Belajar Terraform
Saat ini saya sedang belajar beberapa teknologi yang di gunakan oleh Site Reliability Engineer (SRE) di tempat kerja saya saat ini (Quipper), yang saya pelajari kali ini adalah Terraform.
Infrastructure as code
Jika kita memiliki banyak infrastructure baik itu di AWS, GCP ataupun yang lainnya, kita akan kesulitan untuk mengelola infrastructure tersebut secara manual. Maka dari itu lebih baik mengelola infrastructure sebagai code, beberapa kelebihannya adalah
- Integrasi dengan version control
- Mudah untuk direview oleh team member
- Dapat membuat infrastructure yang percis di akun yang berbeda
Disini kita akan menggunakan terraform untuk memanage Infrastructure as code
Terraform-ing
Install terraform with homebrew
Note: you can check here to download terraform binary https://www.terraform.io/downloads.html
// Meng-install terraform mengguanakan homebrew
$ brew install terraform
// Memastikan terraform sudah ter-install
$ terraform version
Terraform v0.12.24
Oke terraform sekarang sudah di install... selanjutnya kita akan membuat konfigurasi untuk terraform
// Buat folder untuk menyimpan konfigurasi terraform
$ mkdir test-terraform
$ cd test-terraform
Kita setting provider yang akan kita pakai, disini kita akan menggunakan AWS
Buat file main.tf
di folder test-terraform
// main.tf
provider "aws" {
version = "~> 2.58.0"
access_key = "your-access-key"
secret_key = "your-secret-key"
region = "ap-southeast-1"
}
Lalu saatnya initialisasi terraform
$ terraform init
Initializing the backend...
Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "aws" (hashicorp/aws) 2.58.0...
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Membuat AWS S3 bucket
Untuk membuat AWS S3 bucket menggunakan terraform, kita dapat menggunakan resouce aws_s3_bucket
mungkin kita dapat membuat file baru bernama s3.tf
yang berisi
// s3.tf
resource "aws_s3_bucket" "my-bucket" {
// bucket harus uniq
bucket = "andrkrn-terraform-test-001"
acl = "public-read"
}
setelah itu kita dapat test dengan terraform plan
, ini akan men-simulasikan apa yang akan berubah pada infrastructure kita
$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_s3_bucket.my-bucket will be created
+ resource "aws_s3_bucket" "my-bucket" {
+ acceleration_status = (known after apply)
+ acl = "public-read"
+ arn = (known after apply)
+ bucket = "my-bucket-name"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = false
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ versioning {
+ enabled = (known after apply)
+ mfa_delete = (known after apply)
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
Dapat dilihat pada hasil eksekusi terraform plan
, kita dapat mengetahui bahwa akan ada:
1 penambahan infrastructure
tidak perubahan pada infrastructure, dan
tidak ada infrastructure yang akan dihapus
Next, kita akan menjalankan terraform apply
untuk mengaplikasikan perubahan pada infrastructure kita
tapi sebelum menjalankan terraform apply
, mari kita lihat apa yang ada pada dashboad s3 yang kita punya!
Oke, mari kita jalankan sekarang!! :rocket:
$ terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_s3_bucket.my-bucket will be created
+ resource "aws_s3_bucket" "my-bucket" {
+ acceleration_status = (known after apply)
+ acl = "public-read"
+ arn = (known after apply)
+ bucket = "andrkrn-terraform-test-001"
+ bucket_domain_name = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = false
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
+ versioning {
+ enabled = (known after apply)
+ mfa_delete = (known after apply)
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_s3_bucket.my-bucket: Creating...
aws_s3_bucket.my-bucket: Creation complete after 5s [id=andrkrn-terraform-test-001]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Mari kita lihat pada dashboard s3 kita...
Yep, sekarang s3 bucket nya telah terbuat :)
dan akan akan sebuah file yang bernama terraform.tfstate
, itu ada state
terakhir yang terraform ketahui pada infrastructure kita. bila kita coba cek lagi dengan terraform plan
$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
aws_s3_bucket.my-bucket: Refreshing state... [id=andrkrn-terraform-test-001]
------------------------------------------------------------------------
No changes. Infrastructure is up-to-date.
This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.
terraform mengetahui bahwa tidak ada yang akan diubah dalam infrastructure kita
Jadi, sekarang kita dapat mengelola infrastructure dengan code :tada: :tada: :tada: