Tooling in Devops: Using Terraform For Automating Infrastructure

This is the start of a new series of articles and this series is known as Tooling in Devops. In these articles, I will talk about tools that can be used in infrastructure, monitoring, logging, alerting and more such stuff. We will see how to use these tool and how they will help you in fixing you problem in systems and applications. So lets start with todays tool which is Terraform and Using Terraform For Automating Infrastructure Creation

Terraform is an open source product from Hashicorp. This enables you to write your infrastructure as a code, which basically is HCL stands for hashicorp configuration language. There are many providers for terraform so you can write config from multiple clouds openstack and many more.

Terraform works around these *.tf  *.tfvars and  *.tfstate files. Lets look into these files.

*.tf File :

These files actually contains the resources to be created in the cloud provider. These contains all the configs that the created resource need to have.

*.tfvars File:

These file contains the variables that can be replace in *.tf files. You may not need to touch this much.

*.tfstate File:

This is the source of truth for terraform. It will always try to make the remote state[Provider state] as it is mentioned in this file. You can have mutiple tf file terraform will read only these files for resources to create.

Now lets see what all commands terraform has that is important for a beginner. I am not covering all the commands just the basic ones that is required for quick start.

Terraform process flow

Terraform Init:

This initializes the terraform in you directory and you will be able to proceed with other commands. Please note that before this command you have to install terraform in your system. For installation you have to download the terraform binary and put in your path.

terraform init

Terraform Plan:

Once you write your .tf file you should run this command. This command will give you out in which you will be able to see what all changes will be done if you run apply on this terraform file. Also keep in mind to save the output of this plan to a file something like this.

terraform plan --out=plan

Terraform apply:

Suggested Books:

Once you are satisfied with the plan you can run apply which will implement that plan on your cloud provider. Here don’t forget to pass the plan file that is create in last step else your apply may have changes that were not there in plan.

terraform apply plan

Now terraform will create the resource in cloud provider.

Lets look at some pointers to notice while working with terraform.

1. If you make any changes from providers console on the resources that you have created through terraform. Terraform will revert all the changes that are done from console and your system may break in the next terraform apply.

2. While running apply always pass the plan file. This will save you from any changes that may have happened between the time of plan and time of apply.

3. If you don’t want to keep the secrets in file you can pass them as variable and use it in tf files. 


Now lets have a look at basic tf file that you have to write to create a resource. This is an example copied from terraform azurerm doc.


provider "azurerm" { 
  subscription_id = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" 
  client_id = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" 
  client_secret = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" 
  tenant_id = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" 

variable "prefix" {
  default = "tfvmex"
# Resource group needed for everything in azure
resource "azurerm_resource_group" "main" {
  name     = "${var.prefix}-resources"
  location = "West US 2"
# Vnet for machine to reside in 
resource "azurerm_virtual_network" "main" {
  name                = "${var.prefix}-network"
  address_space       = [""]
  location            = "${azurerm_resource_group.main.location}"
  resource_group_name = "${}"
# Subnet where machine is launched
resource "azurerm_subnet" "internal" {
  name                 = "internal"
  resource_group_name  = "${}"
  virtual_network_name = "${}"
  address_prefix       = ""
# Network Interface For the VM
resource "azurerm_network_interface" "main" {
  name                = "${var.prefix}-nic"
  location            = "${azurerm_resource_group.main.location}"
  resource_group_name = "${}"

  ip_configuration {
    name                          = "testconfiguration1"
    subnet_id                     = "${}"
    private_ip_address_allocation = "Dynamic"
#Actual VM
resource "azurerm_virtual_machine" "main" {
  name                  = "${var.prefix}-vm"
  location              = "${azurerm_resource_group.main.location}"
  resource_group_name   = "${}"
  network_interface_ids = ["${}"]
  vm_size               = "Standard_DS1_v2"

  # Uncomment this line to delete the OS disk automatically when deleting the VM
  # delete_os_disk_on_termination = true

  # Uncomment this line to delete the data disks automatically when deleting the VM
  # delete_data_disks_on_termination = true

  storage_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "16.04-LTS"
    version   = "latest"
  storage_os_disk {
    name              = "myosdisk1"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
  os_profile {
    computer_name  = "hostname"
    admin_username = "testadmin"
    admin_password = "Password1234!"
  os_profile_linux_config {
    disable_password_authentication = false
  tags {
    environment = "staging"

This was a very basic introduction and you can kickstart your automation with this information. For further information please go to terraform docs. Thats it for Using Terraform For Automating Infrastructure Creation

Feel free to ping me if you need any help with terraform and other topics. I will be more than happy to learn with you.

Gaurav Yadav

Gaurav is cloud infrastructure engineer and a full stack web developer and blogger. Sportsperson by heart and loves football. Scale is something he loves to work for and always keen to learn new tech. Experienced with CI/CD, distributed cloud infrastructure, build systems and lot of SRE Stuff.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.