ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

website: working on backend types

This commit is contained in:
Mitchell Hashimoto 2017-02-15 10:47:30 -08:00
parent bd4425657e
commit a240a9cac7
No known key found for this signature in database
GPG Key ID: 744E147AA52F5B0A
15 changed files with 710 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
website/source/assets/stylesheets/_docs.scss
View File

@ -6,6 +6,7 @@ body.page-sub{
background-color: $light-black;
}
body.layout-backend-types,
body.layout-commands-state,
body.layout-alicloud,
body.layout-archive,

56
website/source/docs/backends/types/artifactory.html.md Normal file
View File

@ -0,0 +1,56 @@
---
layout: "backend-types"
page_title: "Remote State Backend: artifactory"
sidebar_current: "docs-backends-types-standard-artifactory"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# artifactory
**Kind: Standard (with no locking)**
Stores the state as an artifact in a given repository in [Artifactory](https://www.jfrog.com/artifactory/).
Generic HTTP repositories are supported, and state from different
configurations may be kept at different subpaths within the repository.
-> **Note:** The URL must include the path to the Artifactory installation.
It will likely end in `/artifactory`.
## Example Usage
```
terraform remote config \
-backend=artifactory \
-backend-config="username=SheldonCooper" \
-backend-config="password=AmyFarrahFowler" \
-backend-config="url=https://custom.artifactoryonline.com/artifactory" \
-backend-config="repo=foo" \
-backend-config="subpath=terraform-bar"
```
## Example Referencing
```
data "terraform_remote_state" "foo" {
backend = "artifactory"
config {
username = "SheldonCooper"
password = "AmyFarrahFowler"
url = "https://custom.artifactoryonline.com/artifactory"
repo = "foo"
subpath = "terraform-bar"
}
}
```
## Configuration variables
The following configuration options / environment variables are supported:
* `username` / `ARTIFACTORY_USERNAME` (Required) - The username
* `password` / `ARTIFACTORY_PASSWORD` (Required) - The password
* `url` / `ARTIFACTORY_URL` (Required) - The URL. Note that this is the base url to artifactory not the full repo and subpath.
* `repo` (Required) - The repository name
* `subpath` (Required) - Path within the repository

43
website/source/docs/backends/types/atlas.html.md Normal file
View File

@ -0,0 +1,43 @@
---
layout: "remotestate"
page_title: "Remote State Backend: atlas"
sidebar_current: "docs-state-remote-atlas"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# atlas
Stores the state in [Atlas](https://atlas.hashicorp.com/).
You can create a new environment in the [Environments section](https://atlas.hashicorp.com/environments)
and generate new token in the [Tokens page](https://atlas.hashicorp.com/settings/tokens) under Settings.
## Example Usage
```
terraform remote config \
-backend=atlas \
-backend-config="name=bigbang/example" \
-backend-config="access_token=X2iTFefU5aWOjg.atlasv1.YaDa" \
```
## Example Referencing
```
data "terraform_remote_state" "foo" {
backend = "atlas"
config {
name = "bigbang/example"
access_token = "X2iTFefU5aWOjg.atlasv1.YaDa"
}
}
```
## Configuration variables
The following configuration options / environment variables are supported:
* `name` - (Required) Full name of the environment (`<username>/<name>`)
* `access_token` / `ATLAS_TOKEN` - (Required) Atlas API token
* `address` - (Optional) Address to alternative Atlas location (Atlas Enterprise endpoint)

51
website/source/docs/backends/types/azure.html.md Normal file
View File

@ -0,0 +1,51 @@
---
layout: "remotestate"
page_title: "Remote State Backend: azure"
sidebar_current: "docs-state-remote-azure"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# azure
Stores the state as a given key in a given bucket on [Microsoft Azure Storage](https://azure.microsoft.com/en-us/documentation/articles/storage-introduction/).
-> **Note:** Passing credentials directly via config options will
make them included in cleartext inside the persisted state.
Access key should, ideally, be passed using the environment variable
`ARM_ACCESS_KEY` to follow this convention.
## Example Usage
```
terraform remote config \
-backend=azure \
-backend-config="storage_account_name=terraform123abc" \
-backend-config="container_name=terraform-state" \
-backend-config="key=prod.terraform.tfstate"
```
## Example Referencing
```hcl
# setup remote state data source
data "terraform_remote_state" "foo" {
backend = "azure"
config {
storage_account_name = "terraform123abc"
container_name = "terraform-state"
key = "prod.terraform.tfstate"
}
}
```
## Configuration variables
The following configuration options are supported:
* `storage_account_name` - (Required) The name of the storage account
* `container_name` - (Required) The name of the container to use within the storage account
* `key` - (Required) The key where to place/look for state file inside the container
* `access_key` / `ARM_ACCESS_KEY` - (Required) Storage account access key
* `lease_id` / `ARM_LEASE_ID` - (Optional) If set, will be used when writing to storage blob.

49
website/source/docs/backends/types/consul.html.md Normal file
View File

@ -0,0 +1,49 @@
---
layout: "remotestate"
page_title: "Remote State Backend: consul"
sidebar_current: "docs-state-remote-consul"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# consul
Stores the state in the [Consul](https://www.consul.io/) KV store at a given path.
-> **Note:** Specifying `access_token` directly makes it included in
cleartext inside the persisted, shard state.
Use of the environment variable `CONSUL_HTTP_TOKEN` is recommended.
## Example Usage
```
terraform remote config \
-backend=consul \
-backend-config="path=full/path"
```
## Example Referencing
```
data "terraform_remote_state" "foo" {
backend = "consul"
config {
path = "full/path"
}
}
```
## Configuration variables
The following configuration options / environment variables are supported:
* `path` - (Required) Path in the Consul KV store
* `access_token` / `CONSUL_HTTP_TOKEN` - (Required) Access token
* `address` / `CONSUL_HTTP_ADDR` - (Optional) DNS name and port of your Consul endpoint specified in the
format `dnsname:port`. Defaults to the local agent HTTP listener.
* `scheme` - (Optional) Specifies what protocol to use when talking to the given
`address`, either `http` or `https`. SSL support can also be triggered
by setting then environment variable `CONSUL_HTTP_SSL` to `true`.
* `datacenter` - (Optional) The datacenter to use. Defaults to that of the agent.
* `http_auth` / `CONSUL_HTTP_AUTH` - (Optional) HTTP Basic Authentication credentials to be used when
communicating with Consul, in the format of either `user` or `user:pass`.

41
website/source/docs/backends/types/etcd.html.md Normal file
View File

@ -0,0 +1,41 @@
---
layout: "remotestate"
page_title: "Remote State Backend: etcd"
sidebar_current: "docs-state-remote-etcd"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# etcd
Stores the state in [etcd](https://coreos.com/etcd/) at a given path.
## Example Usage
```
terraform remote config \
-backend=etcd \
-backend-config="path=path/to/terraform.tfstate" \
-backend-config="endpoints=http://one:4001 http://two:4001"
```
## Example Referencing
```
data "terraform_remote_state" "foo" {
backend = "etcd"
config {
path = "path/to/terraform.tfstate"
endpoints = "http://one:4001 http://two:4001"
}
}
```
## Configuration variables
The following configuration options are supported:
* `path` - (Required) The path where to store the state
* `endpoints` - (Required) A space-separated list of the etcd endpoints
* `username` - (Optional) The username
* `password` - (Optional) The password

56
website/source/docs/backends/types/gcs.html.md Normal file
View File

@ -0,0 +1,56 @@
---
layout: "remotestate"
page_title: "Remote State Backend: gcs"
sidebar_current: "docs-state-remote-gcs"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# gcs
Stores the state as a given key in a given bucket on [Google Cloud Storage](https://cloud.google.com/storage/).
-> **Note:** Passing credentials directly via config options will
make them included in cleartext inside the persisted state.
Use of environment variables or config file is recommended.
## Example Usage
```
terraform remote config \
-backend=gcs \
-backend-config="bucket=terraform-state-prod" \
-backend-config="path=network/terraform.tfstate" \
-backend-config="project=goopro"
```
## Example Referencing
```hcl
# setup remote state data source
data "terraform_remote_state" "foo" {
backend = "gcs"
config {
bucket = "terraform-state-prod"
path = "network/terraform.tfstate"
project = "goopro"
}
}
# read value from data source
resource "template_file" "bar" {
template = "${greeting}"
vars {
greeting = "${data.terraform_remote_state.foo.greeting}"
}
}
```
## Configuration variables
The following configuration options are supported:
* `bucket` - (Required) The name of the GCS bucket
* `path` - (Required) The path where to place/look for state file inside the bucket
* `credentials` / `GOOGLE_CREDENTIALS` - (Required) Google Cloud Platform account credentials in json format

42
website/source/docs/backends/types/http.html.md Normal file
View File

@ -0,0 +1,42 @@
---
layout: "remotestate"
page_title: "Remote State Backend: http"
sidebar_current: "docs-state-remote-http"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# http
Stores the state using a simple [REST](https://en.wikipedia.org/wiki/Representational_state_transfer) client.
State will be fetched via GET, updated via POST, and purged with DELETE.
## Example Usage
```
terraform remote config \
-backend=http \
-backend-config="address=http://my.rest.api.com"
```
## Example Referencing
```
data "terraform_remote_state" "foo" {
backend = "http"
config {
address = "http://my.rest.api.com"
}
}
```
## Configuration variables
The following configuration options are supported:
* `address` - (Required) The address of the REST endpoint
* `username` - (Optional) The username for HTTP basic authentication
* `password` - (Optional) The password for HTTP basic authentication
* `skip_cert_verification` - (Optional) Whether to skip TLS verification.
Defaults to `false`.

25
website/source/docs/backends/types/index.html.md Normal file
View File

@ -0,0 +1,25 @@
---
layout: "backend-types"
page_title: "Backend: Supported Backend Types"
sidebar_current: "docs-backends-types-index"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# Backend Types
This section documents the various backend types supported by Terraform.
If you're not familiar with backends, please
[read the sections about backends](/docs/backends/index.html) first.
Backends may support differing levels of features in Terraform. We differentiate
these by calling a backend either **standard** or **enhanced**. All backends
must implement **standard** functionality. These are defined below:
* **Standard**: State management, functionality covered in
[State Storage & Locking](/docs/backends/state.html)
* **Enhanced**: Everything in standard plus
[remote operations](/docs/backends/operations.html).
The backends are separated in the left by standard and enhanced.

36
website/source/docs/backends/types/local.html.md Normal file
View File

@ -0,0 +1,36 @@
---
layout: "remotestate"
page_title: "Remote State Backend: local"
sidebar_current: "docs-state-remote-local"
description: |-
Remote state stored using the local file system.
---
# local
Remote state backend that uses the local file system.
## Example Usage
```
terraform remote config \
-backend=local \
-backend-config="path=/path/to/terraform.tfstate"
```
## Example Reference
```
data "terraform_remote_state" "foo" {
backend = "local"
config {
path = "${path.module}/../../terraform.tfstate"
}
}
```
## Configuration variables
The following configuration options are supported:
* `path` - (Required) The path to the `tfstate` file.

46
website/source/docs/backends/types/manta.html.md Normal file
View File

@ -0,0 +1,46 @@
---
layout: "remotestate"
page_title: "Remote State Backend: manta"
sidebar_current: "docs-state-remote-manta"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# manta
Stores the state as an artifact in [Manta](https://www.joyent.com/manta).
## Example Usage
```
terraform remote config \
-backend=manta \
-backend-config="path=random/path" \
-backend-config="objecName=terraform.tfstate"
```
## Example Referencing
```
data "terraform_remote_state" "foo" {
backend = "manta"
config {
path = "random/path"
objectName = "terraform.tfstate"
}
}
```
## Configuration variables
The following configuration options are supported:
* `path` - (Required) The path relative to your private storage directory (`/$MANTA_USER/stor`) where the state file will be stored
* `objectName` - (Optional) The name of the state file (defaults to `terraform.tfstate`)
The following [Manta environment variables](https://apidocs.joyent.com/manta/#setting-up-your-environment) are supported:
* `MANTA_URL` - (Required) The API endpoint
* `MANTA_USER` - (Required) The Manta user
* `MANTA_KEY_ID` - (Required) The MD5 fingerprint of your SSH key
* `MANTA_KEY_MATERIAL` - (Required) The path to the private key for accessing Manta (must align with the `MANTA_KEY_ID`). This key must *not* be protected by passphrase.

103
website/source/docs/backends/types/s3.html.md Normal file
View File

@ -0,0 +1,103 @@
---
layout: "remotestate"
page_title: "Remote State Backend: s3"
sidebar_current: "docs-state-remote-s3"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# S3
Stores the state as a given key in a given bucket on [Amazon
S3](https://aws.amazon.com/s3/).
~> **Warning!** It is highly recommended that you enable
[Bucket Versioning](http://docs.aws.amazon.com/AmazonS3/latest/UG/enable-bucket-versioning.html)
on the S3 bucket to allow for state recovery in the case of accidental deletions and human error.
## Using S3 for Remote State
To enable remote state on S3 we run the `terraform remote config`
command like so:
```
terraform remote config \
-backend=s3 \
-backend-config="bucket=terraform-state-prod" \
-backend-config="key=network/terraform.tfstate" \
-backend-config="region=us-east-1"
```
This assumes we have a bucket created called `terraform-state-prod`. The
Terraform state is written to the file `terraform.tfstate` in a folder
called `network`.
-> **Note:** Passing credentials directly via configuration options will
make them included in cleartext inside the persisted state. Use of
environment variables or a configuration file is recommended.
## Using the S3 remote state
To make use of the S3 remote state we can use the
[`terraform_remote_state` data
source](/docs/providers/terraform/d/remote_state.html).
```
data "terraform_remote_state" "foo" {
backend = "s3"
config {
bucket = "terraform-state-prod"
key = "network/terraform.tfstate"
region = "us-east-1"
}
}
```
The `terraform_remote_state` data source will return all of the root outputs
defined in the referenced remote state, an example output might look like:
```
data.terraform_remote_state.network:
id = 2016-10-29 01:57:59.780010914 +0000 UTC
addresses.# = 2
addresses.0 = 52.207.220.222
addresses.1 = 54.196.78.166
backend = s3
config.% = 3
config.bucket = terraform-state-prod
config.key = network/terraform.tfstate
config.region = us-east-1
elb_address = web-elb-790251200.us-east-1.elb.amazonaws.com
public_subnet_id = subnet-1e05dd33
```
## Configuration variables
The following configuration options or environment variables are supported:
* `bucket` - (Required) The name of the S3 bucket.
* `key` - (Required) The path to the state file inside the bucket.
* `region` / `AWS_DEFAULT_REGION` - (Optional) The region of the S3
bucket.
* `endpoint` / `AWS_S3_ENDPOINT` - (Optional) A custom endpoint for the
S3 API.
* `encrypt` - (Optional) Whether to enable [server side
encryption](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html)
of the state file.
* `acl` - [Canned
ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl)
to be applied to the state file.
* `access_key` / `AWS_ACCESS_KEY_ID` - (Optional) AWS access key.
* `secret_key` / `AWS_SECRET_ACCESS_KEY` - (Optional) AWS secret access key.
* `kms_key_id` - (Optional) The ARN of a KMS Key to use for encrypting
the state.
* `lock_table` - (Optional) The name of a DynamoDB table to use for state
locking. The table must have a primary key named LockID.
* `profile` - (Optional) This is the AWS profile name as set in the
shared credentials file.
* `shared_credentials_file` - (Optional) This is the path to the
shared credentials file. If this is not set and a profile is specified,
`~/.aws/credentials` will be used.
* `token` - (Optional) Use this to set an MFA token. It can also be
sourced from the `AWS_SESSION_TOKEN` environment variable.
* `role_arn` - (Optional) The role to be assumed

92
website/source/docs/backends/types/swift.html.md Normal file
View File

@ -0,0 +1,92 @@
---
layout: "remotestate"
page_title: "Remote State Backend: swift"
sidebar_current: "docs-state-remote-swift"
description: |-
Terraform can store the state remotely, making it easier to version and work with in a team.
---
# swift
Stores the state as an artifact in [Swift](http://docs.openstack.org/developer/swift/).
-> **Note:** Passing credentials directly via configuration options will
make them included in cleartext inside the persisted state. Use of
environment variables is recommended.
## Example Usage
```
terraform remote config \
-backend=swift \
-backend-config="path=terraform_state"
```
## Example Referencing
```
data "terraform_remote_state" "foo" {
backend = "swift"
config {
path = "terraform_state"
}
}
```
## Configuration variables
The following configuration options are supported:
* `auth_url` - (Required) The Identity authentication URL. If omitted, the
`OS_AUTH_URL` environment variable is used.
* `path` - (Required) The path where to store `terraform.tfstate`.
* `user_name` - (Optional) The Username to login with. If omitted, the
`OS_USERNAME` environment variable is used.
* `user_id` - (Optional) The User ID to login with. If omitted, the
`OS_USER_ID` environment variable is used.
* `password` - (Optional) The Password to login with. If omitted, the
`OS_PASSWORD` environment variable is used.
* `token` - (Optional) Access token to login with instead of user and password.
If omitted, the `OS_AUTH_TOKEN` variable is used.
* `region_name` (Required) - The region in which to store `terraform.tfstate`. If
omitted, the `OS_REGION_NAME` environment variable is used.
* `tenant_id` (Optional) The ID of the Tenant (Identity v2) or Project
(Identity v3) to login with. If omitted, the `OS_TENANT_ID` or
`OS_PROJECT_ID` environment variables are used.
* `tenant_name` - (Optional) The Name of the Tenant (Identity v2) or Project
(Identity v3) to login with. If omitted, the `OS_TENANT_NAME` or
`OS_PROJECT_NAME` environment variable are used.
* `domain_id` - (Optional) The ID of the Domain to scope to (Identity v3). If
If omitted, the following environment variables are checked (in this order):
`OS_USER_DOMAIN_ID`, `OS_PROJECT_DOMAIN_ID`, `OS_DOMAIN_ID`.
* `domain_name` - (Optional) The Name of the Domain to scope to (Identity v3).
If omitted, the following environment variables are checked (in this order):
`OS_USER_DOMAIN_NAME`, `OS_PROJECT_DOMAIN_NAME`, `OS_DOMAIN_NAME`,
`DEFAULT_DOMAIN`.
* `insecure` - (Optional) Trust self-signed SSL certificates. If omitted, the
`OS_INSECURE` environment variable is used.
* `cacert_file` - (Optional) Specify a custom CA certificate when communicating
over SSL. If omitted, the `OS_CACERT` environment variable is used.
* `cert` - (Optional) Specify client certificate file for SSL client
authentication. If omitted the `OS_CERT` environment variable is used.
* `key` - (Optional) Specify client private key file for SSL client
authentication. If omitted the `OS_KEY` environment variable is used.
* `archive_path` - (Optional) The path to store archived copied of `terraform.tfstate`.
If specified, Swift object versioning is enabled on the container created at `path`.
* `expire_after` - (Optional) How long should the `terraform.tfstate` created at `path`
be retained for? Supported durations: `m` - Minutes, `h` - Hours, `d` - Days.

65
website/source/layouts/backend-types.erb Normal file
View File

@ -0,0 +1,65 @@
<% wrap_layout :inner do %>
<% content_for :sidebar do %>
<div class="docs-sidebar hidden-print affix-top" role="complementary">
<ul class="nav docs-sidenav">
<li>
<a href="/docs/backends/index.html">&laquo; Backends</a>
</li>
<li<%= sidebar_current(/^docs-backends-types-index/) %>>
<a href="/docs/backends/types/index.html">Backend Types</a>
</li>
<li<%= sidebar_current(/^docs-backends-types-enhanced-/) %>>
<a href="#">Enhanced Backends</a>
<ul class="nav nav-visible">
<li<%= sidebar_current("docs-backends-types-enhanced-local") %>>
<a href="/docs/backends/types/local.html">local</a>
</li>
</ul>
</li>
<li<%= sidebar_current(/^docs-backends-types-standard-/) %>>
<a href="#">Standard Backends</a>
<ul class="nav nav-visible">
<li<%= sidebar_current("docs-backends-types-standard-artifactory") %>>
<a href="/docs/backends/types/artifactory.html">artifactory</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-atlas") %>>
<a href="/docs/backends/types/atlas.html">atlas</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-azure") %>>
<a href="/docs/backends/types/azure.html">azure</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-consul") %>>
<a href="/docs/backends/types/consul.html">consul</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-etcd") %>>
<a href="/docs/backends/types/etcd.html">etcd</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-gcs") %>>
<a href="/docs/backends/types/gcs.html">gcs</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-http") %>>
<a href="/docs/backends/types/http.html">http</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-local") %>>
<a href="/docs/backends/types/local.html">local</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-manta") %>>
<a href="/docs/backends/types/manta.html">manta</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-s3") %>>
<a href="/docs/backends/types/s3.html">s3</a>
</li>
<li<%= sidebar_current("docs-backends-types-standard-swift") %>>
<a href="/docs/backends/types/swift.html">swift</a>
</li>
</ul>
</li>
</ul>
</div>
<% end %>
<%= yield %>
<% end %>

4
website/source/layouts/docs.erb
View File

@ -477,6 +477,10 @@
<a href="/docs/backends/state.html">State Storage & Locking</a>
</li>
<li<%= sidebar_current("docs-backends-types") %>>
<a href="/docs/backends/types/index.html">Backend Types</a>
</li>
<!--
<li<%= sidebar_current("docs-backends-ops") %>>
<a href="/docs/backends/operations.html">Operations</a>