Getting started with Terraform for Azure
In this article, I want to introduce you to Terraform, an Infrastructure as Code solution, helping in optimizing your Azure Resources deployments.
This article will be part of a 3-article-series:
a) Getting started with Terraform,
b) Guiding you through an Azure Linux Virtual Machine deployment,
c) Closing with a more complex deployment of a mixed IaaS and PaaS scenario on Azure.
The following topics will be discussed in this first article:
What is Infrastructure as Code
What is Terraform, and why using it for Azure deployments
Installing/Running Terraform
Infrastructure as Code
Infrastructure as Code, or IAC, is the management of infrastructure components like storage, networking, servers, allowing you to run application workloads. However, it is not limited to infrastructure itself, as it also allows you to deploy and manage containers, app services and alike.
Important is that it’s done using “code”, using a descriptive model. This means you create an outline, like a definition file, in which you describe the end-state of the setup you want to achieve.
Some characteristics of IAC are:
idempotence, which means you will always get the same end-result, no matter how many times you run the deployment
Immutable, referring to the fact that you can run the same code over and over, even in different environments like test/dev/staging and production, only requiring minimal changes
Last, lights-out deployment, referring to the automation part of the process
Some benefits of IAC are:
reliable, while it could take some time and effort to get your deployment templates or scripts ready, once you have them, you know they are reliable and allowing you to run stable deployments over and over.
fast, which doesn’t specifically refer to a faster provisioning as such, but it should be clear doing deployments in a manual way will always be more time consuming, especially when the job is repeatable in nature, outside of the fact those are more error-prone as well.
Scalable is another huge benefit, allowing anyone to easily deploy a larger amount of identical resources, or even repeating the same deployment across different environments (dev/test, staging, production)
To showcase with a diagram what an Infrastructure as Code process looks like, we could start from a deployment template, and define a workload v.0.1, 0.2, 0.99, and so on, containing a set of Azure resources like storage, sql db, web app and virtual machine, in a dev/test scenario.
Next, we go back to the development station, make changes to the existing templates, resulting in v.1.0, and eventually using this as a baseline for our staging environment.
Out of the previous example, let’s emphasize some of the core benefits of using ARM Templates:
ARM templates are native to Azure Resource Manager, allowing you to deploy Azure public cloud and Azure Stack private cloud scenarios
ARM template based deployments are traceable from the Azure Portal; more specifically, each Resource Group has a section “Deployments”, which shows the history of each deployment against that Resource Group (both successful and failed deployments)
ARM templates can be deployed using Azure Portal, PowerShell, Azure CLI or DevOps tools
Where ARM templates can be overwhelming at first, know there is an Open Sourced library of sample templates available on GitHub, known as the Azure QuickStart templates. Allowing you to easily run deployments based on those, or use them as a starting example for your own custom deployments
Without sounding too negative, ARM template-based deployments also come with some challenges and limitations. Not all is bad, since it’s been quite popular in the last 5 years of Azure Resource Manager. But things could be better.
One of the main limitations in my opinion is the complex JSON syntax; it’s hard to read, difficult and challenging to author, and sometimes frustrating
Another missing feature is adding comments into the JSON, especially for review later, or to use it as documentation when working with a larger team on the same templates; (to be complete, it became possible to add comments into ARM templates recently, but there are some limitations, for example that your templates are “invalid” when you import them into the Azure Portal template deployment; it works when deploying them from PowerShell or CLI though).
Last, another capability I’m missing a lot as a devops engineer, is the lack of “rollback” when a deployment fails, where the successfully deployed resources linger along; and also where you need to run an actual deployment, to validate your template is working fine. But also here a recent update, where ARM templates do support “what-if” to simulate a deployment
What is Terraform
If you ask me what the real benefit of using Terraform for Azure is, I always talk about these 4 features:
first, the HCL syntax is way more natural than JSON, which means it’s not only easy to read, but also easy to write
Everything is driven from the command line, transparent across Windows, Linux or MacOS
Each deployment is stored in a “State” file, which is where the core intelligence of Terraform comes from in my opinion
Installing Terraform is as easy as connecting to the Terraform.io website, and downloading the latest version for your client management workstation Operating System, which can be Windows, Linux or MacOS.
There are also packages available from Chocolatey or Homebrew if you prefer those software management tools.
Another really interesting way to use Terraform for Azure deployments, is natively from within Azure CloudShell. This is a commandline environment, directly available from logging on ot the Azure Portal and running in your browser.
Summary
In this first article, you got introduced to Terraform, a solution by HashiCorp, allowing for efficient Infrastructure as Code for Azure, as well as other cloud (private and public) scenarios. I compared some of the challenges of ARM templates with benefits from Terraform, and you also know how to install and run it on your management workstation.
In the next article, you will learn about the Terraform syntax, as well as the core concept on how to perform Terraform deployments.