terraform: what's new in version 0.7.x? - mschuette.name · example:usingstateimport $...
TRANSCRIPT
Terraform: What’s New in Version 0.7.x?
Martin Schütte10 November 2016
AWS User Group Hamburg
TERRAFORMBuild, Combine, and Launch Infrastructure
Outline
terraform fmt
Internal Plugins/Single Binary
Output flag -json
Lists and Maps
State
Data Sources
Martin Schütte | Terraform | AWS UG HH 3/22
terraform fmt
• Ok, actually in there since 0.6.15• Inspired by go fmt• Fixes whitespace for uniform code style
Martin Schütte | Terraform | AWS UG HH 4/22
Example: before terraform fmt
provider ”aws” {region=”eu-west-1”
}
variable ”ami”{}
# use amiresource ”aws_instance” ”web” {
instance_type =”t2.micro”ami =”${var.ami}”
}
Martin Schütte | Terraform | AWS UG HH 5/22
Example: after terraform fmt
provider ”aws” {region = ”eu-west-1”
}
variable ”ami” {}
# use amiresource ”aws_instance” ”web” {instance_type = ”t2.micro”ami = ”${var.ami}”
}
Martin Schütte | Terraform | AWS UG HH 6/22
Internal Plugins/Packaged as Single Binary
• Golang design: statically linked binary• Terraform design: plugins
⇒ Multiple binaries using network RPC,lots of shared code is duplicated
• Now all (default) plugins are compiled into single binary• Still uses RPC, custom plugins possible (doc)
Martin Schütte | Terraform | AWS UG HH 7/22
Size of Terraform Releases (linux amd64)
v0.6.0 v0.6.5 v0.6.10 v0.6.16 v0.7.0 v0.7.100
200
400
600
800
268339
459
596
737
547
87 67
SizeinMb
0
10
20
30
40
50
60
1720
28
36
4448
ProviderCount
Martin Schütte | Terraform | AWS UG HH 8/22
Output flag -json
Small change, but very useful for integration
$ terraform output -json{
”aws_command_url”: {”sensitive”: false,”type”: ”string”,1”value”: ”https://....amazonaws.com/prod/event”
},”sql_endpoint”: {
”sensitive”: false,”type”: ”string”,”value”: ”....rds.amazonaws.com:3306”
}}
Martin Schütte | Terraform | AWS UG HH 9/22
Example: Integration with JSON Output
$ terraform output sql_endpoint....rds.amazonaws.com:3306$ terraform output aws_command_url....amazonaws.com/prod/weather
$ terraform output -json > output.json$ cat output.json | \> jq ’.sql_endpoint.value,.aws_command_url.value’”....rds.amazonaws.com:3306””....amazonaws.com/prod/weather”
Martin Schütte | Terraform | AWS UG HH 10/22
Example: Jenkins Groovy Post-Build
def jsonfile = new File(basepath, ’output.json’)def tfoutput = new JsonSlurper().parseText( jsonfile.getText() )
summary = manager.createSummary(”clipboard.png”)summary.appendText(”Terraform Output:<ul>”, false)tfoutput.each {
summary.appendText(”<li><code><b>$it.key</b>: ”+”$it.value.value</code></li>”, false)
}summary.appendText(”</ul>”, false)
Martin Schütte | Terraform | AWS UG HH 11/22
Lists and Maps
Old way: only Strings# in VPC moduleoutput ”private_subnets” {value = ”${join(”,”, aws_subnet.private.*.id)}”
}
# in callernet_id = ”${element(split(”,”, var.private_subnets), count.index)}”
New: easily pass Lists and Maps# in VPC moduleoutput ”private_subnets” {value = [”${aws_subnet.private.*.id}”]
}
# in callernet_id = ”${var.private_subnets[count.index]}”
Martin Schütte | Terraform | AWS UG HH 12/22
State Manipulation
New state command to list, show, delete, move resources
Example: “live refactoring” with mv$ terraform state mv aws_instance.foo aws_instance.bar$ terraform state mv aws_instance.webserver module.web
Martin Schütte | Terraform | AWS UG HH 13/22
State Import (Work in Progress)
• New import command• Imports single resource instance by ID• Writes into state (not to source!)⇒ some yak shaving required
Martin Schütte | Terraform | AWS UG HH 14/22
Example: Using State Import
$ terraform import aws_instance.server i-0f83bd96e9ea45fe3aws_instance.server: Importing from ID ”i-0f83bd96e9ea45fe3”...aws_instance.server: Import complete!Imported aws_instance (ID: i-0f83bd96e9ea45fe3)
aws_instance.server: Refreshing state... (ID: i-0f83bd96e9ea45fe3)
Import success! The resources imported are shown above. These arenow in your Terraform state. Import does not currently generateconfiguration, so you must do this next. If you do not createconfiguration for the above resources, then the next ‘terraform plan‘will mark them for destruction.
$ terraform state listaws_instance.server$ terraform state show aws_instance.serverid = i-0f83bd96e9ea45fe3ami = ami-0044b96favailability_zone = eu-central-1bdisable_api_termination = false...
Martin Schütte | Terraform | AWS UG HH 15/22
Data Sources
• Lookup information from Provider• Currently only few sources, e. g.
• AWS Account-ID• AWS AMI-ID• AWS IAM Policy Document• Consul Keys• Docker Registry Image Metadata (WIP)
Martin Schütte | Terraform | AWS UG HH 16/22
“The Old Way” Example: Pipeline without Data Source
$ packer ami.json | tee | grep ...$ terraform apply -var ”ami=${ami}” ...
Martin Schütte | Terraform | AWS UG HH 17/22
Example: Finding AMIs
# searches for most recent tagged AMI in own accountdata ”aws_ami” ”webami” {most_recent = trueowners = [”self”]
filter {name = ”tag:my_key”values = [”my_value”]
}}
# use AMIresource ”aws_instance” ”web” {instance_type = ”t2.micro”ami = ”${data.aws_ami.webami.id}”
}
Martin Schütte | Terraform | AWS UG HH 18/22
Example: Reading Account & Region
data ”aws_caller_identity” ”current” {}
data ”aws_region” ”current” {current = true
}
resource ”aws_lambda_permission” ”allow_gitlabbots” {statement_id = ”AllowExecutionFromEvents”action = ”lambda:InvokeFunction”function_name = ”${aws_lambda_function.mybot.arn}”principal = ”apigateway.amazonaws.com”source_arn <<EOT
arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:...
EOT}
Martin Schütte | Terraform | AWS UG HH 19/22
New Links and Resources
• A Comprehensive Guide to Terraformseries of posts by Yevgeniy Brikman (Gruntwork)
• The Terraform Book by James Turnbullto be released late 2016.
Martin Schütte | Terraform | AWS UG HH 20/22
Terraform 0.8
• Preparations are ongoing• Improved string escape sequence handling• New apply graph creation (experimental in 0.7.8)
Martin Schütte | Terraform | AWS UG HH 21/22
The End
Martin Schütte@m_schuett
slideshare.net/mschuett/
Martin Schütte | Terraform | AWS UG HH 22/22