Canarys | IT Services

Blogs

Terraform for Azure Cloud: Simplifying Infrastructure as Code (IaC) 

Date:
Author:
Share

Terraform is an open-source Infrastructure as Code (IaC) tool developed by HashiCorp. It enables users to define and provision infrastructure resources in a declarative and consistent manner. In the context of Azure Cloud, Terraform provides a powerful solution for managing and automating the deployment of resources. 

Let’s dive into the resources we are creating using Terraform: 

Azure Resource Group for the MyShuttle Java application ensures logical organization, simplified lifecycle management, access control, cost tracking, deployment efficiency, tagging, and resource-level security. 

Azure App Service Plan provides defined compute resources, scalability options, and pricing characteristics, ensuring efficient hosting, scaling, and management of the application. 

A Linux Web App for the MyShuttle Java app in Azure offers a flexible, managed platform for hosting, scaling, and running web applications, providing compatibility with Java and supporting features like containerization, built-in CI/CD integration, and cross-platform deployment. 

A MySQL Server for the MyShuttle Java app in Azure delivers a fully managed relational database service, offering features such as high availability, secure connections, and integration with other Azure resources, ensuring efficient and secure data storage and retrieval for the application. 

A MySQL Database for the MyShuttle Java app in Azure serves as a logical container within a MySQL Server, providing isolated storage for the application’s data with configurable performance settings, support for data replication, and point-in-time restore capabilities for effective data management. 

Implementing the resources using Terraform: 

Architecture:

Provider.tf:

In Terraform, the required_providers block is used to explicitly specify the required versions of providers used in a Terraform configuration. 

the backend block is typically separate, and it specifies where Terraform should store its state file. In our case, we are using azure storage container to store the terraform state file. 

In Terraform, the provider block is used to configure a specific infrastructure provider. When working with Microsoft Azure, you use the azurerm provider block to configure the Azure provider.  

variable.tf: 

In Terraform, the variables.tf file is commonly used to define input variables for your Terraform configurations. Variables are placeholders for values that you can use throughout your Terraform code. By defining variables in a variables.tf file, you can make your configurations more flexible, reusable, and easier to maintain.

main.tf: 

Locals are a way to define named expressions within a module. Locals allow you to create reusable values or expressions that can be referenced multiple times within your Terraform configuration, making it easier to manage complex configurations and avoid repetition. 

RESOURCE GROUP:
  • resource “azurerm_resource_group” “myshuttle_rg”: Declares a resource block of type azurerm_resource_group. This resource type is provided by the AzureRM provider and is used to manage Azure Resource Groups. 
  • name = local.resource_group_name: Specifies the name of the Azure Resource Group. The value is called from the local variable local.resource_group_name. 
  • location = var.location: Specifies the Azure region where the resource group will be created. The value is set to the variable var.location, which is expected to be passed as an input variable when running Terraform. 

APP SERVICE PLAN:
  • resource “azurerm_app_service_plan” “myshuttle_asp”: Declares a resource block of type azurerm_app_service_plan. This resource type is provided by the AzureRM provider and is used to manage Azure App Service Plans. 
  • name = local.app_service_plan_name: Specifies the name of the App Service Plan. The value is called from the local variable local. app_service_plan_name. 
  • resource_group_name = azurerm_resource_group.myshuttle_rg.name: Specifies the name of the Azure Resource Group to which the App Service Plan belongs. The value is set to the name of the resource group created earlier (azurerm_resource_group.myshuttle_rg.name). 
  • location = azurerm_resource_group.myshuttle_rg.location: Specifies the Azure region where the App Service Plan will be created. The value is set to the location of the resource group created earlier (azurerm_resource_group.myshuttle_rg.location). 
  • reserved = true: Indicates that the App Service Plan is reserved. This is often set to true for dedicated plans. 
  • kind = “linux”: Specifies the kind of App Service Plan, and in this case, it’s set to “linux.” This indicates that the App Service Plan is intended for hosting Linux-based applications. 
  • sku { … }: Defines the SKU (Service Level Agreement) details for the App Service Plan, including the pricing tier (tier), size (size), and capacity (capacity). The values are set to variables (var.asp_tier, var.asp_size, var.capacity), allowing for flexibility and customization based on user input. 

LINUX WEB APP: 
  • resource “azurerm_linux_web_app” “myshuttle-webapp”: This line declares a resource of type azurerm_linux_web_app, which is an Azure Resource Manager (ARM) Linux Web App. The name of this resource is myshuttle-webapp 
  • name = local.app_service_name: This sets the name of the web app to the value of the local variable app_service_name. 
  • resource_group_name = azurerm_resource_group.myshuttle_rg.name: This sets the resource group for the web app to the name of the resource group myshuttle_rg. 
  • location = azurerm_resource_group.myshuttle_rg.location: This sets the location of the web app to the location of the resource group myshuttle_rg. 
  • service_plan_id = azurerm_app_service_plan.myshuttle_asp.id: This sets the service plan for the web app to the ID of the app service plan myshuttle_asp. 
  • site_config: This block is used to configure the web app. The always_on attribute is set to true, which means the app is always running and doesn’t go idle. 
  • application_stack: This block is used to configure the Java runtime for the web app. The java_server, java_server_version, and java_version attributes are set to the values of the corresponding variables. 
  • connection_string: This block is used to configure the connection string for the MySQL database. The name, type, and value attributes are set to “Database”, “MySql”, and a JDBC connection string respectively. The connection string includes the name of the MySQL server and database, the login and password, and some additional parameters. 
  • depends_on = [azurerm_mysql_server.myshuttle_mysqlServer, azurerm_mysql_database.alm]: This line specifies that the creation of the web app depends on the creation of the MySQL server myshuttle_mysqlServer and the MySQL database alm. This means Terraform will ensure these resources are created before attempting to create the web app. 

MySQL-SERVER
  • resource “azurerm_mysql_server” “myshuttle_mysqlServer”: This line declares a resource of type azurerm_mysql_server, which is an Azure Resource Manager (ARM) MySQL server. The name of this resource is myshuttle_mysqlServer. 
  • name = local.mysql_server_name: This sets the name of the MySQL server to the value of the local variable mysql_server_name. 
  • resource_group_name = azurerm_resource_group.myshuttle_rg.name: This sets the resource group for the MySQL server to the name of the resource group myshuttle_rg. 
  • location = azurerm_resource_group.myshuttle_rg.location: This sets the location of the MySQL server to the location of the resource group myshuttle_rg. 
  • administrator_login = var.administrator_login and administrator_login_password = var.administrator_login_password: These lines set the login and password for the MySQL server administrator to the values of the corresponding variables. 
  • sku_name = “GP_Gen5_2”: This sets the SKU (Stock Keeping Unit) for the MySQL server to “GP_Gen5_2”, which represents a General Purpose Gen 5 server with 2 vCores. 
  • version = “5.7”: This sets the version of MySQL to 5.7. 
  • auto_grow_enabled = true: This enables the AutoGrow feature, which allows the storage of the MySQL server to automatically grow as needed. 
  • backup_retention_days = 7: This sets the retention period for backups to 7 days. 
  • geo_redundant_backup_enabled = false: This disables geo-redundant backups, which means backups are not stored in a secondary region. 
  • infrastructure_encryption_enabled = true: This enables infrastructure encryption for additional security. 
  • public_network_access_enabled = true: This enables public network access to the MySQL server. 
  • ssl_enforcement_enabled = true and ssl_minimal_tls_version_enforced = “TLS1_2”: These lines enable SSL enforcement and set the minimum enforced TLS version to 1.2 for secure connections. 

FIREWALL:
  • resource “azurerm_mysql_firewall_rule” “firewall_rule”: This line declares a resource of type azurerm_mysql_firewall_rule, which is an Azure Resource Manager (ARM) MySQL firewall rule. The name of this resource is firewall_rule. 
  • name = “allow_access_to_azure_server”: This sets the name of the firewall rule to “allow_access_to_azure_server”. 
  • resource_group_name = azurerm_resource_group.myshuttle_rg.name: This sets the resource group for the firewall rule to the name of the resource group myshuttle_rg. 
  • server_name = azurerm_mysql_server.myshuttle_mysqlServer.name: This sets the MySQL server that the firewall rule applies to, to the name of the MySQL server myshuttle_mysqlServer. 
  • start_ip_address = “0.0.0.0” and end_ip_address = “0.0.0.0”: These lines set the range of IP addresses that the firewall rule applies to. In this case, the range is “0.0.0.0” to “0.0.0.0”, which means the rule applies to all IP addresses. This effectively allows all traffic to the MySQL server. 
  • depends_on = [azurerm_mysql_server.myshuttle_mysqlServer]: This line specifies that the creation of the firewall rule depends on the creation of the MySQL server myshuttle_mysqlServer. This means Terraform will ensure the MySQL server is created before attempting to create the firewall rule. 

MySQL-DATABASE: 
  • resource “azurerm_mysql_database” “alm”: This line is declaring a resource of type azurerm_mysql_database, which is an Azure Resource Manager (ARM) MySQL database. The name of this resource is alm. 
  • name = “alm”: This sets the name of the database to “alm”. 
  • resource_group_name = azurerm_resource_group.myshuttle_rg.name: This sets the resource group for the database to the name of the resource group myshuttle_rg. 
  • server_name = azurerm_mysql_server.myshuttle_mysqlServer.name: This sets the MySQL server that the database is part of, to the name of the MySQL server myshuttle_mysqlServer. 
  • charset = “utf8” and collation = “utf8_general_ci”: These lines set the character set and collation for the database to “utf8” and “utf8_general_ci” respectively. The character set is a set of symbols and encodings, and the collation is a set of rules for comparing characters in a character set. 
  • depends_on = [azurerm_mysql_server.myshuttle_mysqlServer]: This line specifies that the creation of the database depends on the creation of the MySQL server myshuttle_mysqlServer. This means Terraform will ensure the MySQL server is created before attempting to create the database. 

Conclusion:

Leveraging Terraform for infrastructure provisioning offers a robust and scalable solution. With its declarative syntax, ease of use, and broad provider support, teams can efficiently manage and deploy infrastructure across diverse environments. The ability to version control configurations ensures repeatability and traceability, while the Terraform ecosystem continues to evolve with community contributions and updates. As organizations embrace Infrastructure as Code (IaC), Terraform stands out as a versatile tool, empowering teams to automate, collaborate, and adapt to the dynamic requirements of modern IT environments.

Leave a Reply

Your email address will not be published. Required fields are marked *

Reach Us

With Canarys,
Let’s Plan. Grow. Strive. Succeed.