First i am sorry about my question maybe is a little bit too basic, but i am in a beginning state with terraform and as i worked through the tutorial (i am using the azure one) i got an question about how to managing the steps terraform will execute on apply and destroy.
Maybe there are some situations, where it is not useful to destroy all the system and recreate it another time. The example creates a new azure resource group including the network interfaces and ip addresses for an virtual machine. But let’s imaging the ip addresses are allocated to be static ones and it is important that they are not changed.
If I run terraform destroy, the IP Addresses will be deallocated and reallocated again on terraform apply, but with new IP-Address values. In this szenario it is not the intended behavior. If I want to delete all the resources in my root module, but not some resources (e.g. IP Addresses), what is the preferred behavior?
Is it possible to split them into two seperate processes and link them to each other? Or is there any other solution?
Kind regards,
Sebastian
In general you hardly ever (pretty much never) run terraform destroy and instead are running terraform plan whenever you are wanting to make changes.
In that situation resources will be updated in-situ where possible, but that capability very much depends on what is being updated and how. There will always be certain types of changes which can only be performed by replacing a resource (destroy/create), which can also have knock on effects (for example in AWS making a change to the main IP range for a VPC would require the VPC to be replaced, which also requires everything within that VPC to be replaced too).
This is not something Terraform can control - at the end of the day it is just doing exactly the same that you would be doing manually via the cloud provider’s UI, CLI tool or API.
With your answere, i fully agree. Let’s talk about what to archive. As I understood you, it is not necesarry to destroy your infrastructure to create it again. It is absolutely true. But in my case i want to destroy the resources to stop the resources to being charged.
Imagine you can setup your environment with terraform and ansible with just a single click. Let’s talk about an preview environment for example. It is only needed for one or two days every two weeks (in a scrum perspective). So why let the system run the time it is not beeing accessed?
In that szenario I think it is a good idea to destroy all the resources, and to create them later again. But in the sitaution i am talking about, there is a partner who expect the IP Addresses for some communication is not changed. So static IP Addresses must not be deleted, if terraform destroy is performed.
Any way to do that?
Kind regards,
Sebastian
I would actieve this by having a true/false variable, which is used by all the various resources (using count) to conditionally create the resource. I would apply this to everything other than the static IP resources (e.g. EIP for AWS). That way when I want everything running I’d set the variable to true, run terraform apply and wait for things to be created. If I then want the minimal state I’d change the variable to false, run terraform apply again and see that all the resources other then the EIPs would be removed.