/terraform-provider-ct

Terraform provider for Container Linux Config (CLC) and Fedora CoreOS Config (FCC) validation

Primary LanguageGoApache License 2.0Apache-2.0

terraform-provider-ct

terraform-provider-ct allows Terraform to validate a Container Linux Config or Fedora CoreOS Config and render it as Ignition for machine consumption.

Define a Container Linux Config (CLC) or Fedora CoreOS Config (FCC) in version control.

# worker.yaml Container Linux Config
passwd:
  users:
    - name: core
      ssh_authorized_keys:
        - ssh-key foo

Render the config with Terraform for machine consumption.

data "ct_config" "worker" {
  content      = file("worker.yaml")
  pretty_print = false
  strict       = true
}

resource "aws_instance" "worker" {
  user_data = data.ct_config.worker.rendered
}

See the Container Linux or Fedora CoreOS examples.

Requirements

Ignition Outputs

Container Linux Configs are coupled with the render tool. For example, all CLCs are rendered in Ignition v2.2.0 format. A future terraform-provider-ct release would be needed to bump that version.

Fedora CoreOS Config's contain a version that is associated with an Ignition format verison. For example, FCC's with version: 1.0.0 produce Ignition 3.0.0. A future terraform-provider-ct release would be needed to add support for newer versions, but FCCs could continue specifying 1.0.0 indefintely.

terraform-provider-ct Ignition (for CLCs) Ignition (for FCC)
0.4.x Renders 2.2.0 FCC 1.0.0 -> Ignition 3.0.0
0.3.x Renders 2.2.0 NA
0.2.x Renders 2.0.0 NA

Install

Add the terraform-provider-ct plugin binary for your system to the Terraform 3rd-party plugin directory ~/.terraform.d/plugins.

VERSION=v0.4.0
wget https://github.com/poseidon/terraform-provider-ct/releases/download/$VERSION/terraform-provider-ct-$VERSION-linux-amd64.tar.gz
tar xzf terraform-provider-ct-$VERSION-linux-amd64.tar.gz
mv terraform-provider-ct-$VERSION-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_$VERSION

Terraform plugin binary names are versioned to allow for migrations of managed infrastructure.

$ tree ~/.terraform.d/
/home/user/.terraform.d/
└── plugins
    ├── terraform-provider-ct_v0.3.0
    ├── terraform-provider-ct_v0.3.1
    ├── terraform-provider-ct_v0.3.2
    └── terraform-provider-ct_v0.4.0

Usage

Configure the ct provider in a providers.tf file.

provider "ct" {
  version = "0.4.0"
}

Run terraform init to ensure plugin version requirements are met.

$ terraform init

Declare a ct_config resource in Terraform. Set the content to the contents of a Container Linux Config or Fedora CoreOS Config that should be validated and rendered as Ignition.

data "ct_config" "worker" {
  content      = file("worker.yaml")
  platform     = "ec2"
  pretty_print = false

  snippets = [
    file("units.yaml"),
    file("storage.yaml"),
  ]
}

resource "aws_instance" "worker" {
  user_data = data.ct_config.worker.rendered
}

For Container Linux only, use the snippets field to append a list of Container Linux Config snippets and use platform if platform-specific susbstitution is desired.

Development

Binary

To develop the provider plugin locally, build an executable with Go v1.11+.

make

Vendor

Add or update dependencies in go.mod and vendor.

make update
make vendor