Day 56: #TerraWeekChallenge
Day 4: Terraform Remote Backends and State File Locking
Task 1: Importance of Terraform State
๐ Research: Dive into the importance of Terraform state in managing infrastructure. Discover how Terraform state helps track the current state of resources and ensures smooth infrastructure provisioning and management.
State: is just a Terraform's way of understanding the current configuration of your infrastructure and by doing so it keeps everything in sync. It has performance benefits and also allows people to make sure that they don't override each other's changes.
Terraform state is crucial for efficient infrastructure management:
Resource Tracking: It records the current state of infrastructure resources, aiding visibility.
Dependency Management: Terraform uses state to resolve resource dependencies for correct provisioning.
Plan and Apply: It's used in
terraform planandterraform applyto calculate and execute changes safely.Locking & Collaboration: State locking prevents conflicts in team collaborations.
Remote Storage: State can be stored remotely for security and accessibility.
Idempotence: Ensures resources remain in the desired state even with multiple executions.
Workspaces: Allows managing different environments using the same codebase.
Task 2: Local State and Terraform state Command
๐ Understand: Explore different methods of storing the state file, such as local or remote storage. Create a simple Terraform configuration file and initialize it to generate a local state file. Get hands-on with the terraform state command and learn how to use it effectively to manage and manipulate resources.
1. Create Terraform Configuration:
Let's start by creating 4 simple Terraform configuration including variables that provisions an AWS S3 bucket and DynamoDB:
#providers.tf
provider "aws" {
region = "us-east-1"
}
#resources.tf
resource "aws_dynamodb_table" "my_state_table" {
name = var.state_table_name
billing_mode = "PAY_PER_REQUEST"
hash_key = "LockID"
attribute {
name = "LockID"
type = "S"
}
tags = {
Name = var.state_table_name
}
}
resource "aws_s3_bucket" "my_state_bucket" {
bucket = var.state_bucket_name
tags = {
Name = var.state_bucket_name
}
}
#terraform.tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
#variables.tf
variable "state_bucket_name" {
default = "aminchivilkar-demo-bucket"
}
variable "state_table_name" {
default = "aminchivilkar-demo-table"
}
variable "aws_region" {
default = "us-east-1"
}
2. Initialize the Terraform Configuration:
Next, initialize Terraform in the directory where your configuration is located:
terraform init
This command will download the necessary provider plugins and prepare your working directory.
3. Generate a Local State File:
By default, Terraform stores the state file locally with the name terraform.tfstate. You can plan by running the following commands:
terraform plan
You can create the state file by running the following commands:
terraform apply
Terraform will create the S3 bucket and DynamoDB table in the 'us-east-1' region as specified in your provider configuration.
The S3 bucket will be created with the name "aminchivilkar-demo-bucket"
The DynamoDB table will be created with the name "aminchivilkar-demo-table" using the specified attributes and billing mode.
Note
4. Using the terraform state Command:
Now, let's explore the terraform state command to manage and manipulate resources within the state file.
List Resources in the State:
To list all the resources in the state file, use the following command:
bash
terraform state list
It will display as below:
Show Resource Details:
To view details about a specific resource, use the terraform state show command followed by the resource's address (in this case, aws_s3_bucket.example):
bash
terraform state show aws_s3_bucket.example
This command will provide detailed information about the S3 bucket.
Move a Resource in the State:
You can move a resource to a different address in the state file using the terraform state mv command. For example, to rename the S3 bucket resource, you can use:
bash
terraform state mv aws_s3_bucket.example aws_s3_bucket.my_new_bucket
This will update the state file and change the resource's address.
Remove a Resource from the State:
To remove a resource from the state file (but not destroy it), you can use the terraform state rm command. For example:
bash
terraform state rm aws_s3_bucket.my_new_bucket
This will remove the resource from the state file without destroying the actual resource in the cloud.
Summary
Task 3: Remote State Management
๐ Explore: Delve into remote state management options like Terraform Cloud, AWS S3, Azure Storage Account, or HashiCorp Consul. Select one remote state management option and thoroughly research its setup and configuration process. Become familiar with the steps required to leverage remote state management in your Terraform workflow.
Remote state management is a crucial aspect of Terraform that helps teams collaborate, store sensitive information securely, and maintain a single source of truth for infrastructure.
We'll focus on AWS S3 for remote state management and walk you through the setup and configuration process.
Setting Up Remote State Management with AWS S3:
Using AWS S3 as a remote state backend is a common choice because it's reliable, scalable, and integrates seamlessly with Terraform. Here's how you can set it up:
1. Prerequisites:
An AWS account with the necessary IAM permissions to create and manage S3 buckets.
Terraform installed on your local machine.
These steps were already followed above so we can proceed from here.
2. Implement State locking: We will have all the same required providers and to implement remote backends, we will use the backend configuration "backend" .
#terraform
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "4.66.1"
}
}
backend "s3" {
bucket = "aminchivilkar-demo-bucket"
key = "terraform.tfstate"
region = "us-east-1"
dynamodb_table = "aminchivilkar-demo-table"
}
}
initialize Terraform in the directory where your configuration is located:
terraform init
3. Create terraform configuration: We will now write 2 terraform files- resource and providers to create a test EC2 instance.
#providers.tf
provider "aws" {
region = "us-east-1"
}
#resources.tf
resource "aws_instance" "aws_ec2_test" {
ami = "ami-053b0d53c279acc90"
instance_type = "t2.micro"
tags = {
Name = "test-instance"
}
}
4. Apply Changes: Continue using Terraform as you normally would.
Time to plan, validate and then apply, it will save the state in the configured S3 bucket.
We have successfully saved the state in the S3 bucket and not locally.
This is how we can configure remote backend.
5. Accessing the Remote State:
To access the remote state at any time, you can use the terraform state commands, such as terraform state list or terraform state show.
Using AWS S3 as a remote state backend is a robust choice for managing Terraform state, and it provides durability and availability for your infrastructure data. This setup ensures that your infrastructure state is stored centrally, making it easier to collaborate, version, and manage.
Task 4: Remote State Configuration
๐ Modify: Enhance your Terraform configuration file to store the state remotely using the chosen remote state management option. Include the necessary backend configuration block in your Terraform configuration file to enable seamless remote state storage and access.
terraform {
backend "s3" {
count = 3
bucket = "aminchivilkar-demo-bucket"
key = "terraform.tfstate"
region = "us-east-1"
dynamodb_table = "aminchivilkar-demo-table"
}
}
Hope you like my post. Don't forget to like, comment, and share.