Terraform

1 Install Terraform

1.1 Amazon Linux

Install yum-config-manager to manage your repositories.

$ sudo yum install -y yum-utils

Use yum-config-manager to add the official HashiCorp Linux repository.

$ sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo

Install Terraform from the new repository.

$ sudo yum -y install terraform

1.2 Verify the installation

[root@ip-172-31-24-108 ~]# terraform -version
Terraform v1.8.5
on linux_amd64

1.3 Enable tab completion

bash

touch ~/.bashrc

Then install the autocomplete package.

terraform -install-autocomplete

2 Quick start tutorial

2.1 install Docker Engine

sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo systemctl start docker
sudo docker run hello-world

2.2

Create a directory named learn-terraform-docker-container.

$ mkdir learn-terraform-docker-container

This working directory houses the configuration files that you write to describe the infrastructure you want Terraform to create and manage. When you initialize and apply the configuration here, Terraform uses this directory to store required plugins, modules (pre-written configurations), and information about the real infrastructure it created.

Navigate into the working directory.

$ cd learn-terraform-docker-container

In the working directory, create a file called main.tf and paste the following Terraform configuration into it.

terraform {
  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
      version = "~> 3.0.1"
    }
  }
}

provider "docker" {}

resource "docker_image" "nginx" {
  name         = "nginx"
  keep_locally = false
}

resource "docker_container" "nginx" {
  image = docker_image.nginx.image_id
  name  = "tutorial"

  ports {
    internal = 80
    external = 8000
  }
}

Initialize the project, which downloads a plugin called a provider that lets Terraform interact with Docker.

$ terraform init

Provision the NGINX server container with apply. When Terraform asks you to confirm type yes and press ENTER.

$ terraform plan
$ terraform apply

Verify the existence of the NGINX container by visiting localhost:8000 in your web browser or running docker ps to see the container.

$ docker ps

To stop the container, run terraform destroy.

$ terraform destroy

You've now provisioned and destroyed an NGINX webserver with Terraform.

3 build

3.1 Prerequisites

To follow this tutorial you will need:

• The Terraform CLI (1.2.0+) installed.
• The AWS CLI installed. Install or update to the latest version of the AWS CLI - AWS Command Line Interface (amazon.com)

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
# aws --version
aws-cli/2.16.7 Python/3.11.8 Linux/6.1.92-99.174.amzn2023.x86_64 exe/x86_64.amzn.2023

• AWS account and associated credentials that allow you to create resources.

To use your IAM credentials to authenticate the Terraform AWS provider, set the AWS_ACCESS_KEY_ID environment variable.

$ export AWS_ACCESS_KEY_ID=

Now, set your secret key.

$ export AWS_SECRET_ACCESS_KEY=

3.2 Write configuration

Each Terraform configuration must be in its own working directory. Create a directory for your configuration.

$ mkdir learn-terraform-aws-instance

Change into the directory.

$ cd learn-terraform-aws-instance

Create a file to define your infrastructure.

$ touch main.tf

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.16"
    }
  }

  required_version = ">= 1.2.0"
}

provider "aws" {
  region  = "us-east-1"
}

resource "aws_instance" "app_server-1" {
  ami               		= "ami-08a0d1e16fc3f61ea"
  instance_type     		= "t2.micro"
  availability_zone 		= "us-east-1b"
  vpc_security_group_ids     = ["sg-052590e460117f9ad"]
  key_name                   = "key-0505485572be88125"

  tags = {
    Name = "ansible-mem-1"
  }
}
resource "aws_instance" "app_server-2" {
  ami               		= "ami-08a0d1e16fc3f61ea"
  instance_type     		= "t2.micro"
  availability_zone 		= "us-east-1b"
  vpc_security_group_ids     = ["sg-052590e460117f9ad"]
  key_name                   = "key-0505485572be88125"

  tags = {
    Name = "ansible-mem-2"
  }
}

3.3 Initialize the directory

When you create a new configuration — or check out an existing configuration from version control — you need to initialize the directory with terraform init.

$ terraform init

3.4 Format and validate the configuration

We recommend using consistent formatting in all of your configuration files. The terraform fmt command automatically updates configurations in the current directory for readability and consistency.

$ terraform fmt
$ terraform validate
Success! The configuration is valid.

3.5 Create infrastructure

$ terraform plan
$ terraform apply

3.6 Inspect state

When you applied your configuration, Terraform wrote data into a file called terraform.tfstate

$ terraform show

3.7 Manually Managing State

Terraform has a built-in command called terraform state for advanced state management. Use the list subcommand to list of the resources in your project's state.

$ terraform state list
aws_instance.app_server

4 Change infrastructure

4.1 Configuration

修改main.tf

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.16"
    }
  }

  required_version = ">= 1.2.0"
}

provider "aws" {
  region  = "us-east-1"
}

resource "aws_instance" "app_server-1" {
  ami               		= "ami-08a0d1e16fc3f61ea"
  instance_type     		= "t2.micro"
  availability_zone 		= "us-east-1b"
  vpc_security_group_ids     = ["sg-052590e460117f9ad"]
  + key_name                   = "Ansible"

  tags = {
    Name = "ansible-mem-1"
  }
}
resource "aws_instance" "app_server-2" {
  ami               		= "ami-08a0d1e16fc3f61ea"
  instance_type     		= "t2.micro"
  availability_zone 		= "us-east-1b"
  vpc_security_group_ids     = ["sg-052590e460117f9ad"]
  + key_name                   = "Ansible"

  tags = {
    Name = "ansible-mem-2"
  }
}

4.2 Apply Changes

$ terraform apply

5 Destroy infrastructure

$ terraform destroy

6 Define input variables

6.1 Set the instance name with a variable

Create a new file called variables.tf with a block defining a new instance_name variable in the learn-terraform-aws-instance directory.

$ touch variables.tf

variable "instance_name" {
  description = "Value of the Name tag for the EC2 instance"
  type        = string
  default     = "Ansible_mem"
}

variable "instance_ami" {
  description = "Value of the ami for the EC2 instance"
  type        = string
  default     = "ami-08a0d1e16fc3f61ea"
}

variable "instance_type" {
  description = "Value of the type for the EC2 instance"
  type        = string
  default     = "t2.micro"
}

variable "availability_zone" {
  description = "Value of the AZ for the EC2 instance"
  type        = string
  default     = "us-east-1b"
}

variable "vpc_security_group_ids" {
  description = "Value of the SG for the EC2 instance"
  type        = set(string)
  default     = ["sg-052590e460117f9ad"]
}

variable "key_name" {
  description = "Value of the SG for the EC2 instance"
  type        = string
  default     = "Ansible"
}