Terraform Driver

    On startup, Consul-Terraform-Sync:

    1. Downloads and installs Terraform
    2. Prepares local workspace directories. Terraform configuration and execution for each task is organized as separate Terraform workspaces. The state files for tasks are independent of each other.

    Once all workspaces are set up, Consul-Terraform-Sync monitors the Consul catalog for service changes. When relevant changes are detected, the Terraform driver dynamically updates input variables for that task using a template to render them to a file named . This file is passed as a parameter to the Terraform CLI when executing and to update your network infrastructure with the latest Consul service details.

    Autogenerated root modules for tasks are mantained in local subdirectories of the Consul-Terraform-Sync working directory. Each subdirectory represents the local workspace for a task. By default, the working directory is created in the current directory. To configure where Terraform configuration files are stored, set working_dir to the desired path or configure the individually.

    Note: Although Terraform state files for task workspaces are independent, this does not guarantee the infrastructure changes from concurrent task executions are independent. Ensure that modules across all tasks are not modifying the same resource objects or have overlapping changes that may result in race conditions during automation.

    Root Module

    A working directory with one task named “cts-example” would have the folder structure below when running with the Terraform driver.

    The following files of the root module are generated for each task. An can be found in the project repository.

    • main.tf - The main file contains the terraform block, provider blocks, and a module block calling the module configured for the task.
      • block - The corresponding provider source and versions for the task from the configuration files are placed into this block for the root module. The Terraform backend from the configuration is also templated here.
      • provider blocks - The provider blocks generated in the root module resemble the blocks from the configuration for Consul-Terraform-Sync. They have identical arguments present and are set from the intermediate variable created per provider.
      • block - The module block is where the task’s module is called as a child module. The child module contains the core logic for automation. Required and optional input variables are passed as arguments to the module.
    • - This file contains three types of variable declarations.
      • Any additional optional input variables provided by Consul-Terraform-Sync that the module may include.
      • Various intermediate variables used to configure providers. Intermediate provider variables are interpolated from the provider blocks and arguments configured in the Consul-Terraform-Sync configuration.
    • - This file is created if there are variables configured for the task and contains the interpolated variable declarations that match the variables from configuration. These are then used to proxy the configured variables to the module through explicit assignment in the module block.
    • - This file is created if there are providers configured for the task and defined . This file may contain sensitive information. To omit sensitive information from this file, you can securely configure Terraform providers for Consul-Terraform-Sync using environment variables or templating.
    • - The variable definitions file is where the services input variable and any optional Consul-Terraform-Sync input variables are assigned values from Consul. It is periodically updated, typically when the task condition is met, to reflect the current state of Consul.