What is Terraform?
Terraform is an open-source infrastructure as code (IaC) tool that allows you to define and manage your cloud infrastructure using declarative configuration files. It enables you to provision, modify, and maintain various resources such as servers, databases, and network across multiple cloud providers.
By using Terraform, you can orchestrate complex infrastructures efficiently, ensuring reproducibility and scalability while minimizing manual intervention.
This tool can automate infrastructure provisioning in both on-premises and cloud environments. It allows DevOps teams to automate infrastructure provisioning using reusable, shareable, human-readable configuration files.
In this guide, we’ll explore the advanced lifecycle management options provided by Terraform: create_before_destroy, ignore_changes, and prevent_destroy.
What is Terraform Lifecycle?
Lifecycle arguments in Terraform are like special instructions that you can give to control how things are made or removed. Instead of following the regular way of doing things, these instructions help you customize the process. They make sure that changes happen smoothly without causing too much interruption. Additionally, they protect important things from being changed when you don’t want them to be. Essentially, they give you more say in how Terraform manages your stuff.
Prerequisites
- Terraform Installed: Ensure Terraform is installed on your machine.
- Cloud Provider Account: Have a cloud account and configure its CLI with necessary credentials.
Understanding Terraform Lifecycle
- create_before_destroy :
The create_before_destroy lifecycle method ensures seamless resource updates by creating a new resource before destroying the old one. This minimizes downtime during updates. Here is an example:
in the following image I’ve added the lifecycle block for the “azurerm_virtual_network” resource.
The “create_before_destroy” is set to “true” which tells Terraform to create a new version of the resource before destroying the existing one during updates. Like you can see in the below image I changed the virtual network name from “vnet” to “ms-vnet”. After saving the changes when I run terraform apply command you can see in the terminal that it will create a replacement with the name “ms-vnet” and then it will destroy the old virtual network with the name “vnet”. This helps in minimizing downtime during updates.
2. ignore_changes :
The ignore_changes lifecycle method allows you to specify attributes that Terraform should ignore during planning and updates. This is useful when certain attributes should remain unchanged despite modifications. Here is an example:
in the following image I’ve added the lifecycle block for the “azurerm_resource_group” resource.
The “ignore_changes” is set to “tags” which tell Terraform to ignore changes to the tags attribute specifically for the azurerm_resource_group named “test”. As a result, modifications to the tags block won’t trigger updates for this resource, ensuring that changes made only to the tags won’t result in Terraform attempting to update the Azure resource group.
3. prevent_destroy :
The prevent_destroy lifecycle method protects resources from accidental deletion. Enabling this setting prevents terraform destroy from removing the specified resource. Consider securing a resource group:
in the following image I’ve added the lifecycle block for the “azurerm_resource_group” resource.
The “prevent_destroy” is set to “true” which tell Terraform to prevent deletion of the azurerm_resource_group . This configuration will provision these resources in your Azure subscription while ensuring that the resource group “manjari” cannot be destroyed accidentally through Terraform, adding an extra layer of protection to critical infrastructure resources.
Conclusion
Understanding Terraform lifecycle is like having a guidebook to manage your digital world. It helps in creating, updating, and deleting resources smoothly. These options provide granular control over resource behavior, update strategies, and safeguarding critical resources. Terraform lifecycle is a powerful tool that empowers us to manage our infrastructure efficiently and safely, making our digital life easier and more reliable.