github.com/hs0210/hashicorp-terraform@v0.11.12-beta1/website/intro/getting-started/provision.html.md (about)

     1  ---
     2  layout: "intro"
     3  page_title: "Provision"
     4  sidebar_current: "gettingstarted-provision"
     5  description: |-
     6    Introduces provisioners that can initialize instances when they're created.
     7  ---
     8  
     9  # Provision
    10  
    11  You're now able to create and modify infrastructure. Now let's see
    12  how to use provisioners to initialize instances when they're created.
    13  
    14  If you're using an image-based infrastructure (perhaps with images
    15  created with [Packer](https://www.packer.io)), then what you've
    16  learned so far is good enough. But if you need to do some initial
    17  setup on your instances, then provisioners let you upload files,
    18  run shell scripts, or install and trigger other software like
    19  configuration management tools, etc.
    20  
    21  ## Defining a Provisioner
    22  
    23  To define a provisioner, modify the resource block defining the
    24  "example" EC2 instance to look like the following:
    25  
    26  ```hcl
    27  resource "aws_instance" "example" {
    28    ami           = "ami-b374d5a5"
    29    instance_type = "t2.micro"
    30  
    31    provisioner "local-exec" {
    32      command = "echo ${aws_instance.example.public_ip} > ip_address.txt"
    33    }
    34  }
    35  ```
    36  
    37  This adds a `provisioner` block within the `resource` block. Multiple
    38  `provisioner` blocks can be added to define multiple provisioning steps.
    39  Terraform supports
    40  [multiple provisioners](/docs/provisioners/index.html),
    41  but for this example we are using the `local-exec` provisioner.
    42  
    43  The `local-exec` provisioner executes a command locally on the machine
    44  running Terraform. We're using this provisioner versus the others so
    45  we don't have to worry about specifying any
    46  [connection info](/docs/provisioners/connection.html) right now.
    47  
    48  ## Running Provisioners
    49  
    50  Provisioners are only run when a resource is _created_. They
    51  are not a replacement for configuration management and changing
    52  the software of an already-running server, and are instead just
    53  meant as a way to bootstrap a server. For configuration management,
    54  you should use Terraform provisioning to invoke a real configuration
    55  management solution.
    56  
    57  Make sure that your infrastructure is
    58  [destroyed](/intro/getting-started/destroy.html) if it isn't already,
    59  then run `apply`:
    60  
    61  ```
    62  $ terraform apply
    63  # ...
    64  
    65  aws_instance.example: Creating...
    66    ami:           "" => "ami-b374d5a5"
    67    instance_type: "" => "t2.micro"
    68  aws_eip.ip: Creating...
    69    instance: "" => "i-213f350a"
    70  
    71  Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
    72  ```
    73  
    74  Terraform will output anything from provisioners to the console,
    75  but in this case there is no output. However, we can verify
    76  everything worked by looking at the `ip_address.txt` file:
    77  
    78  ```
    79  $ cat ip_address.txt
    80  54.192.26.128
    81  ```
    82  
    83  It contains the IP, just as we asked!
    84  
    85  ## Failed Provisioners and Tainted Resources
    86  
    87  If a resource successfully creates but fails during provisioning,
    88  Terraform will error and mark the resource as "tainted". A
    89  resource that is tainted has been physically created, but can't
    90  be considered safe to use since provisioning failed.
    91  
    92  When you generate your next execution plan, Terraform will not attempt to restart
    93  provisioning on the same resource because it isn't guaranteed to be safe. Instead,
    94  Terraform will remove any tainted resources and create new resources, attempting to
    95  provision them again after creation.
    96  
    97  Terraform also does not automatically roll back and destroy the resource
    98  during the apply when the failure happens, because that would go
    99  against the execution plan: the execution plan would've said a
   100  resource will be created, but does not say it will ever be deleted.
   101  If you create an execution plan with a tainted resource, however, the
   102  plan will clearly state that the resource will be destroyed because
   103  it is tainted.
   104  
   105  ## Destroy Provisioners
   106  
   107  Provisioners can also be defined that run only during a destroy
   108  operation. These are useful for performing system cleanup, extracting
   109  data, etc.
   110  
   111  For many resources, using built-in cleanup mechanisms is recommended
   112  if possible (such as init scripts), but provisioners can be used if
   113  necessary.
   114  
   115  The getting started guide won't show any destroy provisioner examples.
   116  If you need to use destroy provisioners, please
   117  [see the provisioner documentation](/docs/provisioners).
   118  
   119  ## Next
   120  
   121  Provisioning is important for being able to bootstrap instances.
   122  As another reminder, it is not a replacement for configuration
   123  management. It is meant to simply bootstrap machines. If you use
   124  configuration management, you should use the provisioning as a way
   125  to bootstrap the configuration management tool.
   126  
   127  In the next section, we start looking at [variables as a way to
   128  parameterize our configurations](/intro/getting-started/variables.html).