top of page

Terraform the IaC Tool


Terraform by HashiCorp is an open-source infrastructure-as-code (IaC) tool. It lets you define both cloud and on-premise resources in human-readable configuration files that you can version, reuse, and share.


Why should I use Terraform?

There are several ways in which this tool is used to speed up processes, save money and reduce the number of resources required to maintain and deploy infrastructure projects.


Architects can use Terraform to efficiently deploy, release, scale and monitor infrastructure for multi-tier applications. Self-service clusters can be created via the use of Terraform, meaning developers can create Terraform modules that codify their organisation's standards and best practices for deploying and managing services. These pre-configured modules can then be easily deployed by the rest of the team/organisation.


Terraform supports developers attempting to maintain parallel environments. Today it is used to rapidly spin up and decommission infrastructure for development, testing, QA and production. Using this tool to create disposable environments reduces the resources required for maintenance/configuration and is more cost-effective than maintaining each environment indefinitely via traditional methods.


At SeaPark we saw the benefits that Terraform could offer our clients and as a result, we encouraged the use of this tool within a global pharmaceutical company. With the objective of helping this company support multiple disposable environments and manage its infrastructure across different cloud providers.


Features Overview

Terraform uses a declarative programming language called HCL (HashiCorp Configuration Language). This programming language allows you to deploy a variety of infrastructure services such as virtual machines, storage solutions and much more.


Terraform offers several key features which help to support the deployment and configuration of infrastructure:


Declarative Programming

Terraform allows you as the developer to describe the intended goal for your infrastructure rather than the steps involved to reach that goal. This approach to programming helps to ensure that your infrastructure matches the configuration declared in your Terraform code. Infrastructure can be added, removed, or updated. For example, deleting an object in your Terraform code will remove the related infrastructure from your cloud/on-premise solution.


Infrastructure as Code

The use of code to declare our infrastructure offers several advantages. Code allows your infrastructure to be versioned, managed and shared between multiple developers, increasing collaboration.


The use of code to declare infrastructure also reduces the need for written documentation as the code itself can now be referred to as the infrastructure’s documentation.


Providers

Terraform supports a wide array of cloud providers, including but not limited to Microsoft Azure, AWS, and GCP (Google Cloud Platform). See Providers for a full list of the available providers. Each of these providers supported by Terraform, delivers their own set of resources that can be integrated with Terraform for deployment, management and configuration.


Reusability

Terraform modules are reusable collections of resources that can be used across multiple projects. The primary purpose of modules is to allow you to abstract and encapsulate infrastructure components. This makes it easier to manage much more complex infrastructure configurations and reduces time to market. Modules which have been well-tested and reviewed before entering production can also reduce the risk of errors appearing within different projects/environments.


Cost Estimation

Terraform Cloud also supports the generation of cost estimates. Therefore, cost estimates can be produced before the resources enter deployment. For each resource within the deployment, an hourly and monthly cost is provided, along with the monthly delta. Cost estimation is supported by three of the major cloud providers:


- AWS

- GCP

- Azure


See Cost Estimation in Terraform Cloud for more information about estimating costs within Terraform.


What’s Next – Terraform 1.5…

Since the 12th of June 2023, Terraform 1.5 is now generally available, supporting a bunch of new features. Two new features worthy of note are config-driven imports and checks.


Config-driven Import

Anyone who has used Terraform understands that bringing existing infrastructure under management by Terraform is a common task. Typically, users would run the command: terraform import. Though, this command has several limitations:

  1. Resources are imported one at a time.

  2. The state is immediately modified, with no opportunity to preview the results.

  3. The matching resource code then must be manually written, to match the infrastructure imported.

All these limitations make for a long and tedious task of importing infrastructure resources. Terraform 1.5 now supports a new import mechanism. Import operations are now plannable activities i.e., you can see the results of the import before updating the state. This will help to prevent unexpected state changes.


Possibly the most impressive feature of Terraform 1.5 is that it introduces automatic code generation for imported resources. Therefore, developers no longer need to spend large chunks of time writing code to match the configuration of the imported resources.


Checks

Terraform 1.5 now hosts a new validation mechanism, known as the check block. This check mechanism will be a top-level construct, which allows developers to define assertions based on data source values to verify the state of the infrastructure on an ongoing basis. This new mechanism could be used to check the health of infrastructure and detect infrastructure drift.

The check block incorporates several differences from its predecessor (post-conditions):

  • Checks exist at the top level. Therefore, they can reference all resources, data sources and module outputs in the configuration.

  • Checks occur as the last step in the plan. They do not halt execution and failed checks only emit warning messages instead of an error.

  • Checks can now be more complex as they can now contain more than one assertion.



If you or your colleagues have further questions or queries and would like to understand how Terraform can help your team with infrastructure deployments please do not hesitate to contact us at william.hadnett@seaparkconsultancy.com

Comments


Featured Posts
Recent Posts
Archive
Search By Tags
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page