HashiCorp Terraform 0.5
We've released Terraform 0.5. Terraform is a tool for safely and efficiently building, combining, and launching infrastructure.
Terraform is currently HashiCorp's fastest growing project, and we decided to focus on a strong 0.5 release following last month's major release. Terraform 0.5 adds some huge features, improves the core significantly, and adds significantly more support for AWS resources.
Feature highlights for Terraform 0.5:
- Multi-Provider (a.k.a. multi-region)
- Automatic AWS retries, dozens of new and improved AWS resources
- Basic Templating
- WinRM-based provisioning
- Environment variables to set Terraform variables
» Community
Before diving into features, we want to show a token of gratitude to the Terraform community. The Terraform community has grown incredibly fast, and Terraform 0.5 is only as big of a release as it is thanks to community contributions.
Terraform 0.5 contains commits from 76 contributors. This is almost half the total contributors of Terraform for all time! This growth was possible not only due to simply a greater number of people, but also the quality of contributions has been fantastic.
In addition to this, Terraform now has two new core committers: Radek Simko and Dave Cunningham. Both of these individuals have made numerous exceptional quality contributions to Terraform and they're now officially core members of the project. Terraform would be much worse off without them.
» Multi-Provider
A major limitation of Terraform prior to 0.5 was the inability for a single Terraform configuration to manage multiple configurations of a single provider. The most prevalent use case was to configure AWS multiple times for different regions, and to manage all those regions within a single Terraform configuration.
Terraform 0.5 adds support for this feature, and it is easy to use:
\# The default provider
provider "aws" {
# ...
}
» West coast region
provider "aws" {
alias = "west"
region = "us-west-2"
}
» Instance using the west coast region
resource "aws\_instance" "foo" {
provider = "aws.west"
# ...
}
You can now configure a provider multiple times, assign an "alias" to each one, and reference this with the "provider" meta-field on all resources. If any of these are omitted, it will be named "default".
This feature was done by community member Matt Good.
Multi-Provider is fully documented here.
» AWS Improvements
Two months ago, HashiCorp hired Clint Shryock to work on AWS improvements full time. For Terraform 0.4, Clint migrated us to the official AWS SDK. For Terraform 0.5, this migration paid off in spades.
Terraform 0.5 had hundreds of contributions, many of them improving the AWS provider. In addition to the contributors, the upstream official AWS SDK was improved to handle automatic API retries for AWS with an exponential backoff. The result of all this improvement is incredible AWS support in Terraform 0.5.
Terraform 0.5 adds support for over 20 new AWS resources and dozens more additional features on top of existing resources. For the full list of new resources, see the CHANGELOG.
The automatic retry features in Terraform 0.5 fix all the rate limiting issues larger users were seeing in Terraform 0.4 and earlier. When a rate limit error is received, Terraform will automatically wait some period of time and then retry. The number of retries is configurable.
Going forward, we're now working on an automated system to tell us which API calls we aren't supporting yet in Terraform as a way to guide us to what remains in AWS. AWS is a massive set of services, and we've been prioritizing the most popular services. This automated system will help us see what remains. The goal is complete coverage.
» Templating
Terraform 0.5 has support for rendering templates as inputs to other resources. The major use case for this is using the results of other resources to populate scripts to provision other resources.
Templating is exposed as a new resource in Terraform. This is a strategy that may not be an obvious use case at first, since resources are generally assumed to be physical things that are managed (such as servers). However, they can just as easily be logical things such as rendered templates. An example will explain:
\# Template for initial configuration bash script
resource "template\_file" "init" {
filename = "init.tpl"
vars {
consul\_address = "${aws\_instance.consul.private\_ip}"
}
}
» Create a web server
resource "aws\_instance" "web" {
# ...
user\_data = "${template\_file.init.rendered}"
}
The template_file
resource is used to render files with arbitrary variables that can be populated from other resources using standard interpolation. The result of the rendering is then available to other downstream resources.
Templating is fully documented here.
» WinRM
Terraform 0.5 has support for the remote-exec
and file
provisioner via WinRM. This lets Terraform better manage Windows machines. Usage is simple and fits seamlessly into the existing model:
provisioner "file" {
source = "conf/myapp.conf"
destination = "C:/App/myapp.conf"
connection {
type = "winrm"
user = "Administrator"
password = "${var.admin\_password}"
}
}
You now use the new parameter type
on the connection block to specify the type of connection to use. This defaults to SSH so all previous configurations continue to be valid.
WinRM is fully documented here.
» Setting Variables via the Environment
Terraform has supported parameterization with variables since version 0.1. With Terraform 0.5, these variables can be set using environment variables in addition to files and command-line flags.
This significantly improves scripting Terraform as well as keeping some secrets out of files and in the environment instead.
$ TF\_VAR\_image=foo terraform apply
...
Environment variables to set variables is fully documented here.
» Conclusion
Terraform is currently our fastest growing project. We're seeing adoption at many large companies as well as a huge growth in our community. Terraform 0.5 builds on the stability of 0.4, improves that stability, and greatly enhances the capabilities of Terraform.
Most importantly, Terraform 0.5 adds hundreds of provider improvements, making Terraform more broadly usable by more people who have been waiting for specific resources to be supported.
Go download it and give it a try!
Sign up for the latest HashiCorp news
More blog posts like this one
5 ways to improve DevEx and security for infrastructure provisioning
Still using manual scripting and provisioning processes? Learn how to accelerate provisioning using five best practices for Infrastructure Lifecycle Management.
Fix the developers vs. security conflict by shifting further left
Resolve the friction between dev and security teams with platform-led workflows that make cloud security seamless and scalable.
HashiCorp at AWS re:Invent: Your blueprint to cloud success
If you’re attending AWS re:Invent in Las Vegas, Dec. 2 - Dec. 6th, visit us for breakout sessions, expert talks, and product demos to learn how to take a unified approach to Infrastructure and Security Lifecycle Management.