Welcome to my Infrastructure as Code quickstart tutorial. In this series, I will run you through a basic example of creating infrastructure using code, taking you from zero to a working website hosted in Kubernetes with as few manual steps as possible.

In order to follow this series, you need to have some experience of software development and/or ops and a basic understanding of the concepts involved.

You will need to sign up with accounts for GitHub, DigitalOcean and Terraform Cloud and in parts 2 and 3 you will need to own or have DNS access to a domain which can be used for test purposes.

Contents

What you’ll need

Virtual machines (droplets) in DigitalOcean cost from around $5 per month. If you sign up using the link above you will receive $100 credit to use, which will comfortably cover the costs of this tutorial, assuming you tear down at the end.

In order to deploy the infrastructure, we need to link together our three accounts. GitHub will be where we store the code which defines the infrastructure and execute pipelines (actions) in order to make changes to the infrastructure. Terraform cloud will store the state of the infrastructure and execute the code declarations against the DigitalOcean API and DigitalOcean will run the infrastructure.

pipeline

Create Terraform Cloud Workspace

In Terraform cloud, create a new workspace using the API driven workflow.

workspace

Create DigitalOcean PAT token for Terraform Cloud to use

Go to your DigitalOcean account and go to the API page. From there you can create a PAT token with write permissions.

pattoken

In your workspace in Terraform Cloud, add an environment variable DIGITALOCEAN_TOKEN and paste in your token, making sure to mark it as sensitive. The DigitalOcean Terraform provider knows to pick up this environment variable, so make sure you use the correct name.

envvar

Create GitHub repository

Go to your GitHub account and create a new private repository (e.g. “Infrastructure”).

Create Terraform API Token for GitHub actions to use

In Terraform Cloud user settings, create an API token.

tftoken

In your GitHub repository, in Settings - Secrets, create a new secret TF_API_TOKEN and paste the terraform token in. The name of this secret is expected by the Terraform starter action we will use in the next step.

ghtftoken

Create GitHub action

In GitHub, go to Actions and select the Terraform starter action

tfaction

Commit the workflow as-is.

Initial Infrastructure as Code

Create a main.tf file in the root of the repository (you can do this through the GitHub web interface or you can check out the respository and push your changes) and paste in the below, replacing “myorg” and “myworkspace” with your org and workspace name. Be careful with the formatting of your .tf files as the format step in your action is very opinionated.

terraform {
  backend "remote" {
    organization = "myorg"
    workspaces {
        name = "myworkspace"
    }
  }
}

resource "null_resource" "emprtyresource" {
  triggers = {
    value = "Do nothing"
  }
}

Commit the file.

Go to the actions tab in GitHub and you should see your action running. If all is well, a green tick should appear, which means that your action has run and Terraform cloud has executed your run.

firstrun

No resources will have been created in DigitalOcean at this point.

Create a Virtual Machine

In order to create a virtual machine we can use a digitalocean_droplet resource. Edit main.tf and paste in the following (remembering to change your org and workspace names) and keeping the formatting exactly as it is below.

terraform {
  backend "remote" {
    organization = "myorg"

    workspaces {
      name = "myworkspace"
    }
  }

  required_providers {
    digitalocean = {
      source  = "digitalocean/digitalocean"
      version = "~> 2.0"
    }
  }
}

provider "digitalocean" {
}

resource "digitalocean_droplet" "web" {
  image  = "ubuntu-18-04-x64"
  name   = "web-1"
  region = "lon1"
  size   = "s-1vcpu-1gb"
}

Your action should complete and you should now see a droplet deployed in your DigitalOcean account.

droplet

Tear the infrastructure down

Delete the “web” resource from main.tf and commit. The action will run and the droplet will be removed from your DigitalOcean account.

Next

Move on to part 2 where we will create a Kubernetes cluster and deploy a hello world app into it.