Getting started with Terraform on Azure

This post is the first of a large serie of blog posts on DevOps on Azure, I will expose my current experience for the implementation of a Devops process with Terraform, Ansible, VSTS, Inspec, Jenkins, …..

The objective of this serie is not to rewrite existing documentation, posts, articles, … but it will be a “cookbook” type series with posts that will expose real uses cases with best pratice of use of these tools in entreprises.

To start, I’ll talk about Terraform and how to use it to provision resources in Azure  (also valid for other cloud providers).

Terrafom from HashiCorp is Infrastructure As code tool that allows to provision resources in Azure with a very simple language (HCL).

Advantages of Terraform are:

  • It is open source with a large active community.
  • It’s Multi Cloud provider (Azure, AWS, OpenStack, …..)
  • It’s multi-plateforme: work on Linux, Windows, Mac OS, …
  • It allows to preview the changes that it will apply before its application (with the plan command).
  • It runs in command line, so it can be integrated in an automated devops pipeline.
  • The command line tool has some very useful options (which we will see as we go along).
  • and many others ….

Installation of Terraform

For download ans install Terraform see the official page here, and this stackoverflow page for set Path on Linux.

You can also execut this shell script directly on your linux for automate the download and installation of Terraform.

Thanks to Etienne Deneuve for this script.

After the installation, you can test your installation of Terraform by executing the command:

terraform –version , for display the version of your terraform, or the command: terraform for display all command options.

image

Configuration of the Azure resources access

For authorize Terraform to manage resources on Azure, we need to create a Azure AD service principal that have authorizations for manage (create, update, delete) Azure resources.

For create this service principal manually from the Azure portal:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal

It’s also possible to create this service principal by using the Azure cli 2.0

https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest

Create resources on Azure with Terraform

When Terraform is installed and your Azure Service principal is created, you can start to provision your Azure infrastructure.

For this, in the Terraform code (tf file) you must define the Azurerm provider and then define your Azure resources to provision.
The official documentation for the provider and resources is very great and fully : https://www.terraform.io/docs/providers/azurerm/

In the Microsoft documentation you can see the complet Terraform code for provision Linux VM in Azure : https://docs.microsoft.com/en-us/azure/virtual-machines/linux/terraform-create-complete-vm

Other samples of Terraform code for Azure are available in GitHub.

What next…

In this first post, which serves as an introduction to this serie, I expose how to start with Terraform on Azure, in the following we will see how to use Terraform with best practices for team, we will talk about :

  • Remote backend on Azure Storage
  • Modules
  • Security with Azure Key Vault
  • Terraform folder architecture
  • Terraform command cli usage
  • Authomate Terraform deploiement with Visual Studio Team Service ot Jenkins

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.