1.4 Understanding Terraform Workflow: init, plan, apply, and destroy

Terraform and Kubernetes: Your First Steps with Infrastructure as Code (IaC)

So you're diving into the world of Kubernetes and want to manage your infrastructure like a pro? Great! Terraform is a fantastic tool to help you do just that. It allows you to define and manage your Kubernetes infrastructure (and much more!) using code.

Think of it like this: instead of clicking through endless menus in a cloud provider's console, you write a recipe (Terraform code) that tells Terraform exactly what infrastructure you want. Terraform then takes care of creating, updating, and even deleting that infrastructure.

This post breaks down the core Terraform workflow: init, plan, apply, and destroy, making it easy to understand and implement with Kubernetes.

1. The Terraform Workflow: A Restaurant Analogy

Let's imagine you're ordering food at a restaurant to understand these concepts.

• terraform init (Checking the Pantry): This is like the restaurant's chef checking their pantry. They need to make sure they have all the ingredients (Terraform providers and modules) needed to cook your order. terraform init downloads the necessary plugins to communicate with your cloud provider (like AWS, Azure, Google Cloud) and Kubernetes. It sets up your working directory for Terraform to do its job.

• terraform plan (Reviewing the Recipe): This is like the chef telling you exactly what they're going to cook before they start. They outline the ingredients, the cooking steps, and the final dish. terraform plan analyzes your Terraform code and compares it to the current state of your infrastructure. It then generates an "execution plan" showing you exactly what changes Terraform will make: what resources it will create, modify, or delete.

• terraform apply (Cooking the Meal): This is the chef actually preparing your food! terraform apply takes the execution plan and puts it into action. It creates, modifies, or deletes resources according to the plan. This is where your Kubernetes cluster, deployments, services, etc., get created or updated.

• terraform destroy (Closing the Restaurant): This is like the restaurant closing for the night and cleaning up. terraform destroy tears down all the infrastructure defined in your Terraform code. It's the opposite of terraform apply. Use it with caution!

2. A Practical Kubernetes Example: Creating a Simple Deployment

Let's say you want to create a simple Nginx deployment in your Kubernetes cluster using Terraform. Here's a simplified example of what your Terraform code (usually in a file named main.tf) might look like:

terraform {
  required_providers {
    kubernetes = {
      source  = "hashicorp/kubernetes"
      version = "~> 2.0" # Specify the version
    }
  }
}

provider "kubernetes" {
  # Configuration options to connect to your Kubernetes cluster
  # e.g., kubeconfig_path = "~/.kube/config"
  # You will need to configure this based on your cluster's setup
}

resource "kubernetes_deployment" "nginx" {
  metadata {
    name = "nginx-deployment"
    labels = {
      app = "nginx"
    }
  }

  spec {
    replicas = 2

    selector {
      match_labels = {
        app = "nginx"
      }
    }

    template {
      metadata {
        labels = {
          app = "nginx"
        }
      }

      spec {
        container {
          image = "nginx:latest"
          name  = "nginx"

          port {
            container_port = 80
          }
        }
      }
    }
  }
}

Now, let's run through the workflow:

1. terraform init: Run this command in the directory where your main.tf file is located. Terraform will download the Kubernetes provider. You'll see output similar to:

    Initializing provider plugins...
    - Finding hashicorp/kubernetes versions matching "~> 2.0"...
    - Installing hashicorp/kubernetes v2.22.0...
    - Installed hashicorp/kubernetes v2.22.0 (signed by HashiCorp)
   
    Terraform has been successfully initialized!
   

2. terraform plan: This command will show you what Terraform intends to do. It will output a detailed plan, showing that it will create a kubernetes_deployment named "nginx".

3. terraform apply: This command executes the plan. Terraform will create the Nginx deployment in your Kubernetes cluster. You'll be prompted to confirm the changes by typing "yes". After applying, you can check your Kubernetes cluster to confirm the deployment has been created.

4. terraform destroy: When you're done with the Nginx deployment and want to remove it, run this command. Terraform will delete the deployment from your cluster. Again, you'll be prompted to confirm.

3. Architectural Diagram

+-------------------+      +---------------------+      +-------------------------+
|  Terraform CLI    |  --> |  Terraform Core     |  --> |  Kubernetes API Server  |
+-------------------+      +---------------------+      +-------------------------+
      |                      |  (State Management,  |      | (Manages Kubernetes    |
      |                      |   Execution Planning) |      |  Resources)          |
      |                      |                     |      |                        |
      v                      |                     |      |                        |
+-------------------+      +---------------------+      +-------------------------+
|  Terraform Config  |      |  Terraform Providers |      |   Kubernetes Cluster    |
|  (main.tf, etc.)   |      | (Kubernetes, AWS...) |      |   (Nodes, Pods, etc.)  |
+-------------------+      +---------------------+      +-------------------------+

Explanation:

• Terraform CLI: The command-line interface you use to interact with Terraform (e.g., terraform init, terraform apply).

• Terraform Core: The core engine that handles state management, execution planning, and communication with providers.

• Terraform Configuration: Your Terraform code, defining the desired infrastructure.

• Terraform Providers: Plugins that allow Terraform to interact with specific infrastructure providers (e.g., Kubernetes, AWS, Azure).

• Kubernetes API Server: The central control point for your Kubernetes cluster, responsible for managing resources.

• Kubernetes Cluster: Your running Kubernetes environment, containing nodes, pods, deployments, etc.

4. A Common Challenge: State Management

One of the biggest challenges with Terraform is managing its state. Terraform needs to keep track of the current state of your infrastructure so it knows what changes to make. This state is stored in a terraform.tfstate file (or remotely using Terraform Cloud, AWS S3, Azure Blob Storage, etc.).

Problem: If multiple people are working on the same Terraform configuration and they make changes simultaneously, the terraform.tfstate file can become corrupted or out of sync. This can lead to unexpected and potentially destructive changes to your infrastructure.

Solution: Use a remote backend for your Terraform state. This stores the state file in a central, shared location (like AWS S3) and provides locking mechanisms to prevent concurrent modifications. Terraform Cloud is an even better option, providing collaboration features, version control, and automated execution.

Here's an example of configuring an S3 backend:

terraform {
  backend "s3" {
    bucket = "your-terraform-state-bucket"
    key    = "path/to/your/terraform.tfstate"
    region = "us-west-2"
    encrypt = true
  }
}

5. Conclusion

Terraform is a powerful tool for managing Kubernetes infrastructure. By understanding the core workflow of init, plan, apply, and destroy, you can start automating your deployments and simplifying your infrastructure management. Remember to focus on state management to ensure a smooth and reliable workflow, especially when collaborating with others. Happy Terraforming!