Terraform: Difference between revisions
Jump to navigation
Jump to search
(34 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
| sudo tee /etc/apt/keyrings/hashicorp.asc >/dev/null | | sudo tee /etc/apt/keyrings/hashicorp.asc >/dev/null | ||
cat << | DISTRIBUTION=$(. /etc/os-release && echo "${VERSION_CODENAME}") | ||
cat << SRC | sudo tee /etc/apt/sources.list.d/hashicorp.list >/dev/null | |||
deb [arch=$(dpkg --print-architecture)\ | deb [arch=$(dpkg --print-architecture)\ | ||
signed-by=/etc/apt/keyrings/hashicorp.asc]\ | signed-by=/etc/apt/keyrings/hashicorp.asc]\ | ||
https://apt.releases.hashicorp.com $ | https://apt.releases.hashicorp.com ${DISTRIBUTION} main | ||
SRC | |||
sudo apt update && sudo apt list --upgradeable | sudo apt update && sudo apt list --upgradeable | ||
Line 19: | Line 20: | ||
<syntaxhighlight lang="text"> | <syntaxhighlight lang="text"> | ||
sdlc/ | sdlc/ | ||
├─ main.tf | ├─ main.tf # Main Terraform config file | ||
├─ variables.tf | ├─ variables.tf # Variable declarations | ||
├─ terraform.tfvars | ├─ terraform.tfvars # Variable assigned | ||
├─ outputs.tf | ├─ outputs.tf # Output definitions | ||
├─ provider.tf | ├─ provider.tf # Provider-specific config | ||
├─ terraform.tfstate | ├─ terraform.tfstate # Terraform state file | ||
├─ dev.tf | ├─ terraform.tfstate.backup # Terraform state backup file | ||
├─ prod.tf | ├─ terraform.auto.tfvars # User Sensitive Data | ||
├─ modules/ | ├─ dev.tf # Dev Env config for development | ||
│ ├─ module1/ | ├─ prod.tf # Prod Env config for production | ||
│ │ ├─ main.tf | ├─ modules/ # Directory for custom modules | ||
│ │ ├─ variables.tf | │ ├─ module1/ # Custom module 1 | ||
│ │ └─ outputs.tf | │ │ ├─ main.tf # Module-specific Terraform config | ||
│ └─ module2/ | │ │ ├─ variables.tf # Module-specific variables | ||
│ │ └─ outputs.tf # Module-specific outputs | |||
│ └─ module2/ # Custom module 2 | |||
│ ├─ main.tf | │ ├─ main.tf | ||
│ ├─ variables.tf | │ ├─ variables.tf | ||
│ └─ outputs.tf | │ └─ outputs.tf | ||
├─ environments/ | ├─ environments/ # Directory for env | ||
│ ├─ dev/ | │ ├─ dev/ # Development env | ||
│ │ ├─ main.tf | │ │ ├─ main.tf # Env specific Terraform config | ||
│ │ ├─ variables.tf | │ │ ├─ variables.tf | ||
│ │ └─ outputs.tf | │ │ └─ outputs.tf | ||
│ └─ prod/ | │ └─ prod/ # Production env | ||
│ ├─ main.tf | │ ├─ main.tf | ||
│ ├─ variables.tf | │ ├─ variables.tf | ||
│ └─ outputs.tf | │ └─ outputs.tf | ||
├─ scripts/ | ├─ scripts/ # Scripts or utility for IaC | ||
└── README.md | └── README.md | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 84: | Line 87: | ||
* '''TL;DR''' <code>terraform.tfvars</code> is what you pass to your stack to make it meaningfully distinct from any other deployment. <code>variables.tf</code> declares the variable names that you need to pass to the stack. | * '''TL;DR''' <code>terraform.tfvars</code> is what you pass to your stack to make it meaningfully distinct from any other deployment. <code>variables.tf</code> declares the variable names that you need to pass to the stack. | ||
==Backend » HTTP== | |||
{| | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
cat << HCL | tee -a ./backend.tf >/dev/null | |||
terraform { | |||
backend "http" { | |||
} | |||
} | |||
HCL | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
terraform init -backend-config=./nexus.http.tfbackend | |||
terraform init -backend-config=./gitlab.http.tfbackend | |||
terraform init -backend-config=./gitlab.http.tfbackend -reconfigure | |||
terraform init -backend-config=./gitlab.http.tfbackend -migrate-state | |||
</syntaxhighlight> | |||
|- | |||
| colspan="2" | | |||
---- | |||
|- | |||
| colspan="2" | | |||
<syntaxhighlight lang="bash"> | |||
cat << HCL | tee -a ./gitlab.http.tfbackend >/dev/null | |||
unlock_address = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke/unlock" | |||
lock_address = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke/lock" | |||
address = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke" | |||
username = "academia" | |||
password = "sadaqah!" | |||
unlock_method = DELETE | |||
lock_method = POST | |||
retry_wait_min = 5 | |||
HCL | |||
</syntaxhighlight> | |||
|- | |||
| colspan="2" | | |||
---- | |||
|- | |||
| colspan="2" | | |||
<syntaxhighlight lang="bash"> | |||
cat << HCL | tee -a ./nexus.http.tfbackend >/dev/null | |||
unlock_address = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke/unlock" | |||
lock_address = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke/lock" | |||
address = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke" | |||
username = "[email protected]" | |||
password = "sadaqah!" | |||
unlock_method = DELETE | |||
lock_method = POST | |||
retry_wait_min = 5 | |||
HCL | |||
</syntaxhighlight> | |||
|} | |||
==Playground== | ==Playground== | ||
Line 152: | Line 215: | ||
aws s3 ls | aws s3 ls | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| valign="top" | | |||
cdktf init --template="python" –local --providers="[email protected]" | |||
brew install cdktf | |||
| valign="top" | | | valign="top" | | ||
Line 159: | Line 228: | ||
cat ~/.aws/credentials | cat ~/.aws/credentials | ||
cat ~/.aws/config | cat ~/.aws/config | ||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
terraform init -backend-config=./gitlab.http.tfbackend | |||
terraform init -backend-config=./nexus.http.tfbackend | |||
</syntaxhighlight> | </syntaxhighlight> | ||
| valign="top" | | | valign="top" | | ||
<syntaxhighlight lang="bash"> | |||
terraform init -backend-config=./nexus.http.tfbackend \ | |||
-migrate-state | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
terraform init -backend-config=./nexus.http.tfbackend \ | |||
-reconfigure | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
cat <<-'HCL'| terraform console | |||
format("Hello %s from %s", "Terraform", "env0") | |||
HCL | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
echo 'cidrhost("10.10.0.0/16", 1)'|terraform console | |||
echo 'cidrhost("10.10.1.0/24", 1)'|terraform console | |||
echo 'cidrhost("10.10.2.0/24", 1)'|terraform console | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
echo 'cidrsubnet("10.10.0.0/16", 0, 0)'|terraform console | |||
echo 'cidrsubnet("10.10.0.0/16", 8, 0)'|terraform console | |||
echo 'cidrsubnet("10.10.0.0/16", 8, 1)'|terraform console | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
echo 'cidrnetmask("10.10.0.0/16")'|terraform console | |||
echo 'cidrnetmask("10.10.1.0/24")'|terraform console | |||
echo 'cidrnetmask("10.10.2.0/24")'|terraform console | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
echo 'cidrsubnets("10.10.0.0/16", 2, 2, 2, 2)'|terraform console | |||
echo 'cidrsubnets("10.10.0.0/16", 4, 4, 4, 4)'|terraform console | |||
echo 'cidrsubnets("10.10.1.0/16", 8, 8, 8, 8)'|terraform console | |||
</syntaxhighlight> | |||
| valign="top" | | |||
terraform show | |||
|} | |} | ||
Line 212: | Line 347: | ||
* [https://developer.hashicorp.com/terraform/language/expressions/operators Terraform » EL » Arithmetic & Logical Operators] | * [https://developer.hashicorp.com/terraform/language/expressions/operators Terraform » EL » Arithmetic & Logical Operators] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/references Terraform » EL » References to Named Values] | * [https://developer.hashicorp.com/terraform/language/expressions/references Terraform » EL » References to Named Values] | ||
* [https://developer.hashicorp.com/terraform/language/settings/backends/remote#excluding-files-from-upload-with-terraformignore Terraform » Backend » <code>.terraformignore</code>] | |||
* [https://support.hashicorp.com/hc/en-us/articles/4409321668499-How-to-identify-issues-with-the-terraformignore-file-configuration Terraform » <code>.terraformignore</code> » Issues] | * [https://support.hashicorp.com/hc/en-us/articles/4409321668499-How-to-identify-issues-with-the-terraformignore-file-configuration Terraform » <code>.terraformignore</code> » Issues] | ||
* [https://developer.hashicorp.com/terraform/language/settings/backends/configuration Terraform » Backend » Configuration] | * [https://developer.hashicorp.com/terraform/language/settings/backends/configuration Terraform » Backend » Configuration] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/strings Terraform » EL » Strings & Templates] | * [https://developer.hashicorp.com/terraform/language/expressions/strings Terraform » EL » Strings & Templates] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/types Terraform » EL » Types & Values] | * [https://developer.hashicorp.com/terraform/language/expressions/types Terraform » EL » Types & Values] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/function-calls Terraform » EL » Function Calls] | * [https://developer.hashicorp.com/terraform/language/expressions/function-calls Terraform » EL » Function Calls] | ||
| valign="top" | | | valign="top" | | ||
* [https://developer.hashicorp.com/terraform/language/expressions/conditionals Terraform » EL » Conditional Expressions] | * [https://developer.hashicorp.com/terraform/language/expressions/conditionals Terraform » EL » Conditional Expressions] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/version-constraints Terraform » EL » Version Constraints] | * [https://developer.hashicorp.com/terraform/language/expressions/version-constraints Terraform » EL » Version Constraints] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/custom-conditions Terraform » EL » Custom Conditions] | * [https://developer.hashicorp.com/terraform/language/expressions/custom-conditions Terraform » EL » Custom Conditions] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/type-constraints Terraform » EL » Type Constraints] | * [https://developer.hashicorp.com/terraform/language/expressions/type-constraints Terraform » EL » Type Constraints] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/dynamic-blocks Terraform » EL » Dynamic Blocks] | * [https://developer.hashicorp.com/terraform/language/expressions/dynamic-blocks Terraform » EL » Dynamic Blocks] | ||
* [https://developer.hashicorp.com/terraform/language/ | * [https://developer.hashicorp.com/tutorials/library?product=terraform Terraform » Tutorials » Library] | ||
* [https://developer.hashicorp.com/terraform/language/upgrade-guides Terraform » Upgrade » v1.9] | |||
* [https://developer.hashicorp.com/certifications Terraform » Certifications] | |||
* [https://developer.hashicorp.com/terraform/language/expressions/splat Terraform » EL » Splat] | * [https://developer.hashicorp.com/terraform/language/expressions/splat Terraform » EL » Splat] | ||
* [https://developer.hashicorp.com/terraform/language/expressions/for Terraform » EL » For] | * [https://developer.hashicorp.com/terraform/language/expressions/for Terraform » EL » For] | ||
Line 235: | Line 370: | ||
* [https://developer.hashicorp.com/terraform/language/functions/cidrsubnets Terraform » Lang » IP » <code>cidrsubnets</code>] | * [https://developer.hashicorp.com/terraform/language/functions/cidrsubnets Terraform » Lang » IP » <code>cidrsubnets</code>] | ||
* [https://developer.hashicorp.com/terraform/language/functions/cidrsubnet Terraform » Lang » IP » <code>cidrsubnet</code>] | * [https://developer.hashicorp.com/terraform/language/functions/cidrsubnet Terraform » Lang » IP » <code>cidrsubnet</code>] | ||
* [https://developer.hashicorp.com/terraform/language/functions Terraform » Lang » Built-in Functions] | |||
* [https://developer.hashicorp.com/terraform/language/functions/bcrypt Terraform » Lang » Hash » <code>bcrypt</code>] | |||
* [https://developer.hashicorp.com/terraform/language/functions/cidrhost Terraform » Lang » IP » <code>cidrhost</code>] | * [https://developer.hashicorp.com/terraform/language/functions/cidrhost Terraform » Lang » IP » <code>cidrhost</code>] | ||
* [https://developer.hashicorp.com/terraform/language/tests/mocking Terraform » Lang » Test » <code>Mocks</code>] | * [https://developer.hashicorp.com/terraform/language/tests/mocking Terraform » Lang » Test » <code>Mocks</code>] | ||
* [https://developer.hashicorp.com/terraform/language/functions/uuid Terraform » Lang » Hash » <code>uuid</code>] | |||
* [https://developer.hashicorp.com/terraform/language/functions/tostring Terraform » Lang » <code>tostring</code>] | * [https://developer.hashicorp.com/terraform/language/functions/tostring Terraform » Lang » <code>tostring</code>] | ||
* [https://developer.hashicorp.com/terraform/language/tests Terraform » Lang » Test] | * [https://developer.hashicorp.com/terraform/language/tests Terraform » Lang » Test] | ||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
* [https://spacelift.io/blog/terraform-cdk Terraform » Spacelift » AWS » CDKTF] | |||
* [https://spacelift.io/blog/terraform-output Terraform » Spacelift » Output] | |||
* [https://www.env0.com/blog/terraform-functions-guide-complete-list-with-examples Terraform » Functions » Guide] | |||
* [https://medium.com/@satyen.167/terraform-console-and-output-d3acf1f533 Terraform » Console » Output] | |||
* [https://spacelift.io/blog/terraform-test Terraform » Spacelift » Test] | |||
* [https://developer.hashicorp.com/terraform/tutorials/cdktf/cdktf-install?variants=cdk-language%3Apython Terraform » CDK » Python] | |||
| valign="top" | | |||
| valign="top" | | |||
|- | |- | ||
Line 284: | Line 438: | ||
| valign="top" | | | valign="top" | | ||
* [https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.aws_eks/NodegroupAmiType.html AWS » EKS » NodegroupAmiType] | |||
* [https://kubedemy.io/aws-eks-part-1-deploy-eks-cluster-requirements AWS » EKS » Requirements] | |||
* [https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html AWS » EKS » Versions] | * [https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html AWS » EKS » Versions] | ||
* [[EKSctl|AWS » EKS » CLI]] | |||
* [https://docs.aws.amazon.com/eks/latest/userguide/what-is-eks.html AWS » EKS] | |||
* [https://gitlab.com/ipcalc/ipcalc <code>ipcalc</code>] | |||
* [[Nexus]] | * [[Nexus]] | ||
* [[CIDR]] | * [[CIDR]] | ||
* [https://github.com/hashicorp/hcl HCL] | |||
* [[Git]] | * [[Git]] | ||
Latest revision as of 18:04, 19 October 2024
curl -fsSL https://apt.releases.hashicorp.com/gpg\
| sudo tee /etc/apt/keyrings/hashicorp.asc >/dev/null
DISTRIBUTION=$(. /etc/os-release && echo "${VERSION_CODENAME}")
cat << SRC | sudo tee /etc/apt/sources.list.d/hashicorp.list >/dev/null
deb [arch=$(dpkg --print-architecture)\
signed-by=/etc/apt/keyrings/hashicorp.asc]\
https://apt.releases.hashicorp.com ${DISTRIBUTION} main
SRC
sudo apt update && sudo apt list --upgradeable
sudo apt upgrade && sudo apt install terraform
terraform version
Structure
sdlc/
├─ main.tf # Main Terraform config file
├─ variables.tf # Variable declarations
├─ terraform.tfvars # Variable assigned
├─ outputs.tf # Output definitions
├─ provider.tf # Provider-specific config
├─ terraform.tfstate # Terraform state file
├─ terraform.tfstate.backup # Terraform state backup file
├─ terraform.auto.tfvars # User Sensitive Data
├─ dev.tf # Dev Env config for development
├─ prod.tf # Prod Env config for production
├─ modules/ # Directory for custom modules
│ ├─ module1/ # Custom module 1
│ │ ├─ main.tf # Module-specific Terraform config
│ │ ├─ variables.tf # Module-specific variables
│ │ └─ outputs.tf # Module-specific outputs
│ └─ module2/ # Custom module 2
│ ├─ main.tf
│ ├─ variables.tf
│ └─ outputs.tf
├─ environments/ # Directory for env
│ ├─ dev/ # Development env
│ │ ├─ main.tf # Env specific Terraform config
│ │ ├─ variables.tf
│ │ └─ outputs.tf
│ └─ prod/ # Production env
│ ├─ main.tf
│ ├─ variables.tf
│ └─ outputs.tf
├─ scripts/ # Scripts or utility for IaC
└── README.md
Summary
Backend » HTTP
Playground
References |