IaC(Infrastructure as Code)

IaC(Infrastructure as Code)

https://www.zhihu.com/question/346381748

IaC(Infrastructure as Code)

表示基础设施即代码,是DevOps中的一个重要实践。

IaC的主要思想是将服务器、网络、存储、安全等基础架构层面的配置和设置过程,以代码的形式进行表达和管理。

IaC与DevOps的关系

- IaC是实现DevOps自动化的重要支柱之一。通过IaC可以实现基础架构层面的自动化,与应用部署的自动化相结合,可以实现DevOps的端到端自动化。

- IaC实现了基础架构与应用代码的统一管理。应用开发人员可以通过版本控制系统管理基础架构代码。

- IaC使基础架构具备了可重复使用性,可以加速环境配置。

- IaC提高了基础架构部署的一致性、稳定性。

IaC的常见实现方案

- 使用配置管理工具(如Ansible、Chef、Puppet)编写脚本来自动化配置基础架构环境。

- 使用容器平台(如Kubernetes)和容器编排引擎(如Docker Compose),以声明式方式定义基础架构。

- 使用基础架构即服务(IaaS)提供的API或SDK来管理和配置基础架构资源。

- 使用HashiCorp的Terraform等IaC专用工具来编排云资源。

terraform

https://github.com/hashicorp/terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.

 

在AWS平台上创建EC2 computes资源

https://developer.hashicorp.com/terraform/tutorials/aws-get-started

 

本机创建销毁docker资源

https://developer.hashicorp.com/terraform/tutorials/docker-get-started

Get Started - Docker

Build, change, and destroy Docker infrastructure using Terraform. Step-by-step, command-line tutorials will walk you through the Terraform basics for the first time.

 

视频教学

https://www.bilibili.com/video/BV1qu411D7Xo/?spm_id_from=333.337.search-card.all.click&vd_source=57e261300f39bf692de396b55bf8c41b 

 

https://github.com/wardviaene/terraform-course/tree/master

Demo overview

Demo Directory	Description
first-steps	First steps
demo-1	First steps: Launching an EC2 instance
demo-2	Using provisioner
demo-2b	Using provisioner on a Windows instance
demo-3	Executing script locally
demo-4	Outputting
demo-5	Data Source
demo-6	Modules
demo-7	AWS VPC
demo-8	EC2 instance within VPC with securitygroup
demo-9	EC2 instance with EBS volumes
demo-10	Userdata and cloudinit
demo-11	Route53 (DNS)
demo-12	RDS
demo-13	IAM
demo-14	IAM Roles with S3 bucket
demo-15	Autoscaling
demo-16	Autoscaling with ELB (Elastic Load Balancer)
demo-17	Elastic Beanstalk PHP 7 stack with RDS
demo-18	Interpolations, VPC module
demo-18b	Project structure, best practices
packer-demo	Build AMIs with Packer
jenkins-packer-demo	Demo with jenkins and Packer
docker-demo-1	Using ECR - The EC2 Container Registry
docker-demo-2	Using ECS - The EC2 Container Service
docker-demo-3	Using ECR/ECS with Jenkins in a complete workflow
module-demo	Using ECS + ALB in 4 modules to show how developing terraform modules work

 

https://github.com/iam-veeramalla/terraform-zero-to-hero

Terraform Zero to Hero course

Day 1: Getting Started with Terraform

Introduction to Terraform and IaC

In this session, we'll introduce you to the fundamental concepts of Terraform and Infrastructure as Code (IaC). Learn why Terraform is crucial for managing infrastructure and how IaC streamlines provisioning.

Installing Terraform on MacOS, Linux and Windows

Get your hands dirty by installing Terraform on both MacOS, Linux and Windows. We'll guide you through the process with clear instructions and commands.

Setting up Terraform for AWS

Dive into AWS integration with Terraform. You'll learn how to set up your AWS credentials and configure the AWS provider within Terraform to start provisioning resources.

Writing Your First Terraform Code

Start writing actual Terraform code with a simple example. Learn about the basic structure of a Terraform configuration file and how to define resources using the HCL language.

Terraform Lifecycle

Understand the lifecycle of terraform. What is terraform init, plan and apply.

Launching an EC2 Instance

Take your skills up a notch by provisioning an EC2 instance on AWS using Terraform. Explore attributes like instance type, AMI, and tags to customize your instance.

Terraform State Basics

Understand the importance of Terraform state files. Learn about desired and current states, and how Terraform manages these states to ensure infrastructure consistency.

Day 2: Advanced Terraform Configuration

Understanding Providers and Resources

Deepen your knowledge of providers and resources. Explore the role of different providers for various cloud platforms and understand how resources define infrastructure components.

Variables and Outputs in Terraform

Discover the power of variables for dynamic configurations. Learn how to define, declare, and utilize variables effectively. Explore outputs to retrieve and display essential information.

Conditional Expressions and Functions

Elevate your configurations with conditional expressions, adding logic to your code. We'll introduce you to Terraform's built-in functions for tasks like string manipulation and calculations.

Debugging and Formatting Terraform Files

Master the art of debugging Terraform configurations.Plus, learn why proper formatting with terraform fmt is crucial.

Day 3: Building Reusable Infrastructure with Modules

Creating Modular Infrastructure with Terraform Modules

Unlock the potential of reusability with Terraform modules. Understand how modules enable you to create shareable and organized infrastructure components.

Local Values and Data Sources

Simplify complex expressions using local values. Dive into data sources and learn how to fetch data from existing resources or external systems, enhancing your configurations' flexibility.

Using Variables and Inputs with Modules

Explore the versatility of using variables within modules to customize their behavior. Learn how inputs work within modules and the benefits they offer.

Leveraging Outputs from Modules

Utilize module outputs to access critical information or propagate data to your root configuration. Learn how to make your modules more informative and useful.

Exploring Terraform Registry for Modules

Embark on a journey through the Terraform Registry. Discover pre-built, community-contributed modules and learn how to incorporate them into your own configurations.

Day 4: Collaboration and State Management

Collaborating with Git and Version Control

Collaborate effectively using Git and version control. Grasp fundamental Git commands such as cloning, pulling, and pushing repositories to enhance teamwork.

Handling Sensitive Data and .gitignore

Tackle security challenges associated with sensitive data in version control. Explore the importance of .gitignore to exclude sensitive files from being committed.

Introduction to Terraform Backends

Uncover the role of Terraform backends in remote state storage. Learn why they're essential for maintaining infrastructure state and configurations.

Implementing S3 Backend for State Storage

Get hands-on experience configuring an S3 bucket as a backend for remote state storage. Understand how this setup improves collaboration and state management.

State Locking with DynamoDB

Dive into state locking and the prevention of concurrent updates. Implement state locking using DynamoDB as a backend mechanism, ensuring state consistency.

Day 5: Provisioning and Provisioners

Understanding Provisioners in Terraform

Learn about provisioners, mechanisms for executing actions on resources during creation and destruction. Understand how they facilitate customization.

Remote-exec and Local-exec Provisioners

Differentiate between remote-exec and local-exec provisioners. Explore how remote-exec provisions actions on remote servers, while local-exec performs tasks locally.

Applying Provisioners at Creation and Destruction

Discover when to use provisioners during resource creation or destruction. Configure provisioners within resource blocks to execute specific actions.

Failure Handling for Provisioners

Gain insights into handling provisioner failures. Learn about retry mechanisms, timeouts, and the on_failure attribute to control provisioner behavior on failure.

Day 6: Managing Environments with Workspaces

Introduction to Terraform Workspaces

Understand the concept of workspaces and their role in managing different environments. Learn how workspaces aid in isolating configurations.

Creating and Switching Between Workspaces

Learn how to create new workspaces and switch between them using terraform workspace commands. Understand their significance in environment management.

Using Workspaces for Environment Management

Learn deeper into how workspaces streamline environment management. Comprehend their benefits in maintaining separate state files for various settings.

Day 7: Security and Advanced Topics

HashiCorp Vault Overview

Gain an overview of HashiCorp Vault, a powerful tool for secret management and data protection. Understand its significance in maintaining secure configurations.

Integrating Terraform with Vault for Secrets

Learn how to integrate Terraform with Vault to manage sensitive data securely. Discover how Vault can be used to store and distribute secrets within configurations.