mirror of
https://github.com/status-im/consul.git
synced 2025-01-26 13:40:20 +00:00
c8d0301dd5
* docs/nia: new configuration for services condition & source_input (#11646) * docs/nia: new configuration for services condition * docs/nia: new configuration for services source_input * reword filter and cts_user_defined_meta Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> * Update service block config to table format Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> * Remove deprecated driver.working_dir (#11831) * Deprecate workspace_prefix for now workspaces.prefix (#11836) * docs/nia: new config field names for services condition/source_input (#11896) * docs/nia: new config field `names` for services condition/source_input * Remove language about 'default condition' and services condition relation to services list Context: - Added a new `names` field to condition/source_input "services" - `names` or `regexp` must be configured for condition/source_input "services" This therefore: - Removed relationship between condition/source_input "services" and task.services list - Removed concept of "default condition" i.e. condition "services" must be configured with `names` or `regexp`, there is no meaningful unconfigured default Change: remove language regarding "default condition" and relationship with services list * docs/nia: Update paramters to table format Changes from a bulleted list to a table. Also adds the possible response codes and fixes the update example response to include the inspect object. * docs/nia: Delete task API and CLI * docs/nia: Update wording for run values Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com> * docs/nia: require condition "catalog-services" block's regexp to be configured (#11915) Changes: - Update Catalog Services Condition configuration docs to new table format - Rewrite `regexp` field docs to be required, no longer optional - Remove details about `regexp` field's original default behavior when the field was optional * docs/nia: Update status API docs to table format * Cleaner wording for response descriptions Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> * docs/nia - 'source_includes_var' changes (#11939) * docs/nia - condition "services" new field source_includes_var - Add new configuration details for condition "services" block's `source_includes_var` field. - Note: this field's description is worded differently from condition type's `source_includes_var` since a services variable is always required (unlike other vars) for CTS modules. - Also worded in a way to anticipate renaming to `use_as_module_input` * docs/nia - change 'source_includes_var' default value from false to true - Update configs - Table-ify Consul-KV condition (reuse wording from Consul-KV source input) * docs/nia - reword task execution page for source_includes_var changes - Note: switched to using "module input" language over "source input" language. Separate PR will make a mass change across docs - Slim down general task condition section to have fewer details on module input - Updated services, catalog-services, and consul-kv condition sections for source_includes_var - Add config page links for details * Improve CTS acronym usage - Use Consul-Terraform-Sync at the first instance with CTS in brackets - Consul-Terraform-Sync (CTS) and then CTS for all following instances on a per-page basis. - some exceptions: left usage of the term `Consul-Terraform-Sync` in config examples and where it made sense for hyperlinking * Improve CTS acronym usage (part 2) (#11991) Per page: - At first instance in text, use "Consul-Terraform-Sync (CTS)" - Subsequent instances in text, use "CTS" * Update schedule condition config to table format * Update config tables with type column * docs/nia: Update required fields values Standardizing Required/Optional over boolean values. * docs/nia: Standardize order of columns Updated Required to come before Type, which is how the configurations are formatted. Also changed the empty strings to "none" for default values. * Deprecate port CLI option for CTS and updated example usage * docs/nia cts multiple source input configuration updates (#12158) * docs/nia cts multiple source input configuration updates CTS expanded its usage of `source_input` block configurations and added some restrictions. This change accounts for the following changes: - `source_input` block can be configured for a task. No longer restricting to scheduled task - Multiple `source_input` blocks can be configured for a task. No longer restricting to one - Task cannot have multiple configurations defining the same variable type Future work: We're planning to do some renaming from "source" to "module" for v0.5. These changes are made in the code and not yet in the docs. These will be taken care of across our docs in a separate PR. Perpetuating "source" in this PR to reduce confusion. * Apply suggestions from code review Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> * Apply suggestions from code review Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> * code review feedback Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> * Add "Consul object" glossary entry Changes: - Add "Consul object" to CTS glossary - Format glossary terms so that they can be linked - Add link to "Consul object" glossary entry * Reorganize source_input limitations section Co-authored-by: findkim <6362111+findkim@users.noreply.github.com> Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> Co-authored-by: findkim <6362111+findkim@users.noreply.github.com> * docs/nia: overview of config streamlining deprecations (#12193) * docs/nia: overview of config streamlining deprecations * Update config snippets to use CodeTabs * Apply code review feedback suggestions Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> * Apply suggestions from code review Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> * Clarify source table language * Add use_as_module_input callout Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> * docs/nia: deprecate "services" field and "service" block (#12234) * Deprecate `services` field Did a search on "`services`", "`task.services`", "services list", and "services field" Changes: - In config docs, mark `services` field as deprecated and `condition` block as required. - For necessary references to `services` field, mark with "(deprecated)" e.g. when listing all options for source input - Remove unnecessary references to `services` field from docs e.g. any docs encouraging use of `services` - Replace `services` field with `condition` / `module_input` "services" in config snippets and explanations * Deprecate `service` block Did a search for "service block", "`service`", and "service {" Changes: - In config docs, mark `service` block as deprecated - For necessary references to `service` block, mark with "(deprecated)" - Remove unnecessary references to `service` block from docs * Fix service block typos in config snippet service block is singular and not plural * docs/nia: deprecate "source includes var" and "source input" (#12244) * Deprecate `source_includes_var` field Did a search for "source_includes_var" and an audit of "include" Changes - In config docs, mark `source_includes_var` field as deprecated - In config docs, add new field for `use_as_module_input` - For necessary references to `source_includes_var`, mark with "(deprecated)" - Audit and update "include" language * Deprecate `source_input` field and language Did a search and replace for "source_input", "source-input", "source input" Changes: - In config docs, mark `source_input` field as deprecated - In config docs, add new entry for `module_input` - For necessary references to `source_input`, mark with "(deprecated)" - Remove or replace "source*input" with "module*input" Note: added an anchor link alias e.g. `# Module Input ((#source-input))` for headers that were renamed from "Source Input" so that bookmarked links won't break * Update config streamlining release removal version to 0.8 * remove duplicate bullet * docs/nia: deprecate `source` (#12245) * Update "source" field in config snippets to "module" * Deprecate task config `source` field Did a search and replace for "source" and "src" Changes: - In config docs, mark `source` field as deprecated - In config docs, add new entry for `module` - Remove or replace "source" with "module" * Deprecate Status API Event `source` field Changes: - Mark `source` field as deprecated - Add new entry for `module` * docs/nia - Get Task API docs & Task Status API deprecations (#12303) * docs/nia - Get Task API Added a Task Object section intended to be shared with the Create Task API * docs/nia - Deprecate non-status fields from Task Status API Deprecate the fields that Get Task API replaces * docs/nia - Align API docs on `:task_name` request resource Followed a convention found in Nomad docs * docs/nia - misc fixes Context for some: - remove "" from license_path for consistency - do not specify the default value when empty string - remove "optional" language from task condition. we want to move towards it being required * docs/nia - add new columns to API Task Object * Added Create Task API documentation * Added create task CLI documentation * addressed code review comments * fixed example * docs/nia: Update task delete with async behavior CTS delete task command is now asynchronous, so updating docs to reflect this new behavior. * update create task CLI with new changes from code * update create task api and cli - update curl command to include the json header - update example task names to use 'task_a' to conform with other examples * docs/nia: Fix hyphens in CTS CLI output * docs/nia: Add auto-approve option in CLI * docs/nia: Clarify infrastructure is not destroyed on task deletion Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com> Co-authored-by: Kim Ngo <6362111+findkim@users.noreply.github.com> Co-authored-by: Melissa Kam <mkam@hashicorp.com> Co-authored-by: Melissa Kam <3768460+mkam@users.noreply.github.com> Co-authored-by: Michael Wilkerson <62034708+wilkermichael@users.noreply.github.com> Co-authored-by: mrspanishviking <kcardenas@hashicorp.com> Co-authored-by: Michael Wilkerson <mwilkerson@hashicorp.com> Co-authored-by: AJ Jwair <aj.jwair@hashicorp.com>
62 lines
6.5 KiB
Plaintext
62 lines
6.5 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Terraform Driver
|
|
description: >-
|
|
Consul-Terraform-Sync Network Drivers with Terraform
|
|
---
|
|
|
|
# Terraform Driver
|
|
|
|
Consul-Terraform-Sync (CTS) extends the Consul ecosystem to include Terraform as an officially supported tooling project. With the Terraform driver, CTS installs the [Terraform CLI](https://www.terraform.io/downloads.html) locally and runs Terraform commands based on monitored Consul changes. This page details how the Terraform driver operates using local workspaces and templated files.
|
|
|
|
## Terraform CLI Automation
|
|
|
|
On startup, CTS:
|
|
1. Downloads and installs Terraform
|
|
2. Prepares local workspace directories. Terraform configuration and execution for each task is organized as separate [Terraform workspaces](https://www.terraform.io/docs/state/workspaces.html). The state files for tasks are independent of each other.
|
|
3. Generates Terraform configuration files that make up the root module for each task.
|
|
|
|
Once all workspaces are set up, CTS monitors the Consul catalog for service changes. When relevant changes are detected, the Terraform driver dynamically updates input variables for that task using a template to render them to a file named [`terraform.tfvars`](/docs/nia/network-drivers#terraform-tfvars). This file is passed as a parameter to the Terraform CLI when executing `terraform plan` and `terraform apply` to update your network infrastructure with the latest Consul service details.
|
|
|
|
### Local Workspaces
|
|
|
|
Within the CTS configuration for a task, practitioners can select the desired module to run for the task as well as set the condition to execute the task. Each task executed by the Terraform driver corresponds to an automated root module that calls the selected module in an isolated Terraform environment. CTS will manage concurrent execution of these tasks.
|
|
|
|
Autogenerated root modules for tasks are maintained in local subdirectories of the CTS working directory. Each subdirectory represents the local workspace for a task. By default, the working directory `sync-tasks` is created in the current directory. To configure where Terraform configuration files are stored, set [`working_dir`](/docs/nia/configuration#working_dir) to the desired path or configure the [`task.working_dir`](/docs/nia/configuration#working_dir-1) individually.
|
|
|
|
~> **Note:** Although Terraform state files for task workspaces are independent, this does not guarantee the infrastructure changes from concurrent task executions are independent. Ensure that modules across all tasks are not modifying the same resource objects or have overlapping changes that may result in race conditions during automation.
|
|
|
|
### Root Module
|
|
|
|
The root module proxies Consul information, configuration, and other variables to the Terraform module for the task. The content of the files that make up the root module are sourced from CTS configuration, information for task's module to use as the automation playbook, and information from Consul such as service information.
|
|
|
|
A working directory with one task named "cts-example" would have the folder structure below when running with the Terraform driver.
|
|
|
|
```shell-session
|
|
$ tree sync-tasks/
|
|
|
|
sync-tasks/
|
|
└── cts-example/
|
|
├── main.tf
|
|
├── variables.tf
|
|
├── terraform.tfvars
|
|
└── terraform.tfvars.tmpl
|
|
```
|
|
|
|
The following files of the root module are generated for each task. An [example of a root module created by CTS](https://github.com/hashicorp/consul-terraform-sync/tree/master/examples) can be found in the project repository.
|
|
|
|
- `main.tf` - The main file contains the terraform block, provider blocks, and a module block calling the module configured for the task.
|
|
- `terraform` block - The corresponding provider source and versions for the task from the configuration files are placed into this block for the root module. The Terraform backend from the configuration is also templated here.
|
|
- `provider` blocks - The provider blocks generated in the root module resemble the `terraform_provider` blocks from the configuration for CTS. They have identical arguments present and are set from the intermediate variable created per provider.
|
|
- `module` block - The module block is where the task's module is called as a [child module](https://www.terraform.io/docs/configuration/modules.html#calling-a-child-module). The child module contains the core logic for automation. Required and optional input variables are passed as arguments to the module.
|
|
- `variables.tf` - This file contains three types of variable declarations.
|
|
- `services` input variable (required) determines module compatibility with Consul-Terraform Sync (read more on [compatible Terraform modules](/docs/nia/terraform-modules) for more details).
|
|
- Any additional [optional input variables](/docs/nia/terraform-modules#optional-input-variables) provided by CTS that the module may use.
|
|
- Various intermediate variables used to configure providers. Intermediate provider variables are interpolated from the provider blocks and arguments configured in the CTS configuration.
|
|
- `variables.module.tf` - This file is created if there are [variables configured for the task](/docs/nia/configuration#variable_files) and contains the interpolated variable declarations that match the variables from configuration. These are then used to proxy the configured variables to the module through explicit assignment in the module block.
|
|
- `providers.tfvars` - This file is created if there are [providers configured for the task](/docs/nia/configuration#providers) and defined [`terraform_provider` blocks](/docs/nia/configuration#terraform-provider). This file may contain sensitive information. To omit sensitive information from this file, you can [securely configure Terraform providers for CTS](/docs/nia/configuration#securely-configure-terraform-providers) using environment variables or templating.
|
|
- `terraform.tfvars` - The variable definitions file is where the services input variable and any optional CTS input variables are assigned values from Consul. It is periodically updated, typically when the task condition is met, to reflect the current state of Consul.
|
|
- `terraform.tfvars.tmpl` - The template file is used by CTS to template information from Consul by using the HashiCorp configuration and templating library ([hashicorp/hcat](https://github.com/hashicorp/hcat)).
|
|
|
|
~> **Note:** Generated template and Terraform configuration files are crucial for the automation of tasks. Any manual changes to the files may not be preserved and could be overwritten by a subsequent update. Unexpected manual changes to the format of the files may cause automation to error.
|