Using Rover with Terraform Plans

Tutorial Highlights & Transcript

  • 00:00 - Beginning of Video

    • My name is Ricardo, I am from the layer two team and I want to present the following topic, which is using Rover with Terraform.

  • 00:17 - Terraform Plan

    • We know what Terraform does, right? We can manage infrastructure-as-code with Terraform. We have a set of commands like Terraform Plan, Terraform Apply, or Terraform Destroy. But sometimes, at least for me, when we use Terraform Plan, and we're not using Terraform Cloud, when the project sometimes gets too big, it's pretty difficult just to check which changes we are going to do. Mostly, for example, in production environments, we don't want to destroy or change production environments that are already running and blocked the application from running correctly. Terraform Plan helps us to create the execution plan, and shows us how the proposed changes will affect the current state of the resources. Also from Terraform Plan, we can read the current resources to keep up to date with the infrastructure.

  • 01:15 - Problems with Terraform Plans

    • For me, there were some problems with Terraform Plan. Mostly for me and the clients that use Terraform, we are using S3 and Dynamo backend to keep the state file and everything. The problem with Terraform Plan is that sometimes depending on the size of the project, Terraform planning in the terminal can be too big. It can be difficult to read the output from the Terraform Plan and we cannot have the full picture of the execution of what is going to be happening to the infrastructure. In this case, that can be something that can be confusing. For example, for me, some of the clients, whenever they run a Terraform Apply or Terraform Plan in this case, sometimes see a lot of changes and are hesitant on whether to apply those changes or not. Sometimes that is kind of difficult to check. In this case, I was checking some of the options.

  • 02:21 - Rover

    • And I found this, Rover, which for me, sounded like a really good tool. Basically, Rover is an open-source project, which helps us visualize Terraform Plans. It can be installed in a binary on Windows, Mac, and Linux. I think we have to build that. I haven't tested that out because I tested the Docker version. There is a Docker version, which is better it's faster. That's how I will be showing it in the demo today. For example, you see these two images. I didn't know, at first, but Terraform has a way to use graphics in order to create the dependencies and see how Terraform manages the resources and modules that we are creating in the project. On the left, you can see this is what Terraform basically creates when we use Terraform graph. On the right-hand side, we can see what Terraform with Rover will look like whenever we create a plan and we check this plan with Rover.

  • 03:34 - Demo

    • Let's get to the demo. The project that I have here is basically a simple Terraform project, which creates some instances from an array, right? I can create multiple instances here from an array because this is not specifically a Terraform demo. It's not that complex. I just wanted to show what the usage is for these two.

      So let's say, for example, let's start with Terraform. Terraform. It's the project. We will be initializing the project right now. And I will be creating one Terraform plan for now. Let me first just show you what the graph should look like with Terraform. Okay, so this is the graph that is being created by Terraform. Let me just share with you this image. If we see this image, this is basically what's being created by Terraform right now. You see this is not that good looking for us. In this case, I wanted to know what my Terraform plan will actually look like. Let's run Terraform Plan just to see what's going to happen. This is a really small project. We are able to see what basically this will do. We'll be creating multiple EC2 instances from this array that I'm passing. We can see that we have created the plan, we have our PF plan here, which is binary and cannot be read just by opening the file. This is where Rover comes up here. Let me just run up and show you the repository for Rover.

      If we go to GitHub, we can find this project, which basically gives us some instructions here that we can use in order to start using Rover for testing. In this case, I'm going to use Docker version one, which is faster. Let me go through it and try to show you how this runs. There are different options to run Rover here. We'll run it with Docker. With this command, which I'm doing right now the Rover Docker image will start a local server, where I can visualize the images and how my plan will look. Basically, if we see this command, what I'm doing is I am mounting the Docker image, I'm mounting the current Terraform project into SRC, and I am passing the TF plan to Rover so it can parse the plan and show me the image. If you see here, we have the Terraform Rover visualizer, which we can see the instructions here, we can see what resources are in green, we can see what resources will be created in resources, which ones will be deleted, which ones will be updated, which ones will be replaced, and which ones are not going to perform any operation. We see here the graph is better looking for us. We can understand what's going on. We see that these servers are going to be created because the color that Rover is using is green. Also here this really good tool here, we can see what resources we are going to be creating. We can see the configuration that we are passing and also the proposal of the state for each of the servers. In this case, this is an EC2 instance. So we can see what parameters we are passing or we are going to propose to do the changes. So this is a really good tool for here. After checking my plan, I can just do quickly a Terraform Apply here.

      While this runs, there is also another option for Rover to be used. There is an option for Rover to run as a standalone, I will show you later how that works. But basically this UI or this really good-looking interface here, we can export these into HTML and static files that we can maybe publish somewhere in order to check our RTF plans every time. Let's say for example if we want an integration through a CI/CD, which I was checking this tool because I wanted to do some integration with CI/CD and Terraform just to see how that works.

      Our plan has been applied. I will run one more time the Terraform Plan. We will not have any changes. So let's see what Rover does with our new TF plan here. As you see right now, if we use the colors here, there is no color for the resources that are not going to be performed any operations on them. If we go to the service here, we can see that all of them are not going to be performing any changes. We see here that there are no operations to be performed through this server and we can see what is the current state of the server or in this case, the resource that I am launching here. This also will work with modules. I was doing some testing with one of the modules and have the module right now here on my testing project. But basically, if we would have like let's say a different sub-module, the graph will look more prominent. But in this case, the graph will show what we will see here is specifically on each of the modules. It will be kind of a box here where we could see each of the sub-modules and see what resources will be affected and where resources will be changing during our Terraform plan that we are going to do. Let's destroy some of the resources that we have here. Just for us to see how that works. And let's run a Terraform plan as well.

      And let's hover over to check our Terraform plan just to see what that looks like. Rover is showing us which resources are going to be deleted. If we go here, we can see which one of the resources will be affected by the delete operation. We can see here that it shows delete. I think this is a really good tool for us to adjust to if we want to have a really good option to see what our plans will look like before actually doing apply or a change in a very sensitive environment with a really big project. I think this can help us out.

      The last thing that I wanted to show is how Rover can run as a standalone. If we just add the flag stand-alone as true. Basically, what this will do is will run everything and will generate a zip file here where we can extract the zip file. We have here the generated static file, the index file that we can use, and can actually open it. This is the static file that I have. This is from another plan that I have created. These static files we can upload to an S3 bucket or something that we can just check and see what the current plan looks like before applying.

Ricardo Cutz H.

Ricardo Hernandez

DevOps Engineer

nClouds

Ricardo joined nClouds in 2020 as a DevOps Engineer. He is an AWS Certified Solution Architect - Professional and Hashicorp Certified - Terraform Associate.

Contact Us Now

You can also email us directly at sales@nclouds.com for your inquiries or use the form below

Subscribe to Our Newsletter

Join our community of DevOps enthusiasts. Get free tips, advice, and insights from our industry-leading team of AWS experts.