Infrastructure Automation with Terraform: Automate and Orchestrate your Infrastructure with Terraform Across AWS and Microsoft Azure

CHAPTER 1

Setting Up Terraform

Believe in yourself! Have faith in your abilities! Without humble but reasonable confidence in your powers, you cannot be successful or happy.

—Norman Vincent Peale

Application delivery and the activities involved in it have changed a lot after cloud computing and DevOps practices gained the attention of different organizations. Everything as code is a new norm where your automation or CI/CD pipeline is also part of version control - pipeline as code. High availability, disaster recovery, and business continuity have become crucial considering the competitive market. Terraform helps us write and execute code to define, deploy, update, and destroy your infrastructure in different cloud environments; hence, we don’t need to learn cloud specific tools. Terraform is an open-source Infrastructure as Code tool that codifies cloud APIs into declarative configuration files to make managing different environments easier.

In this chapter, we will install and configure Terraform in different operating systems as well as in Docker container. We will use Docker Desktop to create a container that has Terraform installed on it. We will also understand the details for AWS and Azure accounts and Command line (CLIs). It will help us in the upcoming chapters when using Terraform to create infrastructure in AWS and Microsoft Azure cloud environment.

Structure

We will discuss the following topics in this chapter:

Installing and configuring Terraform on Windows using Chocolatey

Installing and configuring Terraform on Mac

Installing and configuring Terraform on Ubuntu

Installing and configuring Terraform on CentOS

Terraform IAC Development and IDE

Creating Microsoft Azure Account

Installing and Configuring Azure CLI

Creating AWS Account

Installing and Configuring AWS CLI

Objectives

After studying this unit, you should be able to install and configure Terraform in different operating systems or different types of platform, such as Docker container. You should also be able to understand how to create AWS and Azure accounts and installing CLIs.

Installing and configuring Terraform on Windows using Chocolatey

Terraform open-source project and Terraform plugins are written in GO programming language. We can use Terraform to create infrastructure resources across different cloud service providers such as Amazon Web Services (AWS) and Azure as well as other cloud deployment models and virtualization platforms. In this book, we are going to use AWS and Microsoft Azure. We will install and configure Terraform, AWS CLI, Azure CLI, and editors. This environment creation will help us write Terraform files to create resources in different cloud platforms.

Chocolatey is a small piece of wonder for all those who hate struggling with the installation of different packages on Windows. It helps make installation easier and can be done from your command-line. Its features include management of dependencies and version control, and it offers ease of use for handling different packages on Windows. Chocolatey is an open-source package management tool, but it has a commercial edition. Chocolatey is in a similar pool of yum, apt, and Homebrew. In simple words, Chocolatey is a Windows Package Manager that makes your life easy with simplicity, efficiency, power, and flexibility.

Note: Terraform doesn’t require GO as a pre-requisite for installation or any GO programming skills.

Here are the pre-requisites to install Chocolatey:

Windows 7+ / Windows Server 2003+

PowerShell v2+ (the lowest version is v3 for install from this website due to TLS 1.2 requirement)

.NET Framework 4+ (the installation will attempt to install .NET 4.0 if you do not have it) (the lowest version is 4.5 for install from this website due to TLS 1.2 requirement)

Let’s try to install Chocolatey using the following commands:

We will install it with PowerShell:

With PowerShell, execute the "Get-ExecutionPolicy" command first. Here’s the explanation of the output of the execution of this command:

If output is restricted, run Set-ExecutionPolicy AllSigned Or Set-ExecutionPolicy Bypass -Scope Process

If output is AllSigned, then go to Step 2.

Visit https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-7.1 for more details on execution policies.

Execute the following command to install Chocolatey. Visit the official website for more details on Chocolatey installation.

Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString(‘https://chocolatey.org/install.ps1’))

Type choco or choco -?. You are ready to install packages using Chocolatey. Chocolatey is installed in following screenshot:

Figure 1.1: Install Chocolaty on Windows using PowerShell

Verify environment variables after installing Chocolatey as per the following screenshot. Visit https://chocolatey.org/install for advanced installation of Chocolatey.

Figure 1.2: Environment variables

Note: Terraform is used to efficiently manage compute, storage, and networking resources along with identity- and access-management related features, etc. Terraform can manage resources in cloud Platforms such as AWS, Microsoft Azure, Google cloud, VMware, and so on.

Verify the Chocolatey version using the following command:

PS C:\> choco --version

0.10.15

Now, we are ready with Chocolatey installation; the next step is to install Terraform.

Visit https://chocolatey.org/packages/terraform and get more details on the Terraform package and the command to install Terraform using Chocolatey.

Figure 1.3: Installing Terraform using Chocolatey

Now, Terraform version 1.1.6 is available for installation using Chocolatey.

Execute the following command in PowerShell to install Terraform as per the following screenshot:

choco install terraform

Figure 1.4: Install Terraform using Chocolatey

Note: Infrastructure as code tools like Terraform help you to create infrastructure that is consistent, repeatable, and predictable even if you run it multiple times. Same Code = Same Output!

In the next section, we will look at how to install Terraform in macOS.

Installing and configuring Terraform on Mac

There are two ways to install Terraform on macOS: manually and via the HomeBrew package manager; both are detailed below. Let’s see how to install Terraform manually:

We will download the installable file for macOS from https://www.terraform.io/downloads.html.

Extract terraform installation file.

Open your .bash_profile file available in the root folder; create a profile if it is not available in your system. Create new bash_profile with the touch .bash-profile command.

Edit the file and add the folder to where you’ve chosen to extract the Terraform binary export PATH=$PATH:~/terraform.

export PATH="$PATH:~/terraform

Save the .bash_profile file.

Restart your terminal.

Enter the source .bash_profile command to use the bash profile with the new terraform-folder as an executable binary path.

Verify the installation with the terraform -version command.

Let’s see how to install terraform on Mac using HomeBrew. Download and install it from https://brew.sh. Add homebrew to the $PATH variable.

The following table lists the steps and the commands.

Table 1.1: Commands to install Terraform on macOS

Note: Terraform helps to create Disposable Environments such as QA, Pre-Prod, or Production. The same Terraform script can be used to create multiple environments with minor changes in the type of resources required for a specific environment.

In the next section, we will explore how to install Terraform in Ubuntu/Debian operating system.

Installing and configuring Terraform on Ubuntu/Debian

Let’s see how to install Terraform manually; we will download the installable file for Ubuntu/Debian from https://www.terraform.io/downloads.html.

Install zip with the following command:

sudo apt-get install zip -y

Unzip the Terraform download with the following command:

unzip terraform*.zip

Let’s move it to /usr/local/bin. (This is where we can keep system programs and libraries that are not available with standard distribution, and usually, they are binary executables).

Verify the installation with the terraform -version command.

Let’s see how to install terraform on Ubuntu/Debian with apt-get. The following table lists the steps with their description and the commands.

Table 1.2: Commands to install Terraform on Ubuntu/Debian

Note: Terraform is cloud-agnostic, and it also supports custom solutions. Terraform allows the same configuration to be used to manage resources across multiple providers in the multi-cloud scenario.

In the next section, we will cover how to install Terraform in CentOS/RHEL/Amazon Linux operating system.

Installing and configuring Terraform on CentOS/RHEL/Amazon Linux

Let’s see how to install Terraform using yum; yum is the tool to install software packages from official Red Hat repositories as well as third-party repositories. The following table lists the steps with description and the commands.

Table 1.3: Commands to install Terraform on CentOS/RHEL/Amazon Linux

In the next section, we will discuss how to install Terraform in a Docker container. We will use Docker Desktop.

Terraform in Docker

Docker Desktop is an easy-to-install community version for Windows and Mac. It is designed to run on Windows 10 (Professional or Enterprise 64-bit or Home 64-bit with WSL 2) and Mac 10.14 or newer. Docker Desktop helps you build and share containerized applications. It is available for free and supports both Linux and Windows Docker containers.

Docker Desktop has the following components:

Docker Engine

Docker CLI client

Docker Compose

Notary

The latest version of Kubernetes

Credential Helper

Following are the steps to install Docker Desktop for Mac.

To install Docker Desktop for Mac, visit https://docs.docker.com/docker-for-mac/install/.

To install Docker Desktop for Windows, visit https://docs.docker.com/docker-for-windows/install/.

Once Docker Desktop is installed, the objective is to install Terraform in Docker Container.

Here, we will install Terraform in Ubuntu Container. Hence, pull Ubuntu image using the docker pull ubuntu:latest command and verify it with docker images command once it is downloaded successfully:

F:\1.DevOps\2022\Terraform 1.1.6\Chapter 1\Code>docker pull ubuntu:latest

latest: Pulling from library/ubuntu

08c01a0ec47e: Pull complete

Digest: sha256:669e010b58baf5beb2836b253c1fd5768333f0d1dbcb834f7c07a4dc93f474be

Status: Downloaded newer image for ubuntu:latest

docker.io/library/ubuntu:latest

F:\1.DevOps\2022\Terraform 1.1.6\Chapter 1\Code>docker images

REPOSITORY               TAG       IMAGE ID       CREATED        SIZE

jenkinsci/blueocean      latest    d76a171ee820   2 weeks ago    582MB

ubuntu                   latest    54c9d81cbb44   2 weeks ago    72.8MB

sonarqube                latest    4ac4842c584e   3 weeks ago    520MB

docker                   dind      1a42336ff683   4 weeks ago    233MB

docker/getting-started   latest    26d80cd96d69   2 months ago   28.5MB

We have downladed ubuntu images, next step is to confirm it in Docker Desktop.

Let’s open Docker Desktop in Windows and verify the image downloaded.

Figure 1.5: Ubuntu image in Docker Desktop

Note: Infrastructure always evolves over the duration of the project. In the case of Infrastructure as Code, code remains in the repository, such as Git. All the versions of Infrastructure Code evolve in the repository; hence, it is easier to walk through the changes over time.

The following is the dockerfile to utilize Ubuntu image and create an image that has terraform installed in it. It will install all the required packages to install Terraform, and finally, it will install Terraform in Docker Image, which can be utilized to create Docker Instances with Terraform available on it.

FROM ubuntu:latest

ENV TERRAFORM_VERSION=1.1.6

RUN apt-get update && apt-get -y install sudo && apt-get -y install curl && apt-get -y install gnupg && apt-get -y install software-properties-common && curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add - && sudo apt-add-repository deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main && sudo apt-get update && sudo apt-get install terraform

Create a dockerfile with the preceding script. Use the docker build -t terraform:v1.1.6. command to create an image that has terraform installed in it.

Figure 1.6: Terraform image in Docker Desktop

Use docker run -it --name terraform116 terraform:v1.1.6 /bin/bash to execute a command in the container created from the terraform image.

Verify that the Terraform version is 6.

Figure 1.7: Verify Terraform version

Then, go back to the Docker Desktop screen and verify the logs. A recent command execution log is available.

Figure 1.8: Docker Desktop container logs

Click on the INSPECT link to verify environment variables in the running Terraform container.

Figure 1.9: Docker Desktop container environment

Click on the STATS link to get details on CPU usage, memory usage, disk, and network related details.

Figure 1.10: Docker Desktop container stats

Execute another command in a container using a command prompt, and verify the logs in the Docker Desktop screen.

Figure 1.11: Logs

In the next section, we will create an AWS account for the Free tier.

Creating an AWS Account

AWS free tier has more than 85 products. There are three categories of free products available with AWS:

Table 1.4: AWS free tier

Let’s verify Free tier services in AWS management console.

Go to https://aws.amazon.com/free/?all-free-tier.sort-by=item.additionalFields.SortRank&all-free-tier.sort-order=asc and verify all the products based on the offers available in free trial.

Figure 1.12: Tier type and products

Visit https://aws.amazon.com/free to create an account for free tier.

Click on Create a Free Account.

On the page Sign up for AWS and provide email address and credentials.

Figure 1.13: Sign up for AWS free tier

Fill in the contact information.

Click on I have read and agree to the terms of the AWS Customer Agreement.

Provide billing information, and complete it with OTP-based registration.

Confirm your identity.

Select a support plan - Basic support – Free. (Not all services that we have used in this book comes under free tier, e.g., Amazon EKS is not covered in free tier. You can get more details about AWS free tier at https://aws.amazon.com/free/.)

Figure 1.14: Successful signup

Log in to AWS Management Console - console.aws.amazon.com, as shown here:

Figure 1.15: AWS management console

Now, you become a root user. Root user has administrator access, which can become a security issue. At this point, we can create multiple user accounts that have limited access using Identity and Access Management (IAM).

In the next section, we will install and configure AWS CLI.

Installing and Configuring AWS CLI

The AWS Command Line Interface (AWS CLI) helps you to interact with AWS services using commands in your command prompt or shell. Why is it useful, and why is it popular?

This is because AWS CLI is an open-source tool. You can execute commands and achieve all your objectives just like with the AWS management console.

You can use the following to execute AWS CLI commands:

Windows command prompt

Linux shells

Windows PowerShell

Cloud virtual machines with PuTTY or SSH

You can manage and maintain the following services using AWS CLI:

AWS Administration

AWS Management

AWS Access functions

New AWS IaaS features and services (at launch or within 180 days of launch)

The AWS CLI is available in two versions, listed as follows:

Table 1.5: AWS CLI version

The objective of installing and configuring AWS CLI is automation; it helps manage AWS resources using command line.

Note: It is difficult to manage large-scale architecture with traditional infrastructure management activities: the time to market gets hit due to the time taken in providing infrastructure to the team for deployment. It is a slow and manual process that invites manual errors. There are multiple tools or services provided by specific cloud service providers, but it has a steep learning curve and vendor lock-in.

You can either choose to download the AWS CLI package for your own OS from the website (https://aws.amazon.com/cli/) or follow the steps listed below to use the Chocolately package manager to keep thing organised on Windows.

Let’s install AWS CLI using Chocolatey. Visit https://chocolatey.org/packages/awscli to get more details and execute choco install awscli.

PS C:\WINDOWS\system32> choco install awscli  Chocolatey v0.10.15

Installing the following packages:

awscli

By installing you accept licenses for the packages.

Progress: Downloading awscli ٢.١.٢٨... ١٠٠٪

awscli v2.1.28 [Approved]

awscli package files install completed. Performing other installation steps.

The package awscli wants to run ‘chocolateyinstall.ps1’.

Note: If you don’t run this script, the installation will fail.

Note: To confirm automatically next time, use ‘-y’ or consider:

choco feature enable -n allowGlobalConfirmation

Do you want to run the script?([Y]es/[A]ll - yes to all/[N]o/[P]rint): yes

File appears to be downloaded already. Verifying with package checksum to determine if it needs to be redownloaded.

Hashes match.

Hashes match.

Installing awscli...

awscli has been installed.

awscli may be able to be automatically uninstalled.

Environment Vars (like PATH) have changed. Close/reopen your shell to

see the changes (or in powershell/cmd.exe just type `refreshenv`).

The install of awscli was successful.

Software installed as ‘MSI’, install location is likely default.

Chocolatey installed 1/1 packages.

See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Configure AWS CLI with the following command. For obtaining key ID and secret key, you’ll need to access the Identity and Access Management (IAM) service in the AWS Console; access your default account and select the Security Credentials tab:

PS C:\Users\Mitesh\3.Hands-onn Terraform> aws configure

AWS Access Key ID [None]: *******************Y

AWS Secret Access Key [None]: *****************XYZ

Default region name [None]: ap-south-1

Default output format [None]:

In the next section, we will create a Microsoft Azure free account.

Creating a Microsoft Azure Account

Microsoft Azure free tier provides popular services free for 12 months. Additionally, 25+ services are always free, and it provides $200 credit to use in your first 30 days.

Visit https://azure.microsoft.com/free, as shown here:

Figure 1.16: Azure free services

Click on Start free.

Accept the agreement.

Complete identity verification by phone: select Phone, and you will receive the verification code.

Verify the code.

Complete identity verification by card.

Click on Sign up.

Microsoft Azure free tier has more than 85. There are three categories of free products available with Azure.

Table 1.6: Azure free tier

TIP: Visit https://azure.microsoft.com/en-in/free/#12-months-free for more details about the services that are free for 12 months. Refer to figure 1.17:

Figure 1.17: 12 months of free services

In the next section, we will install and configure Azure CLI.

Installing and configuring Azure CLI

The Azure command-line interface (Azure CLI) helps you interact with Microsoft Azure services using commands in your command prompt or shell. Why is it useful, and why is it popular?

It is because it is available across Azure services. You can execute commands and achieve all your objectives just like the Azure Management Portal.

You can use the following to execute Azure CLI commands:

Azure cloud shell

Windows command prompt

macOS terminal

Linux shells

Windows PowerShell

Cloud virtual machines with PuTTY or SSH

The objective of installing and configuring Microsoft Azure CLI is automation: it helps manage Microsoft Azure resources using command