Terraform Provisioning
- Terraform provisioning is used to perform extra operations after resources are created.
- That could be generally executing scripts Refer Here
- There are three provisioners
- local-exec: Refer Here
- remote-exec: Refer Here
- file Refer Here
- To connect to the remote instance we need connection Refer Here
- Lets install apache server in the ec2 instance created. The commands that needs to be executed on the remote are
sudo apt update
sudo apt install apache2 -y
- Terraform provisioner will be run only when the resource is created.
- Refer Here for the changes done to install nginx and add url as output
- Lets make changes in remote-exec inline Refer Here and try to perform terraform apply. Terraform will not consider the changes in remote-exec as desired state, so nothing will be executed.
- Provisoner without a resource can be used to solve this problem
- Lets add a null provider Refer Here
- In the null resource create a triggers which maps to certain input from the user which triggers script execution
- Refer Here for the changes.
Terraform state
- As of now the terraform state is maintained in the local folder. when we try to execute the same infra from different system it also generates a new state file which means new resources will be provisioned again.
- solution for this is provided by terraform backends.
- Refer Here for official docs
- Backend is location where your state file gets stored.
-
Default backend is local. This is the reason why
.tfstateis shown in local folder where we have templates. - Lets us s3 as backend
Terraform backend s3
- The state file gets stored in aws s3.
- But terraform s3 backend doesnot support locking. To perform locking terraform expects a dynamo db table to be created
- Refer Here for the official docs
- After adding backend information execute
terraform init
- Refer Here for the changeset
- Ensure you have terraform installed and configure on two nodes/systems
- For the purposes of understand. screen shots with git bash is user2 and screenshots with powershell is user1
- User1 execute terraform apply
- User2 also executes terraform apply
Terraform Workspaces
- Terraform workspaces allows us to create locking per workspace.
- Each workspace can be considered as one environment
- Refer Here for official docs and Refer Here to manage workspaces
- Refer Here for cli options
- Create multiple workspaces depending on environments
- Commands
terraform workspace --help
Exercise
- Findout how to configure terraform aws provider to create resources in two regions
