Terraform has become a key player in the DevOps world for defining, launching, and managing infrastructure as code (IaC) across a variety of cloud and virtualization platforms, including AWS, Google Cloud, Azure, and more. This hands-on third edition, expanded and thoroughly updated for version 1.0 and beyond, shows you the fastest way to get up and running with Terraform.
Gruntwork cofounder Yevgeniy (Jim) Brikman takes you through code examples that demonstrate Terraform's simple, declarative programming language for deploying and managing infrastructure with a few commands. Veteran sysadmins, DevOps engineers, and novice developers will quickly go from Terraform basics to running a full stack that can support a massive amount of traffic and a large team of developers.
- Compare Terraform with Chef, Puppet, Ansible, CloudFormation, and Pulumi
- Deploy servers, load balancers, and databases
- Create reusable infrastructure with Terraform modules
- Test your Terraform modules with static analysis, unit tests, and integration tests
- Configure CI/CD pipelines for both your apps and infrastructure code
- Use advanced Terraform syntax for loops, conditionals, and zero-downtime deployment
- Get up to speed on Terraform 0.13 to 1.0 and beyond
- Work with multiple clouds and providers (including Kubernetes!)
Author(s): Yevgeniy Brikman
Edition: 3
Publisher: O'Reilly Media
Year: 2022
Language: English
Pages: 459
City: Sebastopol, CA
Tags: IaC; Infrastructure as Code; DevOps; Terraform; Data Centers; Software Development; IT Operations
Cover
Copyright
Table of Contents
Preface
Who Should Read This Book
Why I Wrote This Book
What You Will Find in This Book
Changes from the Second Edition to the Third Edition
Changes from the First Edition to the Second Edition
What You Won’t Find in This Book
Open Source Code Examples
Using the Code Examples
Conventions Used in This Book
O’Reilly Online Learning
How to Contact O’Reilly Media
Acknowledgments
Chapter 1. Why Terraform
What Is DevOps?
What Is Infrastructure as Code?
Ad Hoc Scripts
Configuration Management Tools
Server Templating Tools
Orchestration Tools
Provisioning Tools
What Are the Benefits of Infrastructure as Code?
How Does Terraform Work?
How Does Terraform Compare to Other IaC Tools?
Configuration Management Versus Provisioning
Mutable Infrastructure Versus Immutable Infrastructure
Procedural Language Versus Declarative Language
General-Purpose Language Versus Domain-Specific Language
Master Versus Masterless
Agent Versus Agentless
Paid Versus Free Offering
Large Community Versus Small Community
Mature Versus Cutting Edge
Use of Multiple Tools Together
Conclusion
Chapter 2. Getting Started with Terraform
Setting Up Your AWS Account
Installing Terraform
Deploying a Single Server
Deploying a Single Web Server
Deploying a Configurable Web Server
Deploying a Cluster of Web Servers
Deploying a Load Balancer
Cleanup
Conclusion
Chapter 3. How to Manage Terraform State
What Is Terraform State?
Shared Storage for State Files
Limitations with Terraform’s Backends
State File Isolation
Isolation via Workspaces
Isolation via File Layout
The terraform_remote_state Data Source
Conclusion
Chapter 4. How to Create Reusable Infrastructure with Terraform Modules
Module Basics
Module Inputs
Module Locals
Module Outputs
Module Gotchas
File Paths
Inline Blocks
Module Versioning
Conclusion
Chapter 5. Terraform Tips and Tricks: Loops, If-Statements, Deployment, and Gotchas
Loops
Loops with the count Parameter
Loops with for_each Expressions
Loops with for Expressions
Loops with the for String Directive
Conditionals
Conditionals with the count Parameter
Conditionals with for_each and for Expressions
Conditionals with the if String Directive
Zero-Downtime Deployment
Terraform Gotchas
count and for_each Have Limitations
Zero-Downtime Deployment Has Limitations
Valid Plans Can Fail
Refactoring Can Be Tricky
Conclusion
Chapter 6. Managing Secrets with Terraform
Secret Management Basics
Secret Management Tools
The Types of Secrets You Store
The Way You Store Secrets
The Interface You Use to Access Secrets
A Comparison of Secret Management Tools
Secret Management Tools with Terraform
Providers
Resources and Data Sources
State Files and Plan Files
Conclusion
Chapter 7. Working with Multiple Providers
Working with One Provider
What Is a Provider?
How Do You Install Providers?
How Do You Use Providers?
Working with Multiple Copies of the Same Provider
Working with Multiple AWS Regions
Working with Multiple AWS Accounts
Creating Modules That Can Work with Multiple Providers
Working with Multiple Different Providers
A Crash Course on Docker
A Crash Course on Kubernetes
Deploying Docker Containers in AWS Using Elastic Kubernetes Service
Conclusion
Chapter 8. Production-Grade Terraform Code
Why It Takes So Long to Build Production-Grade Infrastructure
The Production-Grade Infrastructure Checklist
Production-Grade Infrastructure Modules
Small Modules
Composable Modules
Testable Modules
Versioned Modules
Beyond Terraform Modules
Conclusion
Chapter 9. How to Test Terraform Code
Manual Tests
Manual Testing Basics
Cleaning Up After Tests
Automated Tests
Unit Tests
Integration Tests
End-to-End Tests
Other Testing Approaches
Conclusion
Chapter 10. How to Use Terraform as a Team
Adopting IaC in Your Team
Convince Your Boss
Work Incrementally
Give Your Team the Time to Learn
A Workflow for Deploying Application Code
Use Version Control
Run the Code Locally
Make Code Changes
Submit Changes for Review
Run Automated Tests
Merge and Release
Deploy
A Workflow for Deploying Infrastructure Code
Use Version Control
Run the Code Locally
Make Code Changes
Submit Changes for Review
Run Automated Tests
Merge and Release
Deploy
Putting It All Together
Conclusion
Appendix. Recommended Reading
Books
Blogs
Talks
Newsletters
Online Forums
Index
About the Author
Colophon
