Skip to content
Reference Library
Terraform

Terraform

Basic Commands

Initialise configuration: (use folder as a location to store terraform configuration files )

1

terraform init

Format configuration files

1

terraform fmt

Validate configuration

1

terraform validate

Show possible changes before applying:

1
2

terraform plan
terraform plan -var-file build-specific-variables.tfvars #select a variables file to use for this plan. Will overwrite any of the same variables used in the other variables files

Apply changes:

1

terraform apply

Inspect state of configuration

1
2

terraform show #inspects current state file
terraform show previousplanfile.ftplan #can also be used to inspect previously created plan file

Output plan to show in a format that can be used in a text file to display correctly

1

terraform plan -no-color > planfile.txt

Use tfvars file when executing plan or apply actions:

1

terraform plan -var-file="variables_file.tfvars"

Terraform Configuration files

The main config files are the main.tf and variables.tf files

main.tf

The main.tf contains the main configuration about the build you are creating. The first bit of info in the file is the terraform provider. This is a block of code describing the service that terraform will be building on (AWS, Azure, vSphere etc). It will also contain the info to login to the service.

for the vsphere provider:

1
2
3
4
5
6

provider "vsphere" {
   user           = "${var.vsphere_user}"
  password       = "${var.vsphere_password}"
  vsphere_server = "${var.vsphere_server}"
  allow_unverified_ssl = true
}

data block

In the main file you will place data blocks to describe the infrastructure. this will be used to get the info when building the resources.

You will see the two arguments in the data block, the first describes what type of data it is (this is an object in the terraform provider) and the second is the name which can be used to reference the data elsewhere in the config

In the compute cluster data block you can see it is looking at the earlier data block by using the data.vsphere_datacenter.datacenter description

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18

data "vsphere_datacenter" "datacenter" {
  name = ""
}

data "vsphere_compute_cluster" "cluster" {
  name          = ""
  datacenter_id = data.vsphere_datacenter.datacenter.id
}

data "vsphere_datastore" "datastore" {
  name          = "${var.vsphere_datastore}"
  datacenter_id = data.vsphere_datacenter.datacenter.id
}

data "vsphere_network" "network" {
  name          = "${var.vsphere_network}"
  datacenter_id = data.vsphere_datacenter.datacenter.id
}

variables.tf

This file will contain the variables for the main.tf file. This way it is easier to do different builds using the same main file.

example of the variable code block for the vsphere provider variables:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

variable "vsphere_user" {
  description = "Username for vSphere"
  default = ""
}

variable "vsphere_password" {
  description = "Password for vSphere"
  default = ""
}

variable "vsphere_server" {
  description = "vSphere server address"
  default     = ""
}

Clone from template

When building templates make sure you add the “firmware” option to the “vsphere_virtual_machine” resource. This needs to be set to “efi” if the template is built with an efi firmware. By default the clone does not apply the same firmware as the template.

==Terraform For Azure== When using terraform for an azure environment you will need to setup the environment differently.

First, terraform will need a service principal to access the azure tenant to carry out the changes.

To create the required configuration you will need to use the azure CLI:

1

az login

it will show you the subscriptions your account has access to after login. Set the subscription you want to create the service principal in, make sure to save the output so you can use the appid and password to connect later on:

1

az account set --subscription ""

Create the service principal:

1

az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/"

you can then setup your environment with the details for the service principal. Alternatively you can save the details in the variables file for use later, however this is less secure:

1
2
3
4

$Env:ARM_CLIENT_ID = ""
$Env:ARM_CLIENT_SECRET = ""
$Env:ARM_SUBSCRIPTION_ID = ""
$Env:ARM_TENANT_ID = ""

once this is complete you can then build your main.tf configuration.

vCenterExcel