Install
https://www.terraform.io/downloads.html
# sudo apt install -y jq URL=$(wget https://checkpoint-api.hashicorp.com/v1/check/terraform -qO- | jq -r '.current_download_url + .product + "_" + .current_version + "_linux_amd64.zip"') wget ${URL} -qP /tmp unzip -d /tmp /tmp/${URL##*/} sudo cp /tmp/terraform /usr/local/bin/ terraform version
Debug
https://www.terraform.io/docs/internals/debugging.html
# enable export TF_LOG=DEBUG # disable export TF_LOG=ERROR
CLI
# deploy terraform init terraform plan terraform apply -auto-approve # destroy terraform destroy -auto-approve
Install with Ansible
---
- name: Request Terraform API
uri:
url: "{{ terraform_api_url }}"
return_content: yes
register: content
- set_fact:
terraform_download_url: "{{ content.json.current_download_url }}"
terraform_version: "{{ content.json.current_version }}"
- name: Download Terraform {{ terraform_version }}
unarchive:
src: "{{ terraform_download_url }}terraform_{{ terraform_version }}_{{ ansible_system|lower}}_amd64.zip"
remote_src: yes
dest: /usr/local/bin
creates: /usr/local/bin/terraform
mode: 0755
owner: root
group: root
>
# ~/.profile ... # set PATH so it includes user's private bin if it exists if [ -d "$HOME/.local/bin" ] ; then PATH="$HOME/.local/bin:$PATH" fi cat <<EOF> /tmp/install-terraform.yml #!/usr/bin/env ansible-playbook --- - hosts: localhost vars: debug: false tasks: - name: Get latest terraform version uri: url: https://checkpoint-api.hashicorp.com/v1/check/terraform method: GET register: uri_result - debug: msg: "{{ uri_result.json | to_nice_json }}" when: debug - set_fact: terraform_current_download_url: "{{ uri_result.json.current_download_url }}" terraform_current_version: "{{ uri_result.json.current_version }}" - name: Create "{{ lookup('env','HOME') }}/.local/bin" directory file: path: "{{ lookup('env','HOME') }}/.local/bin" state: directory - name: Install Terraform {{ terraform_current_version }} to ~/.local/bin/terraform unarchive: src: "{{ terraform_current_download_url }}/terraform_{{ terraform_current_version }}_{{ ansible_system | lower }}_amd64.zip" remote_src: yes dest: "{{ lookup('env','HOME') }}/.local/bin" mode: 0755 EOF chmod +x /tmp/install-terraform.yml /tmp/install-terraform.yml
Providers
https://www.terraform.io/docs/providers/index.html
ansible-playbook /tmp/install-terraform.yml
https://github.com/panticz/ansible/tree/master/roles/terraform - hosts: localhost roles: - role: terraform tags: terraform
OpenStack module
https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs
Output
output "fqdn" { value = "${var.environment}-${var.name}.${var.domain}" } output "vpc" { value = { vpc_id = "${module.my_vpc.vpc_id}" public_subnet = "${module.my_vpc.public_subnets_ids}" private_subnet = "${module.my_vpc.private_subnets_ids}" } }
OpenStack security groups
https://registry.terraform.io/providers/terraform-provider-openstack/openstack/latest/docs/resources/compute_secgroup_v2
rule { from_port = 1 to_port = 65535 ip_protocol = "tcp" self = true } rule { from_port = -1 to_port = -1 ip_protocol = "icmp" cidr = "0.0.0.0/0" }
provider "openstack" { user_name = var.os_user_name tenant_name = var.os_tenant_name password = var.os_password auth_url = var.os_auth_url region = var.os_region endpoint_type = var.os_endpoint_type use_octavia = true }
functions
https://www.terraform.io/docs/language/functions/toset.html
Zero Downtime Updates with Terraform
https://www.hashicorp.com/blog/zero-downtime-updates-with-terraform
Terraform/
https://www.terraform.io/
https://www.youtube.com/watch?v=TFLQcgZr0no#t=1318.264795
https://releases.hashicorp.com/index.json
https://releases.hashicorp.com/
https://github.com/diodonfrost/terraform-openstack-examples