Day5 - Terraform 5-13-2021
day5 - Terraform - plan, refresh, apply, desire, code, tfstat, destroy
notepad a.tf
terrafrom look for .tf extention file and executes
> notepad web.tf
provider "aws" {
region = "ap-south-1"
profile = "default"
}
resource "aws_instance" "webos1" {
ami = "ami-010aff33ed5991201"
instance_type = "t2.micro"
security_groups = [ "webport-allow" ]
key_name = "terraform_key"
tags = {
Name = "Web Server by TF"
}
}
resource "null_resource" "nullremote1" {
connection {
type = "ssh"
user = "ec2-user"
private_key = file("C:/Users/Vimal Daga/Downloads/terraform_key.pem")
host = aws_instance.webos1.public_ip
}
provisioner "remote-exec" {
inline = [
"sudo yum install httpd -y",
"sudo yum install php -y",
"sudo systemctl start httpd",
"sudo systemctl start httpd"
]
}
}
resource "aws_ebs_volume" "example" {
availability_zone = aws_instance.webos1.availability_zone
size = 1
tags = {
Name = "Web Server HD by TF"
}
}
resource "aws_volume_attachment" "ebs_att" {
device_name = "/dev/sdc"
volume_id = aws_ebs_volume.example.id
instance_id = aws_instance.webos1.id
force_detach = true
}
resource "null_resource" "nullremote2" {
connection {
type = "ssh"
user = "ec2-user"
private_key = file("C:/Users/Vimal Daga/Downloads/terraform_key.pem")
host = aws_instance.webos1.public_ip
}
provisioner "remote-exec" {
inline = [
"sudo mkfs.ext4 /dev/xvdc",
"sudo mount /dev/xvdc /var/www/html",
]
}
}
resource "null_resource" "nullremote4" {
connection {
type = "ssh"
user = "ec2-user"
private_key = file("C:/Users/Vimal Daga/Downloads/terraform_key.pem")
host = aws_instance.webos1.public_ip
}
provisioner "remote-exec" {
inline = [
"sudo yum install git -y",
"sudo git clone https://github.com/vimallinuxworld13/gitphptest.git /var/www/html/web"
]
}
}
resource "null_resource" "nullremote5" {
provisioner "local-exec" {
command = "chrome http://13.232.50.58/web/index.php"
}
}
=====================================
break this file
> notepad provider.tf
provider "aws" {
region: = "ap-south-1"
profile = "default"
}
> notepad ec2.tf
resource "Aws_instance" "webos1" {
ami = "amo .."
instal
tags = {
Name = web
}
> terraform init
go there and check all the files and download the plugins for the provider such as aws, azure
> attach_block.tf
resource "aws_volume_attachment" "ebs_att" {
device_name = "/dev/sdc"
volume_id = aws_ebs_volume.example.id
instance_id = aws_instance.webos1.id
force_detach = true
}
files are read on alphabet order, but TF will automatically handle or manage. This concept is called infering the resource with thier intellegency.
this means, which part to run first and which one to second.
> terraform plan
> tf apply
when you run this code first time, it will create tfstate
there are two state
1. desire state
2. Current state
1. Desire state
whatever you are looking for/want, you write on code - your desire state
2. Current state
What is there right now, or currently running or exist on the system
when you run tr apply, it will go and check if it already exists. if its not there then apply the code.
This concept is called - Idompotence
? tf apply
you will see a message - Infrascture is up to data
if no change is needed.
Login to your aws cloud
- check how many instances running
- check on what instance type is running.
first you run plan and apply (behind the scene plan runs when you run apply)
- when you run plan code, it basically goes and login to aws, retrive all the info and store locally and stores on terraform.tfstat file when is basically the state of the service.
stores all
open and review the file..
> notepad output.tf
output "myip" {
value = aws_instance.webis1.public_ip
}
> tf apply
you will see the public IP.
open the file terraform.tfstat and search for public_ip and navigate through..
Note: if you use Terraform, always use terraform. do not do automation and manual.
it will make a mess..
any change, you have to make, make sure to modify the code.
say if one of the ec2 instance has issue, they may go to console and manually change the config but its not been updated on code, you will have a problem.
say, lets go to aws console and review the instnce that you have instance type is t2.small
but on your code, you hae t2.micro.
instance_type = "t2.micro"
Desire state is manual t2.small
but code has: automate: t2.micro
> tf apply
our code goes to copy the current state and it will find the conflict.
before apply, use refresh. it will go to cloud and update/referesh the current state. after that, local file is updated terraform.tfstate
> tf refresh
> notepad terraform.tfstat
> tf apply
it will change from small to micro
since your code has micro, it will change
either do everything manual, or everything automation.
Note: Never modify tfstat file manually.
refresh, plan, apply, desire, code, tfstat,
add null resources
> notepad apache.tf
> tf destroy # remove all the resources
They go and refresh and update the tfstat file locally.
> tf apply
- apache
- hard disk
- providers
4 resources are going to be applied.
1. Launch the instance
2. ssh -> null -: php apache
3. created storage and attahing the storage
we have one bug here.
lets destroy our infrascture again.
> notepad apache.tf
provisioner "remote-exec" {
inline = [
"sudo yum install httpd -y",
"sudo yum install php -y",
"sudo systemctl start httpd",
"sudo systemctl start httpd"
]
}
}
file name by default are on lexical order...
apache.tf
resource "null_resource" "nullremote1" {
depends_on = [
aws_volume_attachment.ebs_att
]
.........
}
google fro terrafrom depends on
meta-arguement
one resource is deepnds on other respurce.
> tf destroy
> tf apply
validate your code
> terraform validate
gives you line number you have issue with
Thursday, May 13, 2021
Day5 - Terraform - plan, refresh, apply, desire, code, tfstat, destroy
Subscribe to:
Post Comments (Atom)
Git branch show detached HEAD
Git branch show detached HEAD 1. List your branch $ git branch * (HEAD detached at f219e03) 00 2. Run re-set hard $ git reset --hard 3. ...
-
snmpconfig command allow you to managge snmpv1/v3 agent configuration on SAN switch. Event trap level is mapped with event severity level....
-
Firmware upgrade on HPE SuperDom Flex 280 - prerequisites tasks a. Set up repo b. Upload firmware to your webserver 1. For foundation so...
-
Disabling the Telnet protocol on Brocade SAN switches By default, telnet is enabled on Brocade SAN switches. As part of security hardening o...
No comments:
Post a Comment