Terraform provisions infrastructure, Ansible configures systems, Docker packages applications, and Kubernetes manages application runtime. Terraform is not suitable for deployments because it is state-driven and not designed for continuous runtime management, scaling, or self-healing. Kubernetes is built exactly for that purpose
By using Terraform , AWS cloud , Shell , Ansible creating instances and configuring env ,deploying to Target environments
- Bastion server --> ( jump box/ server)
- Terraform Modules
- Terraform Provisioners
- Terraform providers
- Terraform workspace
- Terraform null resources
-- it will not create any resources , but it will just follow the life cycle of terraform ( like plan, destroy ).. ..# using to connet to the instances - Terraform state
- Terraform variables
- Terraform locals
- Terraform data sources
-
-
( Need two aws accounts )
-
ex: dev , staging , uat , prod
-
-
one aws account --> one provider --> ( .aws/credentials)
-
we have to mention in provider like
provider { alias = dev profile = dev } provider { alias = prod profile = prod }-
in sg group we have mention
- provider = aws.dev #for dev
- provider = aws.prod #for prod
-
-
-
( suppose if you want to create for dev)
- aws configure --profile dev
- aws configure --profile prod
-
-
Terraform taint --> force AWS to create the resources
- terraform taint --> it modifes the terraform state file ( as if it were missing or invalid terraform will destroy the old resources and create a new based on your current configuration )
* Actuall process with terraform is-> write ( .tf files ) with this create infra in AWS then store in (.sate ) files
-
- infra is in aws --> you need to get that into .tf files
- write a provider
- write a resource block with no arguments , then terraform init
- then terraform import
terraform import aws_instance.<name of the instance> <instance_id> # run this command
- then terraform fetch all the data about resources into a state file
- once import done copy the values from state file and create as per instance creation
-
changes for pertuclur components
- if you want to change only one component ( terraform plan -target='module.component["catalogue"]')
lifecycle {
create_before_destroy = true
}
- terraform will create another resource
- replace sg in instance with new sg
- them it will remove old sg
- Ansible pull concept
- pulls playbooks form a version control systme and execute them on target hosts
- VPC
- subnets
- (i) public-subnet and private-subnet
- IGW -Interner Gate way
- NAT gateway
- Availability zones
- Route-tables
- Elastic IP
- vpc-peering
- Load balancing
- Target groups ( creating target groups and hnadover or attached to autoscaling groups)
- SSM parameter store
- ACM ( Aws certificate Manager)
- CDN * ( content delivery network )--> cache management
- redis
- mongodb
- mysql
- rabbitmq
- Jenkins
- Promotheous
- Grafana