Md Shahriyar Al Mustakim Mitul's Blog

Terraform Basics 101: Part 2

Md Shahriyar Al Mustakim Mitul's photo
Md Shahriyar Al Mustakim Mitul
·

6 min read

Terraform Providers

  1. Official Providers

Providers like cloud, local providers are maintained by harshicorp

  1. Partner Providers

Providers which are maintained by partners

  1. Community providers

    Maintained by community people or individuals

While initializing the terraform, we create the provider plugins. In the terminal we can see the provider name. Here hashicorp/local is used

It may also include hostname/organization/provider_type

by default terraform installs latest providers

These are saved under the .terraform folder

Configuration Directory

Rather than having multiple tf file(local.tf,cat.tf),

we can maintain one single tf file and keep all of the resources there (main.tf)

Multiple providers
We can have multiple providers in our one tf file , right?

Let’s do it and add random provider now

Here is our resource with random provider. We want to create a pet name starting with Mrs.

Once initialized, you can see that earlier we had local provider and therefore, it’s used. But we are also downloading random provider (hashicorp/random)

Then we check the plan

Once applied, we get our pet name and that’s Mrs.hen . We used the random provider to generate the pet name which was hen

Using input variables

So far, we have set what we want to create on the tf file

But it’s hardcoding which we don’t want. We want to set values from outside and use the benefits if IaC

We can just set the values of our needs in a different file called variable.tf. We can then modify this and make changes

Here we have set default values in the variable.tf file

But how to use it ? We have to modify the main.tf file now to use those variables

Then we need to use terraform plan and apply

If you need to modify the resource, we can not update the variable.tf file

Here we have changed the variable content for pets.txt and default length to 2 for the pet. Then plan and apply

We can see the changes in the apply.

Note: in the same way, we will work with AWS resources using main.tf and variable.tf

Variable block

In the variable.tf file, we should have default, type and description set

Although type parameter is optional.

Other than this, we can have list, map, object, tuple parameters

Using list’s index we can set values

Also, we should use the default value and the type same

Map can be used like this

Sets (one type of list but no duplicates) can be used like this

We can use objects like this

We can use tuple like this

How to use the variables?

Assume that the variables.tf’s default has been removed.

Now, if we apply changes, we have to manually input the values.

But it’s time consuming. Rather than this, we can set the variables using -var in the command line and apply.

or, we can set the values of the environment

or, we can set the variable definition files (terraform.tfvars)

Here you can see that, we didn’t have to mention the .tfvars file because terraform automatically loads terraform.tfvars, terraform.tfvars.json, .auto.tfvars, .auto.tfvars.json

But if we save the values in a different file name like variables.tfvars, we have to mention that with the apply command.

Now, assume that if a person uses all of these methods to set the variable value, which one will get the preference?

BY default , -var with variable values has the most importance

Resource attributes

Earlier we did create 2 resources. One to create a pet.txt file and another one to generate a random pet name and show it on the screen with id

Here no resource is depending on another. But what if they do depend on each other?

What if we want to use the pet name we got to the pet.txt file ?

We can see that, the random generator gives us an id with pet name from the documentation.

Here we used the values we get from the random_pet in the content of our local_file’s pet.txt

Once done, we can apply changes, and we can see that

Also, we need to set dependency which we didn’t set so far. Why? Because we are using the content from random_pet in the local_file, right? So, random_pet should be created first and using the resource, we should create local_file’s content

This is called explicit dependency.

Output Variables

We can keep the result in a terraform form. The format looks like this

And we add that in the main.tf file

Here you can see that, we have 2 resources local_file and random_pet and we get a random pet name with id in the random_pet . We can save the id using the output resource.

If we apply the changes now, we will get this

We can also see the output value using this

Here you can see that the file type was pet-name and the result is Mrs.gibbon which we got from the random_pet

Terraform State

Terraform state file is created once we apply changes . It basically tracks our changes when we update them and many more

Assume we have main.tf and variable.tf inorder to create a pets.txt file with content I love pets

Then we initialize it

Then we check the plan and therefore, it tries to refresh the terraform state in memory which is actually not yet created (because we haven’t applied anything yet)

Then we apply the changes

The file with content is ready

What if you want to apply the changes again? Yes, there is no need as we haven’t made any changes to the main.tf or variable.tf file. Still let’s do it

You will see that, it refreshes state and 0 added and 0 changed meaning terraform tracked that we haven’t made any changes. But how?

If you look carefully, you will see that, there is a terraform.tfstate file created which tracked all of the resources we created

Now assume that, we have changed the default value for the content to “We love pets!” instead of “I love pets!”, and apply changes, terraform will detect that the content value has been changed.

Once applied, it will update the content value in the terraform.tfstate

The state files can be considered as the blueprint of what resources are launched locally or remotely. It also checks which file has dependency on whom, which to delete earlier,helps other understand what other resources are created.

We have to keep in mind that statefiles can contain sensitive information(ip, ssh password etc) thus it’s unsafe if we keep them like that way

Therefore we can keep the .tf files in the github repository where anyone can access our codes. But the sensitive data should be kept in places like amazon s3, terraform cloud etc. Therefore making it impossible for general people to access those sensitive data

terraform-state