Initialize Terraform OFFLINE
Terraform OFFLINE setup and initialization in Windows and Ubuntu server.
This article also guides on how to use terraform filesystem mirror.
Being a Cloud Infrastructure Architect, you may have experienced many situations where you need to install tools in such a secure network that you can’t avail public internet to leverage the package download or outbound update request.
This business case is particularly on installing and initializing Terraform (an infrastructure provisioning tool) in an internal network where public internet is not available.
If you need to know about Terraform’s download and straightforward installation, then please refer to HashiCorp provided Terraform installation guide here .
Pre-requisite: The readers of this article need to have a basic understanding of the tool Terraform, its purpose, and how it works.
Now follow the below steps to install and initialize Terraform in an isolated environment.
- Terraform OFFLINE setup and initialization in isolated windows or ubuntu system.
- Terraform OFFLINE setup and initialization in Unix system on docker (coming soon)
There are two phases.
Phase 1: Download the Terraform package in a system where the internet is accessible.
Phase 2: In this phase, I’m assuming you have terraform package in your isolated target windows server.
Phase 1:
Click here to refer Terraform CLI download and setup guide for different operating systems such as Windows, Ubuntu, macOS, etc.
for the Windows system, set up terraform by downloading the binary and set environment PATH. Click here for instructions.
or the Ubuntu system, set up terraform by “sudo apt-get install terraform“. Click here for installation instructions in Ubuntu.
On successful installation verification, please run a sample code to download the required packages.
Create a directory to run your terraform code. simply create a file main.tf and copy the below code in main.tf. and run “terraform init”
terraform {
required_version ="~>1.1.8"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.5.0"
}
}
}
Note: Just reminding you that you are still in a system where the internet is accessible. That’s why after a successful run of terraform init you will find a new directory named “.terraform” has been created in your working directory. It contains your provider package (such as ‘aws’ in this case) and you need this ‘.terraform’ to transfer to your target system.
After security scrutiny as per organizational policies, transfer two things to the target server where terraform needs to be set up. a- the downloaded windows binary for terraform b- the provider package ‘.terraform’
Important Note: You can’t set up a package in Ubuntu that you downloaded for windows. That’s why make sure both systems are having the same OS. Windows-Windows or Ubuntu-Ubuntu
Phase 2:
How to make an internet isolated test system? Just disconnect your Wi-Fi from your system. That’s it ?
Step 1:
(Using power shell, if you are using anything else just to below instructions accordingly)
Create a directory in your file system. suppose creating “tf_cache” directory in user home ($HOME). You can create it in any other location.
mkdir “$HOME/tf_cache”
Now simply copy the “registry.terraform.io” folder under “tf_cache“. (If you are thinking, where will you get it!! While you are connected to the internet. did simply run terraform init. it created “. terraform” in your working directory. “registry.terraform.io” exists in “.terraform/providers” directory.
Step 2:
Create this file inside the above directory.
For windows, Create a file “terraform.rc“, if other OS then create “.terraformrc“. Don’t miss the ‘.’ and the file should NOT be like “terraform.rc.txt”
Step 3:
Update the file terraform.rc (for Windows) or .terraformrc (for Ubuntu) with the below code block
provider_installation {
filesystem_mirror {
path = "path/to/the/new/directory" # "c:/Users/<username>/tf_cache"
include = ["registry.terraform.io/hashicorp/*"]
}
direct {
exclude = ["registry.terraform.io/hashicorp/*"]
}
}
plugin_cache_dir = "path/to/the/new/directory" #"c:/Users/<username>/tf_cache"
disable_checkpoint=true
Step 4:
Setup env variables as follows
for Windows
$env:TF_PLUGIN_CACHE_DIR="c:/Users/<username>/tf_cache"
$env:TF_CLI_CONFIG_FILE="c:/Users/<username>/tf_cache/terraform.rc"
for Ubuntu
export TF_PLUGIN_CACHE_DIR="c:/Users/<username>/tf_cache"
export TF_CLI_CONFIG_FILE="c:/Users/<username>/tf_cache/terraform.rc"
verify in Ubuntu
echo $TF_CLI_CONFIG_FILEStep 5:
Create a directory to run your terraform code
simply create a file main.tf
write below code
terraform {
required_version ="~>1.1.8"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.5.0"
}
}
}
Step 6:
This is GAME TIME !!
Make sure you have your internet disconnected from the test system
and run “terraform init” in your working directory.
If you have followed the above steps properly, terraform init will pull the package from “tf_cache” to your working directory. It will NOT look for pulling from the internet terraform registry.
A video tutorial will be published shortly here. if interested join us at https://e2esolutionarchitect.com/
Click here for e2e Solution Architect Git Repository
Som is a Cloud Infrastructure Architect, Public Speaker, and a Technical Consultant working in an MNC. He has around 15 years of accomplishments in IT solutions delivery for various financial institutions across the globe.
Som is the founder of “e2e Solution Architect“ and Udemy instructor. End to End Solution Architect is an educational forum for Data Science, Machine Learning, and end-to-end Cloud solutions for large-scale production environments.
