⛰️ Terraform - Basics
Terminology:
- Providers specify how to execute steps on a specific cloud or context
- Module is a collection of
.tf
configuration files which are all read- Root module is your main module which can load other modules as needed
- Other modules can be loaded from local, registry, GitHub or generic Git sources
- State records the actual identities of things that Terraform is managing
- Backend specifies where Terraform stores states; it can be local or remote
- Local backend is the default, but it's less secure and less collaborative
- Remote backend is the intended usage, but requires setup e.g. TF Cloud or AWS S3
- Workspace allow multiple states to be associated with a single configuration
- Resource (
resource
) describes one or more infrastructure objects - Data Source (
data
) exposes extra values calculated or fetched by a provider
Each provider has their own documentation. Can't be helped as each cloud provider is different. You can find available providers at Terraform Registry - Providers.
You call child modules using module
block with parameters. Each module
block has a source
that is either local directory or remote location to download the files from e.g. from Terraform Registry, GitHub or AWS S3 bucket.
module "servers" {
source = "./app-cluster"
servers = 5
}
resource "aws_elb" "example" {
# ...
instances = module.servers.instance_ids
}
It is recommended to specify the module version
.
module "consul" {
source = "hashicorp/consul/aws"
version = "0.0.5"
servers = 3
}
It is not recommended to store state files in version control. State files might include sensitive information like database passwords and such. The proper way to do it is to use a remote backend to store state and only use the local backend for local development. .terraform/
cache directories are also to be ignored. .terraform.lock.hcl
lock files should be version controlled.
# .gitignore
.terraform/
.terraform.tfstate.lock.info
terraform.tfstate
terraform.tfstate.backup
Check out Terragrunt and Terratest. They are nice but not strictly required.
CDKTF (Cloud Development Kit for Terraform) is a hot pile of experimental waste. Don't use it, you will be happier without these language specific bindings.