Terraform Provisioner

Terraform Provisioners

Provisioners are used to performing certain custom actions and tasks either on the local machine or on the remote machine.

File Provisioner

Example1(Amazon EC2) - Upload the file to an EC2 instance

provider "aws" {

region="us-east-1"
}
resource "aws_instance" "ec2_example" {

    ami = "ami-05fa00d4c63e32376"
    instance_type = "t2.micro"
    key_name= "aws_key"
    vpc_security_group_ids = [aws_security_group.main.id]

  provisioner "file" {
    source      = "/home/ubuntu/1.txt"
    destination = "/home/ec2-user/test-file.txt"
  }
  connection {
      type        = "ssh"
      host        = self.public_ip
      user        = "ubuntu"
      private_key = file("/home/ubuntu/aws_key")
      timeout     = "4m"
   }
}

resource "aws_security_group" "main" {
  egress = [
    {
      cidr_blocks      = [ "0.0.0.0/0", ]
      description      = ""
      from_port        = 0
      ipv6_cidr_blocks = []
      prefix_list_ids  = []
      protocol         = "-1"
      security_groups  = []
      self             = false
      to_port          = 0
    }
  ]
 ingress                = [
   {
     cidr_blocks      = [ "0.0.0.0/0", ]
     description      = ""
     from_port        = 22
     ipv6_cidr_blocks = []
     prefix_list_ids  = []
     protocol         = "tcp"
     security_groups  = []
     self             = false
     to_port          = 22
  }
  ]
}

resource "aws_key_pair" "deployer" {
  key_name   = "aws_key"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYQIjBKUkXyvWRrrDvLyc5hqs+8CFnCoS8LOR847TJ9NwMVPT5KsKg17k9a/edvemMCZtB15fZS2YsK/EsawacGSlaruhr5mCGQ9p8GVzkGCkjTx8gRGKU23D7KCi6lIBPMO47FbYmb22OemEinwox4vpw41V6AeRDdxnVGiw6xOKruAcN05XhUsTYw3GYoRACWn78fGsZL8YrWyK0Xze0tZlOX/48x9wD/co1znw/JkfUEjhfeCvYtnWYESy521dG9388S/8vhOXfSY4eD57PGvJj5eaN1BfizfzkQn6IviOx/lEtBGL1bIrn3nBaJROzW8nUMgUrd0APimQTERGF root@terraform"
}

Example1(Windows) - Upload the file to an EC2 instance

provider "aws" {
  region = "us-east-1"
}
resource "aws_instance" "ec2_example" {

    ami = "ami-05fa00d4c63e32376"
    instance_type = "t2.micro"
    key_name= "aws_keyraman"
    vpc_security_group_ids = [aws_security_group.main.id]
    tags = {
      "Name" = "FileProvisoning"
    }

  provisioner "file" {
    source      = "C:\\ABB\\1.yaml"
    destination = "/home/ec2-user/test-file.txt"
  }
  connection {
      type        = "ssh"
      host        = self.public_ip
      user        = "ec2-user"
      private_key = file("C:\\ABB\\aws_key")
      timeout     = "4m"
   }
}

resource "aws_security_group" "main" {
  egress = [
    {
      cidr_blocks      = [ "0.0.0.0/0", ]
      description      = ""
      from_port        = 0
      ipv6_cidr_blocks = []
      prefix_list_ids  = []
      protocol         = "-1"
      security_groups  = []
      self             = false
      to_port          = 0
    }
  ]
 ingress                = [
   {
     cidr_blocks      = [ "0.0.0.0/0", ]
     description      = ""
     from_port        = 22
     ipv6_cidr_blocks = []
     prefix_list_ids  = []
     protocol         = "tcp"
     security_groups  = []
     self             = false
     to_port          = 22
  }
  ]
}

resource "aws_key_pair" "deployer" {
  key_name   = "aws_keyraman"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6V5MtNDz26m5qVyvUt6EIdCzXsMWyLvGLVIPhAYKLS+s4Z84wSPO8kJz9jYwjtk2gXtKQDKd0PSeiUwue7YBzXQiCd1xsskcBZvgirrwql0RTXGFKMe99Kr7H/dIrmqcedyKxYupBFIoAt4ugCtGmhsBo+gW15C0+nI+f4PWh0vubJRweEu8rjN+EnEoKbJKPp0N6N5rFwFpsq0P7mtL5c9sdh0G95eo7N1pSVAjI49BfTGzYu36w2wa1iJ6KV9VIZDFD6yanvZRjeWG9wp3Q9NeNw/AMIt7yXgzh2cf4RAqyoSSujorgzmu0i7Ki8bNGDR+U37aerNvcp5+6+rGCeF46v5N950Xa8toFfZH83Wcj4bHHrH5nyiFo18E6kV2+f51EYSU3vdDpRqu34pXlTLmcgrLc+t7jT3uzZq90D9N5DMGAeFLE3cEuYggKdAV06cEo9/dpALEqWOCGYSHw4uMPRsjcEKve/U6mztl5b749RBJyVkc6YyjigYusl5c= raman@Raman-Sharma"
}

local-exec provisioner

This provisioner is used when you want to perform some tasks onto your local machine where you have installed the terraform.

So local-exec provisioner is never used to perform any kind task on the remote machine. It will always be used to perform local operations onto your local machine.

Example(Ubuntu) - Consider the following example where we are trying to create a file hello-world.txt on the local machine

provider "aws" {
profile="rprofile"
region="ap-south-1"
}
resource "aws_instance" "ec2_example" {

    ami = "ami-04bde106886a53080"
    instance_type = "t2.micro"
    key_name= "devops"

  provisioner "local-exec" {
    command ="touch hello-world.txt"
  }
}

Example (Windows)

provider "aws" {
  region = "us-east-1"
}
resource "aws_instance" "ec2_example" {

    ami = "ami-05fa00d4c63e32376"
    instance_type = "t2.micro"
    key_name= "newkey"
    vpc_security_group_ids = [aws_security_group.main.id]
    tags = {
      "Name" = "Local command Exec"
    }

 provisioner "local-exec" {
    command ="echo 'Test' >> hello-world.txt"
  }
 
}

resource "aws_security_group" "main" {
  egress = [
    {
      cidr_blocks      = [ "0.0.0.0/0", ]
      description      = ""
      from_port        = 0
      ipv6_cidr_blocks = []
      prefix_list_ids  = []
      protocol         = "-1"
      security_groups  = []
      self             = false
      to_port          = 0
    }
  ]
 ingress                = [
   {
     cidr_blocks      = [ "0.0.0.0/0", ]
     description      = ""
     from_port        = 22
     ipv6_cidr_blocks = []
     prefix_list_ids  = []
     protocol         = "tcp"
     security_groups  = []
     self             = false
     to_port          = 22
  }
  ]
}

remote-exec provisioner

As the name suggests remote-exec it is always going to work on the remote machine. With the help of the remote-exec you can specify the commands of shell scripts that want to execute on the remote machine.

provider "aws" {
  region = "us-east-1"
}
resource "aws_instance" "ec2_example" {

    ami = "ami-05fa00d4c63e32376"
    instance_type = "t2.micro"
    key_name= "aws_keyraman"
    vpc_security_group_ids = [aws_security_group.main.id]
    tags = {
      "Name" = "Remote Command Execution"
    }

 provisioner "remote-exec" {
    inline = [
      "touch /home/ec2-user/hello.txt",
      "echo helloworld remote provisioner >> /home/ec2-user/hello.txt",
    ]
  }
  connection {
      type        = "ssh"
      host        = self.public_ip
      user        = "ec2-user"
      private_key = file("C:\\ABB\\aws_key")
      timeout     = "4m"
   }
}

resource "aws_security_group" "main" {
  egress = [
    {
      cidr_blocks      = [ "0.0.0.0/0", ]
      description      = ""
      from_port        = 0
      ipv6_cidr_blocks = []
      prefix_list_ids  = []
      protocol         = "-1"
      security_groups  = []
      self             = false
      to_port          = 0
    }
  ]
 ingress                = [
   {
     cidr_blocks      = [ "0.0.0.0/0", ]
     description      = ""
     from_port        = 22
     ipv6_cidr_blocks = []
     prefix_list_ids  = []
     protocol         = "tcp"
     security_groups  = []
     self             = false
     to_port          = 22
  }
  ]
}

resource "aws_key_pair" "deployer" {
  key_name   = "aws_keyraman"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC6V5MtNDz26m5qVyvUt6EIdCzXsMWyLvGLVIPhAYKLS+s4Z84wSPO8kJz9jYwjtk2gXtKQDKd0PSeiUwue7YBzXQiCd1xsskcBZvgirrwql0RTXGFKMe99Kr7H/dIrmqcedyKxYupBFIoAt4ugCtGmhsBo+gW15C0+nI+f4PWh0vubJRweEu8rjN+EnEoKbJKPp0N6N5rFwFpsq0P7mtL5c9sdh0G95eo7N1pSVAjI49BfTGzYu36w2wa1iJ6KV9VIZDFD6yanvZRjeWG9wp3Q9NeNw/AMIt7yXgzh2cf4RAqyoSSujorgzmu0i7Ki8bNGDR+U37aerNvcp5+6+rGCeF46v5N950Xa8toFfZH83Wcj4bHHrH5nyiFo18E6kV2+f51EYSU3vdDpRqu34pXlTLmcgrLc+t7jT3uzZq90D9N5DMGAeFLE3cEuYggKdAV06cEo9/dpALEqWOCGYSHw4uMPRsjcEKve/U6mztl5b749RBJyVkc6YyjigYusl5c= raman@Raman-Sharma"
}

ranaclouddevops

Search This Blog