Metakgp:SysAdmin/2019-10-13 Managing DNS records using Terraform

• Terraform provider: Cloudflare
• Terraform backend: Google Cloud Storage - gs://terraform-metakgp-org
• Types of resources:
  • Cloudflare Zones
  • Cloudflare Records
• Canonical repository with Terraform markup: https://github.com/metakgp/terraform-dns-metakgp-org
• Terraform state is stored in the terraform-metakgp-org GCS bucket
• terraform plan|apply is executed in GitLab CI/CD
• Service account credentials to access the GCS bucket and Cloudflare API token required to create the DNS records in Cloudflare are stored as GitLab CI/CD variables.

Terraform is a software package which powers the management of infrastructure using text configuration files which can be edited by multiple people.

• Resource: This is a part of the infrastructure that we are managing through terraform. Eg: A DNS record, a domain name, an AWS S3 bucket
• State: Terraform stores what it thinks the current state of the infrastructure is in a .tfstate file. This file is used to print the plan whenever one wants to change the infrastructure in some way. This file is a JSON file which can be inspected as a text file as well.
• Backend: This is the location used to store the terraform state file. Changes to the state file must be persisted such that after a given apply operation, the new state file is used to calculate the next plan.

There are two operations that terraform can perform and these happen in sequence one after the other:

1. terraform plan: Look at the suggested changes, compare them to the state file and print the resources that are going to change.

   Terraform will perform the following actions:
   
   + resource "cloudflare_record" "proxy2_siddharthkannan_in_a" {
     + created_on  = (known after apply)
     + hostname    = (known after apply)
     + id          = (known after apply)
     + metadata    = (known after apply)
     + modified_on = (known after apply)
     + name        = "proxy2"
     + proxiable   = (known after apply)
     + proxied     = false
     + ttl         = 1
     + type        = "A"
     + value       = "34.66.103.154"
     + zone_id     = "12f2bfc8884886a6701201e2a87da61a"
   }
   
   Plan: 1 to add, 0 to change, 0 to destroy.
   

2. terraform apply: Apply the changes shown in the previous plan operation.

   $ terraform apply -input=false $PLAN
   cloudflare_record.proxy2_siddharthkannan_in_a: Creating...
   cloudflare_record.proxy2_siddharthkannan_in_a: Creation complete after 0s [id=5604ae8289b7a61b955c2ae4b449fe2d]