Amit Kumar

Terraweek Challenge - Day 3

Amit Kumar's photo
Amit Kumar
·

8 min read

Table of contents

Task -1

Create a Terraform configuration file to define a resource of AWS EC2 instance, Azure storage account, Google Compute Engine, etc. (anyone)

# Specify the provider (AWS in this case)

provider "aws" {
  access_key = "<YOUR_AWS_ACCESS_KEY>"
  secret_access_key = "<YOUR_AWS_SECRET_ACCESS_KEY>"
  region = "us-west-1"  
}

# Define the EC2 instance resource

resource "aws_instance" "example_instance" {
  ami           = "ami-014d05e6b24240371"  
  instance_type = "t2.micro"  

  tags = {
    Name = "ExampleInstance"
  }
}

The provider block defines the AWS provider that Terraform will use. The access_key and secret_access_key attributes specify your AWS access key ID and secret access key, respectively. The region attribute specifies the AWS region where the EC2 instance will be created.

The resource block defines the EC2 instance resource. The ami attribute specifies the AMI ID that the EC2 instance will be created from. The instance_type attribute specifies the instance type of the EC2 instance. The tags attribute specifies the tags that will be applied to the EC2 instance.

Task -2

Check state files before running terraform plan and apply commands and Use validate command to validate your tf file for errors and provide the Output generated by each command:

1- Checking state files before running the terraform plan and apply commands:

Before running the plan or apply commands, it is important to check the state files to make sure that they are up-to-date. The state files contain information about the current state of your infrastructure, and Terraform uses this information to determine what changes need to be made. If the state files are not up-to-date, Terraform may make incorrect changes to your infrastructure.

$ terraform state list
aws_instance.example_instance

$ terraform state show aws_instance.example_instance
# Output will display the detailed information of the resource

2- Using the validate command to validate your tf file for errors

The terraform validate command can be used to validate your Terraform configuration file for errors. This is a good practice to do before running the plan or apply commands, as it can help you to identify any errors in your configuration file.

To use the validate command, simply run the following command:

$ terraform validate
Success! The configuration is valid.

If there are any errors in your configuration file, Terraform will print out a list of the errors. You can then fix the errors in your configuration file and try running the validate command again

3- Output generated by each command:

The output generated by each command will vary depending on the specific state of your infrastructure and your Terraform configuration file. However, here is a general overview of the output that you can expect to see.

  • terraform show: The terraform show command is used to display the current state and configuration of your infrastructure in a human-readable format. It provides an overview of the resources and their attributes, along with any dependencies and relationships between them. This command can be helpful for reviewing the current state of your infrastructure.

  • terraform state list: The terraform state list command specifically lists the names of all resources managed by Terraform in your state file. It provides a simple list of resource names without detailed information or attributes. This command is useful when you want to quickly see the names of the resources managed by Terraform.

  • terraform validate: The terraform validate command will print out a list of any errors that it finds in your Terraform configuration file. If there are no errors, the command will simply print out a message that says "No errors found."

  • terraform plan : The output of the Terraform plan command shows the changes that Terraform will make to your infrastructure. In this example, Terraform plans to create an AWS EC2 instance named example.

  • terraform apply : The terraform apply command applies the plan generated by the terraform plan command. This will create, update, or destroy resources in your infrastructure.

  • terraform destroy : The terraform destroy command destroys all resources in your infrastructure. This is useful for cleaning up old infrastructure or for testing the disaster recovery process.

Task - 3

Add a provisioner to the configuration file to configure the resource after it is created and use Terraform commands to apply for changes and destroy to remove resources:

# Specify the provider (AWS in this case)

provider "aws" {
  access_key = "<YOUR_AWS_ACCESS_KEY>"
  secret_access_key = "<YOUR_AWS_SECRET_ACCESS_KEY>"
  region = "us-west-1"  
}

# Define the EC2 instance resource

resource "aws_instance" "example_instance" {
  ami           = "ami-014d05e6b24240371"  
  instance_type = "t2.micro"  

  tags = {
    Name = "ExampleInstance"
  }
}

 # Add a provisioner

provisioner "remote-exec" {
    inline = ["echo 'Hello, world!' > /home/ubuntu/hello.txt"]
  }

In this example, the aws_instance resource is configured to use the remote-exec provisioner. The inline argument to the remote-exec provisioner specifies the command that will be run on the remote resource. In this case, the command is echo 'Hello, world!' > /home/ubuntu/hello.txt.

To apply the changes and create the EC2 instance, you can run the following Terraform commands:

  1. terraform init: Initializes the working directory and downloads the necessary provider plugins.

  2. terraform apply: Applies the changes defined in your configuration file and creates the EC2 instance.

To destroy and remove the resources created by Terraform, you can use the following command:

terraform destroy: Destroys all the resources managed by Terraform.

What is a provisioner block:

In Terraform, the provisioner block is used to define actions or scripts that should be executed on a resource after it is created or destroyed. It allows you to configure and customize the resource as needed, such as installing software, running commands, or executing configuration scripts

The provisioner block has two main configurations: create and destroy

  • The create provisioner runs after the resource is created, allowing you to perform actions like software installation or configuration. It ensures that the resource is ready for use once created

  • The destroy provisioner runs before the resource is destroyed. It allows you to clean up or perform any necessary actions before the resource is removed, such as removing files or releasing resources.

Provisioners are powerful tools in Terraform that allow you to automate additional setup or configuration tasks for your resources. They provide flexibility and extensibility in managing your infrastructure, ensuring that your resources are properly configured and customized according to your requirements.

Task - 4

Add lifecycle management configurations to the configuration file to control the creation, modification, and deletion of the resource and use Terraform commands to apply the changes:

# Specify the provider (AWS in this case)

provider "aws" {
  access_key = "<YOUR_AWS_ACCESS_KEY>"
  secret_access_key = "<YOUR_AWS_SECRET_ACCESS_KEY>"
  region = "us-west-1"  
}

# Define the EC2 instance resource

resource "aws_instance" "example_instance" {
  ami           = "ami-014d05e6b24240371"  
  instance_type = "t2.micro"  

  tags = {
    Name = "ExampleInstance"
  }
}

 # Add a provisioner

provisioner "remote-exec" {
    inline = ["echo 'Hello, world!' > /home/ubuntu/hello.txt"]
  }

# Add lifecycle management configurations

  lifecycle {
    create_before_destroy = true
    ignore_changes        = [tags]
  }

In this example, we've added a lifecycle block within the aws_instance resource block. The lifecycle block allows you to configure the behavior of Terraform during resource creation, modification, and deletion.

The available configurations are:

  • create_before_destroy: When set to true, Terraform will create a new resource before destroying the existing one. This helps ensure a smooth transition during updates or replacements of resources.

  • ignore_changes: Allows you to specify attributes that Terraform should ignore during updates. In this example, we've specified tags as an ignored attribute, meaning changes to the tags block will not trigger a recreation of the resource.

To apply the changes and create/update the EC2 instance based on the new lifecycle configurations, you can run the following Terraform commands:

  1. terraform init: Initializes the working directory and downloads the necessary provider plugins.

  2. terraform apply: Applies the changes defined in your configuration file.

What is a lifecycle block:

In Terraform, the lifecycle block is used to define lifecycle management configurations for resources. It allows you to control the behavior of Terraform during resource creation, modification, and deletion. The lifecycle block provides options for managing resource replacement, preventing certain changes from triggering resource recreation, and specifying other resource-specific behaviors.

The lifecycle block supports the following configurations:

  • create_before_destroy: This configuration determines whether Terraform should create a new resource before destroying the existing one during updates or replacements. When set to true, Terraform will first create the new resource and then destroy the old one. This can be useful when transitioning from one resource to another, ensuring that there is no downtime during the update.

  • prevent_destroy: If this configuration is set to true, it prevents the resource from being destroyed when running terraform destroy. This can be useful for protecting critical resources that should not be accidentally destroyed.

  • ignore_changes: This configuration allows you to specify a list of attributes that Terraform should ignore during updates. When changes are made to the specified attributes, Terraform will not recreate the resource. This can be helpful when certain attributes are managed externally or should not trigger a recreation.

resource "aws_instance" "example_instance" {
  # Resource attributes...

  lifecycle {
    create_before_destroy = true
    prevent_destroy       = true
    ignore_changes        = [tags]
  }
}

In this example, the lifecycle block is added to an AWS EC2 instance resource. It specifies that the new resource should be created before destroying the old one (create_before_destroy = true). It also prevents the resource from being destroyed (prevent_destroy = true) and ignores changes made to the tags attribute (ignore_changes = [tags]).

When using the ignore_changes configuration in the lifecycle block to ignore changes for a specific attribute, such as an EC2 instance name tag, you need to specify the fully qualified attribute name within the resource.

In the case of an EC2 instance name tag, the attribute name would be aws_instance.example_instance.tags["Name"]. Here's an example of how you can use it:

resource "aws_instance" "example_instance" {
  # Resource attributes...

  lifecycle {
    ignore_changes = [aws_instance.example_instance.tags["Name"]]
  }
}

Note that the attribute name within the ignore_changes configuration should match the exact attribute reference used in the resource block. If the EC2 instance name tag has a different name or is defined using a variable, you would need to adjust the attribute name accordingly.

The lifecycle block allows you to fine-tune the behavior of Terraform for specific resources, ensuring controlled updates, preventing accidental destruction, and ignoring certain changes when managing your infrastructure.

Thank you so much for reading my blog! I really appreciate you taking the time to read my blog. I hope you find my content helpful and informative.

TrainWithShubham#TWSTerraweekchallenge