Saikat Mukherjee's blog

Terraform state file,Remote backends , State locking

Terraform state file,Remote backends , State locking

TerraWeek Day 4

Saikat Mukherjee's photo
Saikat Mukherjee
·

7 min read

Table of contents

Research the importance of Terraform state in managing infrastructure. Share your findings on how Terraform state helps track the current state of resources.

Terraform stores information about your infrastructure in a state file. This state file keeps track of resources created by your configuration and maps them to real-world resources. Terraform compares your configuration with the state file and your existing infrastructure to create plans and make changes to your infrastructure. When you run terraform apply or terraform destroy against your initialized configuration, Terraform writes metadata about your configuration to the state file and updates your infrastructure resources accordingly.

The benefits of using a Terraform state

  1. **Idempotence:-**Whenever a Terraform configuration is applied, Terraform checks if there is an actual change made. Only the resources that are changed will be updated.

  2. **Deducing dependencies:-**Terraform maintains a list of dependencies in the state file so that it can properly deal with dependencies that no longer exist in the current configuration.

  3. **Performance:-**Terraform can be told to skip the refresh even when a configuration change is made. Only a particular resource can be refreshed without triggering a full refresh of the state, hence improving performance.

  4. **Collaboration:-**State keeps track of the version of an applied configuration, and it's stored in a remote, shared location. So collaboration is easily done without overwriting.

  5. **Auditing:-**Invalid access can be identified by enabling logging.

  6. **Safer storage:-**Storing state on the remote server helps prevent sensitive information.

How does Terraform State Work?

Terraform state works by storing a record of the resources deployed and managed by Terraform and their current configuration. When you run the terraform plan and terraform apply commands, it uses the contents of the state file to determine the required actions to modify the infrastructure resources to bring them into the desired state that is configured in the Terraform code. The state is also used to determine if a resource needs to be created, updated, or destroyed in order to meet the desired configuration.

Terraform state can be managed locally or remotely. Local state management stores the state file on the local file system, while remote state management stores the state file in a remote data store such as Microsoft Azure Blob Storage or AWS S3. Remote state management provides better collaboration and security features than local state management.

Terraform state management can be divided into two categories:

  • local state management:- Local state management stores the state on the local file system of the machine running Terraform. Local state management is suitable for small teams or single-person projects because it is easy to set up and manage. Local state management is the default and makes it easy to get up and running with HashiCorp Terraform infrastructure as code deployments.

  • remote state management:- Remote state management stores the state in a remote data store such as Microsoft Azure Blob Storage, AWS S3, or even the HashiCorp Terraform Cloud. Remote state management is suitable for larger teams or projects with multiple contributors because it allows multiple team members to share and manage the state.

Understand the different methods of storing the state file (local or remote). Create a simple Terraform configuration file and initialize it to generate a local state file and provide the terraform state command and mention it's purpose. Check usage of terraform state command.

Terraform state can be managed locally or remotely. Local state management stores the state file on the local file system, while remote state management stores the state file in a remote data store such as Microsoft Azure Blob Storage or AWS S3.

  • local state file:- Terraform uses a local state file named terraform.tfstate to store the current state of resource configuration. The local state file is the default Terraform when creating a new Terraform project, but you can configure it using the terraform block in the Terraform configuration file.

    To initialize local state management, run the terraform init command. Terraform will create a new state file named terraform.tfstate in the current directory of the Terraform project. Once initialized, Terraform will use this local state file to store the metadata of your infrastructure resources when terraform apply is run to deploy to the environment.

    Terraform local state does, however, have some disadvantages. It is vulnerable to data loss, and is challenging for team collaboration. Therefore, it is recommended to use remote state management with production Terraform deployments.

  • **remote state management:-**Remote state management allows you to store the state in a remote data store. Terraform supports several remote data stores, including Microsoft Azure Blob Storage, AWS S3, Google Cloud Storage, and the HashiCorp Terraform Cloud.

Here's an example using AWS S3 as the remote backend:-

Step 1:- Firstly we need to go to AWS console and then we have to go inside the virtual machine and need to create the requirements provider file

vi terraform.tf

terraform {

required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "4.66.1"
    }
  }

After that we need to run terraform init -This command will scan your tf files in that folder and install all the required automation things

Step 2:- Now we need to create providers.tf

vi providers.tf

provider "aws" {
region = "us-east-1"
}

we need to configure to aws. Either we can configure it or we can define in the code also

provider "aws" {
  region     = "us-east-1"
  access_key = "YOUR_AWS_ACCESS_KEY"
  secret_access_key = "YOUR_AWS_SECRET_ACCESS_KEY"
}

Step 3:- Now we need to create resource.tf in which we will specify all the resources

vi resource.tf 

resource "aws_s3_bucket" "my_bucket" {
  bucket = "terraform-state-bucket-09"
}

resource "aws_dynamodb_table" "my_table" {
    name = "terraform-demo-dynamo-table-09"
    billing_mode = "PAY_PER_REQUEST"
    hash_key = "LockID"
    attribute {
        name = "LockID"
        type = "S"
  }
}

Now we need to run terraform plan -This command will create an execution plan for terraforming, the things that will be installed, the names, and the properties added.

Step 4:- terraform apply -The actual execution and automation happen in this command.

Now we need to check whether S3 bucket and dynamo db created or not

Explore remote state management options such as AWS S3 .

Step 1:- First we need to create a separate directory to see the changes and create a resources

vi terraform.tf

terraform {

required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "4.66.1"
    }
  }

backend "s3" {
        bucket = "terraform-state-bucket-09"
        key = "terraform.tfstate"
        region = "us-east-1"
        dynamodb_table = "terraform-demo-dynamo-table-09"
}
}

Now we need to run terraform init -This command will scan your tf files in that folder and install all the required automation things

We can now terraform state files will be stored in an S3 bucket instead of locally

Step 2:- Now lets create an EC2 machine so for that we need to create a resource

vi resources.tf

provider "aws" {
region = "us-east-1"
}

resource "aws_instance" "aws_ec2_test" {

        ami = "ami-053b0d53c279acc90"
        instance_type = "t2.micro"
        tags = {
     Name = "test-instance"
  }
}

Now we need to run terraform plan -This command will create an execution plan for terraforming, the things that will be installed, the names, and the properties added.

Step 3:- terraform apply -The actual execution and automation happen in this command.

Now if we run ls command we can't see any state file

And from s3 bucket we can see the state file

Few terraform commands:-

  • terraform state list -This command lists all of the resources in the state file.

  • terraform state show -This command shows the details for a specific resource in the state file.

  • terraform state diff -This command shows the differences between the resources in the state file and the resources in the real world.

  • terraform state destroy -This command destroys all of the resources in the state file.

  • terraform state mv -This command renames a resource in the state file, updating its address and maintaining state and dependencies.

  • terraform state rm -This command removes a resource from the state file, no longer managing it but leaving the actual resource in the cloud intact

State locking:-

If we go to dynamo table below we can see the state-locking file

now if we try to create or apply any changes one locking file will be there and till that time if anyone wants to change or do anything they unable to do it

Devops#devops,#TerraWeekDay4

Thank you for reading!! I hope you find this article helpful!!

if any queries or corrections to be done to this blog please let me know.

Happy Learning!!

Saikat Mukherjee

Thank You Images - Free Download on Freepik

Did you find this article valuable?

Support Saikat Mukherjee by becoming a sponsor. Any amount is appreciated!

DevopsDevops articles