As businesses grow and expand and new requirements are realized to meet customers' needs, a quick and reliable means to provision and maintain cloud resources has become crucial. Various cloud providers have developed tools and resources to facilitate infrastructure as code (IAC) to meet this need.
On AWS, the tool for building cloud infrastructure environments using code and templates is AWS Cloudformation. It is an effective IAC tool however, just as the name implies, it is exclusively compatible with AWS. To perform the same actions on other cloud providers, an engineer would need to pick up the tools made for those providers. Azure Resource Manager (ARM) for Azure and Cloud Deployment Manager (CDM) to name a few. These tools are known as cloud-specific IAC tools.
In a case where an organization, as a means to get the best parts of all worlds, runs its services and resources across different cloud platforms, these cloud-specific tools become equivalent to bringing a knife to a gunfight. Effective but in the wrong context.
Cloud-agnostic IAC tools however are built and developed to be effective in whichever cloud provider they are employed. Some of these tools include:
Chef
Pulumi
Ansible, and
Terraform
In this article, we would look at how we can easily provision Azure cloud resources on one of my favorite IAC tools: Terraform.
Terraform
Terraform is a cloud-agnostic tool that facilitates infrastructure automation for the provisioning and management of cloud resources and cloud services.
To use Terraform to deploy Azure cloud resources, you have to install the provider for Azure.
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.45.0"
}
}
}
This would install the terraform provider for azure when you run the terraform init command within your source code directory.
Connect to your Azure Account
The next step would be to define where you want these resources to be deployed. You have to declare the credentials of your azure account to enable Terraform to connect seamlessly with azure.
provider "azurerm" {
# Configuration options
subscription_id = var.subscription_id
client_id = var.client_id
client_secret = var.client_secret
tenant_id = var.tenant_id
features {}
}
In this code, however, another terraform file was created to hold the variables which would then be referenced within the main configuration file (main.tf). It’s best practice in writing terraform configuration files to keep the variables in a separate file to enable a more readable and secure code.
Creating Resources
After you have installed the appropriate provider and declared the Azure account where resources should be deployed, the next step would be to begin creating the cloud resources for your infrastructure.
Using the Terraform resource block, you can create any resource using azurerm (ARM) for Azure cloud.
When working with Azure, one of the first resources you should create is a Resource Group wherein all other resources for a particular project would be created in. In our code, we would create a resource group called; application_grp, and all other resources would be created within this resource group.
# Declaring local variables to be used within main.tf
locals {
resource_group = "application_grp"
location = "North Europe"
}
# Create Resource Group
resource "azurerm_resource_group" "application_grp" {
name = local.resource_group
location = local.location
}
Next,
We would create a Virtual Network and a Subnet to enable connectivity among the other resources that would be created.
# Create a Virtual Network
resource "azurerm_virtual_network" "app_network" {
name = "app_network"
location = local.location
resource_group_name = azurerm_resource_group.application_grp.name
address_space = ["10.0.0.0/16"]
}
# Creating Subnet
resource "azurerm_subnet" "subnetA" {
name = "subnetA"
resource_group_name = local.resource_group
virtual_network_name = azurerm_virtual_network.app_network.name
address_prefixes = ["10.0.1.0/24"]
depends_on = [
azurerm_virtual_network.app_network
]
}
Launch Resources
Now we have completely configured the resources in our terraform script. We must now deploy these resources on our Azure account using this script.
The first step would be to install the provider using terraform init command:
$ terraform init
Initializing the backend...
Initializing provider plugins...
- Finding hashicorp/azurerm versions matching "3.45.0"...
- Installing hashicorp/azurerm v3.45.0...
- Installed hashicorp/azurerm v3.45.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
After which, we run the $ terraform plan command which would show us all the resources and changes that would be provisioned on our Azure account.
And finally, we run $ terraform apply to deploy to Azure.
Resources on Azure Account
We have now completely provisioned our resources on Azure. And we can see them deployed into the resource group we created.
Conclusion
Infrastructure as Code is a practice that has greatly enabled quick, secure, and reliable resource provisioning in the field of DevOps and Cloud Engineering. The use of cloud-agnostic tools for IAC has created a means for having effective and centralized cloud engineering teams.
In this project, we have used Terraform, an IAC tool, to set up a cloud environment consisting of various resources with a single script.
The full project can be accessed through this link. Feel free to fork the repository and add more resources to build your infrastructure.
Top comments (0)