Deploy Infrastructure to Azure with Terraform - Full Course

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi welcome to the channel today we will be deploying a project to Azure using one of the most popular infrastructures code tool terraform the core structure is that I'll be covering some Basics and we'll be understanding terraform in the first half of this course and then in the later half I'm gonna cover some advanced concepts within terraform so yeah let's Dive Right In [Music] today's kind of the requirements um going over the if you're following along as I build this project out um so first you need an Azure account and make sure you have the subscription within Azure that's you know has a valid billing or has billing enabled or if you're still using your student accounts or free tier should be fine just make sure you have an Azure account you will need terraform installed on your Dev machine or your local machine and I'll go over the installation steps it's pretty easy if you have used package managers before and then you also need Azure CLI because that's how the authentication will happen between terraform and Azure and this is optional but you can have a domain name so since in the next part we'll be deploying a website to azure having a domain name will make it more personal instead of having domain name or the URL that will be given to us by azure so it's an optional part but if you want a domain name you'll have to buy it probably or if you have already one you can create a subdomain but it's an optional requirement talking about terraform and how basically it works so infrastructure as code is an important concept within the devops principles so it allows you to you know Define both cloud and on-prem resources in human readable configuration files instead of you going into the console and deploying infrastructure manually you have the opportunity to automate it have it Version Control and you can also reuse these configuration files and that concept of infrastructure as code the tools that are in space are terraform in Lumi and there are other tools that are available just like Azure bicep right the thing with terraform is it's open source so there's an open source version available and you can deploy your infrastructure to any of the cloud providers and I'll show you in the next diagram what I mean by that basically how it works is there is a terraform provider which the engineers at Microsoft built for specifically for Azure and then similarly there is a provider for gcp data dog you know any of the cloud platforms that are available that provider basically has a set of instructions for us to have in our configuration file which then terraform talks to the Target API to launch the infrastructure so that's basically how terraform works and this diagram is from hashicorps so this is not something that I generated but in a nutshell this is a brief explanation of how your configuration file works with a provider that is available on terraform registry and then talks to the Target API moving on to the next slide so this is a bit more in-depth you know explanation so you have your terraform project right here you have your configuration file and a state file and we'll talk about what is a state file you write your terraform code file and the syntax that you use is called HCL and we'll it's really close to Json and a mixture of yaml but you'll see it in action in a few minutes and then as I said you have thousand plus providers available from terraform and today we'll be using the Azure Provider by terraform and you can pull that from the registry so you write the code you plan out your infrastructure and then you do terraform apply which is the command and that infrastructure gets deployed to the respective cloud provider now let's go ahead and going back to the requirements let's make sure you have you know the CLI and the terraform installed on your local machine so how you can install the Azure CLI is basically going through these instructions so I have Azure CLI installed if you don't you can go to Microsoft learn and just type in install Azure CLI and this page will come up pick up your operating system so it could be Windows or Mac OS or any of the Linux distribution that you might be using and then basically go through the instructions on how to install or update the Azure CLI so I have the latest Azure CLI installed and I also have it authenticated to my Azure account so the way you can do that is basically AC login after you have installed it and it will ask you to open a browser window and you will be authenticated to your Microsoft Azure account I already did that as you can see so this is my Microsoft Azure account and then the next step was to have terraform installed so it's really easy on Mac you just do build tab hashicob slash Tab and then you do a brew install so it uses Homebrew as the package manager and then if you have chocolatey which is a free and open source package manager for Windows you can do charcoal install terraform there's also a manual installation that you can do if you want to download the binary and then you would also have to set the environment variable for a path and for Linux it's as easy as sudo app get you know installed so since we are on Windows I already have terraform installed but it's as easy as Chaco installed terraform make sure you have chocolatey installed otherwise you will have to go through the manual installation process there is documentation available on you know what is styrofoam and how does it work but since I've already given you a brief explanation on you know how it works how it talks to the API and what our providers will be going ahead and trying it out in action talking about the Azure provider for terraform it's available on the terraform registry and you can go through the documentation on how the how different configurations look how to deploy an Azure VM how to deploy a cloud storage account or how to deploy you know something Fancy with AKs so all of those Services as you can see are available on their right hand side as you can see there is authenticating to Azure so this is where our AC you know CLI or Azure CLI will come in handy it'll use the locally installed Azure CLI to authenticate to the Azure account so terraform needs a way to talk to the cloud provider in our case azure and today we'll be using the Azure CLI but you can have other methods of authenticating Azure with terraform and we'll go back to my terminal forward let's first create a directory right so I believe I already have one but just to be sure let's go into my GitHub folder this is where I store all of my code and let's create a directory alt terraform with azure okay awesome so let's change to that directory so terraform with azure let's open it in vs code that is my choice of code editor and you could use any IDE a so I have my vs code window open here and as you can see it's a empty directory let me just zoom in a little bit there we go so let's add an infra folder inside our directory so I just created a folder called infra and what I'm going to do is create a terraform configuration file and the way you do it is main.tf so dot TF is your the extension of terraform funds so there we go we have main.df and usually how the infrastructure or how the terraform best practices are usually the file that has all the configuration for your resources and infrastructure is called main.tf and that's why I named it Main and now the first bit that we need is the provider so this is where you specify hey use you know Azure provider so let's go ahead and do that so provider and then we'll be using Azure RM so that's how the Azure provider is named on the terraform registry and then features we can leave it blank for now so just because we are getting started so this is how you define a provider block so now terraform knows that it needs to use Azure provider so the first let's create our first resource so create a resource Group so if you're familiar with Azure you might know that you have resource groups and within those resource scripts you have your resources like a bucket or a cloud storage account an Azure VM right and I can show you what I mean by that so going to back to my Azure account you need to have a resource Group to allocate resources so this is what we'll be creating you can see I have many of these so let's create a new one so create a resource Group and now we will write some terraform code so resource and then Azure RM Resource Group there we go and I have some extensions installed which I think is the official terraform extension which helps as you were seeing it auto populates what I'm trying to do right so Azure RM Resource Group and then so this is what the resource is called within the terraform file so this won't be the name in Azure the name of the resource Group in Azure will be this so let's change that to terraform demo and for location East us because that's the closest location um to me and here too let's instead of RG let's rename it to resource underscore group and I'll show you what's the use case of having a name within the terraform file because we can repurpose this in the next code blocks that we will write so this is not the name in Azure this is the name that will be referred to within the terraform file here so we have our Resource Group begin with let's create a simple storage account right so let's go ahead and do create so this is a comment so comments in terraform are by the number symbol and then whatever your comment is so create a storage account okay and then again to create a resource what you can do is type in resource Azure RM because that's our provider and then storage account so these instructions are already given to us by the provider and let me find the correct tab so if I go here and look for storage account and on the left hand side we can see there is a resource called Azure RM storage account so this is what I mean So the instructions on how to use a particular provider are set by these that said provider so in our case Azure RM has the instructions on how to create a storage account with HCL which is the Hershey cop language so that's what we have here so let's rename this to something more unique perform Toronto and let's give it a number six at the end let's also add Azure here there we go and then as I was mentioning to you so the resource Group name instead of typing this so we could have this here so Resource Group name is Rd Dash terraform Dash demo which is this basically which is what we named the resource Group in Azure you don't have to hard code it you can use the property name within the terraform code file so what I did is azure RM Resource Group dot Resource Group which is this dot name which is this property so that's how these resource names within terraform come in handy and same thing as you can see we did with the location is azure RM resourcegroup dot Resource Group dot location so it gets East us so instead of hard coding East us here we are picking it up from the previous block of code and then account here we can go with standard and account for application type is lrs if I go here and do Dot to see how there's a comment or a highlight saying location because that's copilot that's recommending me to have this bit of code here so co-pilot if you don't know go check it out it's an amazing tool I just got access to it I think a month ago and you can install the extension on vs code there is a terraform extension too which is also helpful so it reads the provider and generates a generic code types that it thinks would be useful so yes co-pilot and terraform extension is what is kind of generating this before I even do anything so you can see it already is trying to enable https traffic the other thing I wanted to do with this storage account is I want to host so the second part of this session will be hosting a website so in order to host a website I want to make sure you know it's the storage account is set up in a way that it knows that we will be hosting a static website and the way you do that is by a property called Static website and then you basically have to Define an index document and an error 404 document so let's go ahead with index document and let's I want to name it index.html so this basically is giving us a storage account which has a static website kind of enabled so Azure knows that this storage account will be used for a static website so we have got just doing a quick check we have got our name we've got our resource script we've got a location we have got account here which is basically um you can go and read about storage account tiers within Azure so we are using standard and um we have got a replication type which is lrs one thing I would like to mention is when you're using a storage account for static website hosting you have to make sure the account so you see how account kind came up this is not copilot this is terraforms extension so the account kind is storage V2 and this is again something of a limitation from azure not a limitation but another property you need to add if you're hosting a storage um a static website on storage account so I think we are good on the storage account resource so we have our Resource Group we have our storage account [Music] now we need a blob within the storage account so let's go ahead and do that so create did a blob storage or basically so that we can upload an index.html in the second session right because we defined that our indexed document is this HTML file which until this point doesn't exist so that's what we're gonna do so let's rename this comment to add index .html file okay so resource and then again you can go back here to the provider documentation and search for blob or storage Bob here we go so this is how you can have a storage blob within the storage account and going back to our code editor let's type that out Azure RM storage blob I think it was called yes and let's name it blob within the terraform file and now we can set the actual name that's that we're going to use so name copilot is kind of right we want to name it index.html because that's what you're trying to upload to our storage account storage account name oops and so remember we don't have to hard code the storage account name so you could either have this in double quotes or you could do what we did here with the resource Group name so azure RM underscore storage account yes and then it's called storage account within terraform so we'll have a period storage account and then name so that will get the name of the storage account that we created previously awesome so that's storage account name we also need a container name so storage container name and this needs to be web because you use the web container for the static website hosting so we were at The Blob part of it we just give the container a web property it's a good idea to never give anything a generic name always give everything a descriptive name yes I highly recommend that and you will see this terraform file will evolve towards the second session because we are going to introduce variables um and we'll also tear apart this terraform file into different sections so instead of just having one main.tf you'll see multiple TF files and yeah I just wanted to wait on that because so that this you know makes sense um as someone who might be a beginner moving along we have storage container name and we have that as web we'll have a type which will be blocked again this is all that I'm reading or you know referred to here and also the blob account or the blob documentation or the storage account documentation on Azure it's nothing that I can bypass I have to give those properties type and name and then content type it's gonna be HTML so text HTML and I think that's all apart from the actual index.html so that's all we need for the blob itself so for the source content underscore content you can either specify a file but just to begin with it with the deployment side of things let's just you know have our own HTML written right now so we'll say hi is is website applied using terraform look at that copilot even guess what I'm trying to write using terraform okay so I feel like we have everything so we have um three resources in total so the first one is the resource Group because we need a resource Group for our resources in azure second we have a storage account that's set up to host a static website and third we have our index.html that we create and that index.html basically has a text saying oh hi this is a website deployed using terraform so let's go ahead and save this and now is and we'll be using the terraform CLI so first of all I have to make sure I'm in the right directory so CD intra and then to terraform in Nick so terraform in it is just like it in it you know how it initializes a git Repository terraforming it initializes a terraform project so with her form in it and as you can see the initialization is downloading installing the Azure RM Provider from literal from registry so now you can see terraform has been successfully initialized now if we do terraform plan you can see it has an error so the error is name can only consist of lowercase letters and numbers and must be between 3 to 24 correctors so let's change that to something else um if I just get rid of these and think we should be good so you can't have hyphens or dashes basically and talking about the terraform plan command so terraform plan will go through the entire form file and we'll see what are the resources that needs to be deployed it won't deploy it we'll just show you the plan of the infrastructure so let's do that again okay I didn't save the file my bad so we'll do have fun plan again after saving the file and while that happens I'm gonna get some water okay So the plan gave us this output and basically you can see all the things that are being created or we are planning to create so the Plus sign means just like in git um the plus sign means these are the things that will be added so there is a resource Group that's gonna be added there's a storage account with these properties that will be added and then there's the storage blob that will be created for our index.html and at the end you get a summary of Plan Three to add zero to change Zero to destroy so this is where the state five remember we were talking about in the uh slides um about the state file so this is where the state file comes in and you can see on the right hand side of my files that there is now a folder that was created when we did terraform in it and that folder basically contains the provider that was installed which is azure and also has the state file so state is basically how terraform remembers what state the infrastructure is in so right now it knows that none of these three resources have been deployed and that's why the plan is to add three once we deploy this and do any change it will not add three resources so you would see something like one to change Zero to destroy and zero to add and we'll see that so that's a bit about the state now there's another command called terraform format and what it does is basically formats your term form file or sees for errors in your terraform configuration so since I knew that the configuration looked fine I didn't run that but you can also run that to you know make sure the formatting is good now let's do terraform apply and apply will deploy the resources to azure so let's wait for it to ask a message so It'll ask you are you sure you want to deploy this and you have to enter yes and you'll see shortly here you can see in the terminal below it has asked do you want to perform these actions terraform will perform the actions described above only yes will be accepted to approve so if you type anything else it'll cancel it so let's go ahead and type yes and now it will start deploying these resources to azure and the way the authentication works like how does terraform know which Azure account that it's talking to is through Azure CLI and that's why I mentioned you need Azure CLI installed and log like authenticated so that terraform can talk to it there are different authentication methods that you can you know approach we saw that in here so we are using this method where we are using Azure CLI you can have managed service identity you can have a service principle and a client certificate or you can have a service print principle and a client secret or you can also use the open ID connect so these are different methods you can authenticate to Azure with it within terraform but we are using the first method today so going back to our terraform or our vs code window you can see the apply completed three resources were added zero changed and zero destroyed so let's go to our Azure count and do a refresh and let's look for that terraform demo Resource Group which is right here and you can see it deployed a storage account called terraform Azure Toronto 6. now let me zoom in a little bit and if we go within that storage account you can see that if we go to static website on the left hand side of the navigation there is the primary endpoint which is serving this document which is index.html so if we go to this URL we should see our H1 HTML that we wrote which is Ahoy this is a website deployed using terraform which is exactly what we had here so we figured out how to create resources in terraform we saw how you can run terraform plan to get a feel of what all resources are going to be added um changed or destroyed and then we did a terraform apply which actually deploys all those resources that you defined in your configuration we also saw it in Azure live that our website was deployed as a static website using Azure storage account now the next part of this session will include some advanced concepts as a few comments were mentioned you know about naming conventions I'll also introduce you to the variables and how to use variables with entire form and also a really cool concept of having a back-end um for our state file if I somehow mess up the folder or the files that were created locally which has the state file in it um I could be destroying my terraform configurations so it will not remember the state and now I have resources that are deployed in Azure which terraform doesn't isn't aware of so it there could be a lot of confusion and issues especially when you're working within teams and you have multiple Engineers that might be working with the infrastructure using terraform that's when the back end remote backend comes into play where you can use a bucket so in our case we'll be using Azure storage again as the way to store our state file remotely so it is not dependent on my local storage so Concepts like that will be covered in the second session um what I'm gonna do is since our website works and everything look fine I'm gonna just do terraform destroy which you might have guessed destroys your infrastructure that you just deployed and you will see a message saying again you have to type in yes if you want to go ahead and destroy it so we'll wait for terraform to come up with that pop-up while I while we wait so now you can see just like get um you are seeing the red subtraction signs which basically means it will be deployed destroying all these resources and if you go at the end you can see Zero to add zero to change three to destroy so I'm fine with that so I'm gonna say yes and that will basically take care of cleaning up the resource Group the storage account and the index.html file that we created today but yeah um that was the kind of introductory session to terraform and Azure and how the Azure RM provider Works introduction to HCL and some of the concepts within terraform and as you can see it's destroying the infrastructure right now and weekends also see that here after a few seconds if I do a refresh my Resource Group will not exist we covered some of the basic stuff where you know how to set up the Azure account having the Azure CLI installed locally installing terraform and also having a domain name which is an optional because we deployed a website to Azure storage so that was the project we deployed using terraform so there were three resources that we deployed of the resource Group the storage account and uh blob container which basically held our index.html file and today we'll dive into a bit of a deeper Concepts about terraform and I'll show you what I mean by that so let's get started so as you can see I have my Azure portal open here and we'll go to research groups and let me get you up to the speed um with terraform so this is the code that we wrote in the previous session so we have our provider we have three resources as I said one of them is the resource Group we have a storage account and we have our index.html which served as the website so the index.html was Ahoy this is a website deployed using terraform and at the end of the last session what we did is we destroyed our infrastructure so I didn't want to you know pay first of all it caught it costs very less to host the static side on the Azure storage but also I wanted to show you the functionality that terraform has with the command terraform destroy which basically goes ahead and destroys all the resources that you might have deployed so at this moment if I do a terraform plan if I have my terminal open here and title from plan if you remember from the last session is the command that gives you the output of what all infrastructure changes might be deployed oh so we need to do a terraforming knit first in order to initialize the back end so that is the first concept that I wanted to cover today which is having a remote backend so remember we talked about having these State files right the state basically remembers what all parts of the infrastructure has been deployed or need to be deployed or need to be destroyed so the changes within our state of infrastructure is stored in these State files which were created by terraform when we did terraform in it and I also mentioned that if you're working in teams right if you have multiple Engineers that are working with terraform as AI C2 you might want to have this state file in some location that's you know shared so maybe like Azure storage right you can also use terraform cloud or any of the you know storage services like gcp has buckets and AWS has buckets but we'll be using Azure storage to store our terraform State file and this concept is known as remote backend right so what I'm gonna do is create a new file called backend.tf and right now it's zank so what we'll do is write some terraform code before we do that we need a storage and a container so we need a storage account and a container with an azure so I will be using Azure CLI to create that so if I open so this is my terminal here and I have some commands that are you know already copied so I'm gonna go ahead and create a storage account called TF State reshet the location is going to be Estus which is the closest to me and the resource Group is TF State Dash RG all of the I'll link the GitHub repo that is available so you'll have access to these command but I'm basically using Azure CLI to create this you can also use the portal so you can go through the web portal and create a storage account but with CLI it's pretty easy it's just one Command right so let's create that okay so we got an error saying the resource Group TF State RG could not be found which is correct I just never created that Resource Group up until now so let's go ahead and create that Resource Group so AZ group create and the name is tf-8-rg and the location again is ecos so this will create a resource Group for us in Azure and now we can run the storage account creation command so that will take a few seconds and it will give us a storage account to work with where we can store our State files [Music] so let's wait for that to happen okay there we go so we have a storage account that was created for us now what we want to do is create a container within the storage account so let's do that I believe I have that command somewhere in my history because I was testing this oh so we have the story they can't create and now we have the container create command so the other thing you need is the account key so you can run this command to Output the account key and save it in your variable which is dollar account underscore key so the command to get it is Easy Storage account Keys list and then it basically looks for the storage account TF State reship and gets and save that save that account key value into this variable so I'll run that before we create a container because it needs to you know it's the key to create that container so now we can run the container create command and all of this again can be done via the portal which I believe some of you might find easy because there is a UI aspect to it with the commands you have to memorize the commands so easy storage container create account name is the same as we did create one the name of the container that I will be naming is TF state public access is off because it'll have our terraform State files and then account key is this variable so let's click enter and there we go so now if I go back to my portal here too many tabs there we go so in my portal if I refresh we should see TF State Dash RG as a resource Group now it has a storage account and if we click on containers we should see a TF State content which is private awesome so we did all of that just with Azure CLI okay so now let's go back to our code editor I'm gonna bring this down a little bit and now we can set up the backend.tf so let's write some terraform code terraform and then back in wait so what we'll be using as a back end you might have guessed it is azure RM just like our provider in our main.tf so Azure RM is the backend that we'll be using and then there are a few things that you have to specify like Resource Group account storage like the storage account name the container name and what the key of the file will be where this terraform.tf state will be stored the resource Group name is forgot so let's go back to the portal and see what the resource Group name is you know it's TF Dash State Dash RG DF and state RG and then we have the storage account name as you can see so this is copilot in action um it automatically generates you know kind of code for me um so the storage account name it's not PF State Toronto 6. I'm so bad at memorizing what was the HTF state region so this is the storage account name TF state and the last thing is the container name so the container name is tfstape which is correctly guessed by the co-pilot so let's see containers yes it's called TF State no dashes and the last thing is key and the key is the state file itself so this is what the name of the file will be within the container so you can see our state file was named terraform.tfstate we can save this and now if I do return from init it will initialize the back end so basically now terraform knows to save the state file in the container that we just created within Azure so it's not only stored like locally but it is in a remote location for us it's Azure and as I said you can use terraform Cloud you can use any other Cloud providers to store your state file awesome so we have our backend configured and now if I do terraform and to see an output saying these are the resources that need to be deployed so in our case it was Resource Group a storage account a container containing r index.html so it's running terraform plan right now let's see what it spits out so you can see three to add zero to change Zero to destroy and you can also see um all the resources so this was the part of the first session right where we deployed the website using terraform apply the only change so far is State file is now being stored in our Azure storage account that we created specifically for our backend so that is the concept of remote backend you can now work in teams and the state file is securely stored in an online locations so not just your local machine right let's move on to other advanced concepts with terraform let's go ahead and introduce some more Concepts about terraform so a good practice of having your terraform code is have the have It segregated into different files so remember we just had one file called main.tf a good practice is to have it in different sections so like provider in our case we only had one provider that we used called Azure RM you might have multiple providers that you're using with your IC project so you can have a provider.tf file which just consists of all the providers so let's do that let's create a file called provider.tf and I'm just gonna take this chunk of code edit and paste it in provided up here so now we just have our resources in main.tf there we go so that is another you know kind of good practice um to have is if you have providers make sure it's in a separate file called provider.tf the other thing is we didn't use variables at all so we're gonna be using variables so that we don't hard code things like name and location in our main.tf and the way you do it is by having a file called variables dot TF oops so this needs to be inside infra variables dot TF let's make this interactive so put your thoughts in the comments saying what you think should be what all variables you can think of within our main.tf so I'll go with the first one which is the location because we'll be using you know one location across the resource Group the storage account and the blob itself so I'm gonna say location so variable is called location right and the you can have a few properties about this variable so you know you can specify the type that it is a string right and you can also specify the description so description being tells you what the variable is supposed to do so the Azure region in which all this example should be created awesome that is a great description which was suggested by Copilot so we're good on that and you can also have a default value so if a user doesn't assign this variable a value you can have a default to East us will not do that because I want the power of signing the value so will not go with any default values but you can do that okay so let's see what's in the chat so I'm gonna be looking at the chat right now Resource Group the name of it sure I could do that so the resource script name what would you think is a appropriate variable name we subscript name so let's go with whatever co-pilot is recommending and the description is the name of the resource Group in which to create the storage account awesome that works so we have two variables so the other thing you can have is the storage account name and think of it from a perspective that you have your IC Code by multiple environments so you might have a Dev environment you might have a proud environment and you might have a QA or staging environment right so Dev is for developers to test things out QA and staging is whenever devs have shipped something QA can do their testing and then produce your actual production environment and you might have different storage account name for all these different environments and also the category so variable storage account name and description for pilot comes in handy it says the name of the story to come to create awesome I'm happy with that and then we can also have the um Source content so remember we weren't using an index.html file we were hard coding the HTML so we had an H1 saying this message so we were hard coding it into our source content so we're not using an index.html file which in your case you might be because that's where your code resides for your web page so to mix things simpler we can have our source content as variable too so variable Source content and then the description is exactly the content of the index.html file and similarly you can have index document we didn't have it in our um blob but let's say outside of this infrar folder you would usually have a folder called website and that website directory would have index.html your CSS files all the static content that you're trying to deploy to Azure and in that case you would have a property here saying index document and you can have a file that is in your website directory and within variables.tf you can have that as another variable so that would look like this it's a variable index only if I can type index document and the description would be the index .html file of the static website okay so we have our variables.pf already and I think these are good amount of variables based on our main.df right so let's start using those within our main.tf so instead of hard coding values now we'll do the bar dot resource underscore group underscore name because that's what we use here awesome and then we'll keep changing it for other variables that we just created so r.location what's the other one yes what else did we create uh storage account name so here's the storage account resource let's get rid of this and call it r dot storage account name and then we have index document and then Source content so since we don't let's go here The Source content is Source content awesome so let's underscore content so this Auto completion is from the hashicorp terraform extension because it knows other terraform files so bar.source content and then the name is gonna be the index document so VAR dot index document because that's what we specified here so the name of the index document is the variable right awesome so we can save that and now what is the next thing you think we will need to be able to deploy everything it is assigning these variables values right because here we just have the description and we didn't assign any default values so we have to make sure we you know have a resource script name we have a location we have our source content variable defined and how you can do that is by adding a TF vars so you can do that in CLI too so there are arguments that will allow you to assign variable values or you can specify a TF Wars file so let's do that um we'll and this is also how you can have different TFR files for different environments some type of like let's name rtfr files dev.tfrs so that will be the variable values for our developer environment and then similarly you might have prodfors those will have values that reflect our production environment so you can do that so I'm gonna name this terraform .tf Wars or you could name it dev.pfrs and here we will assign all of the variables that we are using in our main.tf those values so the first one is location and ecos for me since it's the closest one second is the resource Group name so research underscore group underscore name and let's name it RG terraform azure I hope I don't have let's also give it a number at the end so that it's Unique if I already have that Resource Group name uh the storage accounting so it's free to come in let's name it form add azure foreign I think that is pretty unique um because the storage account needs to be unique otherwise it won't create it what other um what other variable did we have Source content Source content is equal to so what should be the message this time for index.html do we want to keep it same do we want to change it let me know if you want to change it but let's go with Hoy this website was deployed using current form awesome and the one variable we forgot is in the indexed document so index underscore document and it's index.html awesome so one two three four and five variables and if you go to variables.tf 1 2 3 4 5. so we had five variables we have assigned those five variables some values and those five variables are also being used in our main.tf so now you can already see our infra folder got bigger in the sense that we have more files we have backend.tf we have main.tf we have provider.tf and we have variables.tf and also terraform.tf Wars which holds the values to these variables because earlier in the last session two weeks ago we only had just pin.tf and we were still able to deploy our infrastructure but today we learned about some advanced concepts you know to have our code that is production ready so after saving this what I'm gonna do is open my terminal here clear the screen so that it looks good um and do terraform we can also do 10 of some format just to make sure all the code that you wrote is you know valid but if I do terraform plan let's see if I can find what all resources needs to be deployed and let's wait for it and I'll do a terraform format just in case three resources to add zero to change Zero to destroy let's type two terraform format so the format has a short abbreviation called fmt you hit enter and you can see you didn't use the out option to save this plan so oh this is for the previous one time from format backend.tf main.tf terraform.tfrs where you build.tf there were no issues found so what I'm gonna do is try to form a pot and let's wait for terraform to ask us about the yes command so you know how it asks hey do you are you sure you want to deploy all these resources there we go and it only takes yes as the approved answer so I'm gonna say yes and now leave it for our storage account to be deployed it did create the storage account which is awesome so let's go ahead and go to our portal into our resource groups and do a refresh should have RG terraform Azure zero seven terraform Azure Bishop zero seven and it should have a container called Web and there is our index.html that was created for us and you know we can access this um not through here but through the URL that was given to our storage account but here's the index.html that got created is there a way to see the content of this file guess not okay so let's go back to our storage account here and there should be static website on the right hand side or sorry on the left hand side and it should be enabled because we specified that in our main.tf now we access that and you can see our website has been deployed it says Ahoy this website was deployed using terraform which is what we had in our variables dot or TF Wars right this is the source content we want it to deploy so you can already think um of you know let's say we want to have words and for prod maybe you don't use East us maybe it's some other region right the resource Group name is something else the story account name would be like let's say you follow a good naming convention so you would probably have something like prod Dash terraform Dash Azure Resource Group and similarly you would have prod in your storage account name um maybe you don't have these Source content and you have the files available for your static website that you need to deploy and so this won't be the value of the source content it would be actually the files the static files itself that you build for your website and similarly like someone suggested in the chat you could have the account replication type as a variable so something like wire dot account replication type and you will have something better than just locally written and storage right maybe the account here is also not standard because it's a production website so get the point you can have you know good variables defined which allows you to have different environments and control those environments based on different TFR files for example that was the demo itself we covered remote backend and we can also see that so if we go back to my Azure resource scripts we had a resource Group that is just for saving my State file there is CTF State and you can see it has terraform.tfstate file now um which was changed just three minutes ago because that's when we did a terraform apply so we'll see it live let's refresh it let's go back to our CLI here and do whatever from destroy you saw the site was live it created all three resources and we were able to access our static website now what we are doing is destroying our resources I am not sure what happened an exception occurred in custom key handlers here for more information it's not responding anymore so let's try opening another window I hope it was not doing something already okay see the infra from destroy now it'll ask us hey do you really want to destroy all these resources and then again we will have to then enter yes and after entering yes when it's done its thing we'll see that the terraform.dfstate file which is in storage account in Azure will get updated so this is where our state is being stored now so it's talking to our storage account to get the state file and checking what things need to be changed and now it has found that three resources need to be destroyed zero to add zero to change you can say yes now again it will destroy those resources talk to the TF State file that's in Azure and update the state file the destroy has been completed two sources were destroyed let's go back and click refresh and you can see it's 144 on the Eastern Time Zone and it was the the terraform.tfc file was modified just now so that is the concept of remote backend so that our state file is secure we covered a bit about the variables and how you can have different TFR files to replicate different environment strategies like broad Dev and QA staging we also saw how you can assign those variables value by using TF vars file you also saw how you can break down your main.tf into different chunks so at the end we had five terraform files going from just one called main.tf and what you'll see is once your infrastructure has code file gets really big could suggestion or good practice is to have different resources within different files so let's say this is let's say this is the front end of our bigger project so I would have something called frontend.tf backend.if let's say it involves three-tier app where you need v-nips Azure VMS and some database service so you would have vnet.tf would have vm.tf which is azure VM and you would have some db.tf so you can you know break down the terraform files into different resources and that makes it easy to work when you're working as a team because sometimes these resource like these ISC files can get huge depending on all the resources that you need for your project so yeah those are the good practices um or best practices for terraform the advanced concepts that I just covered I hope you enjoyed this session [Music]

Info

Channel: Rishab in Cloud

Views: 23,131

Rating: undefined out of 5

Keywords: Cloud, Cloud Computing, Technology, tech, aws, azure, gcp, 100daysofcloud, computer science, 100daysofcode

Id: HdMB2YCtVr4

Channel Id: undefined

Length: 68min 5sec (4085 seconds)

Published: Fri Jun 30 2023