply` to actually deploy resources
|
||||||
|
@ -72,7 +74,35 @@ output "instance_public_ip" {
|
||||||
|
|
||||||
* Use `terraform plan` and `terraform apply` in order to deploy the resource
|
* Use `terraform plan` and `terraform apply` in order to deploy the resource
|
||||||
|
|
||||||
* Remove the resource by updating your configuration file and using `terraform plan` and `terraform apply`
|
* Remove the resource by using `terraform destroy`
|
||||||
|
|
||||||
|
* Take advantage of terraform docs and providers:
|
||||||
|
|
||||||
|
* https://registry.terraform.io/
|
||||||
|
|
||||||
|
* https://developer.hashicorp.com/terraform
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
# Solution
|
||||||
|
|
||||||
|
```
|
||||||
|
# Specify the provider
|
||||||
|
provider "aws" {
|
||||||
|
region = "us-west-2"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Create an EC2 instance
|
||||||
|
resource "aws_instance" "my_ec2" {
|
||||||
|
ami = "ami-03e383d33727f4804"
|
||||||
|
instance_type = "t2.micro"
|
||||||
|
|
||||||
|
|
||||||
|
tags = {
|
||||||
|
Name = "TestEC2Instance"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -86,7 +116,65 @@ output "instance_public_ip" {
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
# Next Steps
|
# Solution
|
||||||
|
|
||||||
* ...
|
```
|
||||||
|
# Specify the provider
|
||||||
|
provider "aws" {
|
||||||
|
region = "us-west-2"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Create a security group
|
||||||
|
resource "aws_security_group" "allow_ssh" {
|
||||||
|
name = "allow_ssh"
|
||||||
|
description = "Allow SSH access"
|
||||||
|
|
||||||
|
ingress {
|
||||||
|
from_port = 22
|
||||||
|
to_port = 22
|
||||||
|
protocol = "tcp"
|
||||||
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
|
}
|
||||||
|
|
||||||
|
egress {
|
||||||
|
from_port = 0
|
||||||
|
to_port = 0
|
||||||
|
protocol = "-1"
|
||||||
|
cidr_blocks = ["0.0.0.0/0"]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Specify the provider
|
||||||
|
provider "aws" {
|
||||||
|
region = "us-west-2"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Create an EC2 instance
|
||||||
|
resource "aws_instance" "my_ec2" {
|
||||||
|
ami = "ami-03e383d33727f4804"
|
||||||
|
instance_type = "t2.micro"
|
||||||
|
|
||||||
|
security_groups = [aws_security_group.allow_ssh.name]
|
||||||
|
|
||||||
|
tags = {
|
||||||
|
Name = "TestEC2Instance"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
# Additional Notes
|
||||||
|
|
||||||
|
* Typically the terraform state is stored online in a manner that makes it retrievable by others
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
# SOPS for Secrets Management
|
||||||
|
|
||||||
|
* Download from https://github.com/getsops/sops
|
||||||
|
|
||||||
|
* Encrypt config file: `sops -e --pgp <key_id> credentials > credentials.enc`
|
||||||
|
|
||||||
|
* Decrypt and set: `eval $(sops -d credentials.enc | sed 's/: /=/g')`
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue