Terraform automates the deployment of infrastructure through Infrastructure as Code (IaC), creating and managing components across various providers via an abstraction layer.
gcp_cicd_bootstrap
: Branch with complete Terraform Cloud CI/CD bootstrap config w/ Github actions and Google Cloud Build
- Terraform CLI: The command-line interface tool that allows users to execute Terraform commands.
- Providers: Plugins for managing resources with cloud providers like AWS, Azure, Google Cloud, Docker, Kubernetes, etc.
- Resources: Individual infrastructure components, such as virtual machines, network interfaces, or managed databases.
- Variables: Parameters that dynamically configure resources, allowing for flexibility and reusability of configurations.
- Inputs (Input Variables): Parameters defined by users to customize Terraform configurations, allowing users to input custom values without altering the main configuration.
- Functions: Built-in functions allow for basic transformations and computations within Terraform configuration.
- Expressions: Used to reference or compute values within a configuration, enabling dynamic configurations.
- Modules: Reusable blocks of configuration, grouping related resources, to simplify setup and management.
- Outputs (Output Variables): Variables that provide information about the infrastructure, useful for referencing in other configurations or modules.
- State: Tracks the current state of your infrastructure, comparing it to the planned state to determine changes.
- Remote State (Back-end): Stores the state file in a remote data store, facilitating team collaboration and state management.
- Declarative Syntax: You specify the desired end-state of the infrastructure, and Terraform figures out the steps to achieve it.
- Idempotency: Ensures operations produce the same outcome, regardless of how many times they are executed.
- Terraform Plan: Generates an execution plan, showing what Terraform will do when you apply your configuration.
- Terraform Apply: Executes the actions proposed in a Terraform plan to reach the desired state of the configuration.
- Terraform Workspace: Allows for the management of multiple distinct sets of infrastructure resources or environments from the same configuration.
- Initialization: Prepares your directory for Terraform operations, including downloading required providers.
terraform init
- Validation: Checks if the configuration is syntactically valid and internally consistent.
terraform validate
- Formatting: Adjusts the configuration files to Terraform's standard formatting style.
terraform fmt
- Planning: Creates an execution plan, showing what Terraform intends to do to achieve the desired infrastructure state.
terraform plan
- Applying: Executes the actions proposed in the Terraform plan to reach the desired state.
terraform apply
- Destruction: Removes all resources defined in the Terraform configuration.
terraform destroy
- Variables can be defined directly in
.tf
files or externalized intoterraform.tfvars
files, especially for sensitive data. - The configuration can be applied with the
-var
or-var-file
flags during the apply step.
- AWS Bucket for
.tfstate
storage (e.g.,<name>-terraform-bucket
). - Configure
aws.tfvars
orgcloud.tfvars
with provider-specific config variables likeaccess_key
,secret_key
,region
.
terraform init -var-file=aws.tfvars
terraform init -var-file=gcloud.tfvars
terraform apply -var-file=aws.tfvars --auto-approve
terraform apply -var-file=gcloud.tfvars --auto-approve
terraform destroy -var-file=aws.tfvars --auto-approve
terraform destroy -var-file=gcloud.tfvars --auto-approve
- AWS EKS:
aws eks update-kubeconfig --name <your-cluster-name>
- Google Cloud GKE:
gcloud container clusters get-credentials <name>-cluster --region us-central1 --project <project-name>
- Ensure consistent formatting across all Terraform files.
terraform fmt -recursive
- GCloud SDK: Necessary for authenticating and configuring GCP for use with Terraform.
- Authenticate with GCP:
gcloud auth application-default login gcloud auth login `ACCOUNT` gcloud config set project <project-id>
- Enable required GCP services:
gcloud services enable iam.googleapis.com gcloud services enable cloudresourcemanager.googleapis.com
- Authenticate with GCP:
- Generating an execution plan and applying it:
terraform plan -out=s1.tfplan terraform apply s1.tfplan
- For a visual representation of your Terraform plan:
terraform graph // Use with webgraphviz.com
- Inspecting a plan:
terraform show s1.tfplan terraform show -json s1.tfplan
- Terraform Destroy: To remove all resources managed by Terraform.
Alternatively, resources can be deleted directly in the GCP console.
terraform destroy
- Validate configurations with
terraform validate
. - Variables can be set via:
terraform.tfvars
files.- CLI using
-var
or-var-file
. - Environment variables.
- Configure backend for state management:
terraform init -backend-config="bucket=remotestate_<project-id>"