Terraform Provisioning

• Terraform provisioning is used to perform extra operations after resources are created.
• That could be generally executing scripts Refer Here
  
• There are three provisioners
  • local-exec: Refer Here
  • remote-exec: Refer Here
  • file Refer Here
• To connect to the remote instance we need connection Refer Here
• Lets install apache server in the ec2 instance created. The commands that needs to be executed on the remote are

sudo apt update
sudo apt install apache2 -y

• Terraform provisioner will be run only when the resource is created.
• Refer Here for the changes done to install nginx and add url as output
• Lets make changes in remote-exec inline Refer Here and try to perform terraform apply. Terraform will not consider the changes in remote-exec as desired state, so nothing will be executed.
  
• Provisoner without a resource can be used to solve this problem
• Lets add a null provider Refer Here
• In the null resource create a triggers which maps to certain input from the user which triggers script execution
• Refer Here for the changes.

Terraform state

• As of now the terraform state is maintained in the local folder. when we try to execute the same infra from different system it also generates a new state file which means new resources will be provisioned again.
  
• solution for this is provided by terraform backends.
• Refer Here for official docs
• Backend is location where your state file gets stored.
• Default backend is local. This is the reason why .tfstate is shown in local folder where we have templates.
• Lets us s3 as backend

Terraform backend s3

• The state file gets stored in aws s3.
• But terraform s3 backend doesnot support locking. To perform locking terraform expects a dynamo db table to be created
• Refer Here for the official docs
• After adding backend information execute terraform init
  
• Refer Here for the changeset
• Ensure you have terraform installed and configure on two nodes/systems
• For the purposes of understand. screen shots with git bash is user2 and screenshots with powershell is user1
• User1 execute terraform apply
  
• User2 also executes terraform apply
  

Terraform Workspaces

• Terraform workspaces allows us to create locking per workspace.
• Each workspace can be considered as one environment
• Refer Here for official docs and Refer Here to manage workspaces
• Refer Here for cli options
  
• Create multiple workspaces depending on environments
• Commands

terraform workspace --help

Exercise

• Findout how to configure terraform aws provider to create resources in two regions