Belajar Terraform

Saat ini saya sedang belajar beberapa teknologi yang di gunakan oleh Site Reliability Engineer (SRE) di tempat kerja saya saat ini (Quipper), yang saya pelajari kali ini adalah Terraform.

Infrastructure as code

Jika kita memiliki banyak infrastructure baik itu di AWS, GCP ataupun yang lainnya, kita akan kesulitan untuk mengelola infrastructure tersebut secara manual. Maka dari itu lebih baik mengelola infrastructure sebagai code, beberapa kelebihannya adalah

  1. Integrasi dengan version control
  2. Mudah untuk direview oleh team member
  3. Dapat membuat infrastructure yang percis di akun yang berbeda

Disini kita akan menggunakan terraform untuk memanage Infrastructure as code

Terraform-ing

Install terraform with homebrew

Note: you can check here to download terraform binary https://www.terraform.io/downloads.html

// Meng-install terraform mengguanakan homebrew
$ brew install terraform

// Memastikan terraform sudah ter-install
$ terraform version
Terraform v0.12.24

Oke terraform sekarang sudah di install... selanjutnya kita akan membuat konfigurasi untuk terraform

// Buat folder untuk menyimpan konfigurasi terraform
$ mkdir test-terraform
$ cd test-terraform

Kita setting provider yang akan kita pakai, disini kita akan menggunakan AWS

Buat file main.tf di folder test-terraform

// main.tf

provider "aws" {
  version    = "~> 2.58.0"

  access_key = "your-access-key"
  secret_key = "your-secret-key"
  region     = "ap-southeast-1"
}

Lalu saatnya initialisasi terraform

$ terraform init

Initializing the backend...

Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "aws" (hashicorp/aws) 2.58.0...

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Membuat AWS S3 bucket

Untuk membuat AWS S3 bucket menggunakan terraform, kita dapat menggunakan resouce aws_s3_bucket

mungkin kita dapat membuat file baru bernama s3.tf yang berisi

// s3.tf

resource "aws_s3_bucket" "my-bucket" {
  // bucket harus uniq
  bucket = "andrkrn-terraform-test-001"
  acl    = "public-read"
}

setelah itu kita dapat test dengan terraform plan, ini akan men-simulasikan apa yang akan berubah pada infrastructure kita

$ terraform plan

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.


------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # aws_s3_bucket.my-bucket will be created
  + resource "aws_s3_bucket" "my-bucket" {
      + acceleration_status         = (known after apply)
      + acl                         = "public-read"
      + arn                         = (known after apply)
      + bucket                      = "my-bucket-name"
      + bucket_domain_name          = (known after apply)
      + bucket_regional_domain_name = (known after apply)
      + force_destroy               = false
      + hosted_zone_id              = (known after apply)
      + id                          = (known after apply)
      + region                      = (known after apply)
      + request_payer               = (known after apply)
      + website_domain              = (known after apply)
      + website_endpoint            = (known after apply)

      + versioning {
          + enabled    = (known after apply)
          + mfa_delete = (known after apply)
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

Dapat dilihat pada hasil eksekusi terraform plan, kita dapat mengetahui bahwa akan ada:
1 penambahan infrastructure
tidak perubahan pada infrastructure, dan
tidak ada infrastructure yang akan dihapus

Next, kita akan menjalankan terraform apply untuk mengaplikasikan perubahan pada infrastructure kita

tapi sebelum menjalankan terraform apply, mari kita lihat apa yang ada pada dashboad s3 yang kita punya!

Dashboard S3 Before

Oke, mari kita jalankan sekarang!! :rocket:

$ terraform apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # aws_s3_bucket.my-bucket will be created
  + resource "aws_s3_bucket" "my-bucket" {
      + acceleration_status         = (known after apply)
      + acl                         = "public-read"
      + arn                         = (known after apply)
      + bucket                      = "andrkrn-terraform-test-001"
      + bucket_domain_name          = (known after apply)
      + bucket_regional_domain_name = (known after apply)
      + force_destroy               = false
      + hosted_zone_id              = (known after apply)
      + id                          = (known after apply)
      + region                      = (known after apply)
      + request_payer               = (known after apply)
      + website_domain              = (known after apply)
      + website_endpoint            = (known after apply)

      + versioning {
          + enabled    = (known after apply)
          + mfa_delete = (known after apply)
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_s3_bucket.my-bucket: Creating...
aws_s3_bucket.my-bucket: Creation complete after 5s [id=andrkrn-terraform-test-001]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Mari kita lihat pada dashboard s3 kita...

Dashboard S3 After

Yep, sekarang s3 bucket nya telah terbuat :)

dan akan akan sebuah file yang bernama terraform.tfstate, itu ada state terakhir yang terraform ketahui pada infrastructure kita. bila kita coba cek lagi dengan terraform plan

$ terraform plan

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

aws_s3_bucket.my-bucket: Refreshing state... [id=andrkrn-terraform-test-001]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

terraform mengetahui bahwa tidak ada yang akan diubah dalam infrastructure kita

Jadi, sekarang kita dapat mengelola infrastructure dengan code :tada: :tada: :tada: