Terraform Driver

    On startup, CTS:

    1. Downloads and installs Terraform
    2. Prepares local workspace directories. Terraform configuration and execution for each task is organized as separate Terraform workspaces. The state files for tasks are independent of each other.
    3. Generates Terraform configuration files that make up the root module for each task.

    Once all workspaces are set up, CTS monitors the Consul catalog for service changes. When relevant changes are detected, the Terraform driver dynamically updates input variables for that task using a template to render them to a file named . This file is passed as a parameter to the Terraform CLI when executing and terraform apply to update your network infrastructure with the latest Consul service details.

    Autogenerated root modules for tasks are maintained in local subdirectories of the CTS working directory. Each subdirectory represents the local workspace for a task. By default, the working directory sync-tasks is created in the current directory. To configure where Terraform configuration files are stored, set working_dir to the desired path or configure the individually.

    Note: Although Terraform state files for task workspaces are independent, this does not guarantee the infrastructure changes from concurrent task executions are independent. Ensure that modules across all tasks are not modifying the same resource objects or have overlapping changes that may result in race conditions during automation.

    Root Module

    A working directory with one task named “cts-example” would have the folder structure below when running with the Terraform driver.

    1. $ tree sync-tasks/
    2. └── cts-example/
    3. ├── main.tf
    4. ├── terraform.tfvars
    5. └── terraform.tfvars.tmpl

    The following files of the root module are generated for each task. An can be found in the project repository.

    • main.tf - The main file contains the terraform block, provider blocks, and a module block calling the module configured for the task.
      • block - The corresponding provider source and versions for the task from the configuration files are placed into this block for the root module. The Terraform backend from the configuration is also templated here.
      • provider blocks - The provider blocks generated in the root module resemble the terraform_provider blocks from the configuration for CTS. They have identical arguments present and are set from the intermediate variable created per provider.
    • - This file contains three types of variable declarations.
      • services input variable (required) determines module compatibility with Consul-Terraform Sync (read more on for more details).
      • Any additional optional input variables provided by CTS that the module may use.
      • Various intermediate variables used to configure providers. Intermediate provider variables are interpolated from the provider blocks and arguments configured in the CTS configuration.
    • - This file is created if there are variables configured for the task and contains the interpolated variable declarations that match the variables from configuration. These are then used to proxy the configured variables to the module through explicit assignment in the module block.
    • - This file is created if there are providers configured for the task and defined . This file may contain sensitive information. To omit sensitive information from this file, you can securely configure Terraform providers for CTS using environment variables or templating.
    • - The variable definitions file is where the services input variable and any optional CTS input variables are assigned values from Consul. It is periodically updated, typically when the task condition is met, to reflect the current state of Consul.
    • terraform.tfvars.tmpl - The template file is used by CTS to template information from Consul by using the HashiCorp configuration and templating library ().