Provisioner
- used to medel specific actions on the local machine or on a remote machine
- terraform resource 생성/제거 시 local-exec 또는 remote-exec 으로 구성 관리 또는 정기 작업을 수행하기 위해 스크리트 실행 가능
- resource block 안에 위치
- if provisioner fails :
- resource is “Tainted” by default (next apply will re-create
- terraform taint null_resource.run_script
- terraform apply -replace="null_resource.run_script”
- when = “destroy”
- Which provisioner invokes a process on the resource created by Terraform? = Terraform에서 생성된 리소스에 대한 프로세스를 호출하는 프로비저너는 무엇입니까?
- remote-exec
Sensitive Variables
1(safest) → 4
- Terraform with a -var flag terraform apply -var="database_password=mysecretpassword" -var= "api_key=1234567890abcdef"
- variable definitions files = terrform.auto.tfvars
- variable definitions files = terrform.tfvars
- Environmental Variables $ export TF_VAR_filename = “/root/cats.txt” $ terraform apply
terraform init does:
- Download and installs the necessary provider plugins.
- Setup backend for storing state.
- Download and install modules
Dynamic blocks
- acts like a ‘for’ expression but produces nested blocks instead if a complex typed value
- can create multiple blocks based on complex input structures, their usage can also lead to configurations that are harder to read and understand. This is because the logic for creating the dynamic blocks is usually more complex and less straightforward than static block configurations.
- A dynamic block can only generate arguments that belong to the resource type, data source, provider, or provisioner being configured. It is not possible to generate meta-argument blocks such as lifecycle and provisioner blocks, since Terraform must process these before it is safe to evaluate expressions.
- options that support
- resource, data, provider, provisioner, dynamic not provisioner blocks),
- use them when you need to hide details in order to vuild a clean user interface for a reusable module
- always write nested blocks out literally where possible
Meta Argument
- want to create multiple instances of the same resource
- depends_on
- loops in terraform : count , foreach(sets, map)
- provisionerrs
- lifecycle
- alias
- version
Modules
- enable code reuse
- What information does the public Terraform Module Registry automatically expose about published modules?
- required input variables
- optional inputs variables and default variables
- outputs
Local Values
If a module uses a local values, you can expose that value with a terraform output. TRUE
- created by “locals” block
- referenced as attributes as an object named “local”
Output Values
Output values are like function return values.
variable "input" {
description = "An input variable"
default = "Hello"
}
locals {
local_value = "${var.input}, World!"
}
output "greeting" {
description = "A greeting message"
value = local.local_value
}
$ Outputs: greeting = "Hello, World!"
ETC
- Cannot use “providers” as a variable name variable "providers” { type = string }
- 가능
- The "description" argument is used to provide a human-readable description of the variable or output, and it is intended to be used as documentation for other users of the Terraform code
- If you manually destroy infrastructure, what is the best practice reflecting this change in Terraform?
- = it will happen automatically
- What is terraform -refresh intended to detect?
- state file drift = By running terraform refresh after making manual changes to your infrastructure resources, you ensure that your Terraform state file is up-to-date and reflects the current state of your infrastructure resources.
- “Drift” is when the real-world state of your infrastructure differs from the state defined in your configuration.
- terraform plan -destroy”Run terraform destroy and it will first output all the resources that will be deleted before prompting for approval”
- = is a common operation from terraform destroy
- = This command will generate a plan that shows all of the changes Terraform will make to the infrastructure, including any resources that will be destroyed. The -destroy flag specifies that only the changes that will result in the destruction of resources should be shown.
- A variable name or a label must be unique within the same module or configuration.
- The "terraform fmt" command is used to rewrite Terraform configuration files to a canonical format and style. This command applies a subset of the Terraform language style conventions, along with other minor adjustments for readability.
Where in your Terraform configuration do you specify a state backend?
The terraform block
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
}
}
}
provider "aws" {
region = "us-west-2"
}
resource "aws_instance" "example" {
ami = "ami-0123456789abcdef0"
instance_type = "t2.micro"
}
In this example, the required_providers block specifies the source and version constraints for the AWS provider. In the rest of the configuration, the provider is referred to by its local name aws, such as in the provider "aws" block and the aws_instance resource block.
'[Terraform]' 카테고리의 다른 글
| 8. Terraform Cloud (0) | 2024.04.19 |
|---|---|
| 7. Terraform Modules (0) | 2024.04.19 |
| 6. Terraform (0) | 2024.04.19 |
| 5. Terraform CLI (0) | 2024.04.19 |
| 4. Terraform state (0) | 2024.04.19 |
