All geek questions in one place

Territorial Remote Status

We are trying to use terraform with remote state stored in S3.

Projects are broken down, for example, there is a β€œmain” VPC project that creates only network infrastructure (vpc, subnets, IGW, NAT, routes, etc.), as well as subprojects that create certain resources on top of the main vpc (subnet), that is ec2 nodes.

Project folders / files:

.
β”œβ”€β”€ modules/
β”‚   └── mod-vpc/
β”‚       β”œβ”€β”€ main.tf
β”‚       β”œβ”€β”€ outputs.tf
β”‚       └── variables.tf
β”œβ”€β”€ projects/
β”‚   └── top-level-project-name-goes-here/
β”‚       β”œβ”€β”€ env-dev/
β”‚       β”‚   β”œβ”€β”€ globals.tf
β”‚       β”‚   β”œβ”€β”€ test/
β”‚       β”‚   β”‚   β”œβ”€β”€ main.tf
β”‚       β”‚   β”‚   └── variables.tf
β”‚       β”‚   └── vpc/
β”‚       β”‚       β”œβ”€β”€ main.tf
β”‚       β”‚       └── variables.tf
β”‚       └── env-prod/
└── terraform.tfvars

With the exception of the VPC project, all other projects use vpc_id, CIDR, etc. From the remote state of the VPC. Here's how our process is defined:

Step 1: Create a VPC.

There are no problems here, a VPC is created, and the output is printed and saved in the S3 bucket:

$ terraform init -backend=s3 -backend-config="region= us-west-2" -backend-config="bucket=xxx"  -backend-config="key=xxx" -backend-config="acl=bucket-owner-full-control" $project_path
$ terraform remote pull
$ terraform get $project_path
$ terraform apply

...

Outputs:

cidr_block = 10.198.0.0/16
private_subnet_ids = subnet-d3f5029a,subnet-fbeb369c,subnet-7ad88622
public_subnet_ids = subnet-54f5021d
region = us-west-2
vpc_id = vpc-b31ca3d4
vpc_name = main_vpc

2. : VPC, ec2 ( VPC 1 ). /, ( /tmp/project/working, ):

$ terraform init -backend=s3 -backend-config="region= us-west-2" -backend-config="bucket=xxx"  -backend-config="key=xxx" -backend-config="acl=bucket-owner-full-control" $project_path
$ terraform remote pull
$ terraform get $project_path
$ terraform apply

/tmp/project/ :

( /tmp/project/folder):

β”œβ”€β”€ .terraform
β”‚   β”œβ”€β”€ modules
β”‚   β”‚   β”œβ”€β”€ 7d29d4ce6c4f98d8bcaa8b3c0ca4f8f1 -> /pathto/modules/mod-cassandra
β”‚   β”‚   └── aa8ffe05b5d08913f821fdb23ccdfd95
β”‚   └── terraform.tfstate
β”œβ”€β”€ globals.tf
β”œβ”€β”€ main.tf
β”œβ”€β”€ terraform.tfvars
└── variables.tf

main.tf :

resource "aws_instance" "test" {
  instance_type = "${var.instance_type}"
  ami = "${var.ami}"
  subnet_id = "${data.terraform_remote_state.vpc_main.public_subnet_ids}" 
  vpc_security_group_ids = ["${aws_security_group.http_ext.id}"]    
}

data.terraform_remote_state:

data "terraform_remote_state" "vpc_main" {
  backend = "s3"
  config {
    region = "us-west-2"
    bucket = "xxx"
    key    = "xxx/vpc.json"
  }
}

, ( ) "data.terraform_remote_state.vpc_main", :

1. "data.terraform_remote_state", "test" (= main.tf), .

2. data.terraform_remote_state.vpc_main (= "globals.tf"), [terraform get $ project_path]:

$ terraform init -backend=s3 -backend-config="region= us-west-2" -backend-config="bucket=xxx"  -backend-config="key=xxx" -backend-config="acl=bucket-owner-full-control" $project_path
$ terraform remote pull
$ terraform get $project_path

Error loading Terraform: module root: 4 error(s) occurred:

* module 'cassandra': unknown resource 'data.terraform_remote_state.vpc_main' referenced in variable data.terraform_remote_state.vpc_main.cidr_block
* module 'cassandra': unknown resource 'data.terraform_remote_state.vpc_main' referenced in variable data.terraform_remote_state.vpc_main.region
* module 'cassandra': unknown resource 'data.terraform_remote_state.vpc_main' referenced in variable data.terraform_remote_state.vpc_main.vpc_id
* module 'cassandra': unknown resource 'data.terraform_remote_state.vpc_main' referenced in variable data.terraform_remote_state.vpc_main.public_subnet_ids

, Terraform - data.terraform_remote_state.vpc_main.

3. ( "globals.tf" "main.tf"), [terraform apply]:

$ terraform init -backend=s3 -backend-config="region= us-west-2" -backend-config="bucket=xxx"  -backend-config="key=xxx" -backend-config="acl=bucket-owner-full-control" $project_path
$ terraform remote pull
$ terraform get $project_path
$ terraform apply

module root: 1 error(s) occurred:
2017/01/14 14:02:50 [DEBUG] plugin: waiting for all plugin processes to complete...

β€’   data.terraform_remote_state.vpc_main: resource repeated multiple times

, , .

Terraform , 2 ?

terraform *.tf , , terraform :

https://www.terraform.io/docs/configuration/load.html

, , .

" " , Terraform "" ?

+5
2

:

terraform_bucket_region='eu-west-1'
terraform_bucket_name='xxx'
terraform_file_name="terraform.tfstate"

export AWS_ACCESS_KEY_ID="xxx"
export AWS_SECRET_ACCESS_KEY="xxx"

[ -d .terraform ] && rm -rf .terraform
[ -f terraform.tfstate.backup ] && rm terraform.tfstate.backup
terraform remote config -backend=S3 -backend-config="region=${terraform_bucket_region}" -backend-config="bucket=${terraform_bucket_name}" -backend-config="key=${terraform_file_name}"
terraform get

set-remote-tf.sh.

+1

Terraform. , - .

terraform . config.tf .

.
β”œβ”€β”€ modules/
β”‚   └── mod-vpc/
β”‚       β”œβ”€β”€ main.tf
β”‚       β”œβ”€β”€ outputs.tf
β”‚       └── variables.tf
β”œβ”€β”€ projects/
β”‚   └── top-level-project-name-goes-here/
β”‚       β”œβ”€β”€ env-dev/
β”‚       β”‚   β”œβ”€β”€ globals.tf
β”‚       β”‚   β”œβ”€β”€ test/
|       |   |   |-- config.tf
β”‚       β”‚   β”‚   β”œβ”€β”€ main.tf
β”‚       β”‚   β”‚   └── variables.tf
|       |   |   |-- terraform.tfvars
β”‚       β”‚   └── vpc/
|       |       |-- config.tf
β”‚       β”‚       β”œβ”€β”€ main.tf
β”‚       β”‚       └── variables.tf
|       |       |-- terraform.tfvars
β”‚       └── env-prod/


# ../vpc/config.tf
terraform {
  backend "s3" {
    bucket = "my-infrastructure"
    prefix = "vpc"
  }
}

# ../test
terraform {
  backend "s3" {
    bucket = "my-infrastructure"
    prefix = "test"
  }
}

data "terraform_remote_state" "vpc_main" {
  backend   = "s3"
  # workspace = "${terraform.workspace}" // optional

  config {
    bucket = "my-infrastructure"
    prefix = "vpc"
  }
}

data "terraform_remote_state" "other_terraform_state" {
  backend   = "s3"
  workspace = "${terraform.workspace}"

  config {
    bucket = "my-infrastructure"
    prefix = "other_terraform_state"
  }
}

GCP https://github.com/abgm/gcp-terraform-example/tree/first-example

0

Source: https://habr.com/ru/post/1666809/

More articles:


All Articles