Install
https://www.terraform.io/downloads.html
# sudo apt install -y jq URL=$(wget https://checkpoint-api.hashicorp.com/v1/check/terraform -qO- | jq -r '.current_download_url + .product + "_" + .current_version + "_linux_amd64.zip"') wget ${URL} -qP /tmp unzip -d /tmp /tmp/${URL##*/} sudo cp /tmp/terraform /usr/local/bin/ terraform version
Debug
https://www.terraform.io/docs/internals/debugging.html
# enable export TF_LOG=DEBUG # disable export TF_LOG=ERROR
CLI
# deploy terraform init terraform plan terraform apply -auto-approve # destroy terraform destroy -auto-approve
Install with Ansible
--- - name: Request Terraform API uri: url: "{{ terraform_api_url }}" return_content: yes register: content - set_fact: terraform_download_url: "{{ content.json.current_download_url }}" terraform_version: "{{ content.json.current_version }}" - name: Download Terraform {{ terraform_version }} unarchive: src: "{{ terraform_download_url }}terraform_{{ terraform_version }}_{{ ansible_system|lower}}_amd64.zip" remote_src: yes dest: /usr/local/bin creates: /usr/local/bin/terraform mode: 0755 owner: root group: root >
cat <<EOF> /tmp/install-terraform.yml --- - hosts: localhost tasks: - name: Get latest Terraform version uri: url: https://checkpoint-api.hashicorp.com/v1/check/terraform register: response - set_fact: terraform_download_url: "{{ response.json.current_download_url }}" terraform_version: "{{ response.json.current_version }}" - name: Download Terraform {{ terraform_version }} unarchive: src: "{{ terraform_download_url }}terraform_{{ terraform_version }}_{{ ansible_system | lower }}_amd64.zip" remote_src: yes dest: ~/bin creates: ~/bin/terraform mode: 0550 EOF
Providers
https://www.terraform.io/docs/providers/index.html
ansible-playbook /tmp/install-terraform.yml
https://github.com/panticz/ansible/tree/master/roles/terraform - hosts: localhost roles: - role: terraform tags: terraform
OpenStack module
https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs
Output
output "fqdn" { value = "${var.environment}-${var.name}.${var.domain}" } output "vpc" { value = { vpc_id = "${module.my_vpc.vpc_id}" public_subnet = "${module.my_vpc.public_subnets_ids}" private_subnet = "${module.my_vpc.private_subnets_ids}" } }
OpenStack security groups
https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs/resources/compute_secgroup_v2
rule { from_port = 1 to_port = 65535 ip_protocol = "tcp" self = true } rule { from_port = -1 to_port = -1 ip_protocol = "icmp" cidr = "0.0.0.0/0" }
provider "openstack" { user_name = var.os_user_name tenant_name = var.os_tenant_name password = var.os_password auth_url = var.os_auth_url region = var.os_region endpoint_type = var.os_endpoint_type use_octavia = true }
Terraform/
https://www.terraform.io/
https://www.youtube.com/watch?v=TFLQcgZr0no#t=1318.264795
https://releases.hashicorp.com/index.json
https://releases.hashicorp.com/
https://github.com/diodonfrost/terraform-openstack-examples