Terraform
Terraform is an infrastructure-as-code software tool created by HashiCorp. Users define and provide data center infrastructure using a declarative configuration language known as HashiCorp Configuration Language (HCL), or optionally JSON.
Although Terraform is the dominant leader in the space (citation needed), there has been some general community forming behind the OpenTofu project (open source fork of Terraform due to the licensing brouhaha - see 'Related') that is hosted by the Linux Foundation.
Best Practices[edit]
- Manipulate state only through TF commands (don't edit the state file directly)
- Use shared remote storage (not local) for state files. E.g. Amazon S3 bucket. (If your backend storage offers file locking, automatic versioning and backup, then use those features.)
- Use file locking on state files to avoid contention issues.
- Backup state files to avoid data loss / aid recovery.
- Use separate state files for each environment.
- Put TF files into a repo (aka GitOps).
- Use CI for TF code. (Use git flow, pull requests, etc. to review and test code changes; control who can merge changes.)
- Use CD pipelines for (automated) deployment rather than manual tf apply.
Resources[edit]
The cloud.terraform Ansible Galaxy collection: docs on Galaxy GitHub
The collection automates the management and provisioning of infrastructure as code (IaC) using the Terraform CLI tool within Ansible playbooks and Execution Environment runtimes. It is intended to support similar automation capabilities consistent with other cloud provisioning tool integrations for Ansible such as AWS Cloudformation, Azure Resource Manager and Helm with the added challenge of effectively managing a state file.
The Hashicorp developer tutorial on getting started with Terraform on AWS. https://developer.hashicorp.com/terraform/tutorials/aws-get-started
Build, change, and destroy AWS infrastructure using Terraform. Step-by-step, command-line tutorials will walk you through the Terraform basics for the first time.
