public
/
presentations
5
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

TF Workshop #3

Open
anton wants to merge 5 commits from terraform-workshop into master
pull from: terraform-workshop
merge into: public:master
Conversation 0 Commits 5 Files Changed 1 +95 -7
1 changed files with 95 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit ebdac33de9 - Show all commits

102
terraform-workshop/index.md
View File

@ -6,7 +6,7 @@
## What is Terraform ## What is Terraform
IaC (Infrastructure as Code) framework which enables programatic definition, IaC (Infrastructure as Code) framework which enables programatic definition,
deployment and management of infrastructure resources for cloud and on-premises deployment and management of infrastructure resources for cloud and on-premises
in a declarative manner. It targets all major cloud platforms (GCP, AWS, Azure, DO etc.) in a declarative manner. It targets all major cloud platforms (GCP, AWS, Azure, DO etc.)
--- ---
@ -30,7 +30,7 @@ in a declarative manner. It targets all major cloud platforms (GCP, AWS, Azure,
## Human-Readible Configuration Language ## Human-Readible Configuration Language
* HashiCorp Configuration Language (HCL) or JSON HashiCorp Configuration Language (HCL) or JSON
``` ```
provider "aws" { provider "aws" {
@ -50,14 +50,16 @@ output "instance_public_ip" {
value = aws_instance.example.public_ip value = aws_instance.example.public_ip
} }
``` ```
--- ---
## Workflow # Workflow
* Write your configuration file * Write your configuration file
* Use `terraform init` to initialize a Terraform workspace
* Use the the `terraform plan` action to simulate deployment of resources and assess the outcome * Use the the `terraform plan` action to simulate deployment of resources and assess the outcome
* Use `terraform apply` to actually deploy resources * Use `terraform apply` to actually deploy resources
@ -72,7 +74,35 @@ output "instance_public_ip" {
* Use `terraform plan` and `terraform apply` in order to deploy the resource * Use `terraform plan` and `terraform apply` in order to deploy the resource
* Remove the resource by updating your configuration file and using `terraform plan` and `terraform apply` * Remove the resource by using `terraform destroy`
* Take advantage of terraform docs and providers:
* https://registry.terraform.io/
* https://developer.hashicorp.com/terraform
---
# Solution
```
# Specify the provider
provider "aws" {
region = "us-west-2"
}
# Create an EC2 instance
resource "aws_instance" "my_ec2" {
ami = "ami-03e383d33727f4804"
instance_type = "t2.micro"
tags = {
Name = "TestEC2Instance"
}
}
```
--- ---
@ -86,7 +116,65 @@ output "instance_public_ip" {
--- ---
# Next Steps # Solution
* ... ```
# Specify the provider
provider "aws" {
region = "us-west-2"
}
# Create a security group
resource "aws_security_group" "allow_ssh" {
name = "allow_ssh"
description = "Allow SSH access"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
# Specify the provider
provider "aws" {
region = "us-west-2"
}
# Create an EC2 instance
resource "aws_instance" "my_ec2" {
ami = "ami-03e383d33727f4804"
instance_type = "t2.micro"
security_groups = [aws_security_group.allow_ssh.name]
tags = {
Name = "TestEC2Instance"
}
}
```
---
# Additional Notes
* Typically the terraform state is stored online in a manner that makes it retrievable by others
---
# SOPS for Secrets Management
* Download from https://github.com/getsops/sops
* Encrypt config file: `sops -e --pgp <key_id> credentials > credentials.enc`
* Decrypt and set: `eval $(sops -d credentials.enc | sed 's/: /=/g')`