Terraform is an open-source tool for building, changing, and versioning infrastructure safely and efficiently. It allows users to define infrastructure as code and provision resources on cloud platforms like Azure. The document discusses both the benefits of Terraform for Azure, such as treating infrastructure as code and standardized configuration, as well as some challenges, such as limitations in Terraform's language and potential issues with state management. It provides tips for best practices like organizing code and folders, importing existing resources, and handling credentials and IPs. Overall, Terraform is useful for provisioning Azure infrastructure in a repeatable way but requires care around its language and state management.
10. How it works
Command line tool
terraform init
terraform plan -out temp.dat
terraform apply temp.dat
Providers
Executables
azurerm, azuread, azurestack
State (metadata)
23. State management
Myth: State is map of reality
Setup in shared, locked place
Azure Storage or AWS S3
Some changes not sensed
Learn to use
terraform state
24. Stay organized
/ repo root
modules terraform modules
utility general purpose
shared common to multiple applications or environments
application_name internal or public application
non-production can be rebuilt any moment
shared common to multiple environments
e.g. deploy agents, jumpbox
qa Integration test
uat User acceptance test
perf Load testing
production everything here is critical
... details on next slide
25. Stay organized (cont’d)
/ repo root
production everything here is critical
legacy hand made infrastructure e.g. TFS
shared common to main and DR
e.g. networking
live PRODUCTION ENVIRONMENTS
network “everlasting” resources
data-tier long-lived resources
app-tier short-lived resources
app_name resources for an app
dr Disaster recovery site
... As above
26. Folders and state
Each leaf has a state file
Source can refer to existing state files
production
shared production/shared/terraform.tfstate
live
network production/live/network/terraform.tfstate
app-tier production/live/app-tier/terraform.tfstate
27. Three steps to import
Define as regular resources
Add safety clause
lifecycle {
prevent_destroy = true
}
Include in state
terraform import