Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
HashiCorp Terraform Associate (003) Exam Guide

You're reading from   HashiCorp Terraform Associate (003) Exam Guide Prepare to pass the Terraform Associate exam on your first attempt

Arrow left icon
Product type Paperback
Published in May 2024
Publisher Packt
ISBN-13 9781804618844
Length 344 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Manjunath H. Gowda Manjunath H. Gowda
Author Profile Icon Manjunath H. Gowda
Manjunath H. Gowda
Chandra Mohan Dhanasekaran Chandra Mohan Dhanasekaran
Author Profile Icon Chandra Mohan Dhanasekaran
Chandra Mohan Dhanasekaran
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Introduction to Infrastructure as Code (IaC) and Concepts 2. Why Do We Need Terraform? FREE CHAPTER 3. Basics of Terraform and Core Workflow 4. Terraform Commands and State Management 5. Terraform Modules 6. Terraform Backends and Resource Management 7. Debugging and Troubleshooting Terraform 8. Terraform Functions 9. Understanding HCP Terraform’s Capabilities 10. Miscellaneous Topics 11. Accessing the Online Practice Resources 12. Other Books You May Enjoy

Infrastructure Automation Using IaC

As the name implies, IaC refers to managing infrastructure resources in the form of code instead of manual provisioning. This involves the creation, modification, and deletion of all the infrastructure resources via code.

One of the key principles of DevOps is automation. IaC precisely fits into this principle. Apart from automation, IaC also provides the advantage of using the same best practices that are used for application code in the Software Development Life Cycle (SDLC). This implies that, now, even infrastructure could be versioned and pipelines can be created for continuous deployment since it is all in code.

The following section presents the key advantages that IaC provides over manual deployments.

Advantages of IaC

While looking at the advantages of IaC, it will be compared against manual deployment. Some of the key advantages are listed below:

  • Quicker deployment timelines: When the whole solution is in code that has been vetted, tested, and approved, it is easy to deploy everything in one go. This takes less time than the same deployment being done manually.
  • Consistently repeatable deployments: As the resources are provisioned with the same set of APIs, you can expect the same behavior every single time it gets deployed. The uniformity of the deployment behavior provides assurance about the stability of the solution.
  • Version controlled via a source code management tool such as Git: The configurations and integrations of all the resources can be carried out in code, which is stored in a tool such as Git. This helps you with versioning, merge requests, approvals, and so on. If there is an issue with the latest deployment, it is easy to roll back to the previous version.
  • Better operational efficiency: Automating the process of launching and managing resources allows quicker deployment, which frees up the operations team to work on other important items rather than spending time just setting up the environments.
  • Self-service: If you want to empower the development team to deploy the infrastructure, you can set certain guidelines for the modules/templates. They can use these guidelines for self-service and don’t have to depend on other teams.
  • Accountability: All code written, every modification made, and every line deleted is tracked in the version control system. It is easy to assign accountability to the person responsible for any tasks performed.
  • Increased security: IaC embeds security from the base level and in each layer, such as the network, app, and database layers. Once these are validated by the infosec team, they can be used by all teams. This improves the overall security posture of the organization.

In the next section, you will review the various techniques used in the industry for provisioning infrastructure automatically and how they compare against Terraform.

Various Options for Implementing IaC

There are many ways of implementing IaC. Which option you choose depends on various factors, such as the level of automation required, the skills available in the team, the cloud platform chosen for application deployment, the plan for a multi-cloud presence, and so on. In the following sections, you will go through the options that are regularly used in the industry. Though there are options, Terraform has emerged as a go-to tool for IaC.

Ad Hoc Scripts

Ad hoc scripts are typically written in Shell script, Perl, or Python to automate some of the infrastructure provisioning by directly calling the API and writing the required logic to integrate the resource into the solution. The disadvantage of this is that there is no standardization, and hence each person may solve a problem using different logic and resources in the scripting languages. Scripts written today may not make sense to the same person after three months.

Configuration Management Tools

Configuration management tools such as Chef, Puppet, and Ansible are meant to be used for managing the configuration of software within the operating system. These tools also support infrastructure provisioning. All three of these tools were launched before Terraform and were used by engineers for infrastructure automation. However, this is not their primary functionality. It is important to use the right tool for the right job. Using the wrong tool could give sub-optimal results or could require more effort from you to achieve the same result that could have been achieved using the right tool with minimal effort.

If you want to create the infrastructure for a three-tier architecture-based solution, you may end up spending a similar amount of time on all three tools to create the initial infrastructure. However, the complexity starts when you start modifying the infrastructure.

Consider an example where you want to increase the number of servers from three to six:

  • Write commands that will give the number of servers running in the account
  • Write logic to calculate the new instances to be launched
  • Finally, write code to launch these additional instances

In the case of Terraform, it is as simple as changing the number of servers from three to six. Terraform takes care of figuring out what needs to be done to get the servers to six.

Cloud-Based IaC Services

Each of the major cloud vendors has its own service for IaC functionality:

  • AWS has CloudFormation and Cloud Development Kit (CDK)
  • Microsoft Azure has Azure Resource Manager
  • GCP has Cloud Deployment Manager

Each of these services has very tight integration with the services of the particular cloud, and their support for new services in that cloud will be significantly quicker than any third-party tool, such as Terraform or Pulumi. However, if you need to be present in multiple clouds, are unsure about sticking with a single cloud provider, or just want the team to learn how to use one tool that can be used across the infrastructure, platform, and SaaS tools provisioning automation, then it is better to choose a tool like Terraform that is not dependent on any single vendor but works across them all.

Cloud-Agnostic IaC Tools

Terraform by HashiCorp is a pioneer in cloud-agnostic IaC tools (i.e., able to run on any cloud without getting tied to a single cloud). In recent years, a new tool called Pulumi has also been slowly adopted. Pulumi lets users write code to deploy applications in the language of their choice. Currently, it supports Node.js, Python, Go, .NET, Java, and YAML format.

Note

The AWS Cloud Development Kit (AWS CDK) lets you define the AWS cloud infrastructure in a general-purpose programming language such as TypeScript, JavaScript, Python, Java, C#/.NET, or Go. Both Pulumi and AWS CDK expect you to have some programming language knowledge to make the best use of the tool.

You have been reading a chapter from
HashiCorp Terraform Associate (003) Exam Guide
Published in: May 2024
Publisher: Packt
ISBN-13: 9781804618844
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image