![13
•Outputs lets you define values that will be output when
Terraform applies
•Can be queried easily:
terraform output [-json]
output (7)
Copyright thinkcloudly, All rights reserved](https://image.slidesharecdn.com/terraform9-220310145041/85/Terraform-9-13-320.jpg)
Terraform 9
- 1. Terraform Copyright thinkcloudly, All rights reserved 1
- 2. •Commandline tool (go) (OS X, Windows, Linux, …) •Developed by Hashicorp (Vagrant, Packer, Consul, Nomad) •Lets you describe and provision cloud infrastructure using HCL formatted text files •Servers, networks, load balancing, storage, containers •Multi-provider (AWS, Azure, GC, Cloudstack, …) Terraform 2 Copyright thinkcloudly, All rights reserved
- 3. •CloudStack @ Exoscale (Switzerland) •Web servers (CentOS/Linux) •Bastion host for management/provisioning •SSH public/private key •Run Apache httpd web server •Domain name (DNS) (AWS) 3 Demo Copyright thinkcloudly, All rights reserved
- 4. •A provider is used to connect to a cloud provider •AWS, Azure, GC, Digital Ocean, Cloudstack, Openstack, Heroku, CloudFoundry, Mailgun, easyDNS, CloudFlare… •Providers know the APIs and expose available services 4 Provider (1) Copyright thinkcloudly, All rights reserved
- 5. •A resource defines how to use a cloud resource/service •VM, IP-address, load balancer, network, firewall, object storage, DNS-record •The name of the provider is used as a resource name prefix •Resources have unique ids •Combination of resource type and name 5 Resource (2) Copyright thinkcloudly, All rights reserved
- 6. •A resource can depend on another resource •Can determine the order of creation 6 Dependencies (3) Copyright thinkcloudly, All rights reserved
- 7. •When manipulating resources, Terraform saves the current state i a .tfstate file (or S3, Consul) •Knows a resource's current state in the cloud 7 terraform show terraform show Copyright thinkcloudly, All rights reserved
- 8. 8 •Variables •Interpolation •Functions (math, base64, join, lower, ...) •Count Syntax (4) Copyright thinkcloudly, All rights reserved
- 9. 9 •A provisioner lets you provision against the resource right after creation •chef •remote-exec (script run on the server) •local-exec (script run locally) provisioner (5) Copyright thinkcloudly, All rights reserved
- 10. •When resources have to be recreated from scratch, they have to be tainted terraform taint <resource_type>.<resource_id> 10 terraform taint Copyright thinkcloudly, All rights reserved
- 11. 11 •Connect to you web server through bastion host •Limit access to bastion host to your IP range •Use smart card to protect your private key •E.g. yubikey as OpenPGP smartcard and gpg-agent emulating ssh-agent Security first! (6) Copyright thinkcloudly, All rights reserved
- 12. 12 Copyright thinkcloudly, All rights reserved
- 13. 13 •Outputs lets you define values that will be output when Terraform applies •Can be queried easily: terraform output [-json] output (7) Copyright thinkcloudly, All rights reserved
- 14. •Can connect resources from different cloud providers •Unique feature in Terraform! 14 Multi-provider (8) Copyright thinkcloudly, All rights reserved
- 15. Multi provider, multi datacenter, multi technology (9) 15 •DNS using weighted record set •Could have used latency / geolocation •Health checks to determine data center (or service) outage Copyright thinkcloudly, All rights reserved
- 16. •Dependency graphs can be generated dynamically terraform graph | dot -Tpng | open -f -a Preview 16 Bonus: Dependency graph Copyright thinkcloudly, All rights reserved
- 17. •Terraform is great for defining infrastructure as code •Perform incremental changes to your infrastructure •Can combine several cloud providers in your 17 Summary Copyright thinkcloudly, All rights reserved