Terraform Flashcards
What is infrastructure as code?
Is provisioning infrastructure through software to achieve consistent and predictable environments.
What is the difference between declarative and imperative?
Imperative = step-by-step on how to do a task Declarative = I want the state X (declaring what I want).
What is idempotency?
If I run the same task twice I won’t have a duplicated item.
What is the difference between push and pull?
Push: a server actively pushes configs;
Pull: a client actively pulls configs;
Is terraform push-type-model?
Yes. A server pushes the configs.
What is workflow that terraform imposes?
Provisioning resources;
Planning Updates;
Using Source Control;
Reusing Templates;
What are the four components of terraform?
terraform executable, terraform files, terraform plugins and terraform state.
What is a terraform plugin?
Is an extension of terraform that allows interacting with providers (e.g: azure, aws etc.
What is the terraform state?
Keeps track of what the current state looks like
what is the data type?
a data-source
what a tf file contains?
terraform code itself.
what a tfvars file contain?
input to variables
how to reference a var?
var.my_var_name
What is a triplet?
resourceType.resourceName.property.
Does terraform support function? examples?
yes… file(path)
what does the output type do?
outputs the content of a variable
how to declare a var in a tfvar file?
variable “image_id” {
type = string
}
what is the caveat with backslash in a windows environment?
it’s escape… use double: \
What does terraform init do?
It checks the config files looking for providers (plugins) and download the necessary files.
What does terraform plan do?
Loads the config files (.tf) and variables (.tfvars) and compare against an existing state (if any) then shows what needs to be done to achieve the desired state.
what does terraform plan -out myplan.tfplan?
shows the plan and store it in the tfplan file for future usage (apply) / inspection.
what is “known after apply” value that shows in the plan?
stuff that will be known only after the resource is applied (such as IDs)
What does terraform apply “myplan.tfplan” do?
Will apply the plan (actually provision stuff)
Which file is created after the first time I do an apply?
a tfstate file will be created
What does the terraform destroy do?
destroy the resources that are stored in the state file
what is the format of tfstate? Should I manually change it?
JSON. DO NOT TOUCH IT.
what the tfstate file contain?
resource mappings and general metadata. locking, location…
what is a workspace in terraform?
each workspace has a state… so it is a separation.
what happens if the installed version of terraform is lower than the one that created the state file (someone else created it, for example)?
terraform won’t allow interactions on it (you’ll need to upgrade terraform)
what is the serial number of tfstate?
an incremental number that is increased when the state file is updated.
why is the serial number of tfstate necessary?
to match up the version I have in the plan and the one in the state (so that you can’t apply an old plan)
does the tfstate contain the output information that we define and see in the prompt?
yes.
What is the golden rule of terraform?
Only change stuff via terraform (DO NOT CHANGE RESOURCES MANUALLY).
What in detail terraform planning do?
inspects the state, do the dependency graph and calculates the additions updates and deletions. Do stuff in parallel.
When the tfplan file is the most useful?
on teams where stuff needs to be approved before applied… e.g: in my PR I can have the plan but on master it actually applies it.
Can I access triplet’s property index? e.g: access the first item on an array?
yes… resourceType.resourceName.property[0]
What is a provisioner in the tf file? what does it require first?
allows executing arbitrary scripts. requires a ssh connection
How the Terraform syntax is called?
HashiCorp configuration language.
Why using hashicorp configuration language instead of json or yaml?
because they wanted to introduce functions, conditionals and templates which was not available in the first two.
What is a block in terraform? How a black inside a block is called?
the simplest structure we can have. It is called embedded block.
How to declare a block?
block_type label_one label_two {}
how many primitive types we had up to terraform .12? What happened after?
string only. it was added: number, bool, list and map (key value pairs)
what is a local?
local var
How does interpolation looks like in terraform?
taco_name = “The name is ${var.name}”
how to access a list? what index it starts on ?
local.mylist[0]. starts on 0
How to access a map?
local.mymap[“key”]
What is a terraform provisioner and what happens if something goes wrong when deploying all your resources tied to this provisioner?
provisioner is a way to configure software (when you choose to not use ansible, for example). It will stop in the error one and what was created will remain created.
what does the “«_space;EOF” do?
it is a literal string block where crlf are kept.
What does the remote-exec provisioner do?
executes command line in the remote computer.
what does the output data type do? when to use?
outputs a value when the script is applied or when you do terraform output command. when values needs to be used somewhere else for convenience
how is the syntax of a terraform function?
function(arg1, arg2…)
is the terraform function args positional or named?
positional
what are common functions bulitin on terraform?
lower, merge(map1, map2), file(path), timestamp()
what is the command terraform console? when is it useful?
allows running functions independently. to test out results of summing, functions and etc
what does the terraform fmt command does?
fixes formatting of the terraform files to match the canonical format
what does the terraform taint and untaint does?
mark a resource to be recreated even though terraform thinks it is al good with it. untaint remove taint
what does terraform validate does? will it ensure terraform apply will work?
will find syntax errors and other superficial errors. Does not guarantee a successful terraform apply.
who writes the providers? which language?
usually the cloud vendors, community or hashicorp itself. needs to be written in go.
what is a provider?
collection of resources and data sources (structures) that can be used in a terraform script.
what does the alias property in a provider do? and why it exists?
allows specifying a specific provider. in case you have the same provider declared multiple times. needs to be referenced in the resources as well.
What are the main terraform resource arguments?
depends_on, count, for_each and provider
Will terraform figure out the dependencies between resources? When to use depends_on then?
Yes, when the dependency is not obvious to terraform.
what does the count resource argument do?
allows you to create n resources (loop)
what does the for_each resource argument do?
allows you to iterate over a map to create resources and etc
what does the provider resource argument do?
allows you to define a provider to create the give resource when it is not clear to terraform which one to use.
how to create a list based on another list’s specific property
my_ids = mylist[*].id
what are the properties a variable can have in its declaration? Is it recommended to define a type?
name, type and default. yes, recommended.
What are the three ways that terraform allow defining variables? Does the precedence count?
environment < file < command line. yes… environment the least powerful
Is it common to split variables, resources and specific data types in different files?
yes.
How to declare a variable type of a map of strings? can I define a default value for that?
variable “myvar” {
type = map(string)
}
yes.. just declare a map as default.
what is the Hashicorp recommended way to deal with multiple environments (dev, test, prod)?
by using workspaces
what are the four concerns we need to address in multiple environment terraform configuration?
state management, variables data, credentials management and complexity/overhead.
if we couldn’t use workspaces to manage multiple environments, how could we handle it?
common scripts and folders holding specific environments stuff… see: https://pasteboard.co/JJY0e2G.png
how to create a new workspace using terraform cli?
terraform workspace new dev
Where does terraform workspace put the state files?
in a folder, states are separated.
what does the value that terraform.workspace return? why is it useful?
the name of the workspace given during terraform workspace new. so that you can access map values using the workspace name as key
which options can I use to store secrets?
environment variables, variables files or a secret management solution.
What is a terraform module? What is the root module? Can it call “child” modules?
A terraform module is a reusable piece of configuration that is meant to be shared across different apps (mini terraform config). Root module is what terraform uses under the hood when you create terraform files. Yes.
does modules support versioning?
yes.
does module support count or do I need to list them out?
no, necessary to list the modules (meaning how many copies you want of that module)
what are the three module components and how they interate?
variables are defined as input of the module. resources are going to be created (based on the vars) output are externalized so that the root module can use it.
what is a template file?
is a file that support variable substitution.
