First of all, lets explore the subject of Terraform. What is it? Why do we need tools like it? What are the pros & cons about the language? Finally we will also dive into how to actually get started with coding. Lets begin - If you want help getting started with Terraform, read this blog post -> Getting started with using Terraform (codeterraform.com)
What is Terraform?
Terraform is an Infrastructure-As-Code tool developed by Hashicorp. The software falls under the category 'Configuration' langauge which is basically defined by a programming language that is high level and is for specialized purposes. In other words it's not a normal 'General' purpose programming language like Python or C#.
Terraform is built specifically to talk with API's typically from Cloud Providers. These API's are the gateway for end-users to interract with set Cloud Providers. Most often, they are used to either to deploy or read infrastructure in the Cloud. Terraform has a huge gallery of support for different cloud providers. At the time of writing, Hashicorp has Azure, AWS, Google, Alibaba, Oracle cloud and so many more providers that are available. Furthermore, Terraform is an open-source language where the engine of the software is built in the language 'HCL' (Hashicorp Configuration Language).
Why do we need Terraform?
Lets start with the problem we face as Cloud Engineers. To maintain and deploy cloud infrastructure we have a long list of tools available for the job. The most simple is to use the Cloud providers website interface. Using the GUI everything can be deployed and maintained. We call this concept of using GUI 'Click ops' and the issue we face using this approach can be summarized to:
Not scalable - Every resource must be deployed 1 by 1.
Time consuming - It takes a lot of time to deploy through any web GUI.
Not reusable - While you might be able to deploy .json configurations in some cases, one still need to pass through the GUI proces to deploy every time.
Harder to document - While it's true that 'a picture says more than a 1000 words' Using alot of screenshots in documentations can make guides awfully long even for simple tasks.
Harder to control - Even though a GUI has constraints built-in plus the fact that it's easy to make the contraints tighter, the chance of human-error is still high, especially when more GUI is used across by multiple team members.
All of these issues can be solved by using the concept of Infrastructure as Code. This way, we move away from using 'Click ops' and instead define configurations in a language like Terraform to define the exact infrastructure to be deployed and configured on a Cloud provider. Now, if Terraform can solve all the above mentioned issues, what is it that is so smart about it?
Pros:
Stateful language - Terraform records every single action executed towards a provider in what Hashicorp calls 'The Terraform statefile'. We will talk more about this file in a later post.
Works like a dynamic language - Terraform can combine the principel of defining json like configurations with programming functions such as loops, expressions, to logically build highly flexible scripts and to define Cloud resources of any scale.
Developed with powerfull but important constraints - Eventhough the language has the abillity to do programming tasks the limmitations has been put in place specifically to help developers understand which direction to take when building resources.
Open-source with a big community - Terraform as a software that is widely spread as the most loved IaC language worldwide. This shows in the availabillity of providers / packages.
Cross-platform - Works on any OS platform build for computers plus it is very easy to get started with.
Cons:
High learning curve - Terraform is NOT an easy language to get started on.
A lot of boiler-plate code required - This is a double-edged sword as it forces developers to consider all the important requirements when working with deploying cloud infrastructure but it also takes time away from actually working with cloud resources.
Security flaws - Terraform stores everything in clear texts in its statefile. The only formatting done is to encode secrets in base64 which is not so secure. There must be created an extra manual layer of security on-top of the statefile.
Complexity increases the runtime a lot - Terraform is definitely not the fastest language to compile and execute and with an advanced configurations, the developer must be patient.
The positives outweights the negatives. If we take languages like Bison into account, the language is proprietary to Microsoft and it does not provide a state. Furthermore, the simple fact is that the community behind Terraform is so big that it makes it almost impossible to not always find a working solution to a problem arising within the language.
Now, with all this information in hand, what do you say? Lets get started with actually working with the damn thing! Visit the following post to get started with terraform -> Getting started with using Terraform (codeterraform.com)
コメント