1 00:00:07,050 --> 00:00:10,620 - Okay, so now we're gonna take a look at Terraform itself 2 00:00:10,620 --> 00:00:12,950 as a tool, now that we have it installed. 3 00:00:12,950 --> 00:00:14,851 So Terraform, as I mentioned before, 4 00:00:14,851 --> 00:00:18,500 is a command line interface tool, or CLI. 5 00:00:18,500 --> 00:00:21,440 And it has a number of sub-commands. 6 00:00:21,440 --> 00:00:23,905 You can see we've got 10 or 15 sub-commands here. 7 00:00:23,905 --> 00:00:28,640 Only three that you use on a regular basis. 8 00:00:28,640 --> 00:00:32,370 And those are, in order, init, okay? 9 00:00:32,370 --> 00:00:34,820 So the description here is 10 00:00:34,820 --> 00:00:36,680 initialize a Terraform working directory. 11 00:00:36,680 --> 00:00:38,722 That's not terribly helpful. 12 00:00:38,722 --> 00:00:43,722 What init does is it downloads Terraform providers 13 00:00:46,230 --> 00:00:50,170 or makes sure that they already exist, okay? 14 00:00:50,170 --> 00:00:51,810 And we're gonna get much deeper 15 00:00:51,810 --> 00:00:54,051 into what providers are later on 16 00:00:54,051 --> 00:00:55,986 but I can tell you right now 17 00:00:55,986 --> 00:01:00,986 that those are the interface to individual cloud services. 18 00:01:01,150 --> 00:01:04,780 For example, there's an AWS provider, 19 00:01:04,780 --> 00:01:06,590 there's a Google provider, 20 00:01:06,590 --> 00:01:09,320 there are providers for things 21 00:01:09,320 --> 00:01:11,350 that may not seem like cloud at all, 22 00:01:11,350 --> 00:01:13,053 like there's a GitHub provider. 23 00:01:14,170 --> 00:01:16,340 There's a G-Suite provider. 24 00:01:16,340 --> 00:01:20,330 So the providers are very, very important. 25 00:01:20,330 --> 00:01:21,890 So init does two things. 26 00:01:21,890 --> 00:01:24,050 It downloads or ensures that 27 00:01:24,050 --> 00:01:27,620 the providers referenced in the config are available 28 00:01:27,620 --> 00:01:30,300 and then it also ensures 29 00:01:30,300 --> 00:01:34,910 that any modules referenced are available. 30 00:01:34,910 --> 00:01:37,750 And we're gonna get into what modules are here 31 00:01:37,750 --> 00:01:39,060 in a few lessons. 32 00:01:39,060 --> 00:01:40,450 You don't have to worry about that right now. 33 00:01:40,450 --> 00:01:43,926 But those are basically pieces of code that either you wrote 34 00:01:43,926 --> 00:01:46,183 or that it downloads from the internet. 35 00:01:47,510 --> 00:01:51,090 So init must be run on any Terraform directory 36 00:01:51,090 --> 00:01:55,756 before you can proceed to the next step, which is plan. 37 00:01:55,756 --> 00:01:57,100 Okay? 38 00:01:57,100 --> 00:01:59,370 So what plan does, 39 00:01:59,370 --> 00:02:01,040 if you'll remember a few slides ago, 40 00:02:01,040 --> 00:02:06,040 we showed the config and the state being compared. 41 00:02:06,760 --> 00:02:08,010 That's what plan does. 42 00:02:08,010 --> 00:02:10,180 Plan prepares the configuration 43 00:02:10,180 --> 00:02:13,110 so what you're telling Terraform 44 00:02:13,110 --> 00:02:15,270 that you want the state of the world to be 45 00:02:15,270 --> 00:02:18,163 with what Terraform thinks the state of the world is. 46 00:02:19,030 --> 00:02:22,630 And then the output from that step is a detailed plan 47 00:02:22,630 --> 00:02:26,140 of exactly everything that Terraform is going to change 48 00:02:26,140 --> 00:02:27,280 in order to get there. 49 00:02:27,280 --> 00:02:31,160 So that plan will display in the console 50 00:02:32,300 --> 00:02:34,830 all the changes that it's going to make. 51 00:02:34,830 --> 00:02:39,660 And if you tell it to, it will also create a plan file. 52 00:02:39,660 --> 00:02:43,643 And the plan file is used for the next step, which is apply. 53 00:02:44,900 --> 00:02:45,733 Okay? 54 00:02:46,610 --> 00:02:51,610 Apply simply tells Terraform to make the state of the world, 55 00:02:53,210 --> 00:02:56,910 reflect the configuration that you've given it. 56 00:02:56,910 --> 00:02:59,750 And you can either give it a plan file 57 00:02:59,750 --> 00:03:02,970 or it will run the plan step for you 58 00:03:02,970 --> 00:03:06,920 and then you'll have to confirm that you want to run it. 59 00:03:06,920 --> 00:03:11,280 It's always best practice to run plan with an output file. 60 00:03:11,280 --> 00:03:13,260 And we'll be using these steps 61 00:03:13,260 --> 00:03:17,160 throughout the entirety of this training. 62 00:03:17,160 --> 00:03:19,000 So in addition to those, 63 00:03:19,000 --> 00:03:24,000 Terraform has lots of other commands. 64 00:03:24,510 --> 00:03:27,280 We've got about 12 other commands here. 65 00:03:27,280 --> 00:03:31,080 Destroy is also one that you may use on a regular basis. 66 00:03:31,080 --> 00:03:33,810 So what destroy does is tells Terraform 67 00:03:33,810 --> 00:03:35,100 to take that state file, 68 00:03:35,100 --> 00:03:38,680 so all the resources that Terraform has created, 69 00:03:38,680 --> 00:03:39,870 and destroy them. 70 00:03:39,870 --> 00:03:42,680 So this is common in development environments, 71 00:03:42,680 --> 00:03:44,540 but you have to be careful with it, obviously, 72 00:03:44,540 --> 00:03:49,453 because it can also destroy your production database. 73 00:03:50,497 --> 00:03:53,930 Fmt, or format, you can see the description, 74 00:03:53,930 --> 00:03:56,940 rewrite config files to canonical format. 75 00:03:56,940 --> 00:04:00,193 So what that does, and this is somewhat common 76 00:04:00,193 --> 00:04:03,810 in tools that are written in go, 77 00:04:03,810 --> 00:04:08,810 is that rather than allowing everybody to have an opinion 78 00:04:08,840 --> 00:04:12,465 about what the formatting of the files should be, 79 00:04:12,465 --> 00:04:14,930 Terraform just goes ahead and tells you. 80 00:04:14,930 --> 00:04:17,080 So you can run this format command 81 00:04:17,080 --> 00:04:20,640 against your Terraform config files. 82 00:04:20,640 --> 00:04:25,490 And it will do things like convert tabs to spaces 83 00:04:26,385 --> 00:04:30,100 and align the indentations and things like that. 84 00:04:30,100 --> 00:04:34,550 So things that aren't necessarily syntactically incorrect 85 00:04:36,108 --> 00:04:37,560 it will change for you. 86 00:04:37,560 --> 00:04:41,130 So it's a good practice to run the format command 87 00:04:41,130 --> 00:04:42,440 before you do something like 88 00:04:42,440 --> 00:04:44,930 check your code in to get up for example. 89 00:04:44,930 --> 00:04:47,254 Okay get is rarely used. 90 00:04:47,254 --> 00:04:49,860 This simply downloads and installs modules 91 00:04:49,860 --> 00:04:50,693 for the configuration. 92 00:04:50,693 --> 00:04:53,330 That's something that's normally handled by init. 93 00:04:53,330 --> 00:04:55,770 Graph, we'll talk about graph later, 94 00:04:55,770 --> 00:05:00,770 but it will display the dependency tree of the resources. 95 00:05:01,180 --> 00:05:03,390 And when we talk about the config language, 96 00:05:03,390 --> 00:05:06,875 we're gonna talk about dependencies quite a bit. 97 00:05:06,875 --> 00:05:10,490 Import is an important one. 98 00:05:10,490 --> 00:05:14,790 This one is used if you have resources 99 00:05:14,790 --> 00:05:17,300 that have been created without using Terraform, 100 00:05:17,300 --> 00:05:20,620 so if you already have a whole AWS environment 101 00:05:20,620 --> 00:05:23,580 and you would like to begin managing that in Terraform, 102 00:05:23,580 --> 00:05:24,980 you'd use the import command. 103 00:05:24,980 --> 00:05:27,850 And we'll talk about how to do that later. 104 00:05:27,850 --> 00:05:30,190 Unfortunately, it's pretty tedious. 105 00:05:30,190 --> 00:05:33,208 There's not a good way from within Terraform itself 106 00:05:33,208 --> 00:05:38,110 to sort of import in an entire infrastructure. 107 00:05:38,110 --> 00:05:40,210 So it's sort of one piece at a time. 108 00:05:40,210 --> 00:05:42,030 Outputs, we'll talk about outputs later, 109 00:05:42,030 --> 00:05:46,960 but this will simply display on the screen 110 00:05:46,960 --> 00:05:48,340 any outputs that are defined 111 00:05:48,340 --> 00:05:50,143 in your Terraform configuration. 112 00:05:51,160 --> 00:05:53,580 Providers, we talked about Providers a little bit, 113 00:05:53,580 --> 00:05:56,170 but this command also rarely used, 114 00:05:56,170 --> 00:05:59,030 but it will tell you sort of the dependency tree 115 00:05:59,030 --> 00:06:00,880 of the providers. 116 00:06:00,880 --> 00:06:03,770 Refresh will update the local state file 117 00:06:03,770 --> 00:06:05,190 against real resources. 118 00:06:05,190 --> 00:06:07,577 So if you have some drift in there, 119 00:06:07,577 --> 00:06:12,577 you may be able to detect that with the refresh command. 120 00:06:12,820 --> 00:06:17,370 The show command will simply display some information 121 00:06:17,370 --> 00:06:21,070 about your state or your plan file. 122 00:06:21,070 --> 00:06:22,780 Taint is an interesting one. 123 00:06:22,780 --> 00:06:27,780 So taint will mark a resource as needing to be refreshed 124 00:06:29,830 --> 00:06:31,950 within the configuration. 125 00:06:31,950 --> 00:06:34,990 This one needs to be used occasionally. 126 00:06:34,990 --> 00:06:36,540 It's somewhat rare. 127 00:06:36,540 --> 00:06:40,790 I would say that it's sort of an advanced use case. 128 00:06:40,790 --> 00:06:44,258 I do use it regularly, but it's usually a sign 129 00:06:44,258 --> 00:06:47,720 that there's something wrong with your configuration 130 00:06:47,720 --> 00:06:49,673 that needs to be addressed otherwise. 131 00:06:50,540 --> 00:06:52,390 Untaint, I've never used untaint. 132 00:06:52,390 --> 00:06:55,630 I guess if you've inadvertently tainted something, 133 00:06:55,630 --> 00:06:57,560 you can untaint it. 134 00:06:57,560 --> 00:07:02,400 Validate is similar to a lint or just a syntax check. 135 00:07:02,400 --> 00:07:05,060 So validate will run against your config file 136 00:07:05,060 --> 00:07:09,160 and just simply tell you whether the syntax itself is valid. 137 00:07:09,160 --> 00:07:10,165 So it's a good idea to run this 138 00:07:10,165 --> 00:07:15,165 as part of your something like a get pre-commit hook, 139 00:07:15,230 --> 00:07:18,730 for example, so you don't check typos in it. 140 00:07:18,730 --> 00:07:20,613 We'll talk about this a little bit 141 00:07:20,613 --> 00:07:23,393 when we get into the continuous deployment section. 142 00:07:24,410 --> 00:07:25,440 Version you already saw. 143 00:07:25,440 --> 00:07:27,020 This simply tells you 144 00:07:27,020 --> 00:07:28,811 what version of Terraform you're using. 145 00:07:28,811 --> 00:07:32,555 And then workspace we'll get into 146 00:07:32,555 --> 00:07:36,620 during the collaboration section. 147 00:07:36,620 --> 00:07:41,220 But a workspace in Terraform is essentially 148 00:07:41,220 --> 00:07:44,123 an alternative version of the state. 149 00:07:45,300 --> 00:07:50,300 So you can do things like run 150 00:07:50,309 --> 00:07:54,270 different stages of development using the same config files. 151 00:07:54,270 --> 00:07:58,740 So you can have a dev staging and production workspace, 152 00:07:58,740 --> 00:08:01,780 for example, is a pretty common use for that. 153 00:08:01,780 --> 00:08:03,650 And then there are some other commands here 154 00:08:03,650 --> 00:08:07,010 that are less commonly used. 155 00:08:07,010 --> 00:08:09,950 The 0.12upgrade command, 156 00:08:09,950 --> 00:08:14,069 in between Terraform 0.11 and 0.12, 157 00:08:14,069 --> 00:08:18,073 the configuration language was changed very significantly. 158 00:08:19,760 --> 00:08:24,760 So the 0.12 upgrade commands will attempt to take 159 00:08:25,030 --> 00:08:27,830 a earlier version of your config 160 00:08:27,830 --> 00:08:31,133 and convert it to something that's compatible with 0.12. 161 00:08:33,160 --> 00:08:37,790 This debug command will basically turn on 162 00:08:37,790 --> 00:08:40,000 verbose output of your commands. 163 00:08:40,000 --> 00:08:41,250 There's other ways of doing that 164 00:08:41,250 --> 00:08:44,450 using log settings and so forth. 165 00:08:44,450 --> 00:08:49,450 Force unlock is used when the state file becomes locked. 166 00:08:51,700 --> 00:08:53,580 When you're doing plan or apply 167 00:08:53,580 --> 00:08:57,810 or some of these other commands. 168 00:08:57,810 --> 00:08:59,630 They will enforce a lock on the state file 169 00:08:59,630 --> 00:09:02,840 so that somebody else doesn't work on it at the same time. 170 00:09:02,840 --> 00:09:04,927 And sometimes if Terraform crashes, 171 00:09:04,927 --> 00:09:08,310 or if you cancel it in certain ways, 172 00:09:08,310 --> 00:09:11,590 that state can be locked infinitely. 173 00:09:11,590 --> 00:09:14,929 So sometimes you need to go in and force unlock it 174 00:09:14,929 --> 00:09:18,930 if something has crashed or something has gone wrong. 175 00:09:18,930 --> 00:09:22,790 Sometimes that locked file will become permanently locked. 176 00:09:22,790 --> 00:09:24,253 And then the state command, 177 00:09:25,767 --> 00:09:26,769 well there's a push command 178 00:09:26,769 --> 00:09:28,890 and you can see that they've called it obsolete. 179 00:09:28,890 --> 00:09:30,450 So that's one unused. 180 00:09:30,450 --> 00:09:32,840 But the state command is used for 181 00:09:32,840 --> 00:09:34,650 interacting with the state file. 182 00:09:34,650 --> 00:09:37,060 Occasionally, especially during development, 183 00:09:37,060 --> 00:09:38,390 you may need to manually delete 184 00:09:38,390 --> 00:09:39,580 something from the state file. 185 00:09:39,580 --> 00:09:44,360 Or if somebody has gone into another management tool 186 00:09:44,360 --> 00:09:46,040 and deleted a resource, for example, 187 00:09:46,040 --> 00:09:48,200 like they've gone into the AWS console 188 00:09:48,200 --> 00:09:49,420 and they've deleted something 189 00:09:49,420 --> 00:09:52,093 and didn't realize that it was managed by Terraform, 190 00:09:52,093 --> 00:09:54,610 you may need to go into the state file 191 00:09:54,610 --> 00:09:59,260 using this state command and remove that resource. 192 00:09:59,260 --> 00:10:00,130 We'll talk about that 193 00:10:00,130 --> 00:10:02,380 in the debugging and troubleshooting section.