Download to read offline
Uploaded byStenio Ferreira
Chicago Hashicorp User Group - Terraform Public Module Registry
The document discusses an introduction to Terraform best practices. It covers using modules to organize infrastructure code, setting infrastructure variables, formatting code, and improving outputs. The document also discusses Terraform's extensible provider model and public module registry. Examples are provided on deploying infrastructure on AWS and Azure using Terraform.
More Related Content
Similar to Chicago Hashicorp User Group - Terraform Public Module Registry
![Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]](https://cdn.slidesharecdn.com/ss_thumbnails/automatingispnetworksusingansibleandipamasasourceoftruthsot-v25-1-251124105117-d7d4ca24-thumbnail.jpg?width=640&height=640&fit=bounds)
Chicago Hashicorp User Group - Terraform Public Module Registry
- 3. Agenda ● Introductions ● TerraformIntro ● General Best Practices ● Examples with AWS & Azure ● Public Module Registry
- 4. Who we are StenioFerreira Sr. Solutions Engineer @stenio123 stenio@hashicorp.com Adam Cavaliere Sr. Solutions Engineer @AdamCavaliere adam@hashicorp.com
- 5.
- 6. Copyright © 2018HashiCorp 6 Core TERRAFORM CONFIGURATION OPERATOR Infrastructure as code Provider file.tf resource "google_compute_instance" "server" { name = "server" machine_type = "g1-small" zone = "us-central1-a" disk { image = "ubuntu-1404-trusty-v20160114e" } } resource "dnsimple_record" "hello" { domain = "example.com" name = "server" } INFRASTRUCTURE AS CODE
- 7. Copyright © 2018HashiCorp resource "google_compute_instance" "server" { name = "server" machine_type = "g1-small" zone = "us-central1-a" disk { image = "ubuntu-1404-trusty-v20160114e" } } resource "dnsimple_record" "hello" { domain = "example.com" name = "server" value = "${google_compute_instance.server.network_interface.0.address}" type = "A" } 7 Resources from different providers are declared Infrastructure as code
- 8. Copyright © 2018HashiCorp resource "google_compute_instance" "server" { name = "server" machine_type = "g1-small" zone = "us-central1-a" disk { image = "ubuntu-1404-trusty-v20160114e" } } resource "dnsimple_record" "hello" { domain = "example.com" name = "server" value = "${google_compute_instance.server.network_interface.0.address}" type = "A" } 8 Compute instance creation would generate an IP address Infrastructure as code
- 9. Copyright © 2018HashiCorp resource "google_compute_instance" "server" { name = "server" machine_type = "g1-small" zone = "us-central1-a" disk { image = "ubuntu-1404-trusty-v20160114e" } } resource "dnsimple_record" "hello" { domain = "example.com" name = "server" value = "${google_compute_instance.server.network_interface.0.address}" type = "A" } 9 The IP address value is interpolated to be used as a value input for a DNS record Infrastructure as code
- 10. Copyright © 2018HashiCorp 10 Core Terraform Workflow Provider Plan $ terraform plan + google_compute_instance.server can_ip_forward: "false" … Use Terraform plan to preview infrastructure changes PROVISIONING WORKFLOW terminal OPERATOR TERRAFORM CONFIGURATION
- 11. Copyright © 2018HashiCorp 11 Core Terraform Workflow Provider PROVISIONING WORKFLOW Apply $ terraform apply … terminal OPERATOR TERRAFORM CONFIGURATION Use Terraform apply to execute provisioning
- 12. Copyright © 2018HashiCorp 12 Core OPERATOR Extensible Provider Model EXTENSIBLE PROVIDER MODEL Alibaba AWS Azure … … … … F5 Akamai Heroku GitHub Kubernetes Fastly Datadog GCP DNSimple Terraform includes over 100+ providers, 1000+ resources, always more
- 13. Best Practices 1. Modules a.Use shared modules b. Use terraform import to include as many resources as you can (brownfield) 2. Variables a. Isolate environments using variables b. Avoid hardcoding the resources 3. Format terraform codes 4. Improve Terraform output: https://github.com/coinbase/terraform-landscape 5. After Terraform 0.10, remember to make provider explicit to avoid errors 6. State file a. Save it remotely b.Track it using version control
- 14. Modules Publishing module topublic registry: https://www.terraform.io/docs/registry/modules/publish.html Networking Outputs: ● VPC ID ● Subnet ID Resources: ● VPC ● Subnet ● Route Tables Vars: ● CIDR prefix ● Region Data Outputs: ● VPC ID ● Subnet ID Resources: ● RDS ● Security Group Vars: ● DB size ● Root password ● Subnet ID ● IP Whitelist ● Reusable blocks of code ● Customized using variables ● Exports outputs
- 15. Copyright © 2018HashiCorp 15 Core Azure TERRAFORM CONFIGURATION network compute Terraform Module Registry HashiCorp provides the public and freely available UI at registry.terraform.io Module Producer OPERATOR INFRASTRUCTURE AS CODE
- 16. Copyright © 2018HashiCorp 16 Core Azure TERRAFORM CONFIGURATION network compute Module Producer Terraform Module Registry HashiCorp provides the public and freely available UI at registry.terraform.io Module Consumer OPERATOR INFRASTRUCTURE AS CODE
- 17. Terraform Public Registry Verifiedvs unverified modules Module verification is currently a manual process restricted to a small group of trusted HashiCorp partners. In the coming months, we'll be expanding verification to enable the broader community to verify their modules. Source
- 18. Demo ● Example ofsimple deploy utilizing AWS & Azure ● Example of same type of deploy utilizing modules from public registry. ● Module review in Public Registry Code: https://github.com/AdamCavaliere/terraform-demos
- 19. Jobs! Love HashiCorp? Wantto Work at HashiCorp? We are hiring! https://www.hashicorp.com/jobs
- 20. Copyright © 2017HashiCorp Collaboration Governance Provisioning Terraform Enterprise Premium 20 Governance features to scale Terraform from a team to an organization Individuals use OSS Teams use Pro Organizations use Premium Provisioning Provisioning Collaboration OrganizationalComplexity
- 21. Copyright © 2018HashiCorp 21 Terraform Enterprise