What is Terraform?

HashiCorp Terraform is an open-source Infrastructure-as-Code (IaC) tool that lets you provision and manage the infrastructure your applications need — VMs, networks, databases, IAM, anything an API can reach — programmatically. (IaC on Wikipedia.)

Infrastructure as Code is the practice of describing your infrastructure in version-controlled files and applying those files to bring the real world into that desired state, instead of clicking around a console or sshing into a box and editing things by hand. Beyond the obvious "you can grep your infra," it gives you reviewable diffs, rollbacks, and reproducibility across environments.

Terraform users describe infrastructure in HCL (HashiCorp Configuration Language) — a JSON-ish DSL designed to be easy to read and write. The same .tf files can target dozens of providers (AWS, GCP, Azure, Cloudflare, Kubernetes, GitHub, …) so you can manage a whole platform from one place.

A small example — a VM with an extra disk on GCP:

hcl

1resource "google_compute_disk" "additional_disk" {2  name                      = "vm-additional-disk"3  type                      = var.additional_disk_type4  size                      = var.additional_disk_size5  zone                      = var.instance_zone6  physical_block_size_bytes = 40967}89resource "google_compute_instance" "gce" {10  name         = "virtualmachine"11  machine_type = var.virtualmachine_instance_type12  zone         = var.virtualmachine_zone13  tags         = var.virtualmachine_network_tag14  boot_disk {15    initialize_params {16      image = var.boot_disk_image17      size  = var.boot_disk_size18    }19  }20  attached_disk {21    source      = google_compute_disk.additional_disk.self_link22    device_name = google_compute_disk.additional_disk.name23  }24  network_interface {25    subnetwork = var.subnet_name26    access_config {}27  }28}

How Terraform works

You describe the desired state in .tf files. When you run terraform plan, Terraform parses your config, compares it to the current state (stored in a state file), and shows you a diff of what it's about to do. terraform apply executes that diff by translating each change into API calls against the relevant provider. Because it's open source, you can always extend it with custom providers or pin to specific versions.

A typical day-to-day loop:

bash

1terraform init     # download providers and set up the working directory2terraform fmt      # auto-format3terraform validate # syntax check4terraform plan     # see what will change5terraform apply    # actually change it

Installing Terraform

Ubuntu

Install the dependencies:

bash

1sudo apt update2sudo apt install software-properties-common gnupg2 curl

Add and trust the HashiCorp apt repo:

bash

1curl https://apt.releases.hashicorp.com/gpg | gpg --dearmor > hashicorp.gpg2sudo install -o root -g root -m 644 hashicorp.gpg /etc/apt/trusted.gpg.d/3sudo apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main"

Install:

bash

1sudo apt update2sudo apt install terraform

Verify:

bash

1terraform -v

bash

1Terraform v1.2.22on linux_amd64

macOS

bash

1brew tap hashicorp/tap2brew install hashicorp/tap/terraform

For other operating systems and the latest install instructions, see HashiCorp's install guide.

Quick note on OpenTofu: in 2023 a fork of Terraform called OpenTofu was created (via the Linux Foundation) after HashiCorp moved Terraform from MPL 2.0 to BUSL. The HCL is the same and most modules port cleanly. Worth keeping on your radar if licensing matters for your team.