Terraform Init Deep Drive

Gayan December 14, 2024

 

Overview

Terraform is a powerful Infrastructure as Code (IaC) tool used to manage and automate infrastructure. It is popular because of its wide range of supported providers, including major cloud platforms like AWS, Azure, and Google Cloud. With Terraform, you define infrastructure using simple configuration files, which allows for consistent and repeatable provisioning of resources. Its declarative approach ensures that the desired state of infrastructure is maintained, reducing errors and manual intervention. Terraform is widely adopted for its ability to manage complex infrastructure in a streamlined and efficient way.

Terraform Init

When you start working with Terraform, the first command you execute is terraform init. For the demonstration purpose I have created very basic terraform files to create an Ec2 instance on AWS .

Below are my files 

main.tf 

 

backend.tf

        Provider.tf

 

Now Lets initialize these terraform files

We are going  take a deeper look at what happens when you run this command.  Below is an overview of what you would see when you execute the terraform init command.

After running terraform init , When check the folder content again , we can see it has created two new items addition to the available terraform files .

    1.  .terraform directory 

    2. .terraform.lock.hcl file

lets see what is indide the ".terraform" directory

  •  Two Directories: 
    •  modues
    •  providers
  • One File : 
    • terraform.tfstate


 Based on the above outputs and findings we can identify that terraform Does 4 things when you run terraform init ,

1. Initialize the Backend

2.Initialize the Modules

3 Initialize the Provider Plugins

4.Create terraform.lock.hcl file

 

Initialization of Terraform Backend 

First lets check again the content of my backend confirmation

terraform {
  backend "local" {
    path = "/home/server/tf_backend/terraform.tfstate"
  }
}

 

Now lets see what has created when run the terraform init

                It has created terraform,tfstate file inside the .terraform directory and another terraform.tfstate file inside /home/server/tf_backend/ directory .

  • terraform.tfstate File inside the .terraform directory  

     
    •  This file stores metadata about the backend configuration. It includes details like the backend type (local), the path to the state file, and other backend-related configurations.
    • It does not store the actual infrastructure state. Instead, it serves as a local reference for Terraform to know where the actual state file is located.

  • terraform.tfstate File inside the /home/server/tf_backend/ directory 
    • This is the actual state file where Terraform will store the infrastructure state after running commands like terraform plan or terraform apply.
    • Initially, this file is empty because no infrastructure has been created or managed yet.
       

Initialization the Modules

 Terraform modules are reusable, self-contained packages of Terraform configurations that group related resources. They help organize infrastructure code, promote re usability, and simplify complex setups by allowing you to define common patterns once and use them across multiple projects. Modules can be local, shared privately, or sourced from public registries like the Terraform Registry

In this example I have used a simple terraform module to create an  EC2  instance.Below is how I have referred that module to create my EC2 instance .

 

 Thus what happen when initialize the modules:

it creates a "modules" directory inside the .terraform directory and module.json file inside that directory.The module.json file  contains metadata about the modules used in your Terraform configuration.

module.json file contains below metadata details

  • Module Sources:
    • Information about where the module was sourced from (e.g., Terraform Registry, Git repository, local path).
  • Module Version:
    • The version of the module (if sourced from a registry or versioned repository).
  • Module Path:
    • The local path where the module's files are downloaded or stored within the .terraform/modules directory.

 lets check our module.json file 


Initialize the Provider Plugins

 Terraform downloads the necessary provider plugins (e.g., AWS, Azure, Google) from the Terraform Registry or a configured source. These plugins enable Terraform to interact with specific APIs for resource management. The downloaded plugins are stored in the .terraform/providers directory for local use.

Here is my provider configuration in terraform 

 

 Now lets see what has been initialized inside the .terraform/providers directory:

 Provider Namespace:

  • Path: registry.terraform.io/hashicorp/aws
  • Terraform supports a wide variety of providers, each maintained by different organizations or namespaces (e.g., hashicorp, datadog, etc.). The directory structure ensures that providers from different namespaces don't conflict.

 Provider Version:

  •  Path: registry.terraform.io/hashicorp/aws/5.81.0
  • Terraform allows you to specify a specific version of a provider in your configuration (e.g., ~> 5.81.0 for AWS). This versioning ensures that your infrastructure remains consistent, even if newer provider versions are released.

 Platform-Specific Binaries:

  •     Path: linux_amd64
  •     Terraform downloads provider binaries specific to your operating system and architecture. For example, the linux_amd64 folder contains the binary for Linux
  •  systems running on x86_64 architecture. This allows Terraform to run seamlessly on various platforms.

Files in the linux_amd64 Directory:

  •     terraform-provider-aws_v5.81.0_x5: The actual provider binary used by Terraform to interact with AWS services.
  •     LICENSE.txt: Licensing information for the provider

Thus above are the mainly initialized contents 

What is the terraform.lock.hcl file ?

The terraform.lock.hcl file is a dependency lock file automatically generated and maintained by Terraform. It ensures that the exact versions of provider plugins used in your Terraform configuration are consistent across different environments and runs.

Why It Matters:

  •     Consistency: Ensures all team members or CI/CD pipelines use the same provider versions.
  •     Security: Verifies the integrity of provider binaries with checksums.
  •     Predictability: Prevents unexpected behavior due to provider version mismatches.

Example Use case :

Lets assume there are two DevOps Engineers in the team : DevOps A and DevOps B

  • DevOps-A runs terraform init on Linux, which downloads the AWS provider version 5.81.0 and generates the terraform.lock.hcl file with the version and checksums. 
  • DevOps B clones the repository and runs terraform init on macOS, where Terraform reads the lock file, downloads the same provider version (5.81.0) for macOS, and verifies it with the checksum. 
  • This ensures both developers use the exact same provider version, maintaining consistency across environments.

Below is the content of the created lock.hcl file in our case :
Gayan

Posted by Gayan

Post a Comment

0 Comments