Hashicorp Terraform & Packer. Kubernetes Boilerplates
“It’s not controversial to provision resources with code. It shouldn’t be controversial to deploy and manage resources with code” (Jaana Dogan)
- HashiCorp Learning Resources Reference Guide
- Packer
- HashiCorp Cloud
- Blogs and Newsletters
- Terraform
- Terraform Cloud
- HCL
- CDK Cloud Development Kit Terraform
- Python Boto3 and Terraform
- Helm Charts in Terraform
- Terraform Infracost
- Awesome Terraform
- Terraform Cheat Sheets
- Best Practices
- Terraform and CI/CD
- Terraform Boilerplates
- Terraform and Kubernetes
- Terraform Kubernetes Boilerplates
- Terraform Kubernetes Operator
- Terraform K3s Boilerplates
- Terraform GKE Boilerplates
- Terraform and AWS
- Terraform with Azure
- Terraform and OCI
- Terraform and Apache Kafka
- Terraform and JMeter
- Terraform Video Tutorials
- CDK for Terraform
- Graph Visualization Software
- Terraform Modules
- Terraform Providers
- Terraform Code Quality. Terraform Quality Checks
- Enforce Policy with Sentinel
- Reverse terraform with Terraformer
- Terraform Tools
- Terraform Frameworks
- Images
- Videos
- Tweets
HashiCorp Learning Resources Reference Guide
- hashicorp.com: HashiCorp Learning Resources Reference Guide π Read this curated list of HashiCorp learning resources to help practitioners and organizations better understand the cloud operating model.
- techbeatly.com: 10 Free Courses to Learn Terraform
Packer
- packer.io
- packer.io docs
- computingforgeeks.com: Build AWS EC2 Machine Images (AMI) With Packer and Ansible
- learn.hashicorp.com: Write Packer template for AWS
HashiCorp Cloud
- cloud.hashicorp.com: HashiCorp Cloud The fastest way to get up and running with HashiCorp tools. HashiCorp Cloud Platform is a fully managed platform for Terraform, Vault, Consul, and more.
- hashicorp.com: Multi-Region Replication Now Available with HCP Vault New HCP Vault Plus Clusters adds high availability replication of secrets and policies across cloud regions.
Blogs and Newsletters
Terraform
- Wikipedia.org: Terraform Software
- terraform.io
- Terraform Registry - registry.terraform.io: Terraform Providers and Modules π
- medium.com: Why should Terraform be one of your DevOps tools?
- Dzone: intro to terraform
- blog.teemo.co: Terraform in 10 commands
- dzone: Terraform - IAC Tool See why Terraform’s declarative approach to automation makes it a competitive tool for automating the creation of your infrastructure.
- udemy.com: Learn DevOps: Infrastructure Automation With Terraform
- Dzone: managing infrastructure at scale with terraform
- Dzone: What’s new in Terraform v0.12
- terraform-infraestructura.readthedocs.io
- Testing Infrastructure as Code on Localhost
- Why we use Terraform and not Chef, Puppet, Ansible, SaltStack, or CloudFormation
- Terraform, can you keep a secret? Did you know that Terraform state can - and most likely does - contain sensitive data?
- Terraform 0.13 Beta released!
- medium: AWS API Gateway
- medium: Integration of AWS, Terraform, and GitHub for Automated Deployment Infrastructure
- medium: Automation of Cloud-Terraform
- hashicorp.com: Custom Variable Validation in Terraform 0.13
- medium: Terraform for Network Engineers: Should you be implementing Infrastructure as Code?
- hashicorp.com: Learn How to Import Infrastructure Into Terraform
- Bridgecrew: Misconfigured Terraform Modules Are a Security Issue
- medium - Infrastructure-As-Code: But You Donβt Have to Write That Code
- Manage Active Directory Objects with the New Windows AD Provider for HashiCorp Terraform Official HashiCorp-maintained Active Directory provider for Terraform. Terraform is a great way to bring some sanity to AD management so weβre excited to make this official.
- Terraform Feature Flags & Environment Toggle Design Patterns
- dzone: Immutable Infrastructure CI/CD Using Hashicorp Terraform and Jenkins This extensive article should leave few questions unanswered about creating your infrastructure.
- Announcing Databricks Labs Terraform integration on AWS and Azure
- hashicorp.com: Announcing 11 Verified Providers for Terraform
- learn.hashicorp.com: Call APIs with Terraform Providers. Learn how to use and create custom Terraform Providers in a new collection of tutorials on HashiCorp Learn π
- globaldatanet.com: Terraform CI/CD Best Practices
- devblogs.microsoft.com: What is infrastructure as code? π
- k21academy.com: Why Terraform? Not Chef, Ansible, Puppet, CloudFormation? π
- hashicorp.com: New Terraform Tutorial: Sensitive Input Variables π A new tutorial on HashiCorp Learn shows how to protect sensitive data with Terraform.
- AWS Lambda the Terraform Way The objective of this tutorial is to understand AWS Lambda in-depth, beyond executing functions, using Terraform. This tutorial walks through setting up Terraform, dependencies for AWS Lambda, getting your first Lambda function running, many of its important features & finally integrating with other AWS services.
- medium: Donβt Forget to Restrict Outbound Traffic with Terraform and Sentinel
- K3s Private Cluster π
- hashicorp.com: New Terraform Tutorial: Terraform Outputs π Learn how to output data about your infrastructure.
- trek10.com: Beginner’s Guide to Using Terraform with AWS π Beginner tips for Terraform on AWS, common problem areas and misunderstandings that we coach and train internally.
- env0.com: Weβre Opensourcing Terratag to Make Multicloud Resource Tagging Easier
- hashicorp.com: Terraform Mono Repo vs. Multi Repo: The Great Debate Learn about the pros and cons of using mono repositories and multi repositories along with the most logical use case for each.
- terraform.io: Cloud Adoption Framework for Azure - Terraform module
- arnaudlheureux.io: Migrating Azure CAF landing zones to Terraform 0.13
- tfenv Terraform version manager inspired by rbenv
- dev.to: Packer and Terraform with Immutable Infrastructure
- medium: Terraform: How to Use Conditionals to Dynamically Create Resources β¦donβt struggle looking for if/else statements, you wonβt find themβ¦
- hashicorp.com: Testing HashiCorp Terraform π Learn testing strategies for HashiCorp Terraform modules and configuration, and learn how to run tests against infrastructure.
- cloudify.co: Ansible, Terraform And Cloudify
- automateinfra.com: How to Launch multiple EC2 instances on AWS using Terraform count and for_each
- morethancertified.com: More Consistent Terraform Runs With Docker
- deloitte.com: Infrastructure as Code (IaC) con Terraform AutomatizaciΓ³n, escalado, optimizaciΓ³n y ahorro en tu factura cloud
- docs.gitlab.com: GitLab managed Terraform State π Gitlab Terraform now share tfstate directly on gitlab.
- flowfactor.be: What do you know about Terraform modules?
- medium: How to manage infrastructure as code (IaC) with Terraform on AWS? π
- accurics.com: Terraform Security: Improving IaC Scans with Terraform Plan Output
- hashicorp.com: Modern Infrastructure Automation with Packer, Terraform, and Consul (video)
- hashicorp.com: New Terraform Tutorials: Getting Started with the Helm and Datadog Providers π
- hashicorp.com: How can I prevent configuration drift? What causes our infrastructure’s configuration to drift over time away from our original intended state? And how does Terraform help?
- hashicorp.com: New Terraform Tutorials: Getting Started with the Helm and Datadog Providers
- hashicorp.com: Share Modules Across Organizations with Terraform Enterprise Terraform Enterprise now offers users the ability to consume private modules across organizations, providing greater management consistency.
- freecodecamp.org: What is Terraform? Learn Terraform and Infrastructure as Code
- hashicorp.com: Announcing HashiCorp Terraform 0.15 General Availability
- itnext.io: How to use Terraform to create a small-scale Cloud Infrastructure π
- acloudguru.com: Securing your multi-cloud Terraform pipelines with policy-as-code
- medium: Terraform β Remote States Overview π What is Terraform Remote State β Introduction to Terraform Remote Storage!
- prcode.co.uk: Connect Azure MySQL to Private Endpoint with Terraform
- infoq.com: Cloudflare Improves Automated Terraform Generation Tool π Cloudflare recently released an updated version of their cf-terraforming tool. This tool streamlines generating Terraform HCL from existing Cloudflare resources. The new release simplifies the generation process and introduces changes to better future proof the tool.
- hashicorp.com: Building Azure Resources with TypeScript Using the CDK for Terraform Learn a quick method for getting started with the Cloud Development Kit (CDK) for Terraform using TypeScript as infrastructure code and provisioning on Microsoft Azure.
- acloudguru.com: How to use Terraform outputs and inputs
- itnext.io: My Journey to HashiCorp Certified: Terraform Associate
- infoq.com: Managing Infrastructure from Kubernetes with the HashiCorp Terraform Operator
- medium: Protect your Terraform State The right way!
- hashicorp.com: Terraform AzureAD Provider Now Supports Microsoft Graph Version 1.5.0 of the Terraform AzureAD provider lets you manage your Azure Active Directory resources using the Microsoft Graph API.
- nitheeshp.dev: Practical CI/CD Guide to Deploying AWS Infrastructure π
- nitheeshp.dev: Practical CI/CD Guide to Deploying AWS Infrastructure through Terraform - Multi Environment Deployment - Part 1 π Introduction
- nitheeshp.dev: Practical CI/CD Guide to Deploying AWS Infrastructure through Terraform - Multi Environment Deployment - Part 2 π Terraform Directory Structure
- nitheeshp.dev: Practical CI/CD Guide to Deploying AWS Infrastructure through Terraform - Multi Environment Deployment - Part 3 π Terraform Cloud Configurations
- nitheeshp.dev: Practical CI/CD Guide to Deploying AWS Infrastructure through Terraform - Multi Environment Deployment - Part 4 π GitOps
- hashicorp.com: New Terraform Tutorials on HashiCorp Learn From working with providers, to managing resources, to working with Terraform on AWS, we have a lot of new hands-on Terraform exercises to try.
- hashicorp.com: Announcing Support for Amazon ECS Anywhere in the Terraform AWS Provider The Terraform AWS provider now supports ECS Anywhere, a new capability in Amazon ECS that supports running and managing container-based applications on customersβ on-premises servers.
- automateinfra.com: Terraform (Series-1) π
- hashicorp.com: Announcing HashiCorp Terraform 1.0 General Availability π
- acloudguru.com: What does the Terraform 1.0 release mean for you?
- thenewstack.io: Terraform 1.0 Reflects What HashiCorp Has Learned About Infrastructure-as-Code
- medium: terraform | git commit -m βall the secretsβ | sops tool for managing secrets π - sops: Simple and flexible tool for managing secrets π
- fsgeorgee.medium.com: Growing out of Heroku to Terraform, Docker and AWS Heroku is great, but how about using Terraform, AWS, Docker and have full control over the entire stack?
- learn.hashicorp.com: y Serverless Applications with AWS Lambda and API Gateway π
- harness.io: Terraform 201: What It Is, Tutorial, and More π
- medium: Terraform Zero to Hero
- learn.hashicorp.com: Configure Default Tags for AWS Resources π
- terraform-hcloud-dualstack-k8s: Hetzner Dual-Stack Kubernetes Cluster (Unofficial) Terraform module for a dual-stack Kubernetes cluster on Hetzner Cloud
- hashicorp.com: Beta Support for CRDs in the Terraform Provider for Kubernetes
- about.gitlab.com: How to use a push-based approach for GitOps with Terraform and AWS ECS and EC2
- opensource.com: My top 5 tips for setting up Terraform π These are the lessons I’ve learned after five years with Terraform.
- bridgecrew.io: Terraform security 101: Best practices for secure infrastructure as code π
- rpadovani.com: How to make Terraform waiting for cloud-init to finish on EC2 without SSH Terraform is a powerful tool. However, it has some limitations: since it uses AWS APIs, it doesnβt have a native way to check if an EC2 instance has completed to run cloud-init before marking it as ready. A possible workaround is asking Terraform to SSH on the instance, and wait until it is able to perform a connection before marking the instance as ready.
- hashicorp.com: Cisco, Citrix, and Fortinet Among New Verified Terraform Providers
- terraform-best-practices.com π
- bridgecrew.io: Advanced Terraform security: Pro tips for secure infrastructure as code
- hub.qovery.com: Terraform is Not the Golden Hammer
- scalefactory.com: Failing faster with terraform Terraform validation rules. Terraform is an extremely powerful tool, but with great power comes great opportunity to break stuff, or whatever Uncle Ben said. With a single command a developer can deploy hundreds of resources in an instant, and when that developer inevitably configured the inputs wrong Terraform makes it easy to patch or rollback that mistake. But you know whatβs better than recovering from mistakes? Never making the mistake in the first place.
- medium.com/geekculture: Managing Infra with Terraform
- hashicorp.com: AWS and HashiCorp Collaborate on New Terraform Modules
- learn.hashicorp.com: Automate Terraform with GitHub Actions Automate infrastructure deployments with CI/CD using Terraform and GitHub Actions
- shipa.io: Terraform meets AppOps π Terraform is the popular choice among teams
- bitslovers.com: Terraform Output β What you should know
- devops.com: Building on Terraform: Evolution, not Revolution
- acloudguru.com: How to use GitHub Actions to automate Terraform
- medium: 10 things I wish I knew before learning Terraform (Part 1) | Ian Hancock
- hashicorp.com: Multi-Cloud DevOps at PETRONAS with Terraform
- terraform.io: Refactoring
- medium: Terraform in Real Life: Lessons Learned π
- medium.com/@ranjana-jha: Infrastructure as a code best practices : Terraform
- serhii.vasylenko.info: Some Techniques to Enhance Your Terraform Proficiency Learn what cool things Terraform can do with its built-in functionality
- thenewstack.io: Better Together: Hyper-Converged Kubernetes with Terraform
- AdminTurnedDevOps/Terraform-The-Hard-Way The most efficient way to learn Terraform for beginners and intermediate practitioners
- acloudguru.com: 5 things we love about Terraform
- devops.com: How to Migrate Existing Infrastructure to Terraform
- middlewareinventory.com: Terraform import All AWS Security Groups β How to In this post, we are going to see how to manage existing and already created AWS Security groups with Terraform. The new era of Infrastructure revolution has begun already and we already started provisioning, managing, administrating our Infra as a code with help of Configuration management tools like Ansible, Terraform, SaltStack etc.
- middlewareinventory.com: Terraform For Each Examples β How to use for_each | Devops Junction
- acloudguru.com: How to troubleshoot 5 common Terraform errors
- medium.com/nerd-for-tech: Terraforming the GitOps Way !!!
- terrateam.io: Terraform Pre-Commit Hooks Terraform Code Improvements. There are many tools that can make sure your Terraform repo remains well-formated and tested. Using Git pre-commit hooks, one can easily incorporate these tools into everyday Terraform workflow.
- youtube: AWS Backup Set Up Using Terraform cloud and GitHub Actions | Cloud Quick Labs
Terraform Cloud
- learn.hashicorp.com: Manage Private Environments with Terraform Cloud Agents
- youtube: GitOps for infrastructure using GitHub and Terraform Cloud π
- scalr.com: An alternative to Terraform Cloud and Terraform Enterprise Scalr is a remote state & operations backend for Terraform with full CLI support, integration with OPA, a hierarchical configuration model, and quality of life features.
- hashicorp.com: New Apply User Interface for Terraform Cloud The redesigned interface for HashiCorp Terraform Cloud brings clarity to how your resources, state, and infrastructure operations are represented during a Terraform run.
- hashicorp.com: Terraform Cloud Variable Sets Beta Now Available HashiCorp Terraform Cloud variable sets let you simplify the management of reusable variables across an entire organization. This feature is now available in public beta.
- devclass.com: Terraform 1.1 moves forward with refactoring helpers and native Terraform Cloud integration
HCL
- github.com/hashicorp/hcl: HCL HCL is the HashiCorp configuration language.
- octopus.com: Introduction to HCL and HCL tooling
CDK Cloud Development Kit Terraform
- terraform-cdk π CDK (Cloud Development Kit) for Terraform allows developers to use familiar programming languages to define cloud infrastructure and provision it through HashiCorp Terraform.
- infoq.com: cdk-terraform - Cloud Development Kit Can Now Generate Terraform Configurations Using TypeScript and Python
- hashicorp.com: CDK for Terraform: Enabling Python & TypeScript Support
- hashicorp.com: Announcing CDK for Terraform 0.1
Python Boto3 and Terraform
Helm Charts in Terraform
- opensource.com: How I use Terraform and Helm to deploy the Kubernetes Dashboard π Terraform can deploy Helm Charts. Is it right for you?
- dev.to: Working with helm charts in Terraform In this tutorial, you will learn how to set up the Helm Terraform provider and deploy Helm charts with Terraform
Terraform Infracost
- Infracost π If you use Terraform to provision your Kubernetes clusters, you might find infracost interesting. Infracost estimates hourly and monthly costs for a Terraform project. It helps you to see the cost breakdown and compare different deployment options upfront.
- A Guide to Cloud Cost Optimization with HashiCorp Terraform π The Terraform AWS provider now supports Code Signing for AWS Lambda, which involves digitally signing code artifacts and verifying at deployment.
Awesome Terraform
Terraform Cheat Sheets
Best Practices
Terraform and CI/CD
- dzone: Manage Multiple Environments With Terraform Workspaces Read this tutorial to learn about easily setting up Terraform to manage your CI/CD environments and create workspaces.
- hashicorp.com: Announcing Support for Code Signing for AWS Lambda in the Terraform AWS Provider
Terraform Boilerplates
- https://github.com/hashicorp/terraform-provider-azurerm/tree/main/examples
- https://github.com/hashicorp/terraform-provider-aws/tree/main/examples
- https://github.com/hashicorp/terraform-provider-awscc/tree/main/examples/resources
- awesomeopensource.com: Terraform Aws Multi Az Subnets
- github.com/cloudposse?q=terraform-
- devopshubproject/azure-terraform-ansible This repo contains script which will help you to provision full functioning ansible lab environment on azure using terraform
- etc
Terraform and Kubernetes
- hashicorp.com: New Terraform Tutorials on Provisioning and Managing Kubernetes Clusters π Explore a new collection of Terraform tutorials that can help you through your Kubernetes adoption journey.
- hodovi.cc: Creating a Low Cost Managed Kubernetes Cluster for Personal Development using Terraform
- Deploying and Managing a Minimal App in a Kubernetes Cluster with Terraform and Ansible
- Deploy Any Resource With The New Kubernetes Provider for HashiCorp Terraform
- kubernetes.io blog: Working with Terraform and Kubernetes
- phillipsj.net: Dynamically Loaded Terraform Providers π Have you ever been faced with some situations where you need information from your Terraform execution to configure a provider ? Like spinning up a kubernetes cluster and dynamically deploying to it with Terraform? Check this short article for more !
- hashicorp.com: Announcing Version 2.0 of the Kubernetes and Helm Providers for HashiCorp Terraform π
- hashicorp.com: Wait Conditions in the Kubernetes Provider for HashiCorp Terraform
- itnext.io: Terraform: donβt use kubernetes provider with your cluster resource! π
- hashicorp.com: Announcing General Availability of the HashiCorp Terraform Cloud Operator for Kubernetes π
- learnk8s.io/kubernetes-terraform: Creating Kubernetes clusters with Terraform
- blog.kasten.io: Working with Kubernetes and Terraform Part 1: Concepts Behind Terraform and Kubernetes
- thenewstack.io: A Better Way to Provision Kubernetes Using Terraform
- medium: Deploy Infrastructure with the Terraform Cloud Operator for Kubernetes π
- learn.hashicorp.com: Deploy Federated Multi-Cloud Kubernetes Clusters In this tutorial, you will provision Kubernetes clusters in both Azure and AWS environments using their respective providers, configure Consul federation with mesh gateways across the two clusters using the Helm provider, and deploy microservices across the two clusters to verify federation, all using the same Terraform workflow.
Terraform Kubernetes Boilerplates
Hashicorp Terraform Kubernetes Collection
- https://github.com/hashicorp/learn-terraform-provision-aks-cluster
- https://github.com/hashicorp/learn-terraform-provision-eks-cluster
- https://github.com/hashicorp/learn-terraform-provision-gke-cluster
- https://github.com/hashicorp/learn-terraform-deploy-nginx-kubernetes-provider
- https://github.com/hashicorp/terraform-provider-azurerm/tree/main/examples/kubernetes π
- https://github.com/hashicorp/terraform-provider-azurerm/tree/main/examples/kubernetes/nodes-on-internal-network π
Learnk8s Terraform and Managed Kubernetes
- learnk8s.io/terraform-gke: Provisioning Kubernetes clusters on AWS with Terraform and GKE π Fully automated dev, staging, prod clusters with GKE and the GKE Ingress in a single click.
- learnk8s.io/terraform-eks: Provisioning Kubernetes clusters on AWS with Terraform and EKS π Fully automated dev, test, prod environments with EKS, Terraform and the ALB Ingress Controller.
- learnk8s.io/terraform-aks: Provisioning Kubernetes clusters on AWS with Terraform and AKS π Fully automated dev and prod clusters complete with an Ingress controller in a single command.
- learnk8s.io/terraform-lke: Provisioning Kubernetes clusters on Linode with Terraform π
OpenShift and Terraform
- Dzone: Platform as Code With Openshift and Terraform Learn how to set up a pipeline workflow with Openshift and the Terraform infrastructure-as-code tool to configure builds and deployments.
Other Boilerplates
- gist.github.com/chadmcrowell: AKS w/Virtual Nodes (ACI)
- ahgraber/homelab-terraform Bootstrap VMs with Terraform & vSphere provider. Use Terraform to provision VMs in vsphere and call ansible to configure hosts. The second half of this project (deploying a k3s cluster via gitops) is here.
- garutilorenzo/k3s-aws-terraform-cluster Deploy an high available K3s cluster on Amazon AWS
- poseidon/typhoon Typhoon is a minimal and free Kubernetes distribution with Terraform.
Terraform Kubernetes Operator
Terraform K3s Boilerplates
- Global K3s Deployment on Packet Baremetal π This repository contains Terraform scripts to deploy K3s and LinkerD on Packet baremetal servers spanning the globe.
Terraform GKE Boilerplates
- learnk8s.io/terraform-gke π Provisioning Kubernetes clusters on GCP with Terraform and GKE. Fully automated dev, test, prod environments with Google Kubernetes Engine (GKE) + container-native load balancing? The guide goes into the details of how you can provision your infrastructure with Terraform and how you can route live traffic with the GKE Ingress controller. By the end Kristijan M. will teach you how you can have:
- The creation of 3 environments (dev, test, prod) automated
- A cluster that can handle live traffic with the GKE Ingress controller.
- GKE Ingress enabled with container-native load balancing.
- All source code and knowledge to build your own infra.
- circleci.com: Infrastructure as Code, part 1: create a Kubernetes cluster with Terraform
- hashicorp.com: Terraform Adds Support for GKE Autopilot
Terraform and AWS
- Dzone: terraform and AWS
- Dzone: terraform with AWS
- hashicorp.com: Terraforming RDS: What Instacart Learned Managing Over 50 AWS RDS PostgreSQL Instances with Terraform
- Dzone: provisioning servers in cloud with terraform
- Dzone: how to deploy apps effortlessly with packer and terraform
- stories.schubergphilis.com: (Terraform) AWS management using your Google account
- thenewstack.io: Terraform on AWS: Multi-Account Setup and Other Advanced Tips
- medium: How to Provision AWS Infrastructure with Terraform? π
- middlewareinventory.com: Terraform import All AWS Security Groups β How to π
- hashicorp.com: Terraform AWS Provider Continues to Expand Coverage During 2021, HashiCorp and Amazon Web Services have partnered to bring hundreds of new services and features to the Terraform providers for AWS and AWS Cloud Control.
- infoq.com: HashiCorp Terraform AWS Provider Introduces Significant Changes to Amazon S3 Bucket Resource
- dev.to/arpanadhikari: Reusable AWS iam role for service-accounts (IRSA for k8s ) terraform module AWS supports authenticating your pods using an identity provider that your account is configured to trust. This tutorial will guide you through the process of creating an IAM role that your kubernetes pods will be able to assume.
- betterprogramming.pub: Terraform Setup for Using AWS Lambda With S3 Build your buckets
Terraform EKS Boilerplates
- learnk8s.io/terraform-eks π Fully automated dev, test, prod environments with EKS, Terraform and the ALB Ingress Controller.
- github.com/maddevsio/aws-eks-base: Boilerplate for a basic AWS infrastructure with EKS cluster π This boilerplate contains the know-how of the Mad Devs team for the rapid deployment of a Kubernetes cluster, supporting services, and the underlying infrastructure in the Amazon cloud.
- github.com/aws-samples/aws-eks-accelerator-for-terraform: AWS EKS Accelerator for Terraform π The AWS EKS Accelerator for Terraform is a framework designed to help deploy and operate secure multi-account, multi-region AWS environments. The power of the solution is the configuration file which enables the users to provide a unique terraform state for each cluster and manage multiple clusters from one repository.
- sebinxavi.medium.com: EKS cluster deployment using Terraform
- itnext.io: How to Design and Provision a Production-Ready EKS Cluster A comprehensive guide to create and configure a production-grade Kubernetes cluster on AWS with Terraform, Helm, and other open-source tools.
- faun.pub: Building an EKS Fargate cluster with Terraform
- medium.com/devgurus: Building production grade EKS clusters using Terraform
- medium.com/devops-mojo: Terraform β Provision Amazon EKS Cluster using Terraform
- calvineotieno010.medium.com: Automate Provisioning of Kubernetes Clusters on AWS with Terraform
- dev.to: Creating an EKS Cluster and Node Group with Terraform
- dev.to: Install & Manage Amazon EKS Add-ons with Terraform
- Amazon VPC CNI
- CoreDNS
- Amazon EBS CSI
- dev.to: Install & Manage Amazon EKS Add-ons with Terraform
AWSCC. Terraform AWS Cloud Control Provider
- awscc Lifecycle management of AWS resources powered by the AWS Cloud Control API. This provider is fully generated from the available CloudFormation resource definitions and is maintained internally by the HashiCorp AWS Provider team.
- hashicorp.com: Announcing Terraform AWS Cloud Control Provider Tech Preview This new provider for HashiCorp Terraform β built around the AWS Cloud Control API β is designed to bring new services to Terraform faster.
- hashicorp.com: Using the Terraform AWS Cloud Control Provider This demo session shows how to use the new Terraform AWS Cloud Control provider & understand when to use the new provider vs the existing AWS provider.
AWS Control Tower Account Factory for Terraform (AFT)
- aws.amazon.com: New β AWS Control Tower Account Factory for Terraform
- hashicorp.com: HashiCorp Teams with AWS on New Control Tower Account Factory for Terraform AWS Control Tower Account Factory for HashiCorp Terraform (AFT), the evolution of Terraform Landing Zones, offers an easy way to set up and govern a secure, multi-account AWS environment.
- aws.amazon.com: AWS Control Tower The easiest way to set up and govern a secure multi-account AWS environment
Terraform with Azure
- medium: Using Terraform with Azure β the right way
- thomasthornton.cloud: Deploy Terraform using GitHub Actions to Azure
- github.com/kuhlman-labs/terraform-azurerm-landing-zone A curated collection of Terraform azurerm modules
- cloudbuild.co.uk: Part 1: Terraform with Azure - How to install Terraform
- cloudbuild.co.uk: Part 2: Terraform with Azure - How to install Azure CLI
- cloudbuild.co.uk: Part 3: Terraform with Azure - How to install Visual Studio Code
- cloudbuild.co.uk: Part 4: Terraform with Azure - How to install Azure Terraform Plugin in Visual Studio Code
- cloudbuild.co.uk: Part 5: Terraform with Azure - Install Git and initialise repository
- cloudbuild.co.uk: Part 6: Terraform with Azure - Deploy resources in Azure
- cloudbuild.co.uk: Part 7: Terraform with Azure - Deploy a variables file in Terraform
- cloudbuild.co.uk: Part 8: Terraform with Azure - Deploy terraform.tfvars file
- techcommunity.microsoft.com: Implement Azure landing zones with HashiCorp Terraform
Azure Terrafy and AzAPI Terraform Provider
- Announcing Azure Terrafy and AzAPI Terraform Provider Previews On Azure, businesses may choose many flavors of IaC tooling to manage their Azure resources including HashiCorp Terraform, Bicep, ARM templates, Ansible and many more. We encourage you to choose the IaC tool that best suits your needs. Our mission is to ensure that no matter which tool you choose, you have the best experience and integration with Azure.
Terraform in Azure DevOps
- adamtheautomator.com: How to Build Infrastructure with Terraform in Azure DevOps π
- faun.pub: Azure DevOps: Deploying Azure Resources using Terraform Infrastructure as Code | Terraform | Azure | Azure DevOps
Terraform AKS Boilerplates
- learnk8s.io/terraform-aks π
- itnext.io: How We Used Terraform to Create and Manage a HA AKS Kubernetes Cluster in Azure Learn how to use Terraform to manage a highly-available Azure AKS Kubernetes cluster with Azure AD integration and Calico network policies enabled.
- medium: Using Terraform with Azure β the right way
- thomasthornton.cloud: Deploy Terraform using GitHub Actions to Azure
- github.com/kuhlman-labs/terraform-azurerm-landing-zone A curated collection of Terraform azurerm modules
- hashicorp.com: Build a Quick AKS Cluster the Easy Way with Terraform Cloud π
-
github.com/stacksimplify/azure-aks-kubernetes-masterclass π
- stacksimplify.com/azure-aks: Kubernetes On Cloud Roadmap
- Boilerplate: 25-Azure-DevOps-Terraform-Azure-AKS πππ
- PDF presentation π
# 07-aks-cluster.tf # Network Profile # Kubenet is a kubernetes network configuration plugin for your AKS cluster. Nodes get an IP address from # the AKS subnet, and pods receive an IP address from a separate address space entirely. The source IP address # of the traffic is NAT'd to the node's IP address. # With kubenet there's NO Pod-to-Pod communication because they don't have their own public IPs. # User Defined Routing (UDR) and IP forwarding is used for communication between pods across nodes. # Kubenet is the preferred method since you get more pods per node and the AKS Cluster scales to a bigger number. # With kubenet Max Number of Pods per Node: 110 # With Kubenet and CIDR =/24 : 251 nodes * 110 pods per node = 27.610 pods # With Azure CNI (instead of kubenet) and CIDR =/24 : 8 nodes * 30 pods per node = 240 pods # If we have limited IP addresses to work with, we can fit more pods in the limited IP address space because we can # fit more pods per node. # The Service CIDR, Pod CIDR, and Docker Bridge Access can be any address range. # The DNS Service IP must be any IP address that's within the Service CIDR address range. # Network settings (service_cidr, pod_cidr, docker_bridge_cidr, dns_service_ip) are commented. The below values # correspond to the applied default values when these settings are note set up. # Default network settings with kubenet when they are not configured: # Azure AKS VNet = "10.0.0.0/8" # Azure AKS Subnet = "10.240.0.0/16" # service_cidr = "10.0.0.0/16" # pod_cidr = "10.244.0.0/16" # docker_bridge_cidr = "172.17.0.1/16" # Default. You can reuse this range across different AKS Clusters # dns_service_ip = "10.0.0.10" network_profile { # (1) load_balancer_sku = "Standard" network_plugin = "kubenet" # use Azure CNI network plugin when windows node pools are required (not supported by kubenet) #service_cidr = "10.0.0.0/16" #dns_service_ip = "10.0.0.10" #docker_bridge_cidr = "172.17.0.1/16" # Default. You can reuse this range across different AKS clusters. }
Network Profile
-
Azure-Samples/private-aks-cluster-terraform-devops π This sample shows how to create a private AKS cluster using Terraform and Azure DevOps.
- build5nines.com: Terraform: Create an AKS Cluster π
Terraform and OCI
- https://github.com/oracle-quickstart/oci-quickstart-template
- https://github.com/oracle-quickstart/oci-oke
- oracle-quickstart/oci-arch-db-migration This code will help you deploy a compute instance and Exadata Cloud Service (Quarter Rack) database system in Oracle Cloud Infrastructure.
Terraform and Apache Kafka
Terraform and JMeter
Terraform Video Tutorials
CDK for Terraform
- CDK for Terraform π CDK (Cloud Development Kit) for Terraform allows developers to use familiar programming languages to define cloud infrastructure and provision it through HashiCorp Terraform.
- hashicorp.com: GKE Cluster Setup with CDK for Terraform Learn how to provision a Google Kubernetes Engine (GKE) cluster and prepare it for application deployment using TypeScript via CDK for Terraform.
Graph Visualization Software
- The terraform graph command is used to generate a visual representation of either a configuration or execution plan. The output is in the DOT format, which can be used by GraphViz to generate charts.
- graphviz.org
- edotor.net
- dreampuf.github.io/GraphvizOnline
- graphviz.online
Terraform Modules
- offensive-terraform.github.io: Offensive Terraform Modules π Automated multi step offensive attack modules with Infrastructure as Code(IAC)
- digitalocean.com: How To Build a Custom Terraform Module
Terraform AWS Modules
- github.com/terraform-aws-modules Collection of Terraform AWS modules supported by the community
Segment AWS Stack Terraform Modules
- The Segment AWS Stack
- segmentio/stack A set of Terraform modules for configuring production infrastructure with AWS
Terraform Providers
- Junos-terraform: JUNOS Terraform Automation Framework (JTAF)
- mitchellh/terraform-provider-multispace Terraform Provider for cascading runs across multiple workspaces.
- kyma-incubator/terraform-provider-kind: Terraform Provider for kind (Kubernetes IN Docker) The Terraform Provider for kind enables Terraform to provision local Kubernetes clusters on base of Kubernetes IN Docker (kind).
Terraform Provider for Elastic Cloud
- https://github.com/elastic/terraform-provider-ec
- infoq.com: Elastic Releases Terraform Providers for the Elastic Stack and Elastic Cloud
Terraform Vault Provider
Terraform AzureRM
Terraform Code Quality. Terraform Quality Checks
- adinermie.com: Publishing GitHub Super-Linter Terraform Quality Checks to Azure DevOps Pipelines
- adinermie.com: Publishing TFSec Terraform Quality Controls to Azure DevOps Pipelines π
- prcode.co.uk: Terraform Code Quality
Enforce Policy with Sentinel
Reverse terraform with Terraformer
- github.com/GoogleCloudPlatform/terraformer π A CLI tool that generates tf/json and tfstate files based on existing infrastructure (reverse Terraform).
- @ryanhos’ process: “If itβs anything reasonably complex, my process is:”
- Build w/ UI
- Gen w/ Terraformer (local state)
- Fix crazy codegen-ed names
- Import TF, verify Cloud == State == Terraform
- rm -rf the manual version
- Recreate from TF
- Test and iterate w/ IaC
Terraform Tools
- Brainboard π Interesting solution for building infrastructure visually before generating terraform code automatically from the designed architecture
- terrascan π Use terrascan to detect compliance and security violations
- tfsec π a static analysis security scanner for your Terraform code
- Rover - Terraform Visualizer π Interactive Terraform visualization. State and configuration explorer.
- cloudify.co: Cloudify and Terraform Integration. Supercharge Your Terraform Templates Significantly extend Terraform usability with Cloudify’s plugin and enjoy end-to-end automation and avoid costly blueprint transformation.
- cloudquery.io: Announcing CloudQuery Terraform Drift Detection
- run-x/opta: Opta - Supercharge DevOps on any cloud Infrastructure-as-code where you work with high-level constructs instead of getting lost in low level cloud configuration
Terraform Frameworks
Kubestack Terraform GitOps Framework
Gruntwork Terragrunt
- gruntwork.io Build your infrastructure on top of a collection of over 300,000 lines of reusable, battle-tested infrastructure code written in Terraform, Go, Python, and Bash that has been proven in production at hundreds of companies and is maintained and supported by DevOps experts.
- terragrunt.gruntwork.io DRY and maintainable Terraform code. Terragrunt is a thin wrapper that provides extra tools for keeping your configurations DRY, working with multiple Terraform modules, and managing remote state.
- towardsdatascience.com: State of the Art Infrastructure as Code. Terragrunt The newest layer of abstraction by Gruntwork thatβll make your life easier. Gruntworkβs Terragrunt is a wrapper over Terraform which concentrates on solving your problems of Terraform state management and configuration. It also solves some of the problems around having similar infrastructure deployed in different environments.
- blog.gruntwork.io: Introducing: The Gruntwork Module, Service, and Architecture Catalogs
- medium: Terragrunt cheat sheet What is Terragrunt? Terragrunt is a framework on top of Terraform with some new tools out-of-the-box. Thanks to some new files *.hcl and new keywords, you can share variables across terraform modules very easily.
- pie-r/terragrunt-vs-terraspace
- gruntwork-io/terragrunt-infrastructure-live-example A repo used to show examples file/folder structures you can use with Terragrunt and Terraform
- medium.com/predictivehire: Why we should use Terraform and Terragrunt to manage Kubernetes (with example code)
Terraspace
- Terraspace.cloud Terraspace is a Terraform Framework that optimizes for infrastructure-as-code happiness. It provides an organized structure, conventions over configurations, keeps your code DRY, and adds convenient tooling. Terraspace makes working with Terraform easier and more fun.
Images
Videos
Click to expand!
Tweets
Click to expand!
I'm getting questions about Terraform vs Kubernetes for managing infrastructure resources.
— Kelsey Hightower (@kelseyhightower) November 19, 2020
I make the distinction by treating Terraform as a frontend tool that interacts with control planes that present **its** resources through a declarative interface. Ownership is key.
1/ Yesterday we released v2.1.0 of the @HashiCorp Terraform provider for @HelmPack with a cool new feature: diffs of the @kubernetesio manifests that Helm is sending to the cluster!
— Phil, in the ποΈ of Arizona (@PhilipSautter) April 2, 2021
So, what does this look like? Let's see ...
This is very common. Terraform doesnt give workload portability. It gives workflow portability
— Justin Garrison (@rothgar) July 29, 2021
By keeping the same workflow it improves adoption because it doesnβt matter if your managing EC2 or Pagerduty the same lang and tools work. It lowers switching costs through workflow https://t.co/wSOZYjZMm3
Unfortunately I think this is the biggest misconception that orgs have when deciding to adopt Terraform. It's "cloud agnostic" in the same way that Python is cloud agnostic. You still need vendor specific libraries. The only thing you standardize on is syntax and workflow
— Noah Mercado (@noah_mercado) July 29, 2021
It's not controversial to provision resources with code. It shouldn't be controversial to deploy and manage resources with code.
— Jaana Dogan γ€γ γγ¬γ³ (@rakyll) September 9, 2021
Using Terraform with Co-pilot. pic.twitter.com/0hhbqmMGW1
— Alex Jones π (@AlexJonesax) November 8, 2021
Yes. If itβs anything reasonably complex, my process is:
— Ryan Hochstetler (@ryanhos) January 19, 2022
1.) Build w/ UI
2.) Gen w/ #Terraformer (local state)
3.) Fix crazy codegen-ed names
4.) Import TF, verify Cloud == State == #Terraform
5.) rm -rf the manual version
6.) Recreate from TF
7.) Test and iterate w/ IaC
Let's continue to Terraformπ
— Vrukshali π¦₯ (@vrukshali26) March 21, 2022
The value of a Terraform variable can be set multiple ways, including setting a default value, interactively passing a value when executing a terraform plan and apply, using an environment variable, or setting the value in a .tfvars file.
(1/2)