Terraform Tutorial | Setup with Docker, AWS, and Terraform Cloud

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys and welcome back and today we're going to be looking at terraform and if you're not familiar with what terraform is it's pretty much a infrastructure s code which allows you to deploy your infrastructure to many different types of providers whether that be docker aws azure or gcp and today we're going to be looking at how to install it and set it up locally with docker as well as configure it so that you can actually deploy an infrastructure to aws and also look at how to do some uh remote state management with terraform cloud so with that out of the way let's get into it [Music] so first thing that we're going to have to do for this tutorial is that we're going to have to install docker and if you're not if you don't have docker already installed in your machine what you can do is actually go to docker desktop and if you just google docker desktop right here and then you just go download so i'm on a windows machine but you can download it for mac or windows or linux just follow the tutorial of their documentation as to how to actually go ahead and install that and once you have that installed we can get into installing terraform and we installed terraform by something pretty similar if we just go to their get started here and we actually go to uh install terraform so if you go to their get started and you click any one of the examples one of the things that you're going to find here is actually this installed terraform and i'll put a link to this in the description below but pretty much um you can see here that they just have different uh tutorials on how to actually install terraform for your different type of operating system so i am actually going to be using a wso2 setup on my windows machine so i did the linux package but once you go ahead and install terraform and everything kind of uh to verify your installation just do terraform help and things like that um as long as you have those two pieces out of the way we can actually start testing our terraform installation with docker by creating a simple docker terraform file so first thing that we're going to do is uh just to show that we actually have both of those installed i'm just going to do a terraform version here so this pretty much just tells me the version of terraform that i'm running and then i can also do a docker dash dash version which you can see i'm also have a docker installed and so we're ready to go and so what i'm going to do is i'm going to actually open up this starter project and if you are familiar with how i kind of like to do things i will have a github repository with this starter branch that you guys can just go ahead and clone down to kind of follow along with this tutorial and with that we can actually just take a quick look at what we're seeing here so let's actually just delete that i'm not sure why that was there so we pretty much just have a get ignored that was generated by cargo i think this might have been um i accidentally might have chose rust on my get on the github repository when i created it i have an mit license and just a readme so nothing really going on here is pretty simple so the first thing that we're going to do is we're actually going to create a main.tf so if you can see that i guess that's kind of down there so i'm just going to do a touch main.tf which this is going to be the main terraform file and if you also want to get a um if you want to get the terraform kind of syntax highlighting what you can actually do is you can look up terraform into the vs code extensions and then you can just get the one that's actually developed by the terraform corporation just install that and you should be good to go awesome so now let's go back to our main.tf file here and i'm going to move this over here a little bit just give a little bit more space here so we don't really need to see the terminal right now um so pretty much i'm just going to take this example that they pretty much give you in their documentation to kind of confirm that terraform and docker are both installed correctly so and let's just quickly talk about what's going on here so there's a couple of things um this is kind of like the terraform configuration a little bit of like the configuration language and you can see here that it has a couple of different things that it does so if you look at their documentation um and let's go to their let's see docs and then what we can see is the configuration language but here it pretty much shows um let me make that a little bit bigger if i go to this part right here so you can see here that this is kind of what their documentation or like the terraform language kind of consists of right so you have the block type and so block type is either like a provider a resource terraform a variable output something like that that's kind of like a defined uh block type for the terraform language and these are all available in the documentation block label here is the first block label which this usually is kind of like what resource does it apply to so for example if we look up here it's kind of using the aws vpc and these are specific to whatever the uh registry whatever the provider you are using so what i mean by that is like if i open up the terraform registry and the terraform registry so it's just a bunch of plugins that allow terraform to work with these different providers but if i go to like for example let's look up this one that we're going to be using so if i do docker and we're going to be using the chris worker docker here if you go to their documentation and i'm not sure why it always gets smaller by automatically but if you go here and you see resources here you can see a list of resources that you can actually create so for example you can use docker config docker container so this the first label will usually kind of tie itself to a resource of whatever the provider it is that you might be using for terraform so just keep that in mind so for example here you can see we're using the cruise walker docker and then down here we're creating a resource that we're calling it a docker container or docker image which you can see they're both here and then usually the second label is if you remember from the documentation just like another label here it's pretty much just like what is the name of this resource within your terraform um file and we'll get back to this a little bit later when we start playing around with the configuration for the different aws and remote stuff but let's go back to the code really quick and just kind of go over what's going on here so pretty much we have this terraform block which pretty much just signifies hey this is the where the terraform settings for our configuration is going to be here is where we include like what are some of the required providers you can also state something like a back end for it to be able to turn on to use the terraform cloud as its state management so things like that that's pretty much what this block is here then we have the provider which providers again just a plug-in that terraform uses to create and manage resources if you go to their documentation and if you go to their installation here example for some weird reason when i was going through this quick start tutorial and i did docker desktop for windows or i also did the docker engine for linux neither one of them really worked for me and the reason for that is because of this host here so what i did what i did was i just went ahead and kind of just removed it so i just have providers empty so just just name docker saying hey we're providing the docker provider um and then down here we have resource which we're pretty much as i mentioned again we're going to be targeting the docker image resource from the cruise record docker plug-in and then we're going to name this nginx and then pretty much then what we're going to do is we're going to actually name the um resource here nginx and then keep locally is a way for us to say once we do let's say for later on once we actually destroy our infrastructure using terraform destroy do we want to actually keep those containers or that image uh locally and i'm gonna set it to false because i just i don't need it locally so i just delete it and then the last thing here is then we're gonna also create a docker container called nginx and then here you can see that we're actually going to use the docker image that we specify up here called nginx which you can then see we uh referenced its name and the latest so that's pretty much just the latest uh version of that uh resource of that image we're gonna name it tutorial and then we're gonna open up ports 80 and 8000 just so that we can actually see it working so now that we have that set up we can go ahead and actually start playing around with the command line for terraform so what i'm going to do is i'm going to make this a little bit bigger here and so now you guys should be able to see that a little bit better so now what we can do is uh to kind of once you have the terraform cli installed what you can then do is you can do terraform in it which this will then pretty much take your tf file and initialize a kind of uh terraform file that has pretty much just like the information for your terraform uh configuration so here you can see there's just a couple of things that it goes ahead and creates some readme some terraform provider so it pretty much just creates this dot terraform file which then can then be used to apply your terraform information and the way that you do that is you just go ahead and so you can see here that it kind of went ahead and found this version it also went ahead and installed it so it pretty much just handles that for you and so after you kind of initialize that and everything is good to go you can actually just do terraform apply and then what that'll do is it'll kind of tell you hey terraform is going to apply the following action so here you can see we're going to create a docker container called nginx it's going to go ahead and initialize some things for us it's going to create a health check create some labels open up the ports and then we'll also be creating a docker image and so the plan is to add two new things to terraform and you have to specify yes so if you type anything else except yes it will fail so once you do that you can see here now we're going ahead and we're creating the docker image so it goes ahead and creates that for us and then once that's done it'll go ahead and actually create the container but if we go ahead to our uh so i have our docker desktop pulled up here and well that would just happen okay there you go um you can see here now that we have this docker port running which we created using terraform just by doing the terraform apply it actually went ahead and got the image which is the nginx latest and then it also went ahead and pretty much just created this container for us and what that also did is it kind of it created this terraform state file and so if you're not familiar with what this is it's pretty much the state of our infrastructure as to the last time that we applied any changes so what happened is here you can see that we have the terraform version is 1.09 the resource that we have is we have docker container named nginx and then you can see down here we also have a docker image called nginx and you can see that this is kind of a little bit confusing as in so you can see the name is nginx and nginx things like that so one thing that we can actually do is we can actually change these names so it's not so you can see that it's kind of changing up the label a little bit so what i'm going to do is i'm actually going to change the name of the docker image to let's say uh docker nginx boom so if i change that and then i go back to our um terraform or cli here and i do terraform one thing that's pretty cool that you can actually do is when you change things you can actually call terraform validate and what this will do is it'll actually validate to make sure that your configuration file is correct and if it's not it'll tell you before you even try to apply any changes like hey something's going on here you have a undeclared resource it's not going to go through and the way that we actually fix that is that we can actually change the name here so as you can see here it's just engine x as it was before but if we just change it to the name of the second label now which is nginx boom you can see that the image it should work correctly and then one thing also to know is that this name of this docker image also has to be the name of a valid docker image so the nginx latest is just pretty much the nginx uh docker image that exists within the docker repository so another one that you could do if you wanted to is you could do something like ubuntu precise but for this tutorial we're just going to keep it simple with an nginx latest and so now that we changed this here we can go back to our terraform here and let's just make sure that everything is correct so if we do terraform validate you can see now that it we have a valid configuration so now when we do terraform apply it should be able to go ahead and create those new uh resources for us and so you can see we have the tutorial we have the image the nginx latest again and then if i really wanted to check this out what i could do is go to my container here and i could just open in my browser and you can see that this engine x server is up and running and yeah that's kind of a great way to kind of test that you have a local setup of terraform configured correctly it's pretty easy as long as you also have docker installed you can kind of just make sure everything's running locally and creating images and creating containers and then you can also probably later on if you really wanted to get complex with it maybe even use terraform to kind of set up your entire um like as a docker compose replacement so you can kind of create your entire infrastructure locally in different docker containers so that might be something that you might want to do but we're not going to get into that for this tutorial so now that we have that kind of set up let's actually look at how we can actually configure this to deploy and host to a cloud provider and i'm going to be using aws for this part so the first thing that we're going to do is we're going to actually go ahead and just destroy our currently uh deployed infrastructure and the way that you do that is just terraform destroy so if you didn't see that it's just yeah terraform destroyed so that pretty much just goes ahead and whatever is created from your state it'll go ahead and just delete all of those resources for you so that's really nice so that you don't have any kind of lingering resources within your infrastructure so that's a good way to do that and so then now what we're going to do is we're going to set up aws and if you don't already have an aws account go ahead and create a aws account you also need to install the aws cli so i'll also put a link to the description below for this but what you got to do is just go through and install the cli on whatever type of operating system you have so whether it be docker linux mac or windows just go ahead and just click that and follow the instructions it's pretty easy and once you have that the way that you can kind of tell you have aws installed is you can do aws version and it'll just tell you what type of aws you have and once you also have that you also got to do aws configure which will then pretty much just add ask you for your access key your secret your region so us west one usc's two things like that so i'm just gonna kind of assume that you have uh those configured and that you are ready to take this next step on cool so once you have that installed what we're gonna do is we're gonna go back to our main.tf file here and we're actually going to change this to use a different provider and the provider that we're going to now use is we're going to use the hashicorp meaning that this is the actual provider from the terraform creators hashicorp aws plugin and we're going to be using version 3.27 and above and then we're also going to specify required version so this is the required version for terraform which pretty much means like hey if your terraform version is less than this it will not allow you to actually do any of your cli actions with this file so that's kind of cool and then pretty much same thing we actually then provide some variables for our provider so now that we're using aws we're going to be passing in the profile which is just default and then region which is the usb2 which is uh the default region for my aws configured setup and then we're going to just do something pretty easy here so all we're doing is creating a ec2 instance and um the way that you can actually find this ami for your region is if we go back here and we open up our aws console and you can see i'm already logged in if i go to whatever region you're in and to find this ami it could be different for your region you actually just go to you click ec2 go away and then you can see here now that you have these ami so pretty much you just want the 64-bit x86 so just this ami if you want to use the amazon linux 2 which is the one that i'm using for this example but let's say for example you are us west one that ami is actually going to be different so you got to just make sure that these amis line up uh with whatever region that you are uh configured for so let's go back to us 2 so yeah so i'm going to be using that ami which i have pretty much set up here and then i also pass in the instance type which is t2.micro so it's just free tier and then i'm also going to pass in a tag so i want to actually name the uh ec2 instance and i'm going to name it example app server instance and so now this is configured to go ahead and actually work with aws and the best way that we can actually test that is to go ahead and go back to our cli here and let's just do terraform in it since we did make some pretty hefty changes to our terraform main.tf file we actually have to re-initialize it so let's go ahead and do that and then once that's done we can actually do uh terraform fmt which i have uh this is pretty much just format if you aren't familiar with that it pretty much just formats the file for you i have like uh it was kind of auto formatting for me so i didn't have to necessarily do that but i just wanted to show you guys that that's fine and then again we can do terraform validate to make sure that the configuration is valid and then once that's all done we can go ahead and do terraform apply and so what this will do is pretty much again it'll tell us what is going to happen so a plus pretty much means create a minus pretty much means destroy and a squiggly pretty much means change in place so just keep that in mind so if you see like a minus slasher plus it's pretty much going to destroy the resource and then recreate it and i'll show you guys this here in the next step but so pretty much just say yeah we want to create that and as you can see it's pretty simple to set up and um one thing to note is also like this kind of changes so these different providers change these different types of resources available change based off the provider so make sure that you actually look up the documentation for that provider and the best way to do that is you can actually go to their terraform registry here and if we go to providers and we can actually just look up aws here and if you click that you can see here go to the documentation and again it has like guides how to do it it gives you quite a bit of different things and so like let's say for example i just want to see some pretty quick example usages so you can see here require providers provider create a vpc and you can look up the different types of resources so for this one for example we are creating a instance so if we go to ec2 and then here if we look back here you can see we are using the aws instance so then like if we go back to our documentation uh we should see let's filter aws instance and where is that yeah so right here so you can see it's just a resource within this provider that a resource is aws instance and sorry for that taking a little bit longer i just kind of really wanted to show you guys how to look up these different types of instances for if your different terraform needs but pretty much yeah so that's all we did and now if we go here you can see here that we kind of get a little bit of different information so we have this still creating still creating we can see that the creation actually completed so what we can then do is we can go back to our aws console here and let's actually go back to uh just my instances well let me go ec2 and if i zoom in a little bit you can see here because i'm on north carolina there isn't one but if i switch to east 2 you can see now that we have our uh example app server instance up and running in aws which is awesome so that you can see how easy it is to set up an automatic way to actually create your infrastructure needs and let's actually take the next step and what we're going to do is i'm going to go back to let's launch instance and i'm actually just going to make a quick change so instead of amazon linux 2 ami in ohio i'm actually going to want a red hat enterprise and so i'm going to copy this ami and then i'm going to go back to my vs code here and just change this ami from the linux distro to the red hat and if i do that and i go ahead and go back to my terminal here and i just do terraform apply you can see that this is going to give me some new different types of information so it's going to kind of detect that there's some changes that were made in my terraform file and so here you can see mine is slash plus destroy and then recreate the replacement so what it's going to do it's going to minus plus my app server and you can see that the reason for that is because the ami is going to change which and it also tells us that causes a force replacement because you do need to replace the entire uh image so it's going to replace the whole resource and then everything else is just squigglies which pretty much just means hey we're going to just change this in place and so if i go ahead and say yes it'll go ahead and actually destroy that uh instance for me and recreate a completely new instance with the red hat ami and cool and one thing we can actually do to kind of clean up our code a little bit is as i mentioned earlier with kind of like this terraform configuration languages is that we have different types of block type so terraform is a block type provider is a block type research is a block type there's actually another block type here and you can see if you do control space you it actually gives you a list of what they are and we're going to be looking at the variable block and what this pretty much allows you to do is it allows you to kind of create a variable that can then be used throughout your terraform configuration so what we're going to do is we're actually going to just name this instance name and then what i'm going to do is i'm going to take a couple of different values here and here you can see we have a description which pretty much says a description of what this variable is for the type is going to be a string because we want it to just be the name of our ec2 instance and then the default is what is pretty much the value so i'm just going to change this to updated name and if i then go ahead and change this tag from this what i could then do is i could access all of my variables via this var dot and then just have to kind of specify which variable do i want to actually access which is this define variable of instance name down here and once we've changed that we could actually just do terraform validate and to make sure that this is valid and you can see that the configuration is valid so then when i do terraform apply you should be able to see that it'll come back with some information about what the changes are going to be made and this one's actually pretty simple we don't actually have to destroy or recreate anything all you can see is that we're changing the name uh for this from example app server instances to update a name and so if i go ahead and just say yes and this will all happen in place so it should be pretty quick and once that's completed so you can see that it's done we can actually go back to my ec2 here in aws and then you could see that it actually went ahead and the terminated is from the last one that it deleted and recreated but you can see that the newly created one actually changes name to updated name so that's pretty cool and uh just to show you guys another kind of way that you can do that you can actually override whatever might be happening through the command line is that we could actually do something like this and you can actually specify a var so like dash variable and then kind of specify it in this way so now we want instance name to actually just be yet another name and if we click that it'll pretty much run terraform apply and then it'll take whatever variable you currently have and pretty much just uh override it with whatever you pass into the command line so then if i pretty much just say yes to this it'll do the same thing it'll change updated name to yet another name so again should be pretty quick if i refresh my instance here you can see now that it's named yet another name and uh now that we kind of understand the variable block there's actually another kind of cool little block that we can look at and that's output and what output allows you to do it allows you to kind of output a specific kind of value that you're looking for um just so you can kind of get a better idea of what's going on uh with your deployment and what i mean by that is we could actually for example let's say for our ec2 instance we actually want to output our uh instance id and we also want to output the public ip and so this will kind of go ahead and once we create these uh configure or whenever we kind of update or kind of run this uh terraform file it'll actually output these two things for us within the uh terminal so let's just quickly show how that's going and so if i just do terraform apply again with those new blocks you can see that it'll actually apply the new changes and then so i got to go ahead and say yes because it actually is going to change the updated name but you can see now that it kind of pops out the instance id and the instance public ip for these create or for the created ec2 instance and that's awesome and all but like now let's imagine we have a terraform file we have a bunch of resources we're creating topics dynamodbs we're creating all of these different kind of things and we don't want to really keep all of our variables and our outputs along with our resources and the terraform settings and like it can get really messy and terraform kind of helps you clean that up a bit by actually allowing you to create a kind of a separate file for these and it works the same way so the first file that we can actually have is pretty much this variables.tf file which then you can kind of use to pretty much just store all of your variables so if we take that variable from there and we actually just put it in variables.tf it'll actually work the same as if it were in my main.tf terraform knows to go out and look for this variables.tf file and pick up my variables from there and along with that we can actually have one for outputs.tf that'll pretty much just do the same thing so i could just take uh the outputs that were before configured in main.tf and just configure them there so that kind of gives you a little bit of a little bit of cleanliness so that you can kind of keep your main.tf for the main things which are the terraform the provider and all of the resources that you are actually configuring so and just to show that that works if you go back to and you clear this and if you just do a terraform validate it'll actually let you know that the configuration is still valid even though they're not in the main.tf and one thing i'm going to do is i'm actually going to go ahead and um pretty much add a couple more variables to our variables.tf so right now we have instance name what i also want to do is i'm going to add a couple of more so i'm going to add these two which are just the aws region and aws profile and then if we go back to our main here what then we can do is we could actually just do var.a profile and then we could also do var.aws region and it's all specified and then i'm going to actually do one more and that is actually going to be instead of instance name i actually am going to keep the whoa did i copy everything yep so let me just copy this and because i'm going to create one for instance type and that way we can just kind of keep uh everything kind of simple and easier so let's just do value of the instance type for the ec2 instance and then what we're going to do is we're going to change this to be t2.micro and with all of those created uh let's go back to main.tf and then here what i can do again is and you can do the same for ami you pretty much i'm just going to do aws or actually this is uh instance type so now we have all of our variables created they're all separate from our main.tf you can see that it's a little bit cleaner easier to go and then if i just for uh for the sake of being concise if i do terraform validate everything is good to go so once that's all done let's now actually look at how we can use terraform cloud to kind of store state and what i mean by that is instead of storing this tf state locally on your machine what you can do is you can actually use the terraform cloud to keep this state in a kind of like as a shared in the pretty much in the cloud so it can be used by many different people as kind of the source of truth and there's two different ways that we're going to look into doing this one we're going to look at to doing it with the cli driven and we also are going to look at version control driven which is with github so what you're going to do is you're going to go ahead and actually what you want to do is just google terraform cloud login and then pretty much just click this app.terraform.io go through the process of signing up if you don't already have an account or if you do just log in so i already kind of went ahead and did that and i did the start from scratch option and that kind of brings me to this create a new organization so what i'm going to do is i'm just going to name it terraform tutorial leo and go ahead and actually create this organization and once you kind of chosen the name for your organization you actually need to go ahead and create a new workspace and this is what i meant by there's different types of workflows that you can use so you can either have version control workflow which is pretty much your github so anytime there's a text of change in your github repository to the main.tf or any of your terraform files it'll actually kind of kick off a workflow saying hey this is we're going to update some and we're going to like run some different plans for the changes you can also have cli driven which is the one that we're going to be looking at so you can kind of trigger remote runs through your local cli which is kind of cool and then you also have api driven i haven't really played around with this too much but i believe it's probably the more advanced option if you're trying to integrate into some kind of a ci cd but for now let's just look at cli driven workflow and i'm just gonna name this uh terraform tutorial uh cli flow and i don't really need a description so let's just go ahead and create that workspace and then you can see it kind of gives us a couple of things right so now we have the terraform tutorial ci flow in our workspace we can see here it's actually using terraform version 1.0.10 which should be fine um and then pretty much what we got to do is we got to add this back and configuration to our code so it kind of already gives us what is needed to be added which is really nice so pretty much again so we have required providers another option that we can have is backend and so backend is pretty much saying hey i now instead of want to storing this stuff locally i'm going to store it remotely and i'm going to store it with the organization called terraform tutorial leo and i'm going to have the workspaces be the name of the cli flow so that's really cool and then once that's done we actually need to go ahead and remove a couple of files and so now that we're going to be storing things remotely we don't actually need any of these files locally so we can get rid of terraform let's get rid of the terraform lock and the tf state uh dot terraform lock hcl so let's remove those so now we should just have our oh and let me also remove the terraform backup okay so now we've removed all of the state variables from locally because we're now going to be pretty much doing this uh keeping all of that information remotely to through uh terraform cloud and before we actually go ahead and do that what we need to do is a couple more things so one is we actually since we have been pretty much deploying to aws through our local machine with our aws credentials provided terraform cloud actually doesn't have those configured so what you got to do is you actually got to go back to your variables and here you can see you have a list of variables and there's two types of variables you can provide one is you can provide terraform variables or just pretty much a tfr so it's pretty much just something similar to this where you can provide different variables and access them through the ui i like to personally just define them in the configuration i think it's a little bit cleaner and it's a little easier once you kind of get into like a team environment and then the other one is environment variables and so these are the environment variables that you kind of need to have in order for the terraform to deploy correctly to aws and what we're going to do is we're going to actually add the aws access key id and that's sensitive so i'm going to go ahead and add that so you guys actually but what you need to do is you need to go to your iam in aws and let's see here if you go to i am signing to the console i should be logged in and i go to um i am where are you why can't i search you oh i am um you're going to want to go to whatever your account is and then you should be able to see some kind of access keys when you click on your user here so if you click your user there should be an access key and if you don't have one you just generate one that'll give you an access key and it acts as secret and that's what you're going to put in here so um let's go ahead and do that really quick and since these are pretty sensitive one you can actually uh select the sensitive option and it'll kind of hide it here which is pretty nice it'll just make it right only and so now you can see i have the aws access key id and then aws secret access key so now my remote terraform cloud situation should be set up and then what i need to do is i've already done this on my machine but before you guys actually go ahead and do it what you first need to do is just terraform in it make sure that it can initialize your configuration and if you have forgotten what that is it's pretty much just something simple and that'll actually recreate the dot terraform so i guess you don't really need to delete that but pretty much it'll create it for uh the remote back end as opposed to your local machine and so once that's all good you can see now see successfully configured the back-end remote will automatically use this back-end unless the back-end configuration changes so once that's done and you've got all of your stuff set up what you need to do is you actually need to do terraform login and this will pretty much request an api token from this using your browser and then if you say yes what will happen is it'll actually give you an api token and so you can create a new api token which is what i need to do so i create that api token and then you can see i get that information and i'm going to delete this organization later so that's fine and then i uh input the value and let me you guys can't see that because if it's too big but yeah enter a value you just copy and paste it in there and once that is going on then you should be good to go and now you are logged in to your terraform cloud and you can uh pretty much start doing what we've been doing locally but remotely great and to make sure that that's working now all we got to do is just do terraform apply and it should be good to uh running the apply in the remote back end output will stream here so if you want to see it in the browser it kind of gives you these options and what you can do is you could actually go to the website and now i can go to my organization terraform tutorial i have my cli here and you can see now that it's actually going ahead and running a run so this is the run that i triggered using terraform apply and you can see that instead of doing everything on my local machine it's actually doing it on um this uh terraform cloud which is really nice and then it kind of creates these plans and everything and then it has this apply pending setting which pretty much means hey we see that you're trying to do a run here but it hasn't actually quite uh been applied yet do you want to go ahead and apply that just like kind of like as a second validation like yes i want to so i go ahead and run confirm plan confirm plan and so now what it'll do is actually go ahead and apply those changes to my aws environment which pretty much will just trigger this main.tf file that we've been uh working but instead of doing it locally it's on terraform cloud so that's really nice and you can see that no uh state files were created because that's just being managed on their end and once that's done you can see here it pretty much comes out with the same stuff it gives us the instance id the public ip and if we look at our terminal that we ran that from you can see that it also gives the same if i zoom out a little bit down here you can see instance id and the public ip and that's great and all but now let's say you're in a production environment you have all of these different codes you're using github as a resource and you actually want to use the version control system to actually create generate and run these uh terraform kind of plans right so instead of doing it locally every time let's say i want to change up our terraform i do my testing locally everything like that everything is ready to go i want to have it actually just automatically go through and generate a plan based off of my code changes we actually can do that and that is the first workflow so what we're going to do is we're going to go back to workspaces and we're going to create a new workspace and this workspace we're going to choose the version control workflow and then we are going to just connect to github and you can see i already went ahead and just allowed it to so what i'm going to do is i should have a filter here for a terraform tutorial repository and let's create this workspace so what this is going to do is create a similar style as the cli driven but now instead of me generating the plans it's going to be generated based off of my version control system in github and cool and so since this is a new uh workflow one thing again that we have to make sure that we do is we actually have to go ahead and add those environment variables again that we did last time and these are just the aws access key and the secret key so let's go ahead and do that and then once that's done we actually have to do one more thing and let's actually change the name of this so it's just let's change the name i want it to be terraform tutorial flow um vcs so that we know it's version control system remote local blah blah blah blah blah blah save those settings and then what we then need to do is let's go back to the workspace and then we need to actually go to the version control part of this and you can see here there's this automatic speculative plan so it's turned off right now but we want to turn that on so pretty much what this is going to do is it's going to add a check to our pull request and actually kind of just like run a plan in the background and say before your pull request goes through did it actually work in terraform is it successful before you kind of go ahead and merge that and then you can actually apply those changes and then we have to make sure that we update those so now everything should be good to go on this and here let's see i'm on the starter branch for this right now and what i want to do is i want to keep this starter branch clean so let's see can i check out a uh example branch yep okay so we're good to go there so i'm going to have this example branch which pretty much is just our going to be pushing up to my github repository for this tutorial and uh what i want to do is i'm going to add all of the changes that we've been doing so far i also want to add a terraform in it pretty much just git commit and then let's just do a quick get push set upstream origin example uh oops that's not how you spell push oops need two dashes sorry about that and then boom so now what we'll be able to see is that we actually pushed up a new branch so if i go to github and let me log in really quick and so a couple of quick things that i just realized is um one thing is that you actually want to kind of have a initial main.tf within your main branch initially before you kind of go down this flow of uh the speculative like having make sure the pull request actually triggers something it kind of needs to know something to check against so what you need to do is you could actually go to the terraform tutorial and make sure that those changes that we've made are actually inside of main so you can see here that the so far what we've been doing is terraform tutorial flow vcs terraform tutorial our instance type everything like that is actually within the main branch and then once we kind of do that what we're going to do is we're going to actually speculate and let me go ahead and just make sure that this run this card or the other one just unlock this workspace and just go ahead and actually run this to make sure that it works correctly but as you can see that once we've kind of changed and added this main.tf to our main branch it actually went ahead and starts kicks off this run for us and this is pretty much just the same thing as our cli flow but instead it is pretty much going through and doing it automatically so pretty much what it's saying here is that oh we've detected some change within your main.tf within your terraform within your vcs and so now what we want to do is we're actually going to go ahead and apply the plan is finished and let's actually go ahead and confirm the plan so once that's done it's actually going to go apply the running but what i want to show you guys is how we can actually have this terraform check within github itself that actually says before you merge this did it pass uh this check for terraform and the way that we're going to do that is i'm going to just do a simple change here so i'm actually just going to go ahead and change the variable name let's change the instance name to updated name for uh check and if i change that and i go to uh let me go back to our main branch uh so let me just go ahead and go to main branch so this should uh get check out main um and then if i pull it down pull down the changes and then let's create the new vcs test and so within this test what i'm going to do is i'm just going to go ahead and actually do updated name for vcs test and we change that up and then if we go back to our terraform here we can see that our get status is a change to variables.tf let's add it let's commit it just do test and let's push up upstream origin vcs test let's go ahead and push that up so now we can see that the apply finish and everything has been created successfully so if we go to our aws everything should be working the same so now if i go to ohio and go to ec2 you can see that we will have our updated name we have two different um things running one is because i probably forgot to destroy the cli flow one but i'll come back to that later but yeah so let's see here compare and pull requests uh so i just want to do vcs test domain create pull request so now we should have a check here to make sure that our um terraform update is actually going to be passed and allowed before we actually go ahead and do the pull request so we can create this pull request and due to that speculative that we turn that on it'll actually go ahead and check so we can actually go ahead and check the details here and it's pretty much just triggering a run and it's pretty much just like hey it's a run so all it does is just create the plan and it says hey the plan finished everything is good to go and so it also just gives us a little warning down here saying hey the run was started from a pull request it cannot be applied to apply these we have to merge it to the default branch this is kind of just like a little quick check to make sure everything's okay so now if we go back to our uh oops i should not have closed that so let's go to github and we can then go to our terraform tutorial and let's go to pull requests let's go to test you can see that it goes ahead and it's passing all the checks and go and i had to do that so let's just merge it merge that over delete the branch good to go and so now if we go to our terraform runs here you can see that we'll actually have a new state which is planning this merge pull request six here and so what this will do is pretty much similar to how we did it before it'll create a plan but now instead of just telling us hey this is actually going to work out we can actually apply the plan to our uh changes so what it'll do is once planning running is finished i'll go ahead and click apply and then it'll change the name to our actual uh here so we went ahead and finished that so you guys can't see that because it's too small so let me make it bigger so you can see uh let's go keep going keep going keep going so i just want to show you guys yeah so confirm apply confirm plan there we go so apply is queued up and once that is done we should be able to just go to our instances here and then we should be able to see that the name was changed to uh what did we change it to uh forgot but once we uh update this refresh it here okay yeah so we updated it to updated name for vcs test so now you can see we have this entire github flow version control system configured and so yeah so with that we kind of showed how to do the cli flow we also showed how to do the uh vcs flow so they're both very useful in case you want to kind of do local development if you want to do it via github and then the last thing i want to kind of show you guys is that we can actually destroy and delete these infrastructure and so the way that you do that is you just go to your workspace whichever one that you want and you just cue a destroy plan and so all you got to do is put in the name and then you cue destroy plan um let me see if i can make this a little easier to see yeah there you go sorry i got a new monitor so i'm still figuring out how to actually get everything to show correctly because it kind of is a little wonky so if i do that and so now you can see that i actually went ahead and uh triggered a run in here and we could do that by runs and you can see what here we our current run is a destroy run which will pretty much take whatever the state is for this workspace and actually just do a pretty much a terraform destroy so let's do the same for our cli flow let's go here we just go to settings and we go to destruction and deletion and then we go to q destroy plan and then once that's done we put in the name of this flow which is cli dash flow and let's see if i can move this up a little bit yep and so then you just click the q destroy plan click it should be good and then once you go to your workspace and you go to runs now you'll see that there is a destroy run currently running but it actually won't delete the workspace it'll just delete all the infrastructure that was last deployed and one kind of last thing that i want to show you guys is that there is also another kind of cool thing and oh yeah again before we forget you actually have to go through and apply so you can't just start the run you actually have to go through and apply the run in order for it to actually go through and apply so you can see that it gives you the status of plan meaning like hey we're ready to go whenever you are go to runs go to the last run and then all you got to do is click confirm and apply so confirm that plan good to go so the last thing i wanted to show you guys is uh just kind of another thing let's say for example you have resources that kind of depend on one another in aws you can actually use a depends on kind of flag for that and i just wanted to show you guys how to quickly do that so let me pull up that information and to kind of quickly show you guys let me just uh paste this code that i kind of came up with a little bit earlier just to show you guys how to kind of use the depends on flag and so let me zoom in again whoa um but pretty much what we're doing here is we're just creating a i am role and we're just giving it some kind of just this role policy uh json and code pretty much just allows you to uh just create valid json that'll be used uh for the aws resource um and then we're gonna create the i uh aaim role policy and we're going to be using the imrole as its role and then we're going to just kind of give it a pretty simple statement just like hey just allow it to access anything from s3 resources anything and then pretty much down here we have the depends on which is depends on ias or aws iam rulepolicy.example so it won't create this instance until that rule policy also exists and since we kind of went ahead and did those changes what we could do is if we go back to our terminal and we can just do a quick get status and since i'm already in the main repository i'm just going to go ahead and commit these uh add depends on and then let's just go ahead and push those up and since we are on the vcs flow we change the configuration file what we can do is we can actually then go to our workspace here and we can look at the runs and you can see now that we actually have a run that was planned due to our change and uh pretty much what we have here is just a those changes of adding the role policy as well as the app server and it seems like those are good to go and we're just gonna create two because i did uh run this a little bit earlier and forgot to delete it so it's just gonna create the policy.example and the aws and instance app server it already went ahead and created that iai am role and once that's ready to go all we do is click confirm and apply and we should be good to go awesome and as you can see here uh our application of the new changes for the depends on everything work correctly and if you uh i should have probably had this going but one thing you should have noticed is they actually waited to create this aws instance app server but after the other two things were already created so uh that's my bad i kind of forgot to show that but it did run and create after everything else because of that depends on flag so um but yeah that's pretty much all there really is to this uh terraform it's kind of just a quick introduction to terraform if you are familiar with it it's a really useful tool especially if you want to keep your infrastructure kind of decoupled from different providers you can quickly switch between providers you'll always have the kind of similar infrastructure but the different providers might require different types of resources so for example azure might use something different than aws but it will kind of in a way keep a source of truth of what your infrastructure actually looks like for your application so i think it's a really really useful tool and i just kind of wanted to give you guys a quick introduction how to set it up on your machine as well as kind of just how to set it up locally with docker as well as configure it to actually deploy to a cloud provider like aws and then as well use the terraform cloud to actually keep it as a source of truth and also the final thing was to integrate it to github which i know a lot of teams kind of use nowadays so i just wanted to show you guys how you could actually create that use that integration so um i hope that this was useful for you guys if it was please leave a like if you guys have used terraform and you enjoy it or if you have any kind of uh complaints about it please leave a comment i'd love to chat about it learn a little bit more about this uh framework and yeah so that's kind of all there is and i appreciate you guys taking the time to watch this video if you guys enjoyed it or learned something please uh consider subscribing it really helps the channel out a lot and i hope to see you guys in the next one thanks [Applause] [Music] you

Info

Channel: Leo Roese

Views: 348

Rating: undefined out of 5

Keywords: terraform, infrastructure, hcl, aws, docker, hashicorp, azure, google cloud platform, ec2, terraform cloud, cli, aws cli, aws-cli, terraform tutorial, infrastructure as code

Id: mkaiIioZT5Y

Channel Id: undefined

Length: 51min 32sec (3092 seconds)

Published: Fri Oct 29 2021