Tuesday, 20 December 2016

Terraform and AWS

Written By: Lokesh Jawane
DevOps Journey with Crevise
Devops journey starts with the understanding and automating Dev, QA, & Ops practices. And gradually the DevOps journey leads to automate almost everything!

There are a number of tools to automate configuration management, build and deployment. Tools like Chef, Ansible, Capistrano, Mina, Jenkins, SCM tools et al are most popularly used in this space.

However today managing Infra quickly is a bottleneck. Few of the common issues that are seen are:
  • How can we effectively track the changes which you have made in your infra?
  • How to run the CM tool as a provisioner?
  • Can we manage infra only with a CM tool, seamlessly and without hitting any roadblocks?

Hence I believe the simpler way is to keep Configuration & Infra management tasks separate. When you make changes to the configuration it should not affect your infra & vice versa.

Thats where Terraform comes to the rescue.

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

The infrastructure Terraform can manage includes low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc. Terraform can manage many providers like AWS, Google Cloud, DigitalOcean, OpenStack etc including multiple providers in a single configuration.

I have written a terraform example to use with AWS. In the example I create 2 EC2 instances behind ELB & deploy nginx on it. Details are given below. Feel free to write to me if you have any comments, inputs, suggestion, questions!

Creating new AWS EC2 instance & run ansible playbook with local-exec provisioner

provider "aws" {
 access_key = "ACCESS_KEY_HERE"
 secret_key = "SECRET_KEY_HERE"
 region     = "us-east-1"

resource "aws_instance" "example" {
 ami           = "ami-0d729a60"
 instance_type = "t2.micro"

resource "null_resource" "host entry" {
   provisioner "local-exec" {
       command = "echo ${aws_instance.example.public_ip} ansible_ssh_private_key_file=<.pem file> ansible_ssh_user=ubuntu >> hosts"

resource "null_resource" "configure-wordpress" {
   provisioner "local-exec" {
       command = "sleep 60 && ANSIBLE_HOST_KEY_CHECKING=false ansible-playbook -i hosts site.yml --sudo"
depends_on = ["aws_instance.example"] }

The above example create an EC2 instance, make a host entry to hosts file & run ansible playbook on newly created instance.
Another example below creates the AWS architecture as shown in the diagram.
Terraform with AWS
access_key="<aws access key>"
secret_key="<aws access key>"
ansible_ssh_private_keyfile="<.pem file path>"
ansible_ssh_user="<ssh login user>"

  • Ansible playbook main file already there: site.yml
- name: Install Nginx
  hosts: all
    - apt: name="nginx" update_cache=yes state=present
    -service: name=nginx enabled=yes state=started
  • Plan the terraform
terraform plan -var-file=./terraform.tfvars

  • Apply changes to infra
terraform apply


  1. Thanks for heads up Lokesh (y)

  2. Every time you're taking an AMI and begin it, it's known as an Occasion of the AMI. You may take an AMI and begin it a number of occasions, every time creates a brand new Occasion.This is great blog. If you want to know more about this visit here AWS Cloud Certification.


Amazon EKS - Kubernetes on AWS

By Komal Devgaonkar Amazon Elastic Container Service for Kubernetes (Amazon EKS), which is highly available and scalable AWS service....