Using Terraform to Manage Infrastructure as Code
Explore how Terraform enables you to manage infrastructure as code effectively. Learn about its immutable design, state management, dependency resolution, and its integration with GitOps for automated workflows across multiple cloud providers.
We'll cover the following...
About Terraform
Today’s “king of infrastructure as code” is Terraform. It’s designed from the ground up as an immutable IaC solution. It is, by far, the most widely used, and almost every respectable service vendor has created modules for their platforms. We can see the breadth of its adoption from the list of currently available Terraform providers.
Terraform can use different providers and combines managing various resources with templating. Its system of variables allows us to quickly modify aspects of our infrastructure without making changes to definitions of the resources. On top of that, it’s idempotent. When we apply a set of definitions, it converges the actual into the desired state, whether that means creation, destruction, or modification of our infrastructure and services.
How does Terraform work?
Terraform stores the actual state in a file system. That allows it to output plans and apply the changes to definitions by comparing the desired with the actual state. Nevertheless, storing its state locally is insecure, and it could prevent us from working as a team if other team members are working in other locations. Fortunately, Terraform allows us to utilize different backends where it stores the states. Those can be a network drive, a database, or almost any other storage.
Why Terraform?
One of Terraform’s most useful features is the ability to output a plan. It shows us which resources will be created, modified, and destroyed if we choose to apply the changes in the definitions. That allows us to gain insight into what will happen before it happens.
If we adopt GitOps principles and trigger Terraform only when we change to a repository, we can have a pipeline that will output the plan when creating a pull request. That way, we can easily review the changes applied to our infrastructure and decide whether to merge the changes. If we do merge, another pipeline can apply the changes after being triggered through a webhook. That makes it a perfect candidate for a simple, yet very effective, mix of IaC principles combined with GitOps and automated through continuous delivery tools.
Another nice feature is Terraform’s ability to untangle dependencies between different resources. As such, it can figure out by itself in what order resources should be created, modified, or destroyed.
Nevertheless, those and other Terraform features are not unique. Other tools have them as well. What makes Terraform truly special is the ease with which we can leverage its features and the robustness of the platform and the ecosystem around it. It’s not an accident that it’s the de facto standard and popular choice of many.