Terraform Plugin
The Terraform plugin enables you to maintain Terraform Plan state from Cloudify and also to use Terraform resources in your Cloudify blueprints.
Requirements
You must already have the Terraform binary on your Cloudify Manager. It should be executable by the cfyuser
Linux user.
Node Types
cloudify.nodes.terraform
This is the base node type. The properties are also available in cloudify.nodes.terraform.Module.
Properties
use_existing_resource
: a boolean to indicate if the user want use pre-exising installation of terraform , that will skip the installation , but will download the plugins that is specified inplugins
installation_source
: Location to download the Terraform installation from. Ignored if ‘use_existing’ is true.plugins
: List of plugins to download and install.executable_path
: Where the Terraform binary is located in the Cloudify Manager. Default is/usr/bin/terraform
. It is your Cloudify Administrator’s responsibility to ensure this binary is on the system and that it is executable by thecfyuser
.storage path
: Optional. A path on the Cloudify Manager to a directory where the plan files are located. The default behavior is to create temporary files.plugins dir
: Optional. A path on the Cloudify Manager to a directory where Terraform plugins are located.
Example
In the following example we deploy a Terraform installation:
inputs:
terraform_installation_source:
description: >
Where to get Terraform from.
type: string
default: 'https://releases.hashicorp.com/terraform/0.12.21/terraform_0.12.21_linux_amd64.zip'
terraform_plugins:
type: list
default:
- 'https://releases.hashicorp.com/terraform-provider-template/2.1.2/terraform-provider-template_2.1.2_linux_amd64.zip'
- 'https://releases.hashicorp.com/terraform-provider-aws/2.49.0/terraform-provider-aws_2.49.0_linux_amd64.zip'
terraform_executable:
type: string
default: '/tmp/terraform/bin/terraform'
terraform_plugins_dir:
type: string
default: '/tmp/terraform/plugins'
terraform_storage_path:
type: string
default: '/tmp/terraform/storage'
node_templates:
terraform:
type: cloudify.nodes.terraform
properties:
use_existing_resource: false
installation_source: { get_input: terraform_installation_source }
plugins: { get_input: terraform_plugins }
executable_path: { get_input: terraform_executable }
plugins_dir: { get_input: terraform_plugins_dir }
storage_path: { get_input: terraform_storage_path }
cloudify.nodes.terraform.Module
This refers to a Terraform Plan module.
Properties
resource_config
:source
: A zip file containing the Terraform plan. This may be a URL or a path relative to the blueprint.backend
: A Terraform backend.variables
: A dictionary of variables.environment_variables
: A dictionary of environment variables.
Operations
terraform.reload
: Reloads the Terraform template given the following inputs:source
: the new template location by default thelast_source_location
but it can be changed to be another location or even URL to a new templatedestroy_previous
: boolean if set to True it will trigger destroy for the previously created resources , if False it will keep them and maintain the state file , and terraform will calculate the changes needed to be applied to those already created resources
terraform.refresh
: Refresh Terraform state file, if any changes were done outside of terraform so it will update the runtimes properties to match the real properties for the created resources
Workflows
refresh_terraform_resources
: executeterraform.refresh
operation onterraform.Module
node instancesreload_terraform_template
: executesterraform.reload
onterraform.Module
node instances
By default, the aforementioned workflows operate on all terraform.Module
node instances in the current deployment.
It is possible to limit the scope by using the node_ids
and node_instance_ids
parameters, specifying lists of
node ID’s and node instance ID’s to operate on.
Example
In the following example we deploy a Terraform plan:
cloud_resources:
type: cloudify.nodes.terraform.Module
properties:
storage_path: { get_input: terraform_storage_path }
resource_config:
environment_variables:
AWS_ACCESS_KEY_ID: { get_secret: aws_access_key_id }
AWS_SECRET_ACCESS_KEY: { get_secret: aws_secret_access_key }
AWS_DEFAULT_REGION: { get_input: ec2_region_name }
variables:
server_name: { get_input: server_name }
aws_region: { get_input: ec2_region_name }
keypair_name: { get_input: keypair_name }
vpc_id: { get_input: vpc_id }
admin_user: { get_input: agent_user }
subnet_cidr: { get_input: subnet_cidr }
agents_security_group_id: { get_input: agents_security_group_id }
source: resources/template.zip
relationships:
- target: terraform
type: cloudify.relationships.depends_on
To execute terraform reload operation:
cfy executions start reload_terraform_template -d {deployment_id} -p source=/tmp/aws-two-tier.zip
To execute refresh terraform resources workflow on node instances of a specific node template:
cfy executions start refresh_terraform_resources -d {deployment_id} -p node_ids=[cloud_resources]