What is Infrastructure as Code (IaC) and Why It's Transforming DevOps

I started my Terraform learning journey with a 30 day challenge by the AWS AI/ML User Group. My goal for the next 30 days is to learn and become better at Infrastructure as Code (IaC).

IaC is a way to automate infrastructure in your environments, mostly cloud based, but it can also be used on prem. Essentially, it means managing and provisioning your infrastructure through code instead of manual processes. This brings a ton of benefits, like consistency, scalability, and speed. The beauty of it lies in its ability to bring software development practices like version control, testing, and CI/CD to your infrastructure.

Tools like Terraform, CloudFormation, and Ansible are at the forefront of this movement, allowing engineers to treat their infrastructure like any other codebase, leading to fewer errors and faster deployments.

My focus with would specifically is to deeply understand its declarative language and how it interacts with various cloud providers to provision and manage resources efficiently. I'm excited to dive deeper into modules, state management, and best practices for collaborative IaC development. Over the next 30 days, I aim to achieve a solid foundational understanding of the core concepts.

I want to successfully deploy and manage a complete application stack using Terraform, covering networking, compute, and database services. Furthermore, I hope to gain practical experience with state file management, understand remote backends, and explore strategies for handling sensitive data securely. See you on day 30

Day 1 tasks

Completed the assigned tasks for the day:

1. Reading: Chapter 1 of "Terraform: Up & Running"

2. Complete a hands on lab

3. Blog Post: "What is IAC and its benefits ,."

4. Social Media Post: "💻 Just installed Terraform, AWS CLI, and configured my AWS environment with VSCode. Ready to deploy some infrastructure! #TerraformSetup #AWS #DevOps"

Hands on Lab

This lab setting up a VPC through a two ways. Initially, we manually configured a test VPC in the AWS console, encompassing the creation of subnets, route tables, an Elastic IP, and both Internet and NAT Gateways. This approach built a foundational understanding of each component's role.

Following this, the we transitioned to Terraform, automating the exact same VPC setup. This phase emphasized the principles of Infrastructure as Code, demonstrating how defining it from the sample code provided.

Manual VPC Console Setup

Then Set up Terraform to do the same

Using the code examples my main.tf

# Configure the AWS Provider
provider "aws" {
  region = "us-west-2"
}

#Retrieve the list of AZs in the current AWS region
data "aws_availability_zones" "available" {}
data "aws_region" "current" {}

#Define the VPC
resource "aws_vpc" "vpc" {
  cidr_block = var.vpc_cidr

  tags = {
    Name        = var.vpc_name
    Environment = "demo_environment"
    Terraform   = "true"
  }
}

#Deploy the private subnets
resource "aws_subnet" "private_subnets" {
  for_each          = var.private_subnets
  vpc_id            = aws_vpc.vpc.id
  cidr_block        = cidrsubnet(var.vpc_cidr, 8, each.value)
  availability_zone = tolist(data.aws_availability_zones.available.names)[each.value]

  tags = {
    Name      = each.key
    Terraform = "true"
  }
}

#Deploy the public subnets
resource "aws_subnet" "public_subnets" {
  for_each                = var.public_subnets
  vpc_id                  = aws_vpc.vpc.id
  cidr_block              = cidrsubnet(var.vpc_cidr, 8, each.value + 100)
  availability_zone       = tolist(data.aws_availability_zones.available.names)[each.value]
  map_public_ip_on_launch = true

  tags = {
    Name      = each.key
    Terraform = "true"
  }
}

#Create route tables for public and private subnets
resource "aws_route_table" "public_route_table" {
  vpc_id = aws_vpc.vpc.id

  route {
    cidr_block     = "0.0.0.0/0"
    gateway_id     = aws_internet_gateway.internet_gateway.id
    #nat_gateway_id = aws_nat_gateway.nat_gateway.id
  }
  tags = {
    Name      = "demo_public_rtb"
    Terraform = "true"
  }
}

resource "aws_route_table" "private_route_table" {
  vpc_id = aws_vpc.vpc.id

  route {
    cidr_block     = "0.0.0.0/0"
    # gateway_id     = aws_internet_gateway.internet_gateway.id
    nat_gateway_id = aws_nat_gateway.nat_gateway.id
  }
  tags = {
    Name      = "demo_private_rtb"
    Terraform = "true"
  }
}

#Create route table associations
resource "aws_route_table_association" "public" {
  depends_on     = [aws_subnet.public_subnets]
  route_table_id = aws_route_table.public_route_table.id
  for_each       = aws_subnet.public_subnets
  subnet_id      = each.value.id
}

resource "aws_route_table_association" "private" {
  depends_on     = [aws_subnet.private_subnets]
  route_table_id = aws_route_table.private_route_table.id
  for_each       = aws_subnet.private_subnets
  subnet_id      = each.value.id
}

#Create Internet Gateway
resource "aws_internet_gateway" "internet_gateway" {
  vpc_id = aws_vpc.vpc.id
  tags = {
    Name = "demo_igw"
  }
}

#Create EIP for NAT Gateway
resource "aws_eip" "nat_gateway_eip" {
  domain     = "vpc"
  depends_on = [aws_internet_gateway.internet_gateway]
  tags = {
    Name = "demo_igw_eip"
  }
}

#Create NAT Gateway
resource "aws_nat_gateway" "nat_gateway" {
  depends_on    = [aws_subnet.public_subnets]
  allocation_id = aws_eip.nat_gateway_eip.id
  subnet_id     = aws_subnet.public_subnets["public_subnet_1"].id
  tags = {
    Name = "demo_nat_gateway"
  }
}

variables.tf

variable "aws_region" {
  type    = string
  default = "us-west-2"
}

variable "vpc_name" {
  type    = string
  default = "demo_vpc"
}

variable "vpc_cidr" {
  type    = string
  default = "10.0.0.0/16"
}

variable "private_subnets" {
  default = {
    "private_subnet_1" = 1
    "private_subnet_2" = 2
    "private_subnet_3" = 3
  }
}

variable "public_subnets" {
  default = {
    "public_subnet_1" = 1
    "public_subnet_2" = 2
    "public_subnet_3" = 3
  }
}

And terraform install, and terraform init

Did a terraform plan

And terraform apply

And VPC resources created using terraform

And lastly using terraform destroy, to automatically remove the created resources

At the end of day 1 I completed the learning cycle and understood the full lifecycle management, I then used terraform destroy to automatically remove all the created resources, demonstrating Terraform's capability for efficient cleanup and resource deprovisioning. This experience with the entire plan -> apply -> destroy cycle has been invaluable in solidifying my understanding.