Devops Terraform Course | Automate your AWS Cloud Infrastructure | Intellipaat

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hey everyone hope you all are having an amazing day to make your day even more interesting intellipaat presents a live session on aws terraform conducted by a cloud expert who is having more than 15 plus years of industry experience before we begin the session make sure to hit the subscribe button and also hit on the bell icon so that you will never miss an update from us on saying that let's see the agenda of the day firstly we will begin with introduction to aws in that we will tell you what is aws and why do we need it after that we will introduce you to aws terraform and also we have covered a hands-on demo on how to create and deploy aws services with terraform then finally we have also covered how to crack an aws interview very easily so this is the agenda of the video without any further delay let's get started so we'll have to understand few things before getting into now this is my aws account for example in this case this guy a system administrator and this guy is a system administrator okay who's handling this environment aws cloud now what happens he is the one who set up all infrastructures in our cloud environment all infrastructures in our cloud like it can be he is the one who architect the design and that a cloud application cloud environment consists of ec2 ppc and other services like s3 database rds etc etc now here in this case let's consider he's working for four years in a company he worked for a company he worked for four years in the company then if he moves out of the company if all of these environments whatever he has set it down if it doesn't have any proper documentation what will happen a new guy whoever is coming will not understand what exactly it looks like how the infrastructure is being created what what is the purpose of ec2 service how many ec2 services are there and everything will be in a mess and the next thing everything is a manual task everything is a manual task in the sense here if i wanted to create five pc2 instances i will have to create it five vcu instances manually the same way if i wanted to create a vpc i will have to create it manually and everything is a manual process in creating all of these services using a console so whatever creating it here is all through console again if i wanted to create an easy two instances what i would love to do again i'll have to go launch an easy to instance and and again i'll have to create it then in this case a new tool called comes into picture it is not a very old tool at all because it was developed in the year 2014 okay now what this tool does it it came up with a new concept called as infrastructure as code now what we do instead of creating it manually over console so what we do is we create it as a code and we deploy it now what happens anything which you created will have a trace of the code correct like whatever if i if i've created three ec2 instances and i will have a code of it right so that and moreover what happens is it brings reusability like i play new all those things it brings in reusability so all you do is you write code once and you use it multiple times and moreover it brings in automation automation of infrastructure and how this code is being created so they'll call it as hcl language so the whatever the code which we write to create this environment is called as hcl is called as hcl language and and how do we do it how do we create it and we will see everything that is as simple as that like instead of creating everything over console manually so what we do is we create everything using code and what is that code and that is that code is nothing but hcl an extension of teraform file is called as tf files dot tf like for ansible view we save it on save it as dot example file right likewise any telephone script will be saved in the form of dot now using terraform what are all the services we can code there are lots and lots of services which can be coded using terraform like major cloud platforms like aws google cloud azure what's your ibm and then other providers like for example if you wanted to manage any other any other software in naturally i can show you the list of providers which terraform supports now using terraform whatever we can create these many services we can code it so if i wanted to create for example if i wanted to create huh let's consider if i wanted to create an sql service sql server using telephone we can create it for example if i wanted to create a ship cookbooks i can use terraform to create it if i wanted to create azure active directory terraform supports if i wanted to maintain the entire aws cloud or azure cloud or google cloud everything is supported using everything is done using terraform getter gate lab so whatever we have seen here for example let's consider your use case where i wanted to create a user in github now what we do we we manually login to github and then we create user and then we whatever the permission which we wanted to assign to the user we will be able to do it now using git i mean using terraform we can do the similar setup also for see here if i wanted to create any github repository i can create it how will we create it let's see but what are the whatever the manual tasks which we do using a console which can be achieved using terraform as well and the main purpose of it is to code your infrastructure how does it benefit it benefits in such a way that we can keep track of the every resource which we configure using terraform and also uh if we wanted to reuse the code for example i write the code once like function and then it can be used later everywhere wherever we wanted to is that clear now we need to understand few terms before we get into creating any any services using telephone those are here the first one is resource resource is nothing but for example if i wanted to create an ec2 instance now what we define no before resource let me put a few things few more few other things also providers so providers are nothing but which one we are going to use it for example it can be aws or it can be gcp or it can be hdr or it can be whatever it is so whatever what what we are going to code using terraform so which one it is and the structure basic structure remains same but the functionality ways it differs from providers to providers for example in aws we call it a cc2 service in gcp it is called as bm correct those terminology differs but the core concept remains state and the next one is next product resource what is resource let's consider we are using the we are using aws provider inside aws provider inside aws provider i wanted to create an ec2 instance in this case what we do we create a resource we create a resource this is called as your source any services inside your provider is called as resource whatever we are trying to create is then called as resource variables so variables are nothing but an input value which can be defined while writing our terraform script output now output test the resultant value for example using a provider aws i'm creating an ec2 instance okay let's consider an input value i'm giving so if i wanted to create an ec2 instance what is this required what time is required if i wanted to create an ac2 instance in general over console what do i need to give instance type or whatever it is okay now what we can do is we can input these values by creating our easy to instance that is nothing but variable and the next one is for example after creating this ec2 instance it will come up with some values for example instance id correct automatically it comes up then instance ip address and these are the output values so whatever the input values which we are giving it from that we will get an output value so that is called as output created all of these code using all of these servers i mean all of these things i've created a conform script now i wanted to take that script before i actually applied it in that case what we will do we will run terraform plan so terraform plan what will happen is it will just do a driving before we apply it [Music] is a command which is used to apply all your changes in essence if i wanted to create any ec2 instances first what will i do i will create i will create i create the terraform script then to test it i will run from plan then if everything looks good then what we will do we will create i mean we will then run from appliance then terraform apply will apply all your changes in the script then from desktop so desktop will delete all your changes whatever is there in your delete all your changes delete all your changes and the next one is terraform in it here let's consider we are using aws provider okay we are using aws provider terraforming now here let's consider this is your machine from where you are we are running all of these scripts now here all we would have done is installed now i wanted commands which is specifically for aws which is specifically for aws correct only then aws related uh configurations will work in that case after writing all your code first you will have to run it from so what it does what it does is it initialize all modules or the all the required modules which are essential to run your script that is nothing but minute which initializes all your modules which are required to run your service i mean run your scripts that is nothing but phone in it then whatever this is required very important thing is tf state 5 df step 5 name itself says in the sense pf state file is nothing but a state file which holds all configurations of whatever you have created using whatever you have created using using [Music] in the things for example i wrote a script where it creates one ec2 instance okay now in the same ec2 instance i mean the same script what i'm doing is creating i'm creating one more easy to instance now first one easy to instance configuration is already added one configuration is already added it's already there correct now i'm adding second one in this case what it should do it should not create the instance which has been already created all it has to do is it has to create only the second one how terraform will know that one instance is already being created and only the second one has to be created and that case from state 5 comes into picture so any configuration which you run it first checks which you it first checks with your tier statement whether all of these configurations are matching your tf state file and with your the current configuration file which you have written if anything is missed then it will then it will create the required changes so that is the function of pf statement good now and this is one of the most predominantly or widely used tool in devops industry at this point of time till now if like any uh infrastructure related activities are handled manually now everything is being coded and terraform is one of the one of the important tool which is being used in the industry and i would really recommend you guys to go through it so we will use aws for our for configuration what is the first step first step is to install terraform on your machine now what i will do i will use one of my ec2 instance which i have created [Music] you will get the version of it so all you can do is whichever version you wanted to install if it if you're trying it in your local machine you can use uh you can download windows and then try it or if you have any windows machine just download accordingly let me download this one here copy and then double your you will see something called as this then what you need to do is you will have to move this file to if it is linux machine move terraform to user local pin then what you will check then cd space user local ping so you will have to move just download the file just copying it and just writing it for that then move the file to unzip first unzip concepts [Music] once it is done you will be able to and the latest version is this one uh 12.24 is the latest version which is available now we are set with this now what is the next step let's consider we wanted to create an ec2 instance from this machine in this case what we will have to do is now one logical question okay if i wanted to manage if i wanted to manage this account what is required for example if i wanted to manage this aws account using and cli what is required this is just a logical question what is required or keys like in order to login and username one password here so what we need to do is we need a credential where we can manage the account using our whatever it is for that what we will have to do first we will have to go and create one user if somebody is new to the cloud so what you have to do is go to circle i am service which is used to create your uh user accounts then go to users i'm creating a user with the name telephone so all it needs is just programmatic access so i'm just giving programmatic access and then click next here what we'll do we'll attach existing policies directly we'll give administrator access so that using the terraform account it can do anything it wants over this account but in real time you will have to come up with a best practice solution where we can actually give access to the console in a better way for any programmatic access now let me name it name just and then click review create user and then let me download this credentials now here now here what we are trying to do so we are trying to create an ecto instance using this so what i'm doing is i'm just going to one directory and then what i'm doing i'm creating one directory i'm creating one more directory okay creating devops so in this directory only we will have all all our configurations will be in this directory correct here what you will have to create you will have to create one file called as main.tf let me create one file here in this let me get into this file insert now what is the first step if we wanted to manage we will have to define mandatory so now first what we will do we will define our provider here we will define our providers here version is nothing but earlier they were using 2.2 uh version 2. with three they have included so many other new services also like ecs clusters so many other services included in version 3 with new features that that that's it now what i'm doing it and just doing this one that's it we will have to download that provider into our machine how do we do it which command we use that to initialize all modules so now let's see now what it does ama is nothing but like for example am is nothing but like when we launch an ec2 instance what we do actually whatever we're doing here we're doing it there so what we do is we give an ami id every image as an id every image has an id and that is what we are giving it here every okay now what are all the pieces it supports let's consider if i wanted to create an ec2 instance these are the arguments which you can pass it in the sense which which availability zone you wanted to pass like us east 1a audios each one be everything now now at this point of time what what else is required as mandatory what else is required we need key correct we will create key name so these are the arguments which are being passed to the script so that we can create an easy to instance now let's consider key iphone name is nothing but i have one key which is devops and tag is nothing but the name which we we generally give while creating an actual instance now name equal to let's consider first instance data from instance instance now our first script is ready now whatever we are doing see this aws underscore instance is the keyword which resource is what which we are creating which resource which which we are creating here we are creating aws instance this is the name of the resource which we are giving it okay and for this aws instance to launch an ec2 instance what all is required we can pass see anything which is given required is mandatory there is arguments ami [Music] and instant type instance type is mandatory to launch an ec2 instance these two parameters are mandatory other than that we can customize all other configurations all other configurations we can customize it now here we have done a resource aws instance standard form ami we have given instance type we have given key name we have given and then we have given a name for this ec2 instance what is the next step we will have to have a form just a quick info guys test your knowledge of terraform by answering this question which type of language is terraform a objective b declarative c descriptive d functional comment your answer in the comment section below subscribe to intellipack to know the right answer now let's continue with the session i already have a key i already created the key with the name devops so now what it will do it the new instance whatever we are creating will be associated with this pinky correct i already have a private key of this keypad then i can log into that correct so why do we do terraform plug so we run teraform plan check whether all our configurations are done properly or not let's do it here now here see it is asking in which region we will have to configure it you remember so by configuring providers there was one option here region correct which i have deleted region now here you can define your default region usb sticker one is virginia i have defined it here now if i run terraform plan now let's run traffic see uh the main are the main thing is if there are any issues with your configuration when you run terraform plan so let's key [Music] now what it says it new says will be launched so this will be the configuration now what will i do so how will i create a new machine here i mean if i want to apply these changes what will i what will i have to do terraform terraform apply now you will have to give yes the moment you give yes it says error no subnets bound for the default vpc please specify the subnet now what happens is since whatever we have given it here since whatever we have given it here it tries to launch it on the default subnet see here i've deleted the default subnet and i've created my own submit with that configuration what it does is also whatever we have done here so whatever we have done here it tries to create this ec2 instance in the default subnet now that is what we got an error see for launching source instance missing for second let's check whether it is right subnet underscore id that is the argument which we will have to pass and this is the subject id now again what we will have to do after making changes okay now if you look at here it will say that subnet id is this one earlier when you look at you would have not seen that now cool now we can see that one resource is added let me go to my pc2 instance earlier it was one instance and now it is two instance two instances second this instance is running here and whatever configuration which we have given it has come up now now you can see one thing here it did not have any public ideas it did not have any public apis now in this case what we can do what is required if i wanted to if i wanted to connect to this machine a public ip address is required correct now let's create a public ip address for this machine and then now in this case terraform apply is already done earlier you will not see one file called staraphone.tf state after you apply your first change after you apply your first change this file will get created terraform dot state file what is the purpose of this terraform dot statement it maintains all information about your configuration it maintains all the information about your configuration this is your instance id see this is an instance id the state file maintains all information about the resources which are configured using tera now let's see now what is the second requirement now what is our second requirement if we wanted to attach any public id address to that machine if you wanted to attach any public ip address of this machine okay now in this case what we wanted to do if i wanted to create a public ip if i wanted to create a public id there is a resource called as aws eip correct there is a resource called as aws eip just go there [Music] here we are creating one more resource which is nothing but aws eib and let's name it as let's name it from iphone instance now this is nothing but getting a value of this is how we get value of other machine so whatever we got it here see in the water when we are getting it here what is this as syntax is the older version syntax here we actually we don't need that just uh all of these things are not required now what i need to which machine we are attaching this elastic ip to this machine correct and what is the resource name it which is aws underscore instance and what is the name of the resource what is the name of the resource which is terraform it is terraform an id to understand that you will have to understand a bit about what are all the values it results let's consider what is the tc2 instance replace instance see attribute reference is nothing but what are the values it can result in since see what are all the values you get it in your tf statement here what is that id current see this value it results from this configuration what is that configuration this value holds this machine now what we are doing it now what we are doing in this configuration i am creating one more surface which is nothing but eip and this will and this will creating that elastic it has to be attached to this ec2 machine how do i know that to which ec2 machine i would love to attach using this configuration value aws instance dot terraform dot ready this id actually holds what the value of that machine which is nothing but this one is actually this one this one the value this one let's consider [Music] see what happens it creates an eap and then attaches and gets attached to that ec2 instance same way what will happen let's see if i give that value i'm replacing it with so these are dynamic values which we can get it how do [Music] i run telephone plan see pick up the same value now let me upload it from upload last for select yes now you don't see that public ap any public type is being attached here now if i refresh it here see when i create a password and this is how it works now if using the same concept what we can do is we can create any number of services which aws provides with bit of fine tuning that is required which we follow and everything now see it becomes more effective or more powerful ascendant course link when we start talking about other configurations you you'll understand the actual purpose of it now let's let's talk about something called as variables now the same concept is same variable is nothing but if you wanted to input any variable then we use concept called as variable okay if you wanted to pass any i mean sorry if you wanted to pass any values from the user or get values from the user then we define define variable and how do we do it there are multiple ways to do it one what you can do is you can create a file called as touch variables dot df whatever it can be i will be giving it i'll give it as inputs so what we can do is let me get some values from the user why do we have to give this value automatically here if i give everybody can use it right so what we can do is we can define it as a variable so that it doesn't being exposed now what i will do i will define it in such a way that you var dot access underscore key and then r dot c grid so in this case after defining it here so go to inputs.df5 we will have to define that variable so how do i define that variable keyname is variable and give the name [Music] variable let's what is the name of access underscore key and open bracket and then go close bracket and then [Music] name us we will have to define which variable type address now what what variable type it is that is string and there are different types of variables also like uh list of string maps of string tuple of string string lots of other things are observing this point of time let's not get into that level so the value is which we require there is string and how do we do it type equal to string that's it the same way we have one more variable also see great underscore key type equal to string and then close now with this what happens now let me check the configuration whatever see now here it asks for the value what is the value which i will have to keep it from and then secret value just a quick info guys intelpad provides devops online training validated and certified by nasscom future skills and ibm the course link is given in the description below now let's continue with the session what is infrastructure as a code so guys infrastructure as the code basically means that instead of going to the management console of your cloud provider let's say you're working on aws right now if you have to launch a server you will have to go to the management console then you will have to click at 20 different places to do the configurations and finally you will be able to run it right now this is okay if you're doing it for just one time but imagine a company where probably you are deploying thousands or two thousands of servers or services in a particular cloud platform all right so and let's say you want uh one day a requirement comes in that you just have to create a replica of it for some work or let's say you a requirement comes in that the server that you're running you all you have to upgrade all their hard disks to a certain size or let's say uh you know it it just so happens that you want to upgrade the specs the cpu and the ram of your systems all together for all your thousand servers so how will you do it so when you're managing an infrastructure at a large scale it makes more sense to manage it by code right because when you're writing code all you have to do is you have to run that code and those changes will be replicated across all of your infrastructure so that is what basically led to uh you know the formulation of infrastructure as a code uh domain and in infrastructure as a code domain you will find a lot of services you know which supports it so when you talk about for example aws aws has a service of its own which is called aws cloud formation so using the aws cloud formation service you can do all the tasks that i just told you right with a single click of a button it's just that you will have to write the code first and only then you will be able to do it right now there are multiple tools in the market which can do it the most uh powerful i will not say power the most popular tool in the market right now it's terraform why because i told you that terraform can basically be applied to any of the cloud providers which are out there so if you learn cloud formation it will only be limited to you know deploying resources on aws but if you learn terraform if you understand the basics of terraform you can apply it not only to aws also to azure also to gcp without uh switching any tool okay that's why people are more pushing towards learning terraform companies are more pushing towards their devops engineers to have the skill of knowing of to i mean working with terraform right so we'll reach terraform data but right now uh this is what infrastructure as a code is that is when you manage infrastructure not using the management console but by writing code and whatever resources you want to deploy whatever specifications you want for your resources all that is mentioned in the course so that's what infrastructure has reported moving forward now let's understand what is the difference now this is where people get confused so people who probably are from devops background they might find some similarities between infrastructure as a code and configuration management so what is so what are the things in common and what are the differences between infrastructure as code versus configuration management okay so guys infrastructure as a code uh basically helps you to create or destroy hardware architecture which basically means let's say you have 100 easy to so on those hundred eco servers uh you have basically created a vpc inside or a network inside that network you have those 100 servers deployed along with those 100 servers you have also connected a database right along with that database you also have uh you know a nat gateway through which you know people uh through which your your resources that is your servers and database are able to access the internet but the outside internet is not able to access them so these are some of the resources that you can create or destroy using the infrastructure as a code service but when you talk about configuration management configuration management is limited to deploying software so let's say you have a fleet of hundreds of thousands of servers and on all those servers you want to do a software upgrade let's say on all those servers you have a certain jdk installed and now you want jdk 10 or you want jdk 11 to be upgraded on all those servers so when you have this kind of a requirement you use configuration management tools which helps you to change the software components of large scale architectures but let's say you want to change the hardware specifications of your architecture in those kind of scenarios you will be using infrastructure as a sport right now one very peculiar thing about infrastructure as a code is that it can also help you install some software now this might create ambiguity in your mind that if infrastructure as a code can also install softwares inside a particular uh you know in inside a particular architecture why do we need configuration manager why don't we install the softwares using uh infrastructure as a port as well right so it can only install softwares which are required while you create the server let's say when you're creating the server uh you want java to be installed on all those servers okay so that telephone can do for you but let's say tomorrow you want now on the existing architectures or on the existing servers you want to upgrade the java version jack infrastructure as a code cannot operate so that only configuration management would do for you so without touching you know these servers without creating or without deleting the resources that you have if you want to change the configuration of a particular hardware or the software configuration of a particular hardware only the configuration management can help you in that and not infrastructure right third thing is uh and this is a basically just a warning that infrastructure as a code should not be used as a replacement to cm tools and similarly configuration management tool cannot be used as a replacement to iac2 so configuration management does not give you the option of managing your hardware infrastructure as the code does but the feature that it gives you of managing the software is only possible while creating a hardware while changing uh you know something on the server if you want something to be remain if you want something to be there as it is and at that time you want to you know run a particular script on that server that is not possible you will have to destroy that server recreate it and only then that script can be run in case you're dealing with infrastructure as a code okay so guys these two these were the differences between infrastructure as a code and configuration management so guys now let's move on to the next set next topic which is basically what is terraform so now what we have understood right now is what is infrastructure as a code so we understood that infrastructure as a core so i was saying that now that we have discussed uh you know what infrastructure as a code is we have discussed what configuration management is now let's go ahead and understand what terraform is okay so guys terraform is basically it's it's an open source infrastructure as a code software tool which was developed by a company called hashicorp all right so hashicorp is the company which basically uh developed this tool and it basically diff uh you know helps or it enables the people who are using the software to uh you know create architectures uh for a particular data center or inside a data center and also provision it provision it meaning bootstrapping it right and it can be done using high level uh configuration language known as hashicorp configuration language but it is basically json what we are using and if for those of you who do not understand what json is we'll just have it uh have a look at what it is and it's very simple to understand there's no uh syntax that you have to understand there are very defined uh keywords that uh you again have to learn you can just mention uh you know refer the documentation and that will help you out with understanding how basically infrastructure report basically works okay so with that said this is what uh terraform is guys uh moving forward now let's understand how we can install uh terraform for any particular cloud provider and today the example is aws okay and uh the terraform installation is a very straightforward process it's very easy so we are going to go ahead and now understand how basically it works okay so what we're going to do is guys uh we're going to quickly go to our aws management console right uh or let me first go to the terraform official website and from there we'll understand how we can download it basically okay so let's just type in terraform download and the first link that you will get is basically the terraform uh software link so uh let's check if terraform so you can check the compatibility of terraform with private cloud softwares for openstack yes so terraform is compatible with openstack so let's say if you have configured your private cloud to work with openstack then telephone can control it right so yes terraform can be used with private clouds as well given uh you know so you have to understand that uh any any anything that uh basically uh terraform works with uh basically is called a provider right so in providers you can see all these providers are compatible with terraform so right from acme which i guess is again yet another cloud platform you know to labbed and then you will also find docker over here so it's also compatible with docker if we touch do a control f for aws it is compatible with aws it is compatible with azure it is compatible even with azure devops services right then if you search for gcp [Music] it's also compatible with google cloud as well and let's search for digital ocean as well because that is also yes so it is compatible even with digitaloce so since you know it's an open source project uh that's why a lot of companies have now you know started to roll out libraries through which you know terraform can interact uh with their cloud vendors right so that is what uh you know that is that is what basically we are trying to understand over here all right okay coming back so now uh you know let's start by downloading terraform first right and once terraform is downloaded you can use it for any of these providers that are mentioned on this list so how to configure it is something that we will also you know see but first these are the platforms that your terraform is available for right so terraform is available for windows it is available for mac it is available for linux for freebsd platforms open bsd platforms and even cluster okay so on any of these platforms you can install terraform i know a lot of people are from windows platforms so if you want to install terraform it will basically you know download as a zip to you and this will also have an exe inside which you will have to see how you can basically configure [Music] so for windows i think uh there's also an absolutely awesome uh terraform learning platform that they have given over here that you can actually uh learn from right so you can go ahead with this and you can learn how to use terraform as well let me give you this link as well and for anything other than this session if you want to learn about terraform you can learn from here apart from that uh installing terraform uh i think this is a link which will show you how you can install it on mac os and linux distribution right with windows you will have a setup which you can download and that will help you you know get started with telephone will automatically install a command line tool for you and you'd be set for linux and mac it's a little uh more elaborated so let me just show how this works okay so first thing what you'll have to do is you will reach this download page right and depending on which platform you are going to use it on for example let's assume i'm going to use it on an ubuntu system so what i'll do is i just go to a certain region let me go to ohio and in ohio now what i'll do is i'll just deploy and easy to resource right let me let me install a linux machine over here so let's go ahead and launch an instance now which instance which i'll be launching which operating system i'll be launching a linux operating system so let me choose ubuntu over here okay blue dot micro uh option which is free tier eligible so i'll be choosing that and i just need one instance rest everything i can leave it at default let me choose the default security group and now let's go ahead and launch it okay so with this i am now basically launching an aws server on which i will be installing terraform so this server is just like your own system if you have linux or mac operating system this will show you how you can basically go ahead and install just a quick info guys test your knowledge of terraform by answering this question which type of language is terraform a objective b declarative c descriptive d functional comment your answer in the comment section below subscribe to intellipack to know the right answer now let's continue with the session so now that telephone is running guys uh what i'll do is let me just connect sorry this this server is running so what i'll do is i'll just connect to this server so let me open a terminal and let me connect to this server so for those of you who do not know how to deploy a server how to connect to it i'll give you a very short crash course just now okay i'm connected to the server so for those of you who do not understand how to connect to a server etc well uh when you're launching an instance so first of all you need an aws account okay so once you have an aws account then what you have to do is you will be needing you will be have to so this is the uh landing page that you would be coming on so this is where you land up okay so the first thing that you will do is you will click on ec2 right over here so this is basically the uh server service this is a service which is basically going to give you a virtual server on cloud and you have to click on running instances and on running instances you will have to click on launch instance okay so once you click on launch instance then it will basically you know ask you uh what kind of operating system do you want on this server so you can select any of these operating systems i chose ubuntu operating system because that's the most user-friendly operating system that you can work with right so you can select it from here next thing that it's going to ask you is uh how much of ram and how much of cpu do you want in your server right so i chose the t2.micro because once you sign up on aws you also get some uh you know free minutes or three hours for your server to run with right so this this particular server is free to run up to 750 hours in a month so this is what you will be choosing and this is enough 1gb ram and one core cpu is enough for doing all the hands-on that i'll be showing you right so you would be choosing this and then you will be clicking on next on this screen if you do not understand the aws it's okay you can leave everything at default you can just straight away go ahead and click on next again click on next this is basically going to tell you how much of hard disk space we the aws is giving you so you can just click on next uh here again you can just click on next you don't have to do anything over here then here it is basically configuring a firewall for you right so automatically a rule will be added for you you don't have to do anything over here just click on review and launch and finally on this screen this is the most important screen guys so on this screen what you will get is you will get the option of uh you know you reviewing whatever you have specified right so if everything looks good to you good to go just click on launch so once you click on launch uh you will get the screen where basically so when you work on a system uh in your office on audio on your personal system you basically get authenticated using the username and password right so when you're authentic or when you're creating a server on aws it's a different option and that option is basically a file using which you authenticate yourself uh or authorize yourself into the server okay so that file basically has to be created so in case this is the first time you're logging into aws or in case this is the first time that you're creating your server what you have to do is you have to create a new key pair then you have specify that name of the file so let's say the file is uh terraform just for example and then you have to download this file on your system okay so this file will now be downloaded to your system and this is the file you will use to authenticate yourself uh into the server okay so once this file is downloaded just click on launch instance and this will launch your server now now comes the point of connecting to your servers how can you connect so once your server is deployed you can again come back to your pc2 page and over here you will see the option of running instances okay so running instance is basically the number of the the server that you are running so in my case uh i launched this server in your case you will see one server which is running you can change the name by clicking on this edit button and adding the name over here right so once the name has been added uh the next thing that you can do is just select the server and now just scroll down so you will find something called as public ip over here so this is a public ip with which is uh basically going to you will help you to connect with your server so this is the ip of your server you can say in a brief manner so now using this ip you can connect to your server and if you're on a linux system or if you're on a mac all you have to do is you have to go to your terminal and you can use to connect to it so i think people on mac or terminal they already would be knowing how to do it if you do not know just let me know in the chat for people on windows uh what you'll have to do is you will have to download a tool called putty so just go to putty.org or what you can do is on google you can type on download putty right and you will get these links all right so click on the first link and you will reach this page now on this page you will have to download this footy software okay so how can you download it you can click on you can download putty here just click over here and then we'll give you a file list like this right so download these 64-bit version for your system okay so once you download this uh the tool will be installed and you are ready to use it after that there's one more tool that you have to download and that download tool is puttygen so you'll be downloading two tools one is putty the other is puttygen now let me give you the logic why you're downloading two tools so the first tool is going to help you connect to your server okay and the second tool is basically going to help you use the spam file which you have downloaded which is going to help you authenticate in your uh to your remote server okay so how will the pd2 look like let me show you some screenshots so once you open the putty tool on your windows system it's going to look something like this okay so this is where your public ip address will go this ip address of your server this will go in this particular text box okay and then what you have to do is you have to double click on ssh which is this particular button and once you have double clicked on ssh then this kind of window will open and then you have to click on court okay so once you have clicked on auth the next thing to be doing is this is the screen that you will get so once you click on auth you will get this browse button just click on this browse button and then go to the file that you have downloaded that is the pen file okay now in order now put t this tool it basically does not understand the pem file so this is where you will basically make use of the second software that you downloaded which is putty gen so this tool only understand the pp ppk format it does not understand the pem format that you have downloaded so what you need to do is you need to convert this pen file into a ppk right so how can you do that uh so you will basically now go to the uh put the gen tool just open that okay so what you'll have to do is this is how your uh tool will look like your puttygen tool you will have to click on load okay and once you've clicked on load you will basically have to now go to the pen file that you have downloaded earlier once you select the pen file it these two buttons will get highlighted okay so and it will get highlighted uh like one second i'll just show you okay it will get highlighted like this so once you click on load you select the pen file it will get highlighted like this and what you have to do is you have to click on save private key and that is it so once you click on save private key it will basically give you a prompt do you want to save it without a password so you just click on yes and now in the same location where you have the spam file a ppk will basically be downloaded and once you have that ppk just come back to your putty tool click on browse select that ppk and click on open okay so once you click on open then it will ask you for the username so the username when you have deployed your server uh as an ubuntu operating system the username would be ubuntu hit enter and that's it it will not ask you for any password and uh once you are on this uh the next steps i i'm gonna tell you okay guys great now that uh we now know how to reach the server what we'll do now is let's understand how to install terraform on it okay so now we are on a server which is installed on aws and it's a linux server so what we'll do is we'll follow the installation uh instruction for installing terraform and linux okay so what you have to do is uh just copy the 64-bit link come to your server and here you have to type in curl hyphen capital o and then the link that you just copied hit enter and this has successfully downloaded terraform on your system it's around 18 mb okay so you can do an ls over here to check this is the terraform tool that you have just downloaded and now what you have to do is you have to unzip this terraform tool so if you type in unzip uh you can see it's not installed on the server so all you have to do is type in sudo apt-get install unzip so unzip is now installed on this machine and now what you can do is type in unzip space download it okay hit enter and this will uh you know unzip your zip file and this is the folder that you get the terraform folder okay and now this terraform folder it just has to be copied to a location called user local bin okay so just copy it over there and then terraform is installed completely so how can you check terraform is installed just type in terraform hyphen hyphen version you can see right now terraform is not installed so what you can now do is copy which you have unzipped and copy it where copy it to user local and then bin okay so you will need the sudo command along with this let's enter sudo has been moved to user local print so as you can see only the zip folder the file is present so you can just remove the zip file now no longer needed and when i type in terraform hyphen hyphen version you can see it now returns the version of terraform so with this the terraform tool is now installed on your system and that is about it that is all you need to install terraform on any linux machine okay if you're working with windows you just download the setup that i told you and that is about it if you're using mac again same thing just copy this folder copy it to user local bin and that's about it okay and then you will be able to use it okay so although all of bengal i think can teleport be used with linux as well well that is exactly what i've done so this is a linux machine on aws where i've just installed telephone all right guys so now that terraform uh we now know how to install terraform on different operating systems now let's come down to using terraform how we can use it okay so create a user and use this user to authenticate terraform to aws this and [Music] the latest version is one point so it's a minor release which they have made which i think is not going to change anything so we're going to stick to the version that i have okay another things that have enrolled in big data and data science architect course and india business myself this course is that same yes that would be the same okay great so guys now let's go ahead and start by uh you know let me let me tell you how you can work with uh so first thing that you need to do is you need to create a new folder okay so let's create a folder let's call it uh demo underscore terraform right and now inside this folder let's go inside this folder so even in windows you can start by creating a new folder and then go inside that folder from your command line okay now once you're in in your command line let me just make it a little bit bigger for you guys okay this now should be visible to everyone okay so now that you are in your command line uh what i'll also do is i will use you know an ide like sublime and let me open the folder okay so inside this folder you will have to initialize terraform how do you initialize terraform that i'm going to show you so guys first things first you will first have to initialize uh teleform on the terminal right so how can you initialize this just type in terraform in it and my device i'm inside my folder and then i'm initializing error okay so just hit enter so it now says terraform has been initialized in an empty directory okay so when you initialize it it's necessary to also mention the cloud provider that you're going to work with how can you mention that so first create a file in your uh folder and call that file as main dot tf tf is the extension for terraform files and main is the name of file that now enter this syntax which is going to be provider then in quotes specifying the cloud that you're going to work so i'm going to work with ada do it next right and let us deploy all these sources in a certain region so which region can we deploy our resources in so i think we are in ohio right now all you have to do now is go back to your aws management console and now you just have to select the region that you want to work in so let's say i want to work in oregon region so let's go to audit so now it's switching the console to the oregon region it seems the aws site is a little slow so please bear with me okay so i am inside the oregon region now and what we are going to do is just check the code that is in front of the region that you are in for example uh its us hyphen west hyphen 2 this is the region code of the region that you want to deploy resources in okay so you have to mention this region name in your code so say you will type in region equals to and then you will type in the name the code of the region which in our case is us hyphen best hyphen 2 okay that's about it and then you will have to enter two more things and i will be telling you those things in a little way but first you have told terraform that you want to work with aws and you want to work in the region uss hyphen west hyphen 2 so just save this save this file and now what you have to do is just come back come back to your terminal and type in terraform in it again so now you can see it is checking for available provider plugins downloading plugin for provider aws so now the downloading all the plugins for the aws cloud provider into the folder that you're working with and once it has initialized it successfully you can see terraform has been successfully initialized so now terraform the one that you have basically right now installed it now knows how to talk to aws cloud okay but what it doesn't know as of now how to talk to your particular account right it knows it wants to talk to aws it knows it has to talk to the oregon region but what it doesn't know is what is your user account and password so when you want to specify your user account and password in terraform you do not use the username and password what you use is something called as secret key and access key okay and how can you get that in aws just go to your aws management console and open a service called iam so just click on this aws icon over here you will come back to the dashboard and now the search for the service called iam go inside the service and inside the service you will have to create a user so let's click on this user so let's create a user let's call it terraform now what this user wants is programmatic access so check on this so this programmatic access as you can see it's going to give you an access key id and a secret access key and that is what we need in order for that authenticating terraform to your account so click on next and now uh you would want to give it administrator access so how can you give you adm give it administrator access just click on attach existing policies and here the first policy that you would see is administrator access select this click on next click on review and click on create user now when you're working in production guys obviously you will not be giving it administrator access uh you will have to learn aws in a more detailed manner and then you will understand that uh you know how to set boundaries to a particular user what kind of services it can touch what it cannot and accordingly you will be setting the permissions for your user but since we are not learning aws today we are learning terraform i've just given all access to this particular user now i will be copying the access key id into my code and i will also be copying the secret access queue to this don't worry after this session i will be deleting this user so you have to worry about me exposing this credentials and then you will have to enter uh the uh so whenever you're defining anything in terraform the first keyword that you have it's not it should not be uh you know enclosed in uh braces or it should not be enclosed in inverted commas it should just be written like this and whatever value you are entering that should be entered in inverted comma so these have to be inside inverted commas okay and then here you will be specifying access underscore key okay one second so access underscore key and this would be your secret underscore access underscore okay secret underscore access underscore key now let's say you're not sure of what keyword you have entered over here so you can always recheck it in the documentation so terraform has when very awesome documentation to follow so what you can do is just go to terraform dot io and once you are on it uh just click on docs and click on terraform cli okay or actually not here you have to actually want tutorials so in tutorials then what you will be doing is you will be finding a lot of topics over here so right now what we are doing is we are basically building infrastructure so the first topic is then in this is uh with aws and right now i just want to see what will what is going to be the uh syntax for the access key and the secret access key so let's say you're not able to find anything in the documentation what you can also do is just search for it so access underscore key terraform code okay so here it is it's aws underscore im underscore access underscore key okay aws underscore i am and let's go access underscore key and similarly you will have the secret as well for this so secret e aws terraform so this is the variable for that so let's mention over here like this and let's mention over here okay so with this now i think your provider is configured how can you check if this is going to work for you let's verify so now let's verify if this is working for us so what we can do is uh we can create we can start by creating an ec2 instance by using this terraform code so how can you create an ec2 instance just type in resource right and if you're using an ide like sublime it can also give you uh you know suggestions but i'm not going to use the suggestions for now and what kind of resource that do i want to deploy in aws i want to deploy aws underscore instance okay and then i will be specifying uh you know you know an identifier for this resource let's call this example and now let's specify this resource by putting it in braces okay so the first thing that you specify when you're creating an ec2 resource is you specify an ami okay and in ami you basically specify the ami id and how do i know we need an ami well it's very simple like i said just go to the documentation from terraform and here you can see this is the code for creating an easy2 instance so first you have to specify ami this is the ami ide how will they get the ami id go back to uh you know your management console click on launch instance so the first thing that you have to choose is the operating system right so that operating system is basically called ami meaning amazon machine image so whichever operating system you want to deploy just copy the ami id for it so let's say this is what i want i want to deploy an ubuntu instance so i'll just copy this ami id come back to my code and put the ami id over here okay next thing that i will be specifying is uh the type of resource that i want to launch right so is it uh going to be a 1gb machine or it's going to be a 2gb ram machine so that is something which is called as type okay so you can see that there are various configurations over here and every configuration has a name attached to it so if i want a 1 gb ram and a 1b core cpu the type is called t2.micro just a quick info guys test your knowledge of terraform by answering this question which type of language is terraform a objective b declarative c descriptive d functional comment your answer in the comment section below subscribe to intellipack to know the right answer now let's continue with the session 4gb ram and 2 core cpu it is called t2.medium so based on what type i want to deploy i will have to specify in my code so let's say the type is p2 dot michael okay so this is the ami id this is the type that i want to deploy and now what i do is i just go ahead and create it so let me just change one small thing over here this will be called key and this will be called secret key okay and this is the resource that i want to launch we'll just save this and now let me show you how you can deploy it okay so now what i'll do is i will let me just come back to my slides first and then i will show you so there are four basic operations in terraform first is init which i've already showed you so that init operation basically downloads any dependencies which might be there or working with your code right for example i wanted to work with aws so in my file i specify that i want the provider as aws and then i did init so what i did it download all the dependencies for the for working with aws cloud the next operation that you work with is plan okay so now that i've written the code i can ask terraform the plan so what is the plan that it's going to work with so i'm just going to type in terraform plan and now it will show me what all things terraform will be creating for me with the code that i have written that is over here so i've just stepped a terraform that i want an aws instance to be created with this ami id and this size and other things which are required by terraform for example or you know what what size of hardness to be attached to it etc it's gonna uh take it as uh what do you say it's gonna take it as default now whenever you have any errors in your code is basically uh you know going to show over here for example it says uh in line 7 resource aws instance example resource aws in underscore instance example the argument instance underscore type is required and then it give me one more error that there is an unsupported argument that i've entered which is type so this is clearly telling me that in line 10 i have to specify instance underscore type instead of just type because type it's not able to understand so what i'll do is i'll just simply copy this just a quick info guys intelpad provides devops online training validated and certified by nascom future skills and ibm the course link is given in the description below now let's continue with the session come back to my code replace type with instance underscore save type code and again go back to my terminal again type in terraform plan so now it's reading my code it's understanding what has to be done it's also taking in some default value which i did not enter so terraform only asks you values which are required there are some values that if you don't enter it you take it as default okay so this is the plan that terraform has given me that this is got what it is going to deploy in my aws machine or aws account so it's saying the ami that uh terraform is basically going to use is this ami id right uh the other thing that says it can only be known once it applies it the instance type that it is going to deploy is t2.micro and other it's saying it can only be known after creating it okay so here one thing to understand is can you see this icon which is plus over here so plus whenever you see plus in your terraform plan that basically means it's going to create when you see anything such as minus that means it's going to delete and when you see uh you know another sign so i'm going to show you that sign in a little while it's called the sign curve sign or there's another term to it i'm not remembering it right now or escape sign if i'm not wrong it basically tells you that it's going to modify okay so now you once you verify okay these are the settings that it's going to do uh for my terraform infrastructure now what i can do is i can type in terraform apply why terraform applies because that's the third operation that you have to do so once you initialize it then you plan it and then you apply it if everything looks good to you in the plan you apply it so once i click on terraform apply so but before you do that let me just come back to my uh ec2 console and let me show you that right now there's nothing you know created inside it so if i go to running instances there is no instance which is created over here as of yet right and now what i'll do is i'll just click on terraform apply now it will take a moment and it will first go through the plan and then it will ask me whether you want to go ahead with this plan or not so you have to enter yes hit enter and now it will start creating all these resources for you in your aws account okay so as you can see it's creating it will take some moments probably it will take 20 to 30 seconds and then it will create the architecture which you have specified okay so right now we are just creating a very basic architecture i just told it that i need a server of the type ubuntu that's it slowly and gradually as you progress along this session i will be showing you how you can do even better things than this okay so meanwhile if you have any questions please let me know okay that was saying uh is it good to learn python to get good opportunity in aws uh well weber yeah i mean any programming language you involved so if you're starting to learn any programming language yeah python would be a good start and how to get aws free access well wherever the first sign up on aws so once you sign up on aws you automatically get signed up for the free tier that we are using so the only limitation is free tier which can only give you 1gb ram and one core cpu at this p2 dot micro server free no other server will be free okay so as you can see now it says apply complete resources uh so one resource has been added 0 has been changed and 0 has been destroyed so if i go back to my management console if i hit refresh you can see that automatically a server has been created for me now right and this server basically if you see the key there is no key specified over here because obviously we did not specify the key so as in when we will be moving along we will be changing all these settings as well right so everything is is default the only thing is it is the instance type let me mention is t2.micro right and the operating system that it basically deployed is ubuntu all right and this is how you create a resource using terraform in aws uh all of them are saying what is the major difference between cloud formation and terraform well like i said all of in the starting of the session as well cloud formation is a very specific service just for aws but when you talk about terraform it can be used with any cloud provider so if you learn the terraform tool you're not only restricted to working with aws you can work with any tool but if you learn cloud formation you can only work with awkward no other ranjit is saying yaml and json both languages need to learn for telephone no so only json is enough and there's nothing to learn ranjeet in this so as you can see this syntax is very straightforward first you specify what you want to deploy so i want to deploy a resource then you specify what type of resource i wanted to deploy in aws underscore instance then you give a name to this resource so i given an example then all the arguments that are required for this instance to be deployed i mentioned that then equal to and then the value of that resource or that argument that is it so i've been saying what about the name of the instance so arvind we will be coming to that uh in a little while uh ranjit is saying we can also do vpc setup and pod related configuration terraform uh yes you can do it so any resource in aws you can create using terraform no resource is left behind any resource whether it be elastic ib whether it be vpcs whether it be databases everything can be created so alabama is saying can you please show again how you link terraform to aws console well all i did was i created an im user hologram so once i created that i am user i got this access key and secret access key we just mentioned that over here in the provider section of your code and that is it that's how you connect to your aws management console that's it so probably if you want an in detailed discussion you can go through this video again once you get it monty saying same one as your also yes monty uh the processor process is going to be the same only the argument names might change for example when you're using azure there's nothing called an amino so this ami might have a different keyword but yes the resource block will have to be created the resource type will have to be specified provider has to be certified region has to be specified so all these things will be the same uh ranjit is saying use cases of terraform freeze so ranjit the use case of terraformers should deploy infrastructure on a particular cloud platform it could be any infrastructure component it could be network so whatever you can do using the management console you can do using terraform but why would you use telephone when you are dealing with large infrastructures for example right now you just created one one instance you can create multiple instances as well okay so let me show you how so first let's understand uh how do you read what you have deployed so i don't want to go to the management console now i want to know what is the ip address of my server so i can just type in terraform show so with terraform show it will show me the infrastructure that it has deployed now so this is this is the details of the infrastructure that i've just deployed so my resource is deployed in u.s west 2c right this is the availability zone right and it has this is the public iep address of my instance if you are talk about uh the the size of the volume of my instance is 8 gb okay so now let me give you a very small example how you can basically use terraformer why is it so popular among the production environments let's say my manager comes and he says you know what my server is running slow can you change the volume size of my server from whatever it is right now to 100 gb i was like okay great i can do that so i don't have to go to my awkward management console and i don't have to learn the syntax as well okay i'll just type in teraform show it will show me the current configuration of this server and here i can see that this root block device is specifying the abs details or the hard drive details of uh you know my instance and here i see that the volume size is 8gb so what i'll do is let me just copy this let me come back to my code and i'll just paste this over here and now i'll just delete i'll get what i want so i just i do not create okay i'll save this come back to my terminal apply now there are going to be some errors in this obviously there are going to be some errors because you cannot just copy and paste right so but if you read those errors you will understand how to change your code so here it says uh root block zero device name this field cannot be set okay and then it says volume id this field cannot be set so if i come back to my code device name i will have to remove this so let's remove it then it says volume id then i can just remove this as well cool save the code come back to your code again type in terraform apply and now what it's going to do is it's going to see what your current state of your instances and then it is just going to change the volume or you can just see so let me let it just load and then i will show you what terraform is going to change for you in the architecture okay so now this is the plan terraform plan this is the telephone plan that you see right so this is the this is the icon that i was talking about this is the icon that i was talking about so this icon basically means update in place okay so it's not going to delete your server it's just going to update it right so what all is being changed so first of all i have changes in this resource which is aws instance example great so everything over here nothing is changing as there is no icon over here what is changing only my ebs or my hard drive is changing and in my hard drive only the volume size is changed so right now this is the ip address of my ec2 it's going to remain the same this is the network details of my ec2 it's going to remain the same what is changing only the hardware size only the hard drive of my instance is changing and that is that to the size even the hard drive is going to be the same so if i have some data on this hardware it's going to be the same the only thing is the size is going to be different so what i can do is it's asking me do i want do i accept these changes i say yes i accept these changes and now it is basically going to apply these changes to my instance now obviously not all these so let's say i specify that i want to uh probably change the availability zone it is right now in 2c i want to deploy it in us based to b in that case obviously you know the instance will have to be deleted and it will have to be redeployed so not all the changes can be changed on the same server some changes will require your hardware to change you know it is making those changes to my architecture and once those changes are done it will give me a success message over here darshan is saying this there is not security issue while using terraform well darshan uh aw cli so again you can configure the aws cli and again the credentials will not be exposed if you're using this on aws right so in that case you can just attach a rule to your instance and if you attach a row to your instance again your credentials are not exposed but obviously if production architectures are using terraform obviously the security is assured fine over here so okay so now as you can see the messages apply complete resources zero added zero destroyed and one changed okay so here it also tells you that what has been deleted what has been added and what has been changed and here you will notice that the hard drive that is attached to this instance it's basically it's basically your rgb volume and it's not 8 gb anymore okay saying is it possible to do lvm on while creating instance on terraform i'm not sure what you mean by lvm server can we you know go ahead and expand it okay okay so we've just upgraded the server with 100 gb hard disk and it just happened so same happens so in this code i just specified one resource as of now i can specify more resources so what i can do is let's say now i want to create one more resource one more server i want to create let's call this resource as example two right uh the this server i wanted to be a medium server and this is this time i want the volume id to be 50g okay so i'll just save this come back to my terminal i tell it to terraform apply and now you will notice it will it knows already that there is one server which has been created so now what i'll do is it will just create a new server okay if there are any errors there's going to be one error while i'm doing this and it's going to show that error right now so first it's going to show me the plan and then it's going to ask me do i agree to that plan or not okay so as you can see it says uh plan one to add one to change zero to destroy okay what is being added uh so right now i have specified iops as 100 i think over here in my code okay so let me remove these i have so i don't want it to change it so i'll just not agree with the plan do you enter value and no and then i'll apply it again so only my second instance will be created now and you can see the other instance it will not touch it okay so here you can see that example 2 is being created and no other option is being shown over here so example for example resource for example instance is not even mentioned over here why because it's not going to touch it right so if i enter yes over here it will automatically deploy another ec2 machine for me so likewise if i mention multiple servers it will create multiple servers so just about mentioning it over here in the port if i mention 500 servers it will create 500 how can we ensure that only size alone is scaled up but there is no data loss well i mean that's because over here you could see that the volume id when i applied uh the previous configuration you saw that volume id was not changed can you see the volume id is not being changed so if it's the same hard drive where the date where basically the size is increased so if the hard drive is same obviously there is no deletion of hard disk which basically means that my data is being preserved so that's basically an airbrush feature rather than terraform feature that you can upgrade your hard drive size without losing your data so right now when i applied so if i click yes over here guys it will create one more instance but i don't want to do that i'll just hit enter no okay let me come back to my code and now let me show you somebody asked how what about giving a name to your instance so if you know aws well you will understand so let me first type in terraform plan so you will understand that the name in an instance is basically attack terraform show so this will basically show you the current infrastructure which has been deployed so you can see something called as tags over here and there is nothing mentioned in tags okay so all you have to do is you have to mention and tags the name of your instance and then that would basically go ahead and apply it for example right now if you talk about my instance name there's no name so this is the tag name there is no name attached to it right so what i can do is i can just go to my code i can in in my resource of ec2 i can go ahead and create an argument called tags and how will you know this argument basically is there by reading the uh show configuration of your infrastructure it says there are no tags specified over here right so i can just go to tags and then mention this inverted braces and here uh i want to specify the name okay so how would you specify the name so when you're inside that over here you're not working with terraform now now you're working with aws so here in tags the key will go inside inverted braces inverted commas and similarly the name will also go in imported formats let's say this is hyphen instance save it and now let me come back to my console here i will say terraform how is my infrastructure going to be impacted so as you know if i'm just changing the name nothing should be changed instead of just the tag instead of just the tags section nothing will be changed in my uh instance so that is exactly what will be shown over here as well so it says zero to add one to change and zero to destroy and what will be changed i can just check the plan over here so changes tag will be changed and here this tag will be added and nothing else is being changed as you can see over here right so everything looks good just type in terraform apply and now what will happen is it will change the name so i'll just type in yes this is what i want to do so it's modifying the instance and as you can see the instance has been modified and now if you check in your management console if i just refresh it i think we mentioned so i think i mentioned the key as wrong so this has to be capital and check because it's case sensitive when you are specifying the tags or let me just do a refresh from here so the name has to be n capital so i'll just click on apply again yes so like i said it's case sensitive so now as you can see the name has been changed to terraform hyphen instance okay so this is how you can put the names as well so let's go ahead guys and now let's uh you know see how we can basically install a software on a particular server that we're trying to deploy so when we deal with uh servers on aws there is something called as so we can just check over here for user data and if you are able to do that we can mention that okay so we are not able to find user data over here so what we can do is we can [Music] and i want to install let's say apache 2 so what i can do is i can create a ssh file over here and let me create it using sublime itself so in this terraform folder what i'll do is i'll create a new file and let's call it install dot sh and in this let me write a script which is going to install the stuff so i want to first update the machine and then i want to install apache 2 right and then in my terraform what i'll have to do is i'll have to go to my terraform file that i wrote and then what i can do is i can mention user underscore data equals to and then i can mention the file that i just wrote right in my case it's install dot [Music] i like to mention it like okay so now what is what this is going to do for me is it's basically going to run this shell script run this shell script for me on the server that is being deployed okay okay so let's see what all things are getting deleted for us so you're getting a sign like this this sign basically means uh it will first be deleted and then it will be created again okay so aws instance must be released because of the changes that we have just told it to do right so it is going to keep the air in it is going to change the arn it is going to change the ip address as well it is going to change the availability zone as well uh cpu core count this will be the same because we have mentioned t2.micro right so it is not changing so this will also not change uh it will change this setting it will change the setting it will change the setting it will change the host id it will change the instance id why because the instance id is getting created again right so all these things will change and user data only then will be added okay and guys this is why you cannot use it as a configuration management tool uh ramakrishna is saying do not delete the vm just install apache well ramakrishna if you're using it doing it using terraform that is not possible okay because the user data setting it cannot be changed so what is user data let me show it to you so when you're dealing with this particular instance if you go to actions if you go to settings and if you go to view or change user data i cannot type anything even it says to edit your instance user data you need to first stop your instance right so if i want to add user data to this machine it can only be added once i stop this machine and user data only runs when your machine restarts okay if i restart the machine i lose the ip address right i lose a lot of things i just lose the ipad i do not do the other things but but when you're using terraform terraform as it knows it's not used for configuration management it knows that right so it finds it more easy to delete the hardware and re-deploy it with the data that you want right so that's why if there are any software changes that you want to do you do not have to use terraform use configuration management instead because in that case it will not touch your hardware it will only change the software that you want right so why would in what case would you want user data to be added to your server when you want your servers to have a pre-configured software once it's deployed so now let's see what is going to happen okay so i'll just do a terraform apply and now let's see whether it installs the particle software for us or not okay so now i'll just type in yes so now just have a look at the instance id okay since it's being destroyed it means it's being deleted right the new instance id which is going to come up it's going to change so as you can see it says destruction complete after 36 seconds and now it is creating it also guys uh in order to see if apache 2 is working or not what we'll have to do is in the security group which will be basically used i will have to open port 80 so we will just check so it says apply complete great so if you refresh this again you can see the previous instance has been deleted and the new one has been created and the new one is still getting initialized okay so let's wait until it gets initialized and what we can do is we can go to the security group which is this which is default and i think in the default security group although the inbound rules allow us but let me just verify it if that is the case so yes everything is open cool so i don't have to change anything here and now let's just verify if we are able to see apache 2. so if i go to this ip address it refuse to connect uh it means it's still installing the software so you can see the status is still initializing so let's wait for it to initialize and then it can basically show us the apache 2 software okay cool so i think our website should be up okay it's not up yet okay let's try this let me go to my instance this is the ip address oh this is the code okay it's not running let me just figure out why it's not running give me a moment okay i think i've figured out the reason so when you run this command it basically asks you yes or no while you're running it right so let me give you a small example so let me i think i should have an ubuntu container running let me show you by running an ubuntu container and running that same command so this is an ubuntu operating system okay so if i run apt-get update it will update it right it will take like 30 seconds to do it and when i install apache on it you will see it asks me whether i want to whether i confirm it whether whether to install it or not okay so apt-get install apache so can you see it's asking me do you want to continue so that's why the command is right now stuck so in order to solve this if you enter apt get hyphen y install apache 2 it will run it will not stop and that is exactly what i will have to do let me just delete this container and then i'll show you how we can get it done okay so coming back to the code so i will have to add hyphen y over here save it come back to my terraform plan so even if i'm changing install.sh you will see that it will be able to identify that there's a change in the shell script just a quick info guys test your knowledge of terraform by answering this question which type of language is terraform a objective b declarative c descriptive d functional comment your answer in the comment section below subscribe to intellipack to know the right answer now let's continue with the session so as you can see it has understood that there is something to be changed because i should change the shell script file right so what i'll do is i'll just apply terraform apply and now i will do all the steps again for me and the instance that i'm gonna have now it's going to have installed okay okay so as you can see apache has now been installed on this new machine uh you know that we basically just deployed and guys this is how you basically make use of terraform to deploy any hardware how to crack aws interviews so let's say how do you do the preparation and how to appear for the interview okay so now as i say the first thing is the hands-on and the services that i was talking about for storage you need to know s3 you need to know ebs you need to know efs uh and remaining storage gateway on a high level it's okay remaining you you don't have to focus so much on the database side aurora elastic as dynamodb and rds these four are very very important remaining you can skip okay security identity and compliance aws im is very important remaining uh it's not needed that much uh if you are from application background aws you can go through it but don't uh dig deeper into it make sure you are very much comfortable with aws i am okay all right so cryptographic apk not needed at all machine learning not needed at all in management and governance okay so here there are few topics like auto scaling very important cloud formation very important cloud trail cloud watch cloud watch is again there's no concept you just see how to monitor stuff cloud trail is again very simple not that complicated okay cloud watch cli for aws admins very very important command line interface you need to know that aws config is important okay and the remaining it's not needed that much you can go through aws ops works on a high level okay in migration and transfer go through database migration service go through schema conversion tool on a high level and on the networking and content delivery cloudfront you do not need to know cloudfront in detail just know what it does that should be enough okay route 53 very important low elastic load balancing aws vpc is super important these two end user computing front end web service not needed analytics if you are from analytics background if you are from database administration background then analytics is important which are the things you should know amazon athena but again before this you should know uh big data development right amazon athena is important cloud search data pipeline amazon emr glue kinases and red set so if you are from database administration big data administration or data warehousing backgrounds then these are needed if you are not don't even bother for application integration amazon sns sq is very very important just go through amazon mq and state functions what it does again on a high level of is swf if you skip swf that is also fine you uh don't have to bother about sw business applications not needed these are not needed yeah settler satellite robotics quantum computing blockchain arvr these are not needed at all billing and cost management go through it again this is not for certification this is needed for you to work on aws management console again this is not a topic you already know adobe's management console if you are if you want to become an aws developer sdks are very important if you have a java background you should know aws sdk for java from python background you should know aws sdk for python so from dotnet background you should know aws sdk4.net so on and so forth these are not needed at least right now okay so these are the important topics again this is step number two so how do you broaden your uh experience on interpreters so that's how that is step number two okay no one is going to ask you how do you launch an ect instance no one is going to ask you how do you create a security group people will ask you let's say how do you create a what are the things that you have to take care of when you create a three-tier architecture when you create an application or when you're creating a vpc for a 3d architecture okay again this is a simply right question again the question would not be so simple so for example let's say the first question you have an application i hope you can see this let me increase the size so you have an application deployed in aws but because of security reasons all of them have been launched in private subnet nat gateway can't be used too how do you get software repositories to those machines now if i tell you the answer so real time questions you cannot find those in documents right so these are the things that you can answer only on practice okay all right how do you get the iphone application load balancer what do you see when you try to do so okay how do you get the ip address of an application load balancer ns lookup is the command so again this will not be asked in the in the interview okay so the question here is that try ns lookup so the answer for this one is bastion host go to the architecture of load balancer and then you'll be able to understand why uh we'll see multiple iq addresses for the load balancer okay all right question number three you have a retail application set up on aws electronic section is in vpc one and home appliance section in vpc two in the same region the payment component needs to communicate to both the mentioned sections where do you place those tell me the application design for the scene okay so this is this is an application design question this actually see don't get too much nervous about this last line tell me the application design actually they are not asking for application design if you see they are asking for the network topology so one is in vpc one electronics is in vpc one home appliance is in vpc2 the payment component needs to communicate to both the mentioned sections where do you place those it's a network topology question so if you know vtc well enough you'll be able to answer this so ah the answer is can anybody try three tier is not the answer no three in the same region exactly vpc peering correct so you create another vpc where the payment gateway or the payment component would be placed a vpc one would be paired with dpc3 and dpc2 would also be paired with vpc3 so see this is not an application design so even the even questions is tell me the application design for the same the answer is actually a network topology correct all right design a disaster recovery system of an application with two hours of rpo and 12 hours of rto so what is rp on rto this is there in the self-paced video so if you know what is rp on rgu it will be very easy to answer now what is rpo rps recovery point objective plus just let me let me give an uh high level uh uh high level id about this about this question now there is a very common question okay you can get this question literally this is one of the favorite questions of the interviewers so rpo is equally point objective which means that uh the uh the the time sorry how much data can you afford to lose so that's what rpo says two hours means you can lose data for two hours okay so that is point number one what is rto rt means how long will it take to uh bring up the dr region okay so application on the di region okay so now how do i answer this so first is rpo when you talk about rpo you need to note on rpos as i said it is about uh this system so it is about um the time that you can afford to lose data so they are talking about data and where do you place data you place data in uh ids databases correct now there's an answer that you can deploy backup for every two hours no that is definitely that is not feasible what if you your database size all combined is let's say 10 terabytes do you think uh you can take a backup of 10 terabytes in two hours not possible what do you do that answer has been discussed in the training the answer is read replica so if you create a read replica you get an rpo much lesser than two hours because your your application lag is somewhere in seconds so create a read replica of your database systems okay what about application how do you take backup of application that is also covered so application you have a mines right so what are the amis amis are the uh uh so basically you launch a launch an ec2 instance you you install audio applications you put your code in in the ec2 instance and then you create an ami and you can copy an ami across to another region so what do you do if it's two hours then application does not have any data so on the application side you have to you just have to make sure that your amis are available in the dr region also okay and um on the dr region then you launch the application just the way you launch in the primary site okay question number five even though you have set up auto scaling new instances are not starting what could be the reason no the workloads have reached its limits let's say one of the answers is it has reached its maximum limit so let's say minimum in the auto scaling group minimum number of physical instances is 2 and the maximum is let's say 5 it has already reached 5. again this is typically a in my certification question but it is asked in the interviews also okay you have an s3 cross region replication but you see that the objects are not being replicated what could be the possible reasons for the same think about it what is connect metric there's nothing called uh sorry correct metric or alarm not to get alarm for what choosing of reasons permission is so yes so see when you set up aws cross region replication you don't have to do anything no alarm is needed no matrix is needed s3 does it automatically as long as the s3 service itself has an im role attached to it which can put object in the other bucket in the other region so this is a permission issue so this is not so as you can see this is not an s3 question as such this is mainly iam so if you practice enough cross region replication just a quick info guys intelpad provides devops online training validated and certified by nasscom future skills and ibm the course link is given in the description below now let's continue with the session there's an option when you set up processes and replication where it says create a role so if you have not done hands-on you will not never know that that exists right so that's why hands-on is needed okay question number seven your organization has ibm db2 datas is installed on hundreds of ect instances as they are not managed services these dbas are needed to maintain and govern those databases how do you allow dbas in your corporate network to login to those db2 database servers okay i am is not the answer no it's dp2 db2 on acetone instance so uh you want dbs to on your corporate network to connect to a database which is on ec2 instance how do you do that ssh is the answer yes so basically what do you do through the internet definitely no so that is not the answer so what you do you um create a let's say dashing host ssh into the passion host from bastion host you ssh into the db2 ec2 instances for db2 data servers are installed okay again as you can see this is more on network topology again because it talks about how to allow people from your network so now what about bastion host neo net network now here you need to know that okay the aws aws vpc would be connected to on-premise data center either either using vpn or using direct connect that's all you need to know okay so how so the interviewer might ask how do you make sure that the connection is there uh you know between your aws cpc and your on-premise data center so you say okay you can use vpn or direct connect now no one expects you to set up vpn or have experience in vpn setup or direct connect setup but you should know okay these two can be used we can question number 8 you have an application like instagram to upload your photos by users users take selfies using their mobile phones and upload those to the application we are planning to host the application on aws how to design such application what aws component components should be needed now see the question again it talks about how do you plan to host the application on aw how do you design such application this is not an application design question remember that to read the question carefully it says users take selfies using their mobile phones and upload those to the application which are hosted on aws what aws component should be needed so you can use either lambda or ec2 instance now the photos are uploaded by the application rather than the users directly so the you see if you if it is the application on ec2 instance either on lambda let's say that is an ec2 instance instagram live application can be on easy to our landlord now the question is how do you upload the photo from ec2 how easy to upload the photo see the application is on easy you can be in python it can be node.js it can be java how do you upload that to s3 again here the question is about permission so you need to have an im role attached to the ec2 instance which will be used by the application to upload the photo in history so what aws components would be needed it would need s3 you don't need a levels i am it would need aws c2 or aws lambda of course auto scaling load balancer vpc all those things are also there which are implicit if again you should tell those things implicit from my side okay question number nine a global application is hosted on aws and its database is placed on rds now the problem is that the number of users is increasing and you are getting performance issues ever since what are the troubleshooting steps and how can you solve the problem mention the steps so the troubleshooting steps is typically for for the database administrators this is not for aws architects but the how do you solve the problem of the performance issue so monitor cpu says again why do you need to monitor because you already know that there's a problem monitoring cpu usage will not help you solve the problem we will tell you that there is a problem auto scaling you cannot do auto scaling on rds rds is vertically scaled not scale it horizontally so what would be the solution think about it that's again the situation or the service has been discussed in the training how to use load balancer so if you use load balancers you if you use load balancers load balancers would be for application not for database so read replica is the answer which can be used to scale what about rights anything else okay so can't use sqs for this as a shock observer in between the application and the database so use sqs and sqs can scale unlimitedly you do not need to bother about sqs scaling what do you do you put the applications there use it as queue and then use applications and ask those applications to load the data on the databases at its own pace which is comfortable for the database so as i was saying uh so can't you do that so these are the things that you have to see as i said you have to know to use those all the services collectively as an architect that is the role of an architect okay storage auto scaling will not help solve your purpose storage is for storage how does it solve the problem of user hey okay now question number 10 you are working for a customer which has aws resources for security reason customer is not willing to create aws account for vendors how to get access to the customers aws account in such scenario so let me rephrase the question if you have not understood it so let's say i am uh i am a customer uh and you are working for me i don't want to create an account for you in for you sorry i don't want to create and i create a user in my account okay but you have an aws account and you want to work for me how do you do that i don't want to create any uh im user in my aws account so how do i enable you to use my aws resources because that is needed because it will be let's say you're a service provider for me how do you do that i am is hideable answer what is aws organization is not the answer the purpose of aws organization is completely different than what i'm saying here see you you are a service company i am i'm a product company let's say you need to know the usage of of the services okay so if you don't know the usage again how do you know the usage enough you need to practice rigorously you need to face a lot of issues lot of errors then only you'll be able to learn okay so that's all just a quick info guys intelpad provides devops online training validated and certified by nasscom future skills and ibm the course link is given in the description below now let's continue with the session so guys we have come to the end of the session if you have any doubts please put down in the comment section below we will try to answer it as soon as possible thanks for watching you

Info

Channel: Intellipaat

Views: 10,636

Rating: undefined out of 5

Keywords: Devops Terraform Course, Automate your AWS Cloud Infrastructure, Devops Terraform, AWS Terraform, Terraform Tutorial, Terraform, Terraform Tutorial for Beginners, AWS Terraform Tutorial, Terraform AWS Tutorial, AWS Terraform Tutorial for Beginner, Terraform AWS, Terraform Tutorial for beginners, terraform tutorial aws, terraform training, terraform for beginners, terraform devops, terraform devops tutorial, what is terraform, terraform tutorial, DevOps Course, Intellipaat

Id: CwBaVZKoyWc

Channel Id: undefined

Length: 144min 4sec (8644 seconds)

Published: Wed Mar 24 2021