github.com/hs0210/hashicorp-terraform@v0.11.12-beta1/website/intro/getting-started/provision.html.md (about) 1 --- 2 layout: "intro" 3 page_title: "Provision" 4 sidebar_current: "gettingstarted-provision" 5 description: |- 6 Introduces provisioners that can initialize instances when they're created. 7 --- 8 9 # Provision 10 11 You're now able to create and modify infrastructure. Now let's see 12 how to use provisioners to initialize instances when they're created. 13 14 If you're using an image-based infrastructure (perhaps with images 15 created with [Packer](https://www.packer.io)), then what you've 16 learned so far is good enough. But if you need to do some initial 17 setup on your instances, then provisioners let you upload files, 18 run shell scripts, or install and trigger other software like 19 configuration management tools, etc. 20 21 ## Defining a Provisioner 22 23 To define a provisioner, modify the resource block defining the 24 "example" EC2 instance to look like the following: 25 26 ```hcl 27 resource "aws_instance" "example" { 28 ami = "ami-b374d5a5" 29 instance_type = "t2.micro" 30 31 provisioner "local-exec" { 32 command = "echo ${aws_instance.example.public_ip} > ip_address.txt" 33 } 34 } 35 ``` 36 37 This adds a `provisioner` block within the `resource` block. Multiple 38 `provisioner` blocks can be added to define multiple provisioning steps. 39 Terraform supports 40 [multiple provisioners](/docs/provisioners/index.html), 41 but for this example we are using the `local-exec` provisioner. 42 43 The `local-exec` provisioner executes a command locally on the machine 44 running Terraform. We're using this provisioner versus the others so 45 we don't have to worry about specifying any 46 [connection info](/docs/provisioners/connection.html) right now. 47 48 ## Running Provisioners 49 50 Provisioners are only run when a resource is _created_. They 51 are not a replacement for configuration management and changing 52 the software of an already-running server, and are instead just 53 meant as a way to bootstrap a server. For configuration management, 54 you should use Terraform provisioning to invoke a real configuration 55 management solution. 56 57 Make sure that your infrastructure is 58 [destroyed](/intro/getting-started/destroy.html) if it isn't already, 59 then run `apply`: 60 61 ``` 62 $ terraform apply 63 # ... 64 65 aws_instance.example: Creating... 66 ami: "" => "ami-b374d5a5" 67 instance_type: "" => "t2.micro" 68 aws_eip.ip: Creating... 69 instance: "" => "i-213f350a" 70 71 Apply complete! Resources: 2 added, 0 changed, 0 destroyed. 72 ``` 73 74 Terraform will output anything from provisioners to the console, 75 but in this case there is no output. However, we can verify 76 everything worked by looking at the `ip_address.txt` file: 77 78 ``` 79 $ cat ip_address.txt 80 54.192.26.128 81 ``` 82 83 It contains the IP, just as we asked! 84 85 ## Failed Provisioners and Tainted Resources 86 87 If a resource successfully creates but fails during provisioning, 88 Terraform will error and mark the resource as "tainted". A 89 resource that is tainted has been physically created, but can't 90 be considered safe to use since provisioning failed. 91 92 When you generate your next execution plan, Terraform will not attempt to restart 93 provisioning on the same resource because it isn't guaranteed to be safe. Instead, 94 Terraform will remove any tainted resources and create new resources, attempting to 95 provision them again after creation. 96 97 Terraform also does not automatically roll back and destroy the resource 98 during the apply when the failure happens, because that would go 99 against the execution plan: the execution plan would've said a 100 resource will be created, but does not say it will ever be deleted. 101 If you create an execution plan with a tainted resource, however, the 102 plan will clearly state that the resource will be destroyed because 103 it is tainted. 104 105 ## Destroy Provisioners 106 107 Provisioners can also be defined that run only during a destroy 108 operation. These are useful for performing system cleanup, extracting 109 data, etc. 110 111 For many resources, using built-in cleanup mechanisms is recommended 112 if possible (such as init scripts), but provisioners can be used if 113 necessary. 114 115 The getting started guide won't show any destroy provisioner examples. 116 If you need to use destroy provisioners, please 117 [see the provisioner documentation](/docs/provisioners). 118 119 ## Next 120 121 Provisioning is important for being able to bootstrap instances. 122 As another reminder, it is not a replacement for configuration 123 management. It is meant to simply bootstrap machines. If you use 124 configuration management, you should use the provisioning as a way 125 to bootstrap the configuration management tool. 126 127 In the next section, we start looking at [variables as a way to 128 parameterize our configurations](/intro/getting-started/variables.html).