Terraform: Up & Running

By Yevgeniy Brikman

This book is the fastest way to get up and running with Terraform, an open source tool that allows you to define your infrastructure as code and to deploy and manage that infrastructure across a variety of public cloud providers (e.g., AWS, Azure, Google Cloud, DigitalOcean) and private cloud and virtualization platforms (e.g. OpenStack, VMWare).

This hands-on-tutorial, now in its 3rd edition, not only teaches you DevOps principles, but also walks you through code examples that you can try at home. You'll go from deploying a basic "Hello, World" Terraform example all the way up to running a full tech stack (Kubernetes cluster, load balancer, database) that can support a large amount of traffic and a large team of developers—all in the span of just a few chapters.

By the time you're done, you'll be ready to use Terraform in the real world.

Order Now

About the book

This book is for Sysadmins, Operations Engineers, Release Engineers, Site Reliability Engineers, DevOps Engineers, Infrastructure Developers, Full Stack Developers, Engineering Managers, CTOs, and anyone else responsible for the code after it has been written. If you're the one managing infrastructure, deploying code, configuring servers, scaling clusters, backing up data, monitoring apps, and responding to alerts at 3AM, then this book is for you.

Ch 1: Why Terraform

How DevOps is transforming the way we run software; an overview of infrastructure as code tools, including configuration management, server templating, orchestration, and provisioning tools; the benefits of infrastructure as code; a comparison of Terraform, Chef, Puppet, Ansible, SaltStack, OpenStack Heat, and CloudFormation; how to combine tools such as Terraform, Packer, Docker, Ansible, and Kubernetes.

Ch 2: Terraform Syntax

Installing Terraform; an overview of Terraform syntax; an overview of the Terraform CLI tool; how to deploy a single server; how to deploy a web server; how to deploy a cluster of web servers; how to deploy a load balancer; how to clean up resources you've created.

Ch 3: Terraform state

What Terraform state is; how to store state so that multiple team members can access it; how to lock state files to prevent race conditions; how to isolate state files to limit the damage from errors; how to use Terraform workspaces; a best-practices file and folder layout for Terraform projects; how to use read-only state.

Ch 4: Terraform modules

What modules are; how to create a basic module; how to make a module configurable with inputs and outputs; local values; versioned modules; module gotchas; using modules to define reusable, configurable pieces of infrastructure.

Ch 5: Terraform tips & tricks

Loops with the count parameter, for_each and for expressions, and the for string directive; conditionals with the count parameter, for_each and for expressions, and the if string directive; built-in functions; zero-downtime deployment; common Terraform gotchas and pitfalls, including count and for_each limitations, zero-downtime deployment gotchas, how valid plans can fail, how to refactor Terraform code safely, and what to do about eventual consistency.

Ch 6: Managing secrets with Terraform

An introduction to secrets management; a comparison of common secret management tools such as HashiCorp Vault, AWS Secrets Manager and Azure Key Vault; how to manage secrets when working with providers, including authentication via environment variables, IAM roles, and OIDC; how to manage secrets when working with resources and data sources, including how to use environment variables, encrypted files, and centralized secret stores; how to securely handle state files and plan files.

Ch 7: Working with multiple providers

A closer look at how Terraform providers work, including how to install them, how to control the version, and how to use them in your code; how to use multiple copies of the same provider, including how to deploy to multiple AWS regions, how to deploy to multiple AWS accounts, and how to build reusable modules that can use multiple providers; how to use multiple different providers together, including a discussion of multi-cloud, and an example of using Terraform to run a Kubernetes cluster (EKS) in AWS and deploy Dockerized apps into the cluster.

Ch 8: Production-grade Terraform code

Why DevOps projects always take longer than you expect; the production-grade infrastructure checklist; how to build Terraform modules for production; small modules; composable modules; testable modules; releasable modules; Terraform Registry; variable validation; versioning Terraform, Terraform providers, Terraform modules, and Terragrunt; Terraform escape hatches.

Ch 9: How to test Terraform code

Manual tests for Terraform code; sandbox environments and cleanup; automated tests for Terraform code; Terratest; unit tests; integration tests; end-to-end tests; dependency injection; running tests in parallel; test stages; retries; the test pyramid; static analysis; plan testing; server testing.

Ch 10: Using Terraform as a team

How to adopt Terraform as a team; how to convince your boss; a workflow for deploying application code; a workflow for deploying infrastructure code; version control; the golden rule of Terraform; code reviews; coding guidelines; Terraform style; CI/CD for Terraform; the deployment process.

Code samples

The book includes dozens of code samples. You can find the code here: https://github.com/brikis98/terraform-up-and-running-code.

Third edition

The book is now in its 3rd edition, which adds over 100 pages of new content, including two completely new chapters (Managing Secrets with Terraform and Working with Multiple Providers), and major updates to all the original chapters. Check out the 3rd edition announcement blog post for the details on what changed!

About the author

Yevgeniy Brikman

Yevgeniy (Jim) Brikman is the co-founder of Gruntwork, a company that that makes extensive use of Terraform in its products & services for setting up world-class DevOps Foundations.

Jim is also the author of two other books published by O'Reilly: Fundamentals of DevOps and Software Delivery, a hands-on guide to deploying and managing software in production, and Hello, Startup, which is a hands-on guide to building products, technologies, and teams in a startup.

Previously, he worked as a software engineer at LinkedIn, TripAdvisor, Cisco Systems, and Thomson Financial and got his BS and Masters at Cornell University. For more info, check out ybrikman.com.

Buy now

Terraform: Up & Running, 3rd edition is available at the online stores below and at your local bookstore:

News

Subscribe to the Terraform: Up & Running Newsletter! Get the latest news, blog posts, and talks on Terraform and DevOps. No spam, ever.

[NEW BOOK] Fundamentals of DevOps and Software Delivery is now available as an early release!

I've written a new book! It's called Fundamentals of DevOps and Software Delivery. It's a hands-on guide to software delivery—that is, all the processes, tools, and techniques that are required to run software in production and maintain it on an ongoing basis—and DevOps, one of the methodologies used today to make software delivery vastly more efficient. The early release of the ebook is available now on O'Reilly; if you prefer to wait for the print version, you can pre-order it now on Amazon and Barnes & Noble.

Get the early release now! »

Terraform: Up & Running, 3rd edition, has been published!

Terraform: Up & Running, 3rd edition, has been published! It's available on Amazon, O'Reilly, and at all major bookstores. The 3rd edition adds about 100 pages of new content, including two totally new chapters (one on secrets management with Terraform and one on working with multiple regions, accounts, and clouds, including Kubernetes), plus major updates to all the existing chapters to update the book from Terraform 0.12 to Terraform 1.2.

Get the 3rd edition now! »

Early release of Terraform: Up & Running, 3rd edition!

The early release of Terraform: Up & Running, 3rd edition, is now available! The 3rd edition adds about 100 pages of new content, including two totally new chapters (one on secrets management with Terraform and one on working with multiple regions, accounts, and clouds), plus major updates to all the existing chapters. The book has been updated from Terraform 0.12 to Terraform 1.2, covering all the changes in between—including required_providers, the provider lock file, variable validation, sensitive variables, refactoring with moved blocks, module iteration, etc.—and includes new examples of how to do multi-region replication, how to deploy Docker containers in Kubernetes using Terraform and EKS, how to enforce policies on your code using tools such as OPA, and much more. For a full list of the changes, check out the early release announcement blog post.

Read the Early Release now! »

The Russian translation of "Terraform: Up & Running" 2nd edition is now available!

The 2nd edition of Terraform: Up & Running has been translated into Russian! You can grab a copy on piter.com and myshop.ru.

Buy a copy »

The Chinese translation of "Terraform: Up & Running" 2nd edition is now available!

The 2nd edition of Terraform: Up & Running has been translated into Chinese! You can grab a copy on jd.com and dangdang.com.

Buy a copy »

SE Radio Interview: Yevgeniy Brikman on Infrastructure as Code Best Practices

Check out Yevgeniy Brikman's podcast interview with Software Engineering Radio on Infrastructure as Code best practices. The discussion covers similarities and differences between conventional software engineering and code-driven infrastructure; factoring code into modules; layering; terraform code organization for micro-services; releases and tagging; code reviews; unit testing infrastructure; deployment of infrastructure; ownership and code structure models; and open source and re-usable libraries.

Listen to the podcast! »

Automated Testing for Terraform, Docker, Packer, Kubernetes, and More

This talk from QCon SF is a step-by-step, live-coding class on how to write automated tests for infrastructure code, including the code you write for use with tools such as Terraform, Kubernetes, Docker, and Packer. Topics covered include unit tests, integration tests, end-to-end tests, test parallelism, retries, error handling, static analysis, and more.

Check out the video and slides! »

Terraform: Up & Running, 2nd edition has been published!

Terraform: Up & Running, 2nd edition, has been published! It's available on Amazon, O'Reilly, and at all major bookstores. The 2nd edition is nearly double the length of the 1st edition (~160 more pages), including two completely new chapters (Production-grade Terraform Code and How to Test Terraform Code), and major changes to all the original chapters and code examples (everything is now updated through Terraform 0.12).

Get a copy! »

Early release of Terraform: Up & Running, 2nd edition!

The early release of Terraform: Up & Running, 2nd edition, is now available! The 2nd edition is nearly double the length of the 1st edition (~160 more pages), including two completely new chapters (Production-grade Terraform Code and How to Test Terraform Code), and major changes to all the original chapters and code examples to take into account 4 major Terraform releases (everything is now updated through Terraform 0.12), the Terraform state revamp (including backends, locking, and workspaces), Terraform providers split, Terraform Registry, HCL2, and much more. Check out Terraform: Up & Running, 2nd edition announcement blog post for all the details!

Read the Early Release now! »

Terraform: Up & Running has been translated into Korean!

Terraform: Up & Running is now available in Korean!

Grab a copy on aladin.co.kr! »

Lessons learned from writing over 300,000 lines of infrastructure code

This talk from HashiConf 2018 is a concise masterclass on how to write infrastructure code. I share key lessons from the "Infrastructure Cookbook" we developed at Gruntwork while creating and maintaining a library of over 300,000 lines of infrastructure code that's used in production by hundreds of companies. Come and hear our war stories, laugh about all the mistakes we’ve made along the way, and learn what Terraform, Packer, Docker, and Go look like in the wild.

Check out the video, slides, and blog post! »

How to Build Reusable, Composable, Battle-tested Terraform Modules

This is my talk from HashiConf 2017 where I introduce the work we've been doing at Gruntwork with Terraform Modules. I explain how modules work, how to design modules so they are highly configurable and reusable, and how to write automated tests for your Terraform code. Most importanly, I show you how you can use modules to build your entire tech stack on top of proven, battle-tested infrastructure code—in minutes.

Check out the video and slides! »

Terraform training at Velocity Conference

I'll be running a 2-day training course at Velocity Conference in NYC. Learn Terraform through real-world examples: deploy servers, DBs, and load balancers on AWS; build immutable infrastructure with Docker and Packer; put it all together in a continuous delivery pipeline.

Sign up for the course today! »

Why Use Terraform?

Learn what Terraform does, and how it compares to Chef, Puppet, Ansible, CloudFormation, and other tools.

Read the article on O'Reilly Radar »

Terraform: Up & Running is published!

The final version of Terraform: Up & Running has been published and the ebook and print edition are now available online and in your local bookstores!

Get your copy now! »

Early Release

The early release of Terraform: Up & Running is now available! Grab a copy of the ebook before the final version is done so you can start learning today. You'll receive new chapters and updates as they are written, plus the final ebook bundle when the book is released.

Get your copy at the O'Reilly Store »

An intro to Docker, Terraform, and Amazon ECS

This talk is a very quick intro to Docker, Terraform, and Amazon's EC2 Container Service (ECS). In just 15 minutes, you'll see how to take two apps (a Rails frontend and a Sinatra backend), package them as Docker containers, run them using Amazon ECS, and to define all of the infrastructure-as-code using Terraform.

See the presentation on SlideShare »