Jan 21, 2020
Terraform
Azure Portal is a powerful tool that allow us to build, deploy and monitor different resources. Whether it can be simple web apps or complex cloud architecture.
Some users may like the graphical interface provided. To be honest, this GUI makes it really simple to create Azure resources within couples of clicks. However, this could be a bit risky since there are more chances for human errors. Manual workflows using Point-and-Click GUIs sometimes could generate more errors, wasted resources and reduce agility.
So if you’re more a DevOps person, you probably aim to use Infrastructure as Code to define and provision your data architecture. It’s a “secure” way to automate workflow and reduce errors rate through code review and embed provisioning guardrails. Well, I got good news for you .. There’s an open-source software which is a perfect fit for you. Ladies and Gentlemen, let me introduce .. Terraform.
What is Terraform?
Terraform is an open-source infrastructure as code software tool created by HashiCorp. It enables you to describe and provision your data architecture and deploy it as an infrastructure code using a high-level programming language known as Hashicorp Configuration Language, that looks pretty much like JSON.
The added value that Terraform brings in compared to ARM template is that you can employ Terraform not only to Azure but also to VMware, GCP and AWS. So if you’re working on different Cloud platforms or using on-premise data sources, instead of using different tools to define your architecture, you can just use Terraform to orchestrate all your work.
In this article we are going to see a practical use case of deploying couple of Azure resources using Terraform. But, before getting to serious stuff, there are few steps we need to complete.
Prerequisites
Install Terraform
First, we need to download Terraform. Go to the Terraform downloads and pick the appropriate package for your OS.
PS: I’m working with Windows so if you’re using a different OS, try to adapt the following steps to your OS.
Once the Terraform package downloaded, unzip the folder and copy the terraform.exe to your workspace and install it.
In order to run Terraform from your Command Prompt or Windows Power Shell, your workspace should be included within your system’s PATH.
To do so, go to your Environment Variables, select PATH and add a new path to your workspace.
To make sure we all set, open Windows Power Shell and run the following command:
cd \The new added PATH
terraform init
Good job ! You have successfully downloaded and installed Terraform. Now let’s keep going..
Install Azure Terraform Visual Studio Code extension
In order to use Terraform on Visual Studio Code (or another code editor), you need to install the Terraform extension.
Azure subscription
There are few environment variables that we’ll need later in order to connect to Azure through Terraform.
Go to your Azure Portal and run the Cloud Shell (it’s kind of Power Shell but integrated with Terraform) as below. This will open the Shell within your Azure window and probably would ask you to create a storage account.
Once it’s done, run the following command.
az account listThis will provide both Subscription Id and Tenant Id.
One more thing and we’re done. You need to create an Azure AD application and service principal which will provide you with both Client ID and Client Secret that we’ll need later.
Deploy Azure infrastructure with Terraform
All right you got it ! It’s showtime. We’re about to deploy the following resources on Azure:
- Resource Group
- SQL Server
- SQL Database
First of all, we’ll create a variables.tf file in which we’ll declare all the variables we’re about to use in our configuration. Save this file to your workspace as a Terraform file.
//Configure Azure Provider
provider "azurerm" {subscription_id = var.subscription_idclient_id = var.client_idclient_secret = var.client_secrettenant_id = var.tenant_id}//Declare all the Variables that will be used in Terraform configurationsvariable "subscription_id" {description = "Enter Subscription ID for provisioning resources in Azure"}variable "client_id" {description = "Enter Client ID for Application created in Azure AD"}variable "client_secret" {description = "Enter Client secret for Application in Azure AD"}variable "tenant_id" {description = "Enter Tenant ID / Directory ID of your Azure AD. Run Get-AzureSubscription to know your Tenant ID"}variable "location" {description = "The default Azure region for the resource provisioning"}variable "resource_group_name" {description = "Resource group name that will contain various resources"}
Now, we’re going to assign to each variable a default value in a new file: var_values.tfvars. Use the code below and assign to each variable the appropriate value that we prepared earlier.
subscription_id = "Your subscription_id"tenant_id = "Your tenant_id"client_id = "Your client_id"client_secret = "Your client_secret"location = "West Europe" //Choose your locationresource_group_name = "Terraform-Test"
Once our variables are ready, we can start creating our resources. Of course, one prominent resource to start with is a Resource Group, which is the container that will hold all the Azure resources we’re about to create.
Let’s create a main.tf file and type the following code.
//Resource Groupresource "azurerm_resource_group" "Terraform" {name = var.resource_group_namelocation = var.locationtags = {owner = "sazabou"}}
Let’s run the code and see what happens. But how do we execute in Terraform?
Well let’s keep one thing in mind, the Terraform process lifecycle goes through 3 main steps:
- Plan
A good practice is to use Terraform Plan every time we want to deploy something. We can see this as a debugger that tells you what you’re going to do and check if it’s gonna work. - Execute
Terraform Execute is where you actually start deploying your resources after checking that everything is OK. - Destroy
Once you’re done, especially when you’re just trying stuff on Azure, make sure to hit Terraform Destroy to clean up your environment and delete all the resources you created. (You don’t wanna get charged for resources that you’re not really using).
Let the show begin ..
Go to your Power Shell, change directory to your workspace and run the following commands:
terraform initterraform plan -var-file var_values.tfvars
If everything is OK with your plan, go ahead and run :
terraform apply -var-file var_values.tfvarsyes
Now go to your Azure Portal > Group resources. Notice that a new resource group under the name Terraform-Test was added.
Good job! Now let’s go ahead and add the SQL Server and SQL Database we talked about earlier.
Go to main.tf file and add the following code.
//SQL Server
resource "azurerm_sql_server" "sqlserver" {
name = "sqlserverterraformtest"
resource_group_name = var.resource_group_name
location = var.location
version = "12.0"
administrator_login = "Type your login"
administrator_login_password = "Type your password" //Use a complex one
}//SQL Database
resource "azurerm_sql_database" "SQLDB" {
name = "SQLDB-terraform-test"
server_name = "sqlserverterraformtest"
resource_group_name = var.resource_group_name
location = var.locationedition = "Standard"
requested_service_objective_name = "S0" //Only S0 or higher supportedtags = {
environment = "Dev"
}
}
Again, type the Terraform plan command to see if it’s all good (hopefully 🙂).
Notice that Terraform tells you that both a SQL Server and a SQL Database will be created. Sounds good since that’s what we’re planning to do. What are you waiting for? Go ahead and deploy your architecture. (I mean Terraform apply)
Now go to your Azure Portal > Group resources> Terraform-Test. Notice that both SQL Server and SQL Database were successfully created within your resource group. Perfect!
Now add as much resources as you need for data architecture. Feel free to check the Terraform docs to check the code and arguments needed for each resource.
PS: If you’re just doing this for trial, don’t forget to destroy the resources created. 😉
terraform destroy -var-file var_values.tfvars
