Azure Resource Provisioning Using Terraform

Infrastructure as Code 

Infrastructure as Code (IaC) enables developers to define infrastructure in a way that automates, accelerates and repeats provisioning. It’s an integral part of Agile and DevOps techniques, like continuous integration, continuous deployment, and version control. 

Terraform Introduction 

You can construct, modify, and version infrastructure securely and effectively using HashiCorp Terraform. It is an open-source platform that handles Infrastructure as Code. The declarative, proprietary language known as HashiCorp Configuration Language (HCL) is used to create Terraform configurations (HCL). It examines every resource in the directory marked with an a.tf extension before carrying out the configuration. 

Terraform Provisions Immutable Infrastructure 

Terraform provides an execution plan before deployment that explains what it will do and seeks your permission before making any infrastructure modifications.

1. Create a base Terraform configuration file

provider “azurerm” { 

  version = “~>2.0” 

  features {}  

} 

resource “azurerm_resource_group” “rg” { 

  name = “<resource_group >” 

  location = “<East US>” 

}  

2. Initializing Terraform

terraform init 

3. Creating Terraform Plan

terraform plan

4. Terraform Apply/Run

terraform apply 

5. Azure Portal: Resource Group

  1. Create Terraform Configuration file(provider.tf) 
  2. Set our Terraform Plan 
  3. Execute “terraform apply” to run your Terraform Plan 
  4. You have access to Azure Resource Provisioning Group automatically via Terraform 

Terraform Important Concepts

 

Terraform Concepts
 

Terraform Language 

You can declare the resources for infrastructure using HCL. The arguments and block syntax constructs form the foundation of the Terraform language syntax. 

A block has labels and a type. How many labels must come after a block type is specified for each block type? 

<BLOCK TYPE> “<BLOCK LABEL>” “<BLOCK LABEL>”  

{ 

  <IDENTIFIER> = <EXPRESSION> # Argument 

} 

example: A resource block specifies a given type of resource 

(“azurerm_resource_group”) with a given local name (“vnet_main”). 

resource <resource type> <local name> 

resource “azurerm_resource_group” “vnet_main”  

{ 

    name     = var.resource_group_name 

    location = var.location 

} 

Terraform providers  

Azure Resource Provisioning types are implemented via plugins called Terraform providers. Providers include information that enables clients of Terraform to connect to the platform. You can locate providers for the cloud services and platforms you employ, include them in your configuration, and then use their resources to provision infrastructure. 

Example Providers: 

  • Azure: azurerm, azuread 
  • AWS: aws 
  • Google: google 

Terraform Modules 

Terraform modules are reusable containers. Technically, any collection of Terraform configuration files in a folder is a module because a module is simply a collection of related.tf and/or.tf.json files are maintained together in a directory. The term “child module” is frequently used to describe a module that has been called by another module. 

Terraform has the capability to load modules from a private or public registry. The Terraform Registry is a good illustration of a public registry. It includes products created by the Terraform community members, third-party providers, and HashiCorp. 

Terraform Variables 

Terraform supports the following kinds of variables or named values: 

  • Users can modify behavior without changing the source code by using input variables as parameters for a Terraform module. 
  • For a Terraform module, output values are similar to return values. 
  • A practical feature for giving an expression a short name is called local values. 

Please visit the documentation for more details. 

Terraform State 

Terraform state is used by tf to track metadata and map real-world resources to your configuration. uses the state to keep track of connections between resources declared in your configuration and objects in a remote system. It is automatically saved as a local file with the name terraform. tfstat 

Deployment using Terraform is essentially a 3-step process:  

  1. Terraform init 
  2. Terraform Plan 
  3. Terraform Apply 

Brief Explanation:

You have to configure the file and add all the details, including the resource group name, container, storage account name, and key name. If not, you can choose to insert these details directly using the “terraform init” command. 

 

terraform  

{ 

  backend “azurerm”  

  { 

    resource_group_name = “resource grp name” 

    storage_account_name = “storage account name 

    container_name  = “azure blob container name” 

    key                  = “tf state file ex: dev.terraform.tfstate” 

  } 

} 

Step 1: 

In order to prepare a directory, initialization carries out a number of operations, such as accessing preset backend state, downloading and installing provider plugins, and downloading modules. 

terraform init  

Step 2: 

You must give Terraform the necessary information so that it can connect to your cloud subscription before continuing. There are several ways you can handle this. We will locally authenticate Terraform for this demonstration using the Azure CI CD Pipeline. Just use your machine’s Azure CLI to log in. This will save your login information on your work computer, where Terraform can pick it up immediately. 

az login 

Step 3: 

After initialization, you are prepared to use the terraform plan command to generate an execution plan. In order to construct the configuration given in your configuration files, it analyses each Terraform configuration file and determines what steps must be taken. Prior to making any modifications to actual resources, this pattern enables you to check that the execution plan corresponds to your expectations. 

terraform plan -out vnet.tfplan 

Step 4: 

In this step, we will apply this configuration. The information created as part of the plan will be carried out using Terraform apply. 

 terraform apply vnet.tfplan 

Terraform Destroy 

The “terraform destroy” command makes it simple to eliminate all remote objects controlled by a specific Terraform configuration. You have to make a plan first, and then destroy in the next step to destroy resources. 

terraform destroy 

Conclusion 

It features a template-based configuration file syntax, allowing you to automate the configuration and deployment of Azure app resources. You may reduce deployment and testing expenses by automating the creation and administration of infrastructure. A company’s infrastructure setup for IaC in the cloud and on-premises is automated via Terraform. 

If you need further help with your Azure Resource Provisioning using Terraform, contact us at [email protected]. Our team would love to facilitate you! 

Let's make it happen

We love fixing complex problems with innovative solutions. Get in touch to let us know what you’re looking for and our solution architect will get back to you soon.
Let's Talk