Build Infrastructure
With Terraform installed, let's dive right into it and start creating some infrastructure.
We'll build infrastructure on AWS for the getting started guide since it is popular and generally understood, but Terraform can manage many providers, including multiple providers in a single configuration. Some examples of this are in the use cases section.
If you don't have an AWS account, create one now. For the getting started guide, we'll only be using resources which qualify under the AWS free-tier, meaning it will be free. If you already have an AWS account, you may be charged some amount of money, but it shouldn't be more than a few dollars at most.
»Configuration
The set of files used to describe infrastructure in Terraform is simply known as a Terraform configuration. We're going to write our first configuration now to launch a single AWS EC2 instance.
The format of the configuration files is documented here. Configuration files can also be JSON, but we recommend only using JSON when the configuration is generated by a machine.
The entire configuration is shown below. We'll go over each part after. Save the contents to a file named
example.tf. Verify that there are no other *.tf files in your directory, since Terraform loads all of them.provider "aws" {
access_key = "ACCESS_KEY_HERE"
secret_key = "SECRET_KEY_HERE"
region = "us-east-1"
}
resource "aws_instance" "example" {
ami = "ami-2757f631"
instance_type = "t2.micro"
}
Note: The above configuration is designed to work on most EC2 accounts, with access to a default VPC. For EC2 Classic users, please use
t1.micro for instance_type, and ami-408c7f28 for the ami.
Replace the
ACCESS_KEY_HERE and SECRET_KEY_HERE with your AWS access key and secret key, available from this page. We're hardcoding them for now, but will extract these into variables later in the getting started guide.
Note: If you simply leave out AWS credentials, Terraform will automatically search for saved API credentials (for example, in
~/.aws/credentials) or IAM instance profile credentials. This option is much cleaner for situations where tf files are checked into source control or where there is more than one admin user. See details here. Leaving IAM credentials out of the Terraform configs allows you to leave those credentials out of source control, and also use different IAM credentials for each user without having to modify the configuration files.
This is a complete configuration that Terraform is ready to apply. The general structure should be intuitive and straightforward.
The
provider block is used to configure the named provider, in our case "aws." A provider is responsible for creating and managing resources. Multiple provider blocks can exist if a Terraform configuration is composed of multiple providers, which is a common situation.
The
resource block defines a resource that exists within the infrastructure. A resource might be a physical component such as an EC2 instance, or it can be a logical resource such as a Heroku application.
The resource block has two strings before opening the block: the resource type and the resource name. In our example, the resource type is "aws_instance" and the name is "example." The prefix of the type maps to the provider. In our case "aws_instance" automatically tells Terraform that it is managed by the "aws" provider.
Within the resource block itself is configuration for that resource. This is dependent on each resource provider and is fully documented within our providers reference. For our EC2 instance, we specify an AMI for Ubuntu, and request a "t2.micro" instance so we qualify under the free tier.
»Execution Plan
Next, let's see what Terraform would do if we asked it to apply this configuration. In the same directory as the
example.tffile you created, run terraform plan. You should see output similar to what is copied below. We've truncated some of the output to save space.a4gZ6a4bAG6fvhw7Xb++OH6Wtyg3YOs+gb1IkIl4
terraform plan shows what changes Terraform will apply to your infrastructure given the current state of your infrastructure as well as the current contents of your configuration.
If
terraform plan failed with an error, read the error message and fix the error that occurred. At this stage, it is probably a syntax error in the configuration.
The output format is similar to the diff format generated by tools such as Git. The output has a "+" next to "aws_instance.example", meaning that Terraform will create this resource. Beneath that, it shows the attributes that will be set. When the value displayed is
»Apply
The plan looks good, our configuration appears valid, so it's time to create real resources. Run
terraform apply in the same directory as your example.tf, and watch it go! It will take a few minutes since Terraform waits for the EC2 instance to become available.$ terraform apply
aws_instance.example: Creating...
ami: "" => "ami-2757f631"
instance_type: "" => "t2.micro"
[...]
aws_instance.example: Still creating... (10s elapsed)
aws_instance.example: Creation complete
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
# ...
Done! You can go to the AWS console to prove to yourself that the EC2 instance has been created.
Terraform also puts some state into the
terraform.tfstate file by default. This state file is extremely important; it maps various resource metadata to actual resource IDs so that Terraform knows what it is managing. This file must be saved and distributed to anyone who might run Terraform. It is generally recommended to setup remote state when working with Terraform. This will mean that any potential secrets stored in the state file, will not be checked into version control
You can inspect the state using
terraform show:$ terraform show
aws_instance.example:
id = i-32cf65a8
ami = ami-2757f631
availability_zone = us-east-1a
instance_state = running
instance_type = t2.micro
private_ip = 172.31.30.244
public_dns = ec2-52-90-212-55.compute-1.amazonaws.com
public_ip = 52.90.212.55
subnet_id = subnet-1497024d
vpc_security_group_ids.# = 1
vpc_security_group_ids.3348721628 = sg-67652003
You can see that by creating our resource, we've also gathered a lot more metadata about it. This metadata can actually be referenced for other resources or outputs, which will be covered later in the getting started guide.
»Provisioning
The EC2 instance we launched at this point is based on the AMI given, but has no additional software installed. If you're running an image-based infrastructure (perhaps creating images with Packer), then this is all you need.
However, many infrastructures still require some sort of initialization or software provisioning step. Terraform supports provisioners, which we'll cover a little bit later in the getting started guide, in order to do this.
Source : https://www.terraform.io/intro/getting-started/build.html
Go to this Link with your AWS Login to create the Access Key and Secret Key and save it in your local machine..
https://console.aws.amazon.com/iam/home?#/security_credential
+++++++++++++++++++++++++++++++++++
root@localhost Downloads]# ./terraform applyaws_instance.example: Refreshing state... (ID: i-0f6d4ae9e49a6e29f)
aws_instance.example: Creating...
ami: "" => "ami-2757f631"
associate_public_ip_address: "" => "
availability_zone: "" => "
ebs_block_device.#: "" => "
ephemeral_block_device.#: "" => "
instance_state: "" => "
instance_type: "" => "t2.micro"
ipv6_address_count: "" => "
ipv6_addresses.#: "" => "
key_name: "" => "
network_interface.#: "" => "
network_interface_id: "" => "
placement_group: "" => "
primary_network_interface_id: "" => "
private_dns: "" => "
private_ip: "" => "
public_dns: "" => "
public_ip: "" => "
root_block_device.#: "" => "
security_groups.#: "" => "
source_dest_check: "" => "true"
subnet_id: "" => "
tenancy: "" => "
volume_tags.%: "" => "
vpc_security_group_ids.#: "" => "
aws_instance.example: Still creating... (10s elapsed)
aws_instance.example: Still creating... (20s elapsed)
tenancy: "" => "
volume_tags.%: "" => "
vpc_security_group_ids.#: "" => "
aws_instance.example: Still creating... (10s elapsed)
aws_instance.example: Still creating... (20s elapsed)
aws_instance.example: Still creating... (30s elapsed)
aws_instance.example: Still creating... (40s elapsed)
aws_instance.example: Still creating... (50s elapsed)
aws_instance.example: Creation complete (ID: i-05082c270a68066a2)
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
The state of your infrastructure has been saved to the path
below. This state is required to modify and destroy your
infrastructure, so keep it safe. To inspect the complete state
use the `terraform show` command.
State path:
