DevOps - Terraform Question Flashcards
Q1: What are terraform state files
Terraform state file stores the meta data about the infrastructure. By default, they are store local in the folder where the terraform code is. But you can configure to store in public cloud using backend.
What difference between terraform.tfvars and variable.tf
Avariables.tffile is used to define thevariables typeand optionallyset a default value.
Aterraform.tfvarsfile is used toset the actual valuesof the variables. tfvars are general use for different environment like prod.tfvars, dev.tfvars
https: //cloudbuild.co.uk/tag/tfvars-vs-variables-tf
https: //stackoverflow.com/questions/56086286/terraform-tfvars-vs-variables-tf-difference
How can you assign variable to terraform code?
There are several different ways to assign avalueto this input variable:
- Include
varoptions on theterraform planorterraform applycommand line. - Include
var-fileoptions to select one or more.tfvarsfiles to set values for many variables at once. - Create a
terraform.tfvarsfile, or files named.auto.tfvars, which are treated the same asvar-filearguments but are loaded automatically. - For a child module, include an expression to assign to the variable inside the calling
moduleblock.
https://www.notion.so/Terraform-8628f7defe754354a8114a0cf32f9267#738ebb2b8ffb4c279781c2c4b7b93f65
What are taint in terraform
Theterraform taint command informs Terraform that a particular object has become degraded or damaged. Terraform represents this by marking the object as “tainted” in the Terraform state, and Terraform will propose to replace it in the next plan you create.
What are null resource in terraform
Thenull_resourceresource implements the standard resource lifecycle but takes no further action.
As the null_resource doesn’t actually manage any underlying item without the triggers once it was created nothing would ever change again. The triggers parameter allows the resource to respond to changes, causing the resource to be destroyed & recreated, impacting on any dependencies or attached provisions.
https://www.notion.so/Terraform-8628f7defe754354a8114a0cf32f9267#43903092485b430fa41ca8871274dfcd
What are triggers in terraform
Thetriggersargument allows specifying an arbitrary set of values that, when changed, will cause the resource to be replaced.
What are data source in terraform
A data source is accessed via a special kind of resource known as adata resource, declared using adatablock:
```yaml
data “aws_ami” “example” {
most_recent = true
owners = ["self"]
tags = {
Name = "app-server"
Tested = "true"
}
}
~~~
What is dynamic block in terrafrom?
You can dynamically construct repeatable nested blocks likesettingusing a specialdynamicblock type, which is supported insideresource,data,provider, andprovisionerblocks
resource “aws_elastic_beanstalk_environment” “tfenvtest” {
name = “tf-test-name”
application = “${aws_elastic_beanstalk_application.tftest.name}”
solution_stack_name = “64bit Amazon Linux 2018.03 v2.11.4 running Go 1.12.6”
dynamic "setting" {
for_each = var.settings
content {
namespace = setting.value["namespace"]
name = setting.value["name"]
value = setting.value["value"]
}
}
}
What are Multi-level Nested Block Structures?
nesteddynamicblocks:
dynamic “origin_group” {
for_each = var.load_balancer_origin_groups
content {
name = origin_group.key
dynamic "origin" {
for_each = origin_group.value.origins
content {
hostname = origin.value.hostname
}
}
}
}
What are provisioners in the Terraform? What there use?
Provisioners can be used to model specific actions on the local machine or on a remote machine in order to prepare servers or other infrastructure objects for service.
Examples are
- local-exec = execute command on local machine where code is run
- remote-exec = provisioner invokes a script on a remote resource after it is created
- File Provisioner = copies files or directories from the machine running Terraform to the newly created resource.
Q11: What are plugins and providers in terraform?
Terraform Plugins: These are executable binaries written in Go that communicate with Terraform Core over an RPC interface. Each plugin exposes an implementation for a specific service, such as theAWS provideror thecloud-init provider. Terraform currently supports one type of Plugin calledproviders.
How do you lock the terraform statefile?
If supported by yourbackend, Terraform will lock your state for all operations that could write state. This prevents others from acquiring the lock and potentially corrupting your state.
If backend is S3, lock needs dynamoDB table for locking
Few challenges that you came across while working with terraform?
- Manual changes needs to be sync
- Changing resource name after creation as name depended on resource use name with suffix. e.g ec2 tag name, security-group, user-data files, etc.
- Importing existing resource
- Different version of terraform state file
How to call the existing resource from AWS or Azure to terraform without hardcoding the values or terraform import?
Use Data type, you can use manual resource
