Terraform Provisioners

Question 1

What are provisioners?

Answer 1

Commissioners are used to execute scripts on a local or remote machine as part of resource creation or destruction

Question 2

Whats an example of a provisioner user case?

Answer 2

After VM is launched, install software package required for application.

Question 3

What are the types of provisioners?

Answer 3

1. local-exec provisioner
2. remote-exec provisioner
   3.file-provisioner

Question 4

Whats a local-exec provisioners and an example?

Answer 4

The local - exec provisioner invoke a local executive after a resource is created

Ex: After EC2 is launched, fetch the IP and store it in file server_Ip.txt.

Local because its done on the local machine

Question 5

Whats a remote-exec provisioner

Answer 5

Remote – executor visitor allowed to invoke scripts or run commands directly on the remote server.

Ex: after E2 is launched install Apache software

Question 6

How to define provisioners?

Answer 6

Local:
provisioner “local-exec” {}

Remote:
provisioner “remote-exec” {}

Question 7

What do you need to declare for remote-exec provisioners to connect?

Answer 7

You need to add a connection block inside the resource block. It supports both SSH (Linux) and WINRM (Window Server)

Ex:
connection {
type = “ssh”
user = “ec2-user”
private_key = file(“./terraform-key.pem”)
host = self.public_ip
}

Question 8

Does the provisioner block need to be declared from within the resource block?

Answer 8

Yes

Question 9

Is it necessary to define a aws_instance resource block for provisioner to run?

Answer 9

No, they can be defined inside other resource types.

Ex:
resource “aws_iam_user”

Question 10

Can you define multiple providers inside a single resource block?

Answer 10

Yesf

Question 11

What happens when a destroy provisioner is ran?

Answer 11

Destroy provisioners are run before the resource is detroyed.

Question 12

What happens if a creation-time provisioner fails?

Answer 12

1. The resource is marked as tainted and the resource will be planned for destruction and recreation upon the NEXT terraform apply.
2. The terraform apply will also fail.

Ex: reason permission issue

Question 13

Why does terraform mark a resource for destruction if a creation-time provisioner fails?

Answer 13

This occurs because a failed provisioner can leave a resource in a semi-configured state.

Question 14

Whats a workaround to the terraform apply from failing if provisioner failes at creation time?

Answer 14

With the use of the ON_FAILURE setting it can be changed to the value of “continue” to ignore the error and continue with creation/destruction.

By default, the value is set to FAIL, raising an error and to stop applying (default) and taint the resource.