Skip to main content

Chef and Terraform

Warning

Terraform deprecated the Chef Provisioner in the 0.13.4 release and they will remove it in a future version. Terraform continues to support the Chef Provider.

Terraform is an open-source infrastructure-as-code provisioning tool from HashiCorp. Terraform allows you to write code to define and provision infrastructure for the cloud, virtual machines, and on-premises machines. Terraform isn’t a configuration management tool, it’s responsible for deploying, maintaining, and destroying the infrastructure that servers and applications run on. When Terraform creates cloud or virtual servers, it uses Provisioners to enable configuration management to manage them. When Terraform talks to APIs to define or configure resources, it uses Providers to request those resources.

Chef Infra Provisioner

The Terraform Chef Provisioner bootstraps Terraform, provisioned with Chef Infra using SSH or WinRM, and configures them to work with a Chef Infra Server. Standard bootstrap options such as Chef Infra versions, secrets, proxies, and assigning run lists using Policyfiles or Roles and Environments are all supported. The referenced documentation provides a complete list of supported options and an example of usage. HashiCorp provides support for the Terraform Chef Provisioner and it’s not officially supported by Chef Software.

Terraform and Chef Solo

If you are using Chef Solo, you will most likely want to use the Terraform remote-exec Provisioner rather than the Terraform Chef Provisioner. The remote-exec Provisioner may be used to run a script or an inline set of commands on the newly created machine. Please refer to the Terraform remote-exec Provisioner documentation for further options and examples.

Example remote-exec inline

resource "aws_instance" "web" {
  # ...

  provisioner "remote-exec" {
    inline = [
      "wget -O /tmp/chef.rpm https://MYSERVER/chef_installers/chef-15.8.23-1.el7.x86_64.rpm",
      "rpm -Uvh /tmp/chef.rpm",
      "wget -O /tmp/base.tgz https://MYSERVER/policyfiles/base.tgz",
      "tar -C /tmp -xzf /tmp/base.tgz",
      "PWD=/tmp/base chef-client -z",
    ]
  }
}

Chef Infra Provider

The Terraform Chef Provider allows you to manage Chef Infra Server resources (nodes, data bags, etc.) using the Chef Infra Server API. Policyfiles, cookbooks, clients, and ACLs aren’t currently managed with the Provider. The Terraform Chef Provider documentation provides a complete list of supported options and an example of usage. HashiCorp provides support for the Terraform Chef Provider and it’s not officially supported by Chef Software.

Additional Terraform Integrations

Edit this page on GitHub

Thank you for your feedback!

×