Terragrunt
Terragrunt is a wrapper that provides tools for keeping your configurations DRY, working with multiple Terraform modules, and managing remote state.
This walkthrough will guide you through using Terragrunt with CloudTruth enabling you to manage your multiple environments parameters and secretes from a centralized location.
You can also use CloudTruth to externally reference backend tfstate output as an external parameter.
Terragrunt with CloudTruth allows you to keep your code DRY across multiple environments while centralizing your configuration input values.
Rather than using hardcoded and scattered Terragrunt inputs to define parameter values, we will inject inputs directly from a specified CloudTruth project and environment.
This example deployed with Terragrunt HCL will create an AWS Instance in us-west-2 and an S3 bucket, utilizing CloudTruth to manage Terraform variable keys and values for a development, production, and staging environment.
git clone https://github.com/cloudtruth-demo/terragrunt-cloudtruth-deploy.git
The Terragrunt folder structure for this repo contains
development
, production
, and staging
directories.# terragrunt-cloudtruth-deploy
├── development
│ ├── instance
│ │ └── terragrunt.hcl
│ ├── s3
│ │ └── terragrunt.hcl
│ └── terragrunt.hcl
│
├── production
│ ├── instance
│ │ └── terragrunt.hcl
│ ├── s3
│ │ └── terragrunt.hcl
│ └── terragrunt.hcl
│
└── staging
├── instance
│ └── terragrunt.hcl
├── s3
│ └── terragrunt.hcl
└── terragrunt.hcl
The
instance
and s3
sub-folders contain a terragrunt.hcl
file that set the source
parameter to point at the specific modules in the terragrunt-cloudtruth-modules
repo. They also include
the parent terragrunt.hcl
which configures the AWS provider.Example instance
terragrunt.hcl
:terraform {
source = "git::https://github.com/cloudtruth-demo/terragrunt-cloudtruth-modules.git//instance?ref=v0.0.1"
}
include {
path = find_in_parent_folders()
}
Notice that we are not hardcoding inputs in the terragrunt.hcl! Inputs will be centrally managed and sourced from CloudTruth and not buried in environment subdirectories. 🎉
cloudtruth project set Terragrunt
Now add the parameters to the
Terragrunt
project that are required by the Terraform modules we are calling in the terragrunt.hcl.cloudtruth --project Terragrunt parameter set TF_VAR_ami -v ami-830c94e3
cloudtruth --project Terragrunt parameter set TF_VAR_instance_type -v t2.micro
cloudtruth --project Terragrunt parameter set TF_VAR_availability_zone_names -v '["us-west-2a", "us-west-2b"]'
cloudtruth --project Terragrunt parameter set TF_VAR_resource_tags -v '{"Name":"Cloudtruth-Instance","project":"CloudTruth Run Terraform","environment":"default"}'
Set unique resource tags that get applied to the EC2 instance and s3 bucket for each environment.
cloudtruth --project Terragrunt --env development parameter set TF_VAR_resource_tags -v '{"Name":"CloudTruth-development","project":"CloudTruth Run Terraform","environment":"development"}'
cloudtruth --project Terragrunt --env production parameter set TF_VAR_resource_tags -v '{"Name":"CloudTruth-production","project":"CloudTruth Run Terraform","environment":"production"}'
cloudtruth --project Terragrunt --env staging parameter set TF_VAR_resource_tags -v '{"Name":"CloudTruth-staging","project":"CloudTruth Run Terraform","environment":"staging"}'
Now your CloudTruth Terragrunt project is setup to centrally manage the
TF_VAR
variables with unique values for resource tags across our multiple environments.Terragrunt respects any
TF_VAR_xxx
variables you’ve manually set in your environment and follows the same variable precedence as Terraform. Using CloudTruth Run
we will pass the CloudTruth configured TF_VAR_xxx
variables directly to the Terraform modules through Terragrunt for the specified environment.Change directory to
terragrunt-cloudtruth-deploy/development/
.From
terragrunt-cloudtruth-deploy/development/
execute the following command which passes variables from the CloudTruth project Terragrunt
for the development
environment into terragrunt:cloudtruth --project Terragrunt --env development run -- terragrunt run-all apply
You have now deployed an instance in EC2 and an S3 bucket with a DRY Terragrunt configuration and CloudTruth! 🙌
You can view the outputs that display the parameter values from the CloudTruth Development environment by running
terragrunt run-all output
.AMI = <sensitive>
instance_name = "CloudTruth-development"
instance_type = "t2.micro"
zone = "us-west-2a"
s3_bucket_name = "cloudtruth-grunt-free-panda"
s3_tag_name = "CloudTruth-development"
You can change to the production or staging directories and pass the respective CloudTruth environment to deploy various settings across your different infrastructure!
Destroy the AWS resources by passing environment variables the same way we created them.
cloudtruth --project Terragrunt --env development run -- terragrunt run-all destroy
You can see the source code for the Terraform modules and Terragrunt Deploy in the following repos.
Last modified 1yr ago