INTRODUCTION
INFRACODE
InfraCode is an open-source project, dedicated to creating Infrastructure as Code tools built on Terraform. We’re simplifying the lives of DevOps professionals by building tools that allow for maximum customizability. Through our blog and documentation, we provide information on Terraform best practices, as well as Terraform tutorials.
About This Guide
This guide is a comprehensive collection of all the steps involved in using the InfraRapid product, to make sure any end-user or company interested in building their Infrastructure as Code, may do so on AWS and Azure cloud platforms.
Infrastructure as Code (IaC)
Infrastructure as Code (IaC) is the management of infrastructure in a descriptive model, where the same source code generates the same binary. An Infrastructure as Code model generates the same environment every time it is applied. We use IaC for stability with version control, reusability, and scalability, automated deployment, and orchestration.
Terraform
Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions. For more information on Terraform best practices, read our blog post here.
Amazon Web Services (AWS) & Microsoft Azure
Amazon Web Services and Azure are cloud platforms offering cloud-based products such as storage, analytics, networking, computation, IoT, and other such cloud facilities, with pay-as-you-go pricing.
PREREQUISITES
InfraRapid is an exclusively designed CLI tool, which, when executed, generates Terraform files that could be initialized and applied on a cloud service provider. In order to be able to execute the InfraRapid code you must ensure the below minimum system requirements:
- Python- Version 3.6 and above. If you do not have Python installed, you may install it here.
- PIP package- Python usually comes with the PIP package/script. However, if not, you may additionally install PIP from The Python Packaging Authority.
- An account on AWS(Root User Credentials).
- PIP package- Python usually comes with the PIP package/script. However, if not, you may additionally install PIP from The AWS CLI User Guide.
INFRARAPID
InfraRapid is a reactive CLI that takes user inputs to generate cloud instances, VPCs (virtual private clouds), storage, and corresponding HCL (hashicorp proprietary language) configuration files for users not familiar with HCL who still want to make use of Infrastructure as Code.
How does InfraRapid Work?
Step 1: Clone our repository using the command git clone https://github.com/infracodeteam/infrarapid.git. Then change the directory by using the command cd infrarapid. Now execute the command pip install -r requirements.txt in order to ensure you have Jinja2 and YAML installed.
Step 2: Create a configuration file, you can find examples in the “examples” folder. As an example using the aws-lite.yaml file.
Step 3: Run our code file using the command python ./ic.py --config examples/aws-lite.yaml --templates-path results/. You will receive a set of completely coded Terraform files in the results folder.
Step 4: Follow the below sub-steps to execute the Terraform files:
Step 4.1: Learn how to set up an user account on AWS through the AWS documentation.
Step 4.2: Now, return to your command prompt and use the command aws configure. Enter the AWS Access Key ID and AWS Secret Access Key which was generated by you. Then enter the Default Region Name (example: us-east-1) and the Default output format (example:json). NOTE: It is not always necessary to complete the configuration step. You may instead have a configuration file saved or set it up as an environment variable, with which you may override the individual configuration each time.
Step 4.3: Now, change the folder to the results folder by using the command cd results.
Step 4.4: You will now have to initialize the working directory using the command terraform init.
Step 4.5: You may now use the command terraform plan to create an execution plan to see if the changes are as per your expectations without making any actual changes to the real-time resources. This is an optional step, but very resourceful.
Step 4.6: Now that you are sure of the configurations, you may use the command terraform apply to apply the changes required for your configuration. You will be prompted to enter the region(if it’s not already specified in the YAML configuration file), and then asked to provide a confirmation with the message “Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve.” If you are completely sure of the changes, enter yes.
Step 4.7: If you wish to terminate the infrastructure that has been set up by the Terraform file on your cloud service provider, you may use the command terraform destroy. You will again be prompted to enter the region and then asked to provide a confirmation with the message “Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm.” If you are sure you wish to terminate the instances, enter ‘yes.’
FAQs
What is Infrastructure?
Infrastructure is an enterprise's entire collection of hardware, software, networks, data centers and other facilities which are used to develop, test, operate, monitor, manage and also support IT services.
What is CLI?
CLI stands for Command Line Interface. CLI is a program which will accept text inputs to view and manage Computer Files and also to execute Operating System functions.
What is Infrastructure as Code?
Infrastructure as Code (IaC) is the management of infrastructure in a descriptive model, where the same source code generates the same binary. An Infrastructure as Code model generates the same environment every time it is applied.
What is a Cloud Instance?
A Cloud Instance refers to a virtual server instance from a public or private cloud network. It is built, hosted and delivered using a cloud computing platform, and can be accessed remotely.
What are Public and Private Clouds?
A public cloud is a shared infrastructure where multiple customers of the cloud service provider access the same infrastructure. A private cloud on the other hand, is exclusively offered to one organization and the infrastructure is solely available only for them.
What is a Virtual Private Cloud (VPC)?
VPC is a secure, isolated private cloud hosted within a public cloud. VPC customers can run code, store data, host websites, and do anything else they could do in an ordinary private cloud, but the private cloud is hosted remotely by a public cloud provider.
What is Terraform and why do we need it?
Terraform is an open-source tool that was designed to enable the creation, modification, and even deletion of infrastructure on the cloud. It mainly works on the principle of “Infrastructure as Code”. In an era where the DevOps process is booming, terraform has been revolutionizing the process with its simple, yet efficient ways of managing infrastructure through code. It isn’t restricted to any cloud provider and can be used to write configurations for most of the cloud providers.
How do I use Terraform?
You may download the CLI from the official website of HashiCorp. Once you have the CLI installed, you may use the declarative HashiCorp configuration language (HCL) to write your configfuration files or templates., which may be in either “.tf” or “.tf.json” format. With the templates ready you may initialize and apply your configurations.
How does Terraform internally work with respect to resources?
Every time you create a template or a configuration file and initialize and apply the configuration, a remote object for a particular resource is created on your system. The link between the remote object and your resource is saved in the state file. Whenever you update a resource on your configuration, a new remote object is created. This object gets mapped against the resource in the state file, and the previous remote object is deleted. Therefore, every time you update a resource, you’re also creating a new remote object.
Is it possible to add sensitive infromation to my configuration file?
Yes, you can include information such as credentials or token information in your configuration. But we highly recommend that you do not include such information as the “.tf files” on your system are usually stored as plain text and are not encrypted. We encourage storing the files on remote storage, such as your cloud provider or on Terraform Cloud so that every bit of information remains encrypted.
Can we clone an existing infrastructure in terraform?
There is a provision to clone with the command "terraform import". For now, this is restricted to clone only the state file and the rest of the configurations such as resource block, variables block, etc will have to be manually written by you. Also, note that if your current configuration is from a different tool, you cannot import your infrastructure, instead, you will have to map your complete configuration to a terraform template.
What is a template and what does it consist of?
A terraform template is a collection of your configuration files. These files put together to define your infrastructure. The template has a resource file, provider file, variables file, and modules as the most basic elements.
Can I add version control to my providers?
There is a provision to mention the version as an argument inside the “required_providers” block. Read more about provider blocks in our article on terraform templates.
Is additional documentation necessary with my configuration files?
The major advantage of being a declarative language is that it is very easily readable and usually does not need any additional documentation. Your code becomes your documentation! But it is a good practice to always add comments in your configuration file and also have a README file. This makes your documentation stronger and allows better understanding and easier changes to anyone who handles the configuration in the future.
Useful Links
Possible Errors
1. Error: Error import KeyPair: InvalidKeyPair.Duplicate: The keypair 'user-key' already exists. status code: 400, request id: d513f19d-931d-407a-abf5-e9e8bb5c3454
Solution: Go to your Identity Access Management under AWS and create a new user. Steps to create a new user: 1. Go to your Identity and Access Management panel and click “Add user” under the “Users” tab. 2. Enter a username and tick the box beside “programmatic access.” 3. Click “Next: Permissions” and create a new group, if needed or you may just add the user to an already existing group. 4. Click “Next: Tags” and add any relevant information. This is optional. 5. Click “Review,” then “Create User.”. 6. Download your security credentials (the CSV file).
2. Error: Error creating VPC: VpcLimitExceeded: The maximum number of VPCs has been reached. status code: 400, request id: 459dbb22-61b6-4c9d-8e65-ca14e3d95bab
Solution: AWS has a limit of 5 instances per region and hence this error. You may contact the Amazon support center and request to increase the limit or use any other region that supports the particular instance.
3. Error: Error launching source instance: Unsupported: Your requested instance type (t2.micro) is not supported in your requested Availability Zone (us-west-2d). Please retry your request by not specifying an Availability Zone or choosing us-west-2a, us-west-2b, us-west-2c. status code: 400, request id: cd0f1c60-d49c-4e9f-b2aa-0e631d898681
Solution- Not all zones/regions under AWS support all instances. This error indicates that the particular zone initiated when using “Terraform Apply/Plan” does not support the instance you have requested for. Select one from the other instances.
4. Error: Error in function call on main.tf line 145, in resource "aws_key_pair" "keypair": 145: public_key = file(var.ssh_key_path) |---------------- | var.ssh_key_path is "~/.ssh/id_rsa.pub" Call to function "file" failed: no file exists at C:\CERTAIN_PATH\.ssh\id_rsa.pub.
Solution: This error indicates that your SSH key file is present in a different folder and not under the path specified in C:\CERTAIN_PATH\.ssh\id_rsa.pub. One solution would be that you find your SSH key files and copy these files to the path C:\CERTAIN_PATH\.ssh\id_rsa.pub. The other solution is for the user to update the SSH key path in the aws-lite.yaml file with the actual path where the user’s SSH key is present. This path needs to be changed under the tag “ssh_key_path”, as shown below: clouds: aws: region: "us-east-2" vpc_network: 10.0.0.0/16 ssh_key_path: "Path where your SSH key files are present"
5. Error: Failed to parse ssh private key: ssh: this private key is passphrase protected.
A public cloud is a shared infrastructure where multiple customers of the cloud service provider access the same infrastructure. A private cloud on the other hand, is exclusively offered to one organization and the infrastructure is solely available only for them.
