By Yevgeniy Brikman
This book is the fastest way to get up and running with Terraform, an open source tool that allows you to define your infrastructure as code and to deploy and manage that infrastructure across a variety of public cloud providers (e.g., AWS, Azure, Google Cloud, DigitalOcean) and private cloud and virtualization platforms (e.g. OpenStack, VMWare).
This hands-on-tutorial, now in its 3rd edition, not only teaches you DevOps principles, but also walks you through code examples that you can try at home. You'll go from deploying a basic "Hello, World" Terraform example all the way up to running a full tech stack (Kubernetes cluster, load balancer, database) that can support a large amount of traffic and a large team of developers—all in the span of just a few chapters.
By the time you're done, you'll be ready to use Terraform in the real world.
This book is for Sysadmins, Operations Engineers, Release Engineers, Site Reliability Engineers, DevOps Engineers, Infrastructure Developers, Full Stack Developers, Engineering Managers, CTOs, and anyone else responsible for the code after it has been written. If you're the one managing infrastructure, deploying code, configuring servers, scaling clusters, backing up data, monitoring apps, and responding to alerts at 3AM, then this book is for you.
How DevOps is transforming the way we run software; an overview of infrastructure as code tools, including configuration management, server templating, orchestration, and provisioning tools; the benefits of infrastructure as code; a comparison of Terraform, Chef, Puppet, Ansible, SaltStack, OpenStack Heat, and CloudFormation; how to combine tools such as Terraform, Packer, Docker, Ansible, and Kubernetes.
Installing Terraform; an overview of Terraform syntax; an overview of the Terraform CLI tool; how to deploy a single server; how to deploy a web server; how to deploy a cluster of web servers; how to deploy a load balancer; how to clean up resources you've created.
What Terraform state is; how to store state so that multiple team members can access it; how to lock state files to prevent race conditions; how to isolate state files to limit the damage from errors; how to use Terraform workspaces; a best-practices file and folder layout for Terraform projects; how to use read-only state.
What modules are; how to create a basic module; how to make a module configurable with inputs and outputs; local values; versioned modules; module gotchas; using modules to define reusable, configurable pieces of infrastructure.
Loops with the
for expressions, and the
for string directive; conditionals with the
for expressions, and the
if string directive; built-in functions;
zero-downtime deployment; common Terraform gotchas and pitfalls, including count and for_each limitations,
zero-downtime deployment gotchas, how valid plans can fail, how to refactor Terraform code safely, and what to do
about eventual consistency.
An introduction to secrets management; a comparison of common secret management tools such as HashiCorp Vault, AWS Secrets Manager and Azure Key Vault; how to manage secrets when working with providers, including authentication via environment variables, IAM roles, and OIDC; how to manage secrets when working with resources and data sources, including how to use environment variables, encrypted files, and centralized secret stores; how to securely handle state files and plan files.
A closer look at how Terraform providers work, including how to install them, how to control the version, and how to use them in your code; how to use multiple copies of the same provider, including how to deploy to multiple AWS regions, how to deploy to multiple AWS accounts, and how to build reusable modules that can use multiple providers; how to use multiple different providers together, including a discussion of multi-cloud, and an example of using Terraform to run a Kubernetes cluster (EKS) in AWS and deploy Dockerized apps into the cluster.
Why DevOps projects always take longer than you expect; the production-grade infrastructure checklist; how to build Terraform modules for production; small modules; composable modules; testable modules; releasable modules; Terraform Registry; variable validation; versioning Terraform, Terraform providers, Terraform modules, and Terragrunt; Terraform escape hatches.
Manual tests for Terraform code; sandbox environments and cleanup; automated tests for Terraform code; Terratest; unit tests; integration tests; end-to-end tests; dependency injection; running tests in parallel; test stages; retries; the test pyramid; static analysis; plan testing; server testing.
How to adopt Terraform as a team; how to convince your boss; a workflow for deploying application code; a workflow for deploying infrastructure code; version control; the golden rule of Terraform; code reviews; coding guidelines; Terraform style; CI/CD for Terraform; the deployment process.
The book includes dozens of code samples. You can find the code here: https://github.com/brikis98/terraform-up-and-running-code.
The book is now in its 3rd edition, which adds over 100 pages of new content, including two completely new chapters (Managing Secrets with Terraform and Working with Multiple Providers), and major updates to all the original chapters. Check out the 3rd edition announcement blog post for the details on what changed!
Yevgeniy (Jim) Brikman is the co-founder of Gruntwork, a company that offers DevOps as a Service. Gruntwork makes extensive use of Terraform to help customers get their entire infrastructure, defined as code, in about a day.
Jim is also the author of another O'Reilly book called Hello, Startup: A Programmer's Guide to Building Products, Technologies, and Teams, which has a 4.9/5 rating on Amazon and 4.5/5 rating on GoodReads. Previously, he worked as a software engineer at LinkedIn, TripAdvisor, Cisco Systems, and Thomson Financial and got his BS and Masters at Cornell University. For more info, check out ybrikman.com.
Terraform: Up & Running, 3rd edition is available at the online stores below and at your local bookstore: