Mr Cheng bio photo

Mr Cheng

Terraform

June 2016

a terraform module for DCOS

https://github.com/zutherb/terraform-dcos

April 2016

trigger/call provisioners inside a resource

You can call provisioners within a resource (aws_instance or azure_instance) to run bash or trigger a chef-client run.

refer to generated resources/thingys

“resources” are used so much, I’d prefer to call them thingys. This is how an aws_instance refers to a generated security group:

security_groups = ["${aws_security_group.default.name}"]

modules

You can wrap terraform into a module like

full example

  resource "aws_security_group" "default" {

    # the "group name" label showed in column 2 of aws web ui
    name = "terraform_example2"

    # SSH access from anywhere
    ingress {
        from_port = 22
        to_port = 22
        protocol = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
    }

    # HTTP access from anywhere
    ingress {
        from_port = 80
        to_port = 80
        protocol = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
    }

    # outbound internet access
    egress {
        from_port = 0
        to_port = 0
        protocol = "-1"
        cidr_blocks = ["0.0.0.0/0"]
    }
}

  resource "aws_instance" "default" {

    # Lookup the correct AMI based on the region
    ami = "${lookup(var.aws_amis, var.aws_region)}"    

    instance_type = "t1.micro"
    key_name = "${var.key_name}"
    security_groups = ["${aws_security_group.default.name}"]

    connection {
      user = "ubuntu"

      key_file = "${var.key_path}"
    }

    provisioner "remote-exec" {
      inline = [
        /* Install docker */ 
        "curl -sSL https://get.docker.com/ | sudo sh"
      ]
    }