»Configure Consul-Terraform-Sync

The page will cover the main components for configuring your Network Infrastructure Automation with Consul at a high level. For the full list of configuration options, visit the Consul-Terraform-Sync Configuration page.

»Tasks

A task captures a network automation process by defining which network resources to update for a set of services as those services change over time. Configure Consul-Terraform-Sync with one or more tasks that contain a list of Consul services, a Terraform module, and various Terraform providers.

Within the task block, the list of services for a task represents the service layer that drives network automation. The source is the discovery location of the Terraform module that defines the network automation process for the task.

Review the Terraform module to be used for network automation and identify the Terraform providers required by the module. If the module depends on a set of providers, include the list of provider names in the providers field to associate the corresponding provider configuration with the task. These providers will need to be configured later in a separate block.

task {
  name = "website-x"
  description = "automate services for website-x"
  source = "namespace/example/module"
  version = "1.0.0"
  providers = ["myprovider"]
  services = ["web", "api"]
}

»Terraform Providers

Configuring Terraform providers within Consul-Terraform-Sync requires 2 config components. The first component is required within the driver.terraform block. All providers configured for Consul-Terraform-Sync must be listed within the required_providers stanza to satisfy a Terraform v0.13+ requirement for Terraform to discover and install them. The providers listed are later organized by Consul-Terraform-Sync to be included in the appropriate Terraform configuration files for each task.

driver "terraform" {
  required_providers {
    myprovider = {
      source = "namespace/myprovider"
      version = "1.3.0"
    }
  }
}

The second component for configuring a provider is the terraform_provider block. This block resembles provider blocks for Terraform configuration and has the same responsibility for understanding API interactions and exposing resources for a specific infrastructure platform.

Terraform modules configured for task automation may require configuring the referenced providers. For example, configuring the host address and authentication to interface with your network infrastructure. Refer to the Terraform provider documentation hosted on the Terraform Registry to find available options. The terraform_provider block is loaded by Consul-Terraform-Sync during runtime and processed to be included in autogenerated Terraform configuration files used for task automation. Omitting the terraform_provider block for a provider will defer to the Terraform behavior assuming an empty default configuration.

terraform_provider "myprovider" {
  address = "myprovider.example.com"
}

»Summary

Piecing it all together, the configuration file for Consul-Terraform-Sync will have several HCL blocks in addition to other options for configuring the Consul-Terraform-Sync daemon: task, driver.terraform, and terraform_provider blocks.

An example HCL configuration file is shown below to automate one task to execute a Terraform module for 2 services.

log_level = "info"

syslog {
  enabled = true
}

consul {
  address = "consul.example.com"
}

task {
  name = "website-x"
  description = "automate services for website-x"
  source = "namespace/example/module"
  version = "1.0.0"
  providers = ["myprovider"]
  services = ["web", "api"]
  buffer_period {
    min = "10s"
  }
}

driver "terraform" {
  log = true

  required_providers {
    myprovider = {
      source = "namespace/myprovider"
      version = "1.3.0"
    }
  }
}

terraform_provider "myprovider" {
  address = "myprovider.example.com"
}