Terraform Workflow with Azure: Write, Plan and Apply

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
in this video we go over workflows for terraform with azure [Music] hello everyone i'm travis and this is cerraltos this is the continuation of a previous video i'm using terraform with azure if you haven't seen that check it out to get the environment up and ready to write terraform code in this video we're going over the basic terraform workflow of writing a configuration planning and then applying the configuration to azure before we get started please take a second to like subscribe share with a friend and click the bell icon to get a notification of new content also check out my courses on azure virtual desktop and hybrid identities with azure ad the link is below let's get to the meat and potatoes of terraform the basic workflow for terraform is to write plan and apply configurations we're going to cover these steps on a simple project to get started let's start with writing terraform uses a directory as a workspace not an individual file and not the subdirectories just the working directory we're in when issuing commands when using the terraform cli the directory is referred to as the root module the file extension for terraform files ends in a tf there's also a json-based variant that ends in a tf.json for this example the files will end with a tf a common file you'll see in terraform is main.tf this is used for the main set of configurations for a project we could have other configuration files for large environments for example if you're configuring an app service you could have a file for the app service and another for an azure sql instance terraform treats all tf files in the directory as a single file we only split them out to make it easier for us to read and understand in the demo coming up we'll create a new directory called terraform projects and another called resource group the first deployment will be a resource group next we'll look at what makes up a file a terraform file starts with a provider block this tells terraform what provider we're working with azure aws gcp for example after that are blocks of code that declare the resources that are to be deployed there are other block types arguments expressions and variables for now we'll stick with resources once we have the code written we need to initialize the directory the directory has to be initialized before we can move to planning initializing creates a hidden.terraform directory this directory is used to catch provider plugins and modules it becomes the working directory managed by terraform the initialization process also creates a terraform.lock.hcl file this file tracks dependencies for the configuration any changes to the configuration files in the directory should be followed by an initialization to update the state and any required modules the command to run an initialization is terraforming it once the configuration is written and initialized we can move on to plan the command terraform plan will read the current state of remote objects and make sure it's up to date compare the current configuration with the prior state and note any differences after that it creates a plan of the changes that will take place if we agree to that plan we can then run the terraform apply command to apply the changes as a side note the terraform apply will also perform a terraform plan then and apply so we can skip terraform plan if you're confident with your configuration we should be good at this point however you may want to undo the changes you can run a terraform destroy command to remove all resources that were applied in the demo coming up we'll start by creating the folder structure for our first terraform project then build the main.tf file and deploy a resource group you'll need access to an azure subscription with rights to deploy a resource group to follow along let's start by creating a project directory we'll add the new directory and documents you can add this to any location you'd like the folder for this example will be called terraform projects under that we'll add our first project resource group keep in mind that terraform works at the folder level so our first project will run from the resource group directory next let's open up vs code go to file open folder and find the resource group folder we just created yes we trust this author next on the left side of the screen right-click and create a new file called main.tf we can close get started notice it switched to the terraform icon it knows this is a terraform file because we have the terraform extension installed to create our new project we need to define a terraform and provider block in this file we only have to do this once for any file in this folder we could start by typing terraform in the first line and tabbed autocomplete but we need to know the parameters let's remove this and we'll go to the terraform provider website the link for this is in the comments here are the top providers let's go to azure here is the azure rm provider in the top right there's a button to use the provider let's copy this code and paste it into our file next remove the configuration options comment and replace it with features followed by an open and closing curly bracket keep in mind that terraform is case sensitive so capitalization or lack thereof is important a couple things to note i've seen examples of terraform configuration files without the terraform block this may work but i suggest getting into the habit of using the complete block of code notice there is a version specified under the required providers block without this the latest version of the azure rm provider will be used that may seem like a good idea but it's possible that a version may have breaking changes in the code by specifying a version the same version is ran every time we reuse this code for another environment this provides more control we can update to a newer version and test the code when we're ready to do so we could also specify providers that don't come from hashicorp the second block the provider block sets the local name for the provider this makes referencing the provider easier in the code now we need to create a resource group this is a small item i know but it works well for this example let's go to the azure rm documentation on the terraform site we simply switch to documentation on the top right and we can close use provider from here you can search for the resource you want to deploy in this case let's go to base and under resources there's a resource called azure rm resource group this is a resource example to create a resource group there are some notes and then an example under that is a reference for arguments notice that the location and name are required tags are optional let's copy the example and paste it back into our main.tf file we'll leave a blank line and paste it in we're getting close we specified our provider and now we have a resource the block starts with resource after that it declares the resource type in this case the azure rm resource group and after that is a local name the local name is used to reference this resource elsewhere in the configuration one item to note about this the terraform references use example a lot in the examples so much it becomes a little bit confusing when i first looked at this i assumed that the first instance of the word example has something to do with the name example or they have to be the same that's not the case the documentation just uses the word example a lot in its examples so let's change the local name to resource group that's the name we'll use if we're referring to this resource group elsewhere in code the name indicates the name the resource group will have in azure let's change that to terraform rg notice that's a string so it's in quotes and the location can stay as it is at this point let's hit save and remember that terraform's reading from the directory you have to save your changes in order for terraform to read those changes i know that may seem obvious but i have ran into problems a couple times only to realize i never saved my changes so we'll save next we're going to initialize the directory go to terminal new terminal be sure you're in the same directory as the main.tf file then run the command terraform with a space and then init init you should see a similar output if you get the message that terraform can't be found be sure you've downloaded and extracted the terraform.exe and updated the system path to include the location notice we have a couple new items on the left the dot terraform directory if we expand that notice it downloaded the matching version of the terraform provider azure rm this directory is used as a working or cache directory also there is a terraform.lock.hcl file this is a dependency lock file this file is used to track provider dependencies we can view it and see that it's indicating the provider version this file is maintained by terraform let's close that now we have initialized let's sign into azure with an account that has rights to deploy a resource group to the subscription we'll connect to azure with the azure cli and the azlogin command that will take you a web page to finish authentication next we need to get the account extensions for azure cli run the command aztentions add dash dash upgrade dash n account that command has already been ran on this computer but that should update the azure cli with the account extension if you have more than one subscription make sure that you're on the correct one with the az account show command if it's not the correct subscription run the easy account subscription list command to list all of your subscriptions find the name of the subscription you want to use and then use the az account set along with a dash dash subscription parameter and pass in the subscription name from there you can run az account show again to verify the change and that looks good that only needs to be done if you have multiple subscriptions if you do have multiple subscriptions it's important to make sure you're logged into the correct one when you run the terraform plan and terraform apply commands speaking of that now that we're logged into azure we can run the terraform plan command this command will take a few seconds to run once it's done it'll show one item will be added the resource group in this case now that we ran the plan and agreed to the output we can deploy the resource do that with the terraform apply command this too will take a few seconds to run you'll get a confirmation prompt enter yes to confirm if all goes as planned we should see the output that one item was added you can view the resource group in the portal but let's use the azure cli instead we'll use the command az group list dash dash query and then we're going to pass in a query for the name terraform rg if you named your resource group something different obviously update that here and they're showing the resource group this gets resource groups querying for the name terraform rg if you notice on the left we have a new file terraform state this is the file that tracks the status of resources terraform manages it maps real world resources to the configuration now we don't really need this resource group so let's delete it next we can remove all resources that were added with the terraform destroy command this will do exactly as it says so keep that in mind in production let's run terraform destroy enter yes to verify the destruction this could take some time depending on how many resources were deployed and how busy the back-end servers are there it is it finished and honestly this took a lot longer than it did when i was testing this prior to recording the video once it's completed let's run the easy group list command again and nothing returns that indicates the resource group has been removed that's the basics of the right plan and apply workflow with terraform we covered a lot in this video we created our first project and deployed a resource group reviewing different settings and configuration options along the way the terraform azure rm reference documentation is an important part of what we covered there's no way to go over each resource in this video but with an understanding of the terraform workflow and the examples in the documentation you should have a good starting point to deploy infrastructure with terraform don't forget to like subscribe and share with a friend thanks for watching
Info
Channel: Travis Roberts
Views: 16,751
Rating: undefined out of 5
Keywords: Azure, Azure CLI, IaC Terraform, Terraform Registry, VSCode, Terraform for Azure, registry, .tf, HashiCorp, workdlow, Terraform Resouce, .terraform, Terraform Write, Terraform Plan, Terraform Apply, Terraform Destroy, main.tf, DevOps
Id: P06HZqrZUrw
Channel Id: undefined
Length: 15min 49sec (949 seconds)
Published: Sun Dec 05 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.