7

My solution:

├── main.tf
├── modules
│   ├── cluster1
│   │   ├── cluster1.tf
│   │   ├── main.tf
│   │   ├── output.tf
│   │   └── variables.tf
│   ├── cluster2
│   │   ├── cluster.tf
│   │   ├── main.tf
│   │   ├── output.tf
│   │   └── variables.tf
│   └── trafficmanager
│       ├── main.tf
│       ├── output.tf
│       ├── trafficmanager.tf
│       └── variables.tf
├── README.md
└── variables.tf

in order for me to create a Azure k8s clusters, each cluster requires service principal id and secret. i would be very interested to see some examples on how how to pass environment variables containing service principal and secret to each cluster.

4c74356b41
  • 69,186
  • 6
  • 100
  • 141
user399256
  • 141
  • 2
  • 5

3 Answers3

5

Terraform will read environment variables in the form of TF_VAR_name to find the value for a variable. For example, the TF_VAR_access_key variable can be set to set the access_key variable.

Example

export TF_VAR_region=us-west-1 # normal string
export TF_VAR_alist='[1,2,3]' # array
export TF_VAR_amap='{ foo = "bar", baz = "qux" }' # map

Pass module to terraform module

variable "region" {}
variable "alist" {}
variable "map" {}

module "test" {
  source = "./module/testmodule" # module location
  region = "${var.region}"
  list   = "${var.alist}"
  map    = "${var.map}"
}

More information in this link and some example

Abu Hanifa
  • 2,857
  • 2
  • 22
  • 38
  • 5
    Can _modules_ gather environment variables, or do they have to be picked up in the root and passed to the children? – Max Cascone Aug 30 '19 at 21:41
2

you can specify variables in the module and pass information to them:

module.tf:

variable "hack" {}
variable "reference" {
  "type" = "map"
}    
variable "ports" {
  "default" = [2379, 6443]
}

module invocation:

module "master" {
  source = "./vmLoop"

  vmName    = "master"
  reference = "${var.reference}"
  hack      = "${element(azurerm_subnet.subnets.*.id, 1)}"
}
4c74356b41
  • 69,186
  • 6
  • 100
  • 141
  • Thanks for your quick reply, i tried a similar solution to what you proposed, and this time i did according to your recommendations,unfortunately it didnt work, it appears, as if i would to create one cluster with everything running on root then terraform seems to be able to pick up the environment variables (TF_VAR_client_id, TF_VAR_client_secret), but when im running with sub modules it doesnt pick up the environment variable values, when running terraform plan service principal is set to null. feel free to comment – user399256 Dec 19 '18 at 15:42
  • can you share one of sub-module terraform code without sensitive information? – Abu Hanifa Dec 19 '18 at 16:00
2

Annoyingly it seems you have to duplicate the definition in the "root" module (i.e. the entry point, if I'm understanding TF terminology correctly). E.g:

# "cluster" module defines variable:
common/terraform/modules/cluster/variables.tf:
variable "environment_root" {
    type = string
}

# "cluster" module uses it:
common/terraform/modules/cluster/nodes.tf:
...
metadata = {
    environment = var.environment_root
  }
...

# "root" module which uses cluster module defines it:
dev/terraform/variables.tf:
variable "environment_root" {
    type = string
}

# "root" module passes it to cluster module:
dev/terraform/main.tf:
module "cluster" {
    environment_root = var.environment_root
...
}

This can then be set e.g. :

export TF_VAR_environment_root=whatever
terraform apply

Love for someone to tell me another way...

lost
  • 2,210
  • 2
  • 20
  • 34