Managing Resources on Terraform for DevOps Engineers

Managing Resources on Terraform for DevOps Engineers

Francisco Souza's photo
Francisco Souza
·

4 min read

Table of contents

Day 3 of #TerraWeek

📝Introduction

Today, in this blog post, we will cover the basics of how to manage resources using Terraform, focusing on some resource types and their configurations, their dependencies, provisioners, and lifecycle management. This is part of #Day 3 of the #TerraWeek challenge initiated by Shubham Londhe.

📝Creating and Managing Resources with Terraform

To create a resource, first of all, we need to use the resource block followed by the resource type and a unique name. The resource type determines the kind of infrastructure object we want to create, while the unique name is used to reference the resource within our Terraform configuration.

This is a basic resource block:

i.e.

resource "aws_instance" "ec2_example" {
  ami = "ami-05b5a865c3579bbc4"
  instance_type = "t2.micro"
  tags = {
    Name = "test-ec2-server"
  }
}

In the example below, we are creating an AWS EC2 instance with some resources like type aws_instance, ami and instance_type arguments, and other entries used to create and configure the instance.

📝AWS EC2 Instance Configuration, Resource Dependencies, Provisioners and Lifecycle Management

provider "aws"{
    region = "eu-west-3"
}

data "aws_security_group" "<your-sg-name>" {
  id ="sg-0202c818aa1023ffa"
}

resource "aws_instance" "test_example" {
    ami = "<your-ami-id>"  
    instance_type = "<your-instance-type>" 
    key_name= "<your-key-name>"
    vpc_security_group_ids = [<data.aws_security_group.<your-sg-name>.id]
    user_data = "${file("install_apache.sh")}"

lifecycle {
    prevent_destroy = true
    }
    tags = {
        Name = "test-ec2-server"
        }

provisioner "remote-exec" {
    inline = [
      "touch hello.txt",
      "echo Hello World remote provisioner >> hello.txt",
    ]
}

connection {
      type        = "ssh"
      host        = self.public_ip
      user        = "ubuntu"
      private_key = file("<private-key-path>")
      timeout     = "4m"
   }
}

resource "aws_key_pair" "deployer" {
  key_name   = "test-key"
  public_key = file("public-key-path")
}

output "server_private_ip" {
value = aws_instance.<your-aws_instance-name>test_example.private_ip
}
output "server_public_ipv4" {
value = aws_instance.test_example.public_ip
}
output "server_id" {
value = aws_instance.test_example.id
}

Make sure to replace the placeholder values with your own information:

  • <your-preferred-region>: The AWS region in which you want to launch the EC2 instance.

  • <your-ami-id>: The ID of the Amazon Machine Image (AMI) you want to use for the instance.

  • <your-key-pair-name>: The name of the key pair you want to use to SSH into the instance.

  • <your-security-group-id>: The ID of the security group(s) you want to associate with the instance.

  • provisioner: to set specific actions on the local machine or on a remote

    machine in order to prepare servers or other infrastructure objects for service

    Invokes a script on a remote resource after it is created. This can be used to run a configuration management tool, bootstrap into a cluster, etc.

    remote-exec : Invokes a script on a remote resource after it is created. This can be used to run a configuration management tool, bootstrap into a cluster, etc.

  • connection : block describing how the provisioner connects to the given instance

  • private-key : The contents of an SSH key to use for the connection. This takes preference over the password if provided. It's the best practice to add your access key to an instance storing it on a safe local and avoid typing it directly on your plan.

  • output: value for consumption by another module or a human interacting via the UI

  • prevent-destroy : is set to true, which means that Terraform will not allow the EC2 instance to be destroyed

Now, let's go running our code following Terraform commands in the directory containing the code:

terraform init
terraform validate
terraform plan
terraform apply
terraform destroy

The terraform init command initializes the working directory, downloading the necessary provider plugins. The terraform validate validates the configuration files in a directory, referring only to the configuration and not accessing any remote services such as remote state, provider APIs, etc. Then run terraform plan command to show you an execution plan for the infrastructure changes, and finally, the terraform apply command to apply the changes and creates the EC2 instance, other resources and settings.

Thank you for reading. I hope you were able to understand and learn something helpful from my blog.

Please follow me on Hashnode and on LinkedIn franciscojblsouza

DevopsCloudCloud Computing