How to use Terraform with Digital Ocean

I am currently working on a project, whereby all the back-end services will based on Kubernetes (K8S) using Digital Ocean Kubernetes cluster, we're also making use of dapr - (Distrubuted Application Runtime)

We are an incredibly small team working on this project, so we want to be able to managing the infrastructure and deployment of each service, so we want to enable this using Terrafrom.

Terraform is a tool for building and managing infrastructure in an organized way. You can use it to manage DigitalOcean Droplets, Load Balancers, and even DNS entries, in addition to a large variety of services offered by other providers. Terraform uses a command-line interface and can run from your desktop or a remote server.

Terraform works by reading configuration files that describe the components that make up your application environment or datacenter. Based on the configuration, it generates an execution plan that describes what it will do to reach the desired state. You then use Terraform to execute this plan to build the infrastructure. When changes to the configuration occur, Terraform can generate and execute incremental plans to update the existing infrastructure to the newly described state.

AWS and Azure, seem to be the leaders in the Enterprise move to cloud and Cloud Native development experiences, however for the smaller start ups etc, these platforms have really complicated billing and unpredictable billing practices and its not always easy to work out and stick to a budget. This is where in my opinion Digital Ocean delivers its true value along with providing a great scalable and perform-ant platform to build your new ideas on.

This post will guide you through the process of install Terraform and configuring it to work on your Linux development workstation.

Learning Dapr

Building Distributed Cloud Native Applications

Authoritative guide to Dapr, the distributed application runtime that works with new and existing programming languages alike.

Buy Now

Read Review

Prerequisites

If you're following along with this guide you'll need the following:

• A Digital Ocean Account, if you do not have one yet, Sign up for a new Digital Ocean account and get free credit
• I recommend using Homebrew package manager, check out How To Use Homebrew Package Manager On Linux
• This guide is explicitly for developers based on Linux, Why I use Linux as my developer platform

How to install Terraform

Installing Terraform on your Linux machine is really easy if you make use of Homebrew for Linux , which is something I would really recommend. Homebrew is definitely my preffered package manager for development related tools these days mostly because I found that most packages are updated there a lot more frequently than the official distro package managers.

You can also ensure that you reference the official Hashicorp tap.

### Add hashicorp tap
brew tap hashicorp/tap

## install terraform
brew install hashicorp/tap/terraform

Once installed you can check which version has been installed by using the following command

terraform --version

How to set up a Terraform alias on linux

if your typing is as bad as mine and you find yourself having to type a long word like terraform difficult without making a typo then you can create a simple alias to help. Personally I have a file in my home directory named .bash_aliases which I use to define all sorts of aliases that I set up on my machines.

I have the following lines in my .bashrc to load this file. This enables me to easily manage my aliases without the need for me to bloat my .bashrc file and make ithard to read and manage. It's taken the concept of modularisation to your bash profile

if [ -f ~/.bash_aliases ]; then
    . ~/.bash_aliases
fi

This enables me to easily add aliased to my bash using the command line as follows.

echo "alias tf='terraform'" | tee -a .bash_aliases 

How to install Digital Ocean CLI

We will also need to install doctl the Digital Ocean Command Line Tool. allows you to interact with the Digital Ocean API via the command line. It supports most functionality found in the control panel. You can create, configure, and destroy Digital Ocean resources like Droplets, Kubernetes clusters, firewalls, load balancers, database clusters, domains, and more.

if you use this link to sign up to Digital Ocean you'll get $200 in credit over 60 days to learn and use their system.

We can install the doctl like we did terraform using Homebrew for Linux

brew install doctl

You'll then need to Create a personal Access Token for your Digital Ocean account

Once you have created you can sign into your doctl using the name of your token, in my case I use my name for the token, then paste in your token when prompted

doctl auth init --context gary_woodfine

Once you have created your context then you can instruct doctl to use as the default as below

doctl auth switch --context gary_woodfine

Check out additional information on How to install and Configure doctl

Register your ssh keys

In order to run Terraform on digital ocean you'll need to register some SSH keys. Using the doctl this is extremely easy.

If you have existing ssh keys you can use them or you can register new ssh keys using the ssh-keygen , I've previously discussed Setting up SSH keys for GitHub Access and you can use the same process to create a new SSH key if required.

If you've followed the process of How to use pbcopy on Ubuntu you can copy your SSH public key to use as follows

pbcopy < ~/.ssh/gary_woodfine.pub

once you copied your public key you can the command below and paste you key between the quotes and the using the name of your public key

doctl compute ssh-key create gary_woodfine.pub --public-key "<paste your key here>"

Add access token to your Environment variables

In computing there is always one thing that can annoy you in configuring your workstation, and in this Digital Ocean setup this is it for me. Its just one but it just nags at me that maybe this is the right way, and I may have got it wrong.

So despite the fact that we have registered our Personal Access Token with our doctl to enable us to interact with Digital Ocean from the CLI, we still need to register it as an Environment Variable on our machine, to enable it to also be used in Terraform. I do understand why and its primarily for when you're running on a server,and in such environments it's highly likely you probably won't have the doctl installed.

So we need to add our Environment Variables to our Bash shell. As earlier step in my Aliases I also like to manage my various environment variables outside of directly putting them in my .bashrc and create a .bash_variables or similar file and load that in .bashrc and use it to store my various environment variables.

if [ -f ~/.bash_variables ]; then
    . ~/.bash_variables
fi

Just like we did above we'll add our Personal Access Token to it. We'll give a name to your token DIGITALOCEAN_TOKEN

It's important to note that the Digital Ocean Terrafrom provider automatically looks for and uses either of the following Environment Variables if they exist:

•  DIGITALOCEAN_TOKEN

•  DIGITALOCEAN_ACCESS_TOKEN 

So you don't have to pass them in when you use tf apply

echo "export DIGITALOCEAN_TOKEN<paste your token here>" | tee -a .bash_variables 

Optional Terraform aliases

The three main terraform commands you'll more than likely be making use of on the most frequent basis are

• terraform plan
• terraform apply
• terraform destroy

Although when you set up your provider you will also more than likely include having to provide your Digital Ocean Personal Access Token (PAT) as we have configured earlier to run.

variable "do_token" {}

provider "digitalocean" {
  token = var.do_token
}

This will often require you to paste your PAT in before the code will execute, which can get really annoying. To smooth this I usually create additional aliases for the commands which include getting PAT from the environment variables that we configured earlier in this post.

I create 3 additional aliases to cover the common commands

• tfa for tf apply or terraform apply
• tfp for tf plan or terraform plan
• tfd for tf destroy or terraform destroy

I generally store these in my .bash_aliases file with configuration to provide the PAT token as a variable being passed in as do_token in the forthcoming post on how to set up a Kubernetes cluster on Digital Ocean we'll see how we configure that in our Terraform Scripts

### Terraform plan
alias tfp='tf plan -var "do_token=${DIGITALOCEAN_TOKEN}"'

### terraform Apply
alias tfa='tf apply -var "do_token=${DIGITALOCEAN_TOKEN}"'

## Terraform Destroy
alias tfd='tf destroy -var "do_token=${DIGITALOCEAN_TOKEN}"'

Conclusion

At this stage we are now have our local workstation completely configured and ready to start developing and working with Terraform. In How to deploy a Kubernetes cluster on Digital Ocean with Terraform we'll take a look at how to expand our knowledge gained in this article to create a Kubernetes cluster for our project using Terrafrom using the Digital Ocean providers.

• About
• Latest Posts

Gary Woodfine

Technical Director at threenine.co.uk

Gary is Technical Director at threenine.co.uk, an independent software vendor specialising in IoT, Field Service and associated managed services,enabling customers to be efficient, productive, secure and scale-able.

Latest posts by Gary Woodfine (see all)

• Book Review: Continuous Architecture in Practice - March 20, 2023
• Book Review: Escaping the Build Trap - March 2, 2023
• How to create Github profile page - February 26, 2023