Cover image for Terraform in Action

Terraform in Action

Release Date: 2021/07/01
ISBN: 9781617296895
Topic:
0%
29
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Terraform in Action shows you how to automate and scale infrastructure programmatically using the Terraform toolkit. Using practical, relevant examples, you’ll use Terraform to provision a Kubernetes cluster, deploy a multiplayer game, and configure other hands-on projects. As you progress to advanced techniques like zero-downtime deployments, you’ll discover how to think in Terraform rather than just copying and pasting scripts.

Table of Contents

  1. Terraform in Action
  2. Copyright
  3. dedication
  4. contents
  5. front matter
    1. foreword
    2. preface
    3. acknowledgments
    4. about this book
    5. Who should read this book
    6. How this book is organized: A roadmap
    7. About the code
    8. liveBook discussion forum
    9. about the author
    10. about the cover illustration
  6. Part 1 Terraform bootcamp
  7. 1 Getting started with Terraform
    1. 1.1 What makes Terraform so great?
    2. 1.1.1 Provisioning tool
    3. 1.1.2 Easy to use
    4. 1.1.3 Free and open source software
    5. 1.1.4 Declarative programming
    6. 1.1.5 Cloud-agnostic
    7. 1.1.6 Richly expressive and highly extensible
    8. 1.2 “Hello Terraform!”
    9. 1.2.1 Writing the Terraform configuration
    10. 1.2.2 Configuring the AWS provider
    11. 1.2.3 Initializing Terraform
    12. 1.2.4 Deploying the EC2 instance
    13. 1.2.5 Destroying the EC2 instance
    14. 1.3 Brave new “Hello Terraform!”
    15. 1.3.1 Modifying the Terraform configuration
    16. 1.3.2 Applying changes
    17. 1.3.3 Destroying the infrastructure
    18. 1.4 Fireside chat
    19. Summary
  8. 2 Life cycle of a Terraform resource
    1. 2.1 Process overview
    2. 2.1.1 Life cycle function hooks
    3. 2.2 Declaring a local file resource
    4. 2.3 Initializing the workspace
    5. 2.4 Generating an execution plan
    6. 2.4.1 Inspecting the plan
    7. 2.5 Creating the local file resource
    8. 2.6 Performing No-Op
    9. 2.7 Updating the local file resource
    10. 2.7.1 Detecting configuration drift
    11. 2.7.2 Terraform refresh
    12. 2.8 Deleting the local file resource
    13. 2.9 Fireside chat
    14. Summary
  9. 3 Functional programming
    1. 3.1 Fun with Mad Libs
    2. 3.1.1 Input variables
    3. 3.1.2 Assigning values with a variable definition file
    4. 3.1.3 Validating variables
    5. 3.1.4 Shuffling lists
    6. 3.1.5 Functions
    7. 3.1.6 Output values
    8. 3.1.7 Templates
    9. 3.1.8 Printing output
    10. 3.2 Generating many Mad Libs stories
    11. 3.2.1 for expressions
    12. 3.2.2 Local values
    13. 3.2.3 Implicit dependencies
    14. 3.2.4 count parameter
    15. 3.2.5 Conditional expressions
    16. 3.2.6 More templates
    17. 3.2.7 Local file
    18. 3.2.8 Zipping files
    19. 3.2.9 Applying changes
    20. 3.3 Fireside chat
    21. Summary
  10. 4 Deploying a multi-tiered web application in AWS
    1. 4.1 Architecture
    2. 4.2 Terraform modules
    3. 4.2.1 Module syntax
    4. 4.2.2 What is the root module?
    5. 4.2.3 Standard module structure
    6. 4.3 Root module
    7. 4.3.1 Code
    8. 4.4 Networking module
    9. 4.5 Database module
    10. 4.5.1 Passing data from the networking module
    11. 4.5.2 Generating a random password
    12. 4.6 Autoscaling module
    13. 4.6.1 Trickling down data
    14. 4.6.2 Templating a cloudinit_config
    15. 4.7 Deploying the web application
    16. 4.8 Fireside chat
    17. Summary
  11. Part 2 Terraform in the wild
  12. 5 Serverless made easy
    1. 5.1 The “two-penny website”
    2. 5.2 Architecture and planning
    3. 5.2.1 Sorting by group and then by size
    4. 5.3 Writing the code
    5. 5.3.1 Resource group
    6. 5.3.2 Storage container
    7. 5.3.3 Storage blob
    8. 5.3.4 Function app
    9. 5.3.5 Final touches
    10. 5.4 Deploying to Azure
    11. 5.5 Combining Azure Resource Manager (ARM) with Terraform
    12. 5.5.1 Deploying unsupported resources
    13. 5.5.2 Migrating from legacy code
    14. 5.5.3 Generating configuration code
    15. 5.6 Fireside chat
    16. Summary
  13. 6 Terraform with friends
    1. 6.1 Standard and enhanced backends
    2. 6.2 Developing an S3 backend module
    3. 6.2.1 Architecture
    4. 6.2.2 Flat modules
    5. 6.2.3 Writing the code
    6. 6.3 Sharing modules
    7. 6.3.1 GitHub
    8. 6.3.2 Terraform Registry
    9. 6.4 Everyone gets an S3 backend
    10. 6.4.1 Deploying the S3 backend
    11. 6.4.2 Storing state in the S3 backend
    12. 6.5 Reusing configuration code with workspaces
    13. 6.5.1 Deploying multiple environments
    14. 6.5.2 Cleaning up
    15. 6.6 Introducing Terraform Cloud
    16. 6.7 Fireside chat
    17. Summary
  14. 7 CI/CD pipelines as code
    1. 7.1 A tale of two deployments
    2. 7.2 CI/CD for Docker containers on GCP
    3. 7.2.1 Designing the pipeline
    4. 7.2.2 Detailed engineering
    5. 7.3 Initial workspace setup
    6. 7.3.1 Organizing the directory structure
    7. 7.4 Dynamic configurations and provisioners
    8. 7.4.1 for_each vs. count
    9. 7.4.2 Executing scripts with provisioners
    10. 7.4.3 Null resource with a local-exec provisioner
    11. 7.4.4 Dealing with repeating configuration blocks
    12. 7.4.5 Dynamic blocks: Rare boys
    13. 7.5 Configuring a serverless container
    14. 7.6 Deploying static infrastructure
    15. 7.7 CI/CD of a Docker container
    16. 7.7.1 Kicking off the CI/CD pipeline
    17. 7.8 Fireside chat
    18. Summary
  15. 8 A multi-cloud MMORPG
    1. 8.1 Hybrid-cloud load balancing
    2. 8.1.1 Architectural overview
    3. 8.1.2 Code
    4. 8.1.3 Deploy
    5. 8.2 Deploying an MMORPG on a federated Nomad cluster
    6. 8.2.1 Cluster federation 101
    7. 8.2.2 Architecture
    8. 8.2.3 Stage 1: Static infrastructure
    9. 8.2.4 Stage 2: Dynamic infrastructure
    10. 8.2.5 Ready player one
    11. 8.3 Re-architecting the MMORPG to use managed services
    12. 8.3.1 Code
    13. 8.3.2 Ready player two
    14. 8.4 Fireside chat
    15. Summary
  16. Part 3 Mastering Terraform
  17. 9 Zero-downtime deployments
    1. 9.1 Lifecycle customizations
    2. 9.1.1 Zero-downtime deployments with create_before_destroy
    3. 9.1.2 Additional considerations
    4. 9.2 Blue/Green deployments
    5. 9.2.1 Architecture
    6. 9.2.2 Code
    7. 9.2.3 Deploy
    8. 9.2.4 Blue/Green cutover
    9. 9.2.5 Additional considerations
    10. 9.3 Configuration management
    11. 9.3.1 Combining Terraform with Ansible
    12. 9.3.2 Code
    13. 9.3.3 Infrastructure deployment
    14. 9.3.4 Application deployment
    15. 9.4 Fireside chat
    16. Summary
  18. 10 Testing and refactoring
    1. 10.1 Self-service infrastructure provisioning
    2. 10.1.1 Architecture
    3. 10.1.2 Code
    4. 10.1.3 Preliminary deployment
    5. 10.1.4 Tainting and rotating access keys
    6. 10.2 Refactoring Terraform configuration
    7. 10.2.1 Modularizing code
    8. 10.2.2 Module expansions
    9. 10.2.3 Replacing multi-line strings with local values
    10. 10.2.4 Looping through multiple module instances
    11. 10.2.5 New IAM module
    12. 10.3 Migrating Terraform state
    13. 10.3.1 State file structure
    14. 10.3.2 Moving resources
    15. 10.3.3 Redeploying
    16. 10.3.4 Importing resources
    17. 10.4 Testing infrastructure as code
    18. 10.4.1 Writing a basic Terraform test
    19. 10.4.2 Test fixtures
    20. 10.4.3 Running the test
    21. 10.5 Fireside chat
    22. Summary
  19. 11 Extending Terraform by writing a custom provider
    1. 11.1 Blueprints for a Terraform provider
    2. 11.1.1 Terraform provider basics
    3. 11.1.2 Petstore provider architecture
    4. 11.2 Writing the Petstore provider
    5. 11.2.1 Setting up the Go project
    6. 11.2.2 Configuring the provider schema
    7. 11.3 Creating a pet resource
    8. 11.3.1 Defining Create()
    9. 11.3.2 Defining Read()
    10. 11.3.3 Defining Update()
    11. 11.3.4 Defining Delete()
    12. 11.4 Writing acceptance tests
    13. 11.4.1 Testing the provider schema
    14. 11.4.2 Testing the pet resource
    15. 11.5 Build, test, deploy
    16. 11.5.1 Deploying the Petstore API
    17. 11.5.2 Testing and building the provider
    18. 11.5.3 Installing the provider
    19. 11.5.4 Pets as code
    20. 11.6 Fireside chat
    21. Summary
  20. 12 Automating Terraform
    1. 12.1 Poor person’s Terraform Enterprise
    2. 12.1.1 Reverse-engineering Terraform Enterprise
    3. 12.1.2 Design details
    4. 12.2 Beginning at the root
    5. 12.3 Developing a Terraform CI/CD pipeline
    6. 12.3.1 Declaring input variables
    7. 12.3.2 IAM roles and policies
    8. 12.3.3 Building the Plan and Apply stages
    9. 12.3.4 Configuring environment variables
    10. 12.3.5 Declaring the pipeline as code
    11. 12.3.6 Touching base
    12. 12.4 Deploying the Terraform CI/CD pipeline
    13. 12.4.1 Creating a source repository
    14. 12.4.2 Creating a least-privileged deployment policy
    15. 12.4.3 Configuring Terraform variables
    16. 12.4.4 Deploying to AWS
    17. 12.4.5 Connecting to GitHub
    18. 12.5 Deploying “Hello World!” with the pipeline
    19. 12.5.1 Queuing a destroy run
    20. 12.6 Fireside chat
    21. 12.6.1 FAQ
    22. Summary
  21. 13 Security and secrets management
    1. 13.1 Securing Terraform state
    2. 13.1.1 Removing unnecessary secrets from Terraform state
    3. 13.1.2 Least-privileged access control
    4. 13.1.3 Encryption at rest
    5. 13.2 Securing logs
    6. 13.2.1 What sensitive information?
    7. 13.2.2 Dangers of local-exec provisioners
    8. 13.2.3 Dangers of external data sources
    9. 13.2.4 Dangers of the HTTP provider
    10. 13.2.5 Restricting access to logs
    11. 13.3 Managing static secrets
    12. 13.3.1 Environment variables
    13. 13.3.2 Terraform variables
    14. 13.3.3 Redirecting sensitive Terraform variables
    15. 13.4 Using dynamic secrets
    16. 13.4.1 HashiCorp Vault
    17. 13.4.2 AWS Secrets Manager
    18. 13.5 Sentinel and policy as code
    19. 13.5.1 Writing a basic Sentinel policy
    20. 13.5.2 Blocking local-exec provisioners
    21. 13.6 Final words
    22. Summary
  22. appendix A Authenticating to AWS
    1. A.1 Creating an AWS account
    2. A.2 Creating an IAM user
    3. A.3 Installing the AWS CLI (optional)
    4. A.4 Configuring the credentials file
    5. A.5 Configuring the AWS provider in Terraform
  23. appendix B Authenticating to Azure
    1. B.1 Creating an Azure account
    2. B.2 Installing the Azure CLI
    3. B.3 Obtaining credentials via the CLI
    4. B.4 Configuring Azure CLI authentication in Terraform
  24. appendix C Authenticating to GCP
    1. C.1 Creating a GCP account
    2. C.2 Creating a new project
    3. C.3 Installing the Google Cloud SDK
    4. C.4 Authenticating with the Google Cloud SDK
    5. C.5 Configuring the GCP provider in Terraform
  25. appendix D Creating custom resources with the Shell provider
    1. D.1 Installing the provider
    2. D.2 Using the provider
    3. D.3 Final thoughts
  26. appendix E Creating a Petstore data source
    1. E.1 Registering the data source
    2. E.2 Creating the data source
    3. E.3 Writing acceptance tests
    4. E.3.1 Running acceptance tests
    5. E.4 Using the data source
  27. index
3.137.192.3