Terraform terraweek day 3

#tws?#terraform?#terraWeek?#hashicorp?#trainwithshubham

Task -1

Create a Terraform configuration file to define a resource of AWS EC2 instance.

# Specify the provider (AWS in this case)

provider "aws" {

?access_key = "<YOUR_AWS_ACCESS_KEY>"

?secret_access_key = "<YOUR_AWS_SECRET_ACCESS_KEY>"

?region = "us-west-1"??

}

# Define the EC2 instance resource

resource "aws_instance" "sumit_dahiya" {

?ami??????= "ami-014d05e6b24240371"??

?instance_type = "t2.micro"??

?tags = {

??Name = "sumitawsinstance"

}

?}

The?provider?block defines the AWS provider that Terraform will use. The?access_key?and?secret_access_key?attributes specify your AWS access key ID and secret access key, respectively. The?region?attribute specifies the AWS region where the EC2 instance will be create

The?resource?block defines the EC2 instance resource. The?ami?attribute specifies the AMI ID that the EC2 instance will be created from. The?instance_type?attribute specifies the instance type of the EC2 instance. The?tags?attribute specifies the tags that will be applied to the EC2 instance.

Task -2

Check state files before running terraform plan and apply commands and Use validate command to validate your tf file for errors and provide the Output generated by each command:

1- Checking state files before running the terraform plan and apply commands:

Before running the?plan?or?apply?commands, it is important to check the state files to make sure that they are up-to-date. The state files contain information about the current state of your infrastructure, and Terraform uses this information to determine what changes need to be made. If the state files are not up-to-date, Terraform may make incorrect changes to your infrastructure.

$ terraform state list

aws_instance.example_instance

$ terraform state show aws_instance.example_instance

# Output will display the detailed information of the resource

2- Using the?validate?command to validate your tf file for errors.

The?terraform validate?command can be used to validate your Terraform configuration file for errors.

To use the?validate?command, simply run the following command:

$ terraform validate

Success! The configuration is valid.

If there are any errors in your configuration file, Terraform will print out a list of the errors. You can then fix the errors in your configuration file and try running the?validate?command again

3-?Output generated by each command:

The output generated by each command will vary depending on the specific state of your infrastructure and your Terraform configuration file. However, here is a general overview of the output that you can expect to see.

• terraform show: The?terraform show?command is used to display the current state and configuration of your infrastructure in a human-readable format.
• terraform state list: The?terraform state list?command specifically lists the names of all resources managed by Terraform in your state file.
• terraform validate: The?terraform validate?command will print out a list of any errors that it finds in your Terraform configuration file.
• terraform plan?:?The output of the Terraform plan command shows the changes that Terraform will make to your infrastructure.
• terraform apply?:?The terraform apply command applies the plan generated by the terraform plan command. This will create, update, or destroy resources in your infrastructure.
• terraform destroy?: The terraform destroy command destroys all resources in your infrastructure. This is useful for cleaning up old infrastructure or for testing the disaster recovery process.

Task - 3

Add a Provisioner to the configuration file to configure the resource after. it is created and use Terraform commands to apply for changes and destroy to remove resources:

# Specify the provider (AWS in this case)

provider "aws" {

?access_key = "<YOUR_AWS_ACCESS_KEY>"

?secret_access_key = "<YOUR_AWS_SECRET_ACCESS_KEY>"

?region = "us-west-1"??

}

# Define the EC2 instance resource

resource "aws_instance" "example_instance" {

?ami??????= "ami-014d05e6b24240371"??

?instance_type = "t2.micro"??

?tags = {

??Name = "ExampleInstance"

?}

}

# Add a provisioner

provisioner "remote-exec" {

??inline = ["echo 'Hello, world!' > /home/ubuntu/hello.txt"]

?}

In this example, the?aws_instance?resource is configured to use the remote-exec provisioner. The?inline?argument to the?remote-exec?provisioner specifies the command that will be run on the remote resource. In this case, the command is?echo 'Hello, world!' > /home/ubuntu/hello.txt.

To apply the changes and create the EC2 instance, you can run the following Terraform commands:

1. terraform init: Initializes the working directory and downloads the necessary provider plugins.
2. terraform apply: Applies the changes defined in your configuration file and creates the EC2 instance.

To destroy and remove the resources created by Terraform, you can use the following command:

terraform destroy: Destroys all the resources managed by Terraform.

What is a Provisioner block:

In Terraform, the?provisioner?block is used to define actions or scripts that should be executed on a resource after it is created or destroyed. It allows you to configure and customize the resource as needed, such as installing software, running commands, or executing configuration scripts

The?provisioner?block has two main configurations:?create?and?destroy

• The?create?provisioner runs after the resource is created, allowing you to perform actions like software installation or configuration. It ensures that the resource is ready for use once created
• The?destroy?provisioner runs before the resource is destroyed. It allows you to clean up or perform any necessary actions before the resource is removed, such as removing files or releasing resources.

Provisioner are powerful tools in Terraform that allow you to automate additional setup or configuration tasks for your resources. They provide flexibility and extensibility in managing your infrastructure, ensuring that your resources are properly configured and customized according to your requirements.

Task - 4

Add lifecycle management configurations to the configuration file to control the creation, modification, and deletion of the resource and use Terraform commands to apply the changes:

# Specify the provider (AWS in this case)

provider "aws" {

?access_key = "<YOUR_AWS_ACCESS_KEY>"

?secret_access_key = "<YOUR_AWS_SECRET_ACCESS_KEY>"

?region = "us-west-1"??

}

# Define the EC2 instance resource

resource "aws_instance" "example_instance" {

?ami?= "ami-014d05e6b24240371"??

?instance_type = "t2.micro"??

?tags = {

??Name = "ExampleInstance"

?}

}

# Add a provisioner

provisioner "remote-exec" {

??inline = ["echo 'Hello, world!' > /home/ubuntu/hello.txt"]

?}

# Add lifecycle management configurations

lifecycle {

??create_before_destroy = true

??ignore_changes????= [tags]

?}

In this example, we've added a?lifecycle?block within the?aws_instance?resource block. The?lifecycle?block allows you to configure the behavior of Terraform during resource creation, modification, and deletion.

The available configurations are:

• create_before_destroy: When set to?true, Terraform will create a new resource before destroying the existing one. This helps ensure a smooth transition during updates or replacements of resources.
• ignore_changes: Allows you to specify attributes that Terraform should ignore during updates. In this example, we've specified?tags?as an ignored attribute, meaning changes to the?tags?block will not trigger a recreation of the resource.

To apply the changes and create/update the EC2 instance based on the new lifecycle configurations, you can run the following Terraform commands:

1. terraform init: Initializes the working directory and downloads the necessary provider plugins.
2. terraform apply: Applies the changes defined in your configuration file.

What is a lifecycle block:

In Terraform, the?lifecycle?block is used to define lifecycle management configurations for resources. It allows you to control the behavior of Terraform during resource creation, modification, and deletion. The?lifecycle?block provides options for managing resource replacement, preventing certain changes from triggering resource recreation, and specifying other resource-specific behaviors.

The?lifecycle?block supports the following configurations:

• create_before_destroy: This configuration determines whether Terraform should create a new resource before destroying the existing one during updates or replacements. When set to?true, Terraform will first create the new resource and then destroy the old one. This can be useful when transitioning from one resource to another, ensuring that there is no downtime during the update.
• prevent_destroy: If this configuration is set to?true, it prevents the resource from being destroyed when running?terraform destroy. This can be useful for protecting critical resources that should not be accidentally destroyed.
• ignore_changes: This configuration allows you to specify a list of attributes that Terraform should ignore during updates. When changes are made to the specified attributes, Terraform will not recreate the resource. This can be helpful when certain attributes are managed externally or should not trigger a recreation.

resource "aws_instance" "example_instance" {

?# Resource attributes...

?lifecycle {

??create_before_destroy = true

??prevent_destroy????= true

??ignore_changes????= [tags]

?}

}

In this example, the?lifecycle?block is added to an AWS EC2 instance resource. It specifies that the new resource should be created before destroying the old one (create_before_destroy = true). It also prevents the resource from being destroyed (prevent_destroy = true) and ignores changes made to the?tags?attribute (ignore_changes = [tags]).

When using the?ignore_changes?configuration in the lifecycle block to ignore changes for a specific attribute, such as an EC2 instance name tag, you need to specify the fully qualified attribute name within the resource.

In the case of an EC2 instance name tag, the attribute name would be?aws_instance.example_instance.tags["Name"]. Here's an example of how you can use it:

resource "aws_instance" "example_instance" {

?# Resource attributes...

?lifecycle {

??ignore_changes = [aws_instance.example_instance.tags["Name"]]

?}

}

Note that the attribute name within the ignore_changes configuration should match the exact attribute reference used in the resource block. If the EC2 instance name tag has a different name or is defined using a variable, you would need to adjust the attribute name accordingly.

The?lifecycle?block allows you to fine-tune the behavior of Terraform for specific resources, ensuring controlled updates, preventing accidental destruction, and ignoring certain changes when managing your infrastructure.