update terraform

a3d45d34 · kmc-home · a4629c10 · a3d45d34 · a3d45d34 · a3d45d34
Commit a3d45d34 authored 2 months ago by kmc-home
--- a/ranges/terraform/terraform-test/main.tf
+++ b/ranges/terraform/terraform-test/main.tf
-# Empty provider block just to test
-provider "null" {
+terraform {
+  required_providers {
+    openstack = {
+      source = "terraform-provider-openstack/openstack"
+      version = "1.47.0"
+    }
+  }
 }

-# Simple null resource that does nothing
-resource "null_resource" "test" {
+provider "openstack" {
+#   user_name   = "admin"
+#   tenant_name = "admin"
+#   password    = "pwd"
+#   auth_url    = "http://myauthurl:5000/v2.0"
+#   region      = "RegionOne"
+}
+
+data "openstack_networking_network_v2" "this" {
+  name = "public"
+}
+
+resource "openstack_networking_router_v2" "external_router" {
+  name                = "router_${var.prefix}"
+  external_network_id = data.openstack_networking_network_v2.this.id
 }
\ No newline at end of file
--- a/ranges/terraform/terraform-test/vars.tf
+++ b/ranges/terraform/terraform-test/vars.tf
+# ABOUT THIS FILE:
+# "vars.tf" contains variable declarations that would clutter the main.tf file NOTE: Only Default Values can be set here
+
+
+# This variable replaces the { get_param: "OS::stack_name" } parameter used in HEAT to add the stack name to various resource names
+# Since Terraform doesn't create stacks, we can just define a custom variable
+variable "prefix" {
+  type    = string
+  default = "kmc"
+}
+
+# The following variables are required to be declared in the root module so we can set their values in terraform.tfvars
+# These are more strictly defined in their respective ./module/<MODULE NAME>/vars.tf file or directly in ./module/<MODULE_NAME>/<MODULE_NAME>.tf
+# variable "sec_groups" {
+#   type = map(any)
+# }
+
+# variable "nets" {
+#   type = map(any)
+# }
+
+# variable "instances" {
+#   type = map(any)
+# }
\ No newline at end of file
--- a/ranges/terraform/terraform.md
+++ b/ranges/terraform/terraform.md
+# Terraform Deep Dive
+
+## What is Terraform and why is it useful?
+Terraform is an Infrastructure as Code (IaC) tool that allows you to define and provision infrastructure using declarative configuration files. It supports multiple cloud providers and services through its provider system.
+
+Core concepts:
+- Providers: Plugins that enable interaction with cloud platforms, services, and APIs
+- Resources: Infrastructure objects you want to manage
+- State: Terraform's record of managed infrastructure
+- Variables: Reusable values that can be input into configurations
+- Outputs: Values that can be queried or exported
+
+**Key Takeaways:**
+- Terraform enables version-controlled infrastructure
+- Configurations are provider-agnostic
+- State management ensures consistency
+- Modular design promotes reusability
+
+## Hands-on with Terraform Commands I
+
+### terraform init
+Initializes a Terraform working directory, downloading providers and modules.
+
+Exercise 1: Initialize a project
+```sh
+# Create basic configuration
+cat << EOF > main.tf
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      version = "~> 4.0"
+    }
+  }
+}
+EOF
+
+terraform init
+```
+
+### terraform plan
+Shows execution plan for infrastructure changes.
+
+Exercise 2: Create and review a plan
+```sh
+terraform plan
+```
+
+### terraform apply
+Applies the changes required to reach desired state.
+
+Exercise 3: Apply configuration
+```sh
+terraform apply
+terraform apply -auto-approve  # Skip approval prompt
+```
+
+### terraform destroy
+Removes all resources managed by the configuration.
+
+Exercise 4: Clean up resources
+```sh
+terraform destroy
+```
+
+**Key Takeaways:**
+- Workflow: init → plan → apply → destroy
+- Plan provides safety check before changes
+- State tracks resource relationships
+- Destroy removes managed resources
+
+## Terraform Configuration Basics
+
+### Provider Configuration
+```hcl
+provider "aws" {
+  region = "us-west-2"
+}
+```
+
+### Resource Blocks
+```hcl
+resource "aws_instance" "example" {
+  ami           = "ami-0c55b159cbfafe1f0"
+  instance_type = "t2.micro"
+  
+  tags = {
+    Name = "example-instance"
+  }
+}
+```
+
+### Variables
+```hcl
+# variables.tf
+variable "instance_type" {
+  description = "EC2 instance type"
+  type        = string
+  default     = "t2.micro"
+}
+
+# main.tf usage
+resource "aws_instance" "example" {
+  instance_type = var.instance_type
+}
+```
+
+### Outputs
+```hcl
+output "instance_ip" {
+  value = aws_instance.example.public_ip
+}
+```
+
+## Working with State
+
+Exercise 5: State management
+```sh
+terraform show           # Display current state
+terraform state list    # List resources
+terraform state pull    # Download remote state
+terraform state push    # Upload local state
+```
+
+**Key Takeaways:**
+- State should be stored remotely in production
+- Sensitive data in state should be encrypted
+- State files should be backed up
+- Team members need shared state access
+
+## Terraform Workspaces
+
+Exercise 6: Managing environments
+```sh
+terraform workspace new dev
+terraform workspace new prod
+terraform workspace select dev
+```
+
+## Data Sources
+```hcl
+data "aws_ami" "ubuntu" {
+  most_recent = true
+  
+  filter {
+    name   = "name"
+    values = ["ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"]
+  }
+}
+```
+
+## Modules
+
+Exercise 7: Create reusable module
+```hcl
+# modules/webserver/main.tf
+variable "instance_type" {}
+
+resource "aws_instance" "web" {
+  ami           = data.aws_ami.ubuntu.id
+  instance_type = var.instance_type
+}
+
+# Root main.tf
+module "web_server" {
+  source        = "./modules/webserver"
+  instance_type = "t2.micro"
+}
+```
+
+**Key Takeaways:**
+- Modules promote code reuse
+- Workspaces separate environments
+- Data sources query existing resources
+- Variables enable configuration
+
+## Best Practices
+
+1. Code Organization
+- Use consistent formatting (terraform fmt)
+- Separate variables and outputs
+- Group related resources
+- Use modules for reusability
+
+2. State Management
+- Use remote state
+- Enable state locking
+- Backup state files
+- Use workspaces for environments
+
+3. Security
+- Use variables for sensitive data
+- Encrypt state files
+- Use least privilege access
+- Implement proper IAM roles
+
+## Practice Exercises
+
+### Basic Infrastructure
+
+Create a configuration that:
+- Provisions a VPC
+- Creates public and private subnets
+- Deploys an EC2 instance
+- Implements security groups
+
+### Module Development
+
+Create a reusable module for:
+- Network infrastructure
+- Standard security groups
+- Common instance types
+- Output relevant information
+
+### Multi-Environment Setup
+
+Implement:
+- Workspace-based environments
+- Environment-specific variables
+- Shared base configuration
+- Proper state separation
+
+### Remote State
+
+Configure:
+- Remote state storage
+- State locking
+- Access controls
+- Backup procedures
+
+Remember to document your configurations and use proper variable structures!
\ No newline at end of file