0
votes

I am new to terraform and might be not understanding how it should work but....

I am attempting to setup a remote backend on Google Bucket Storage. I can see a file will be created when I run "terraform apply" in my GCS but the file is mostly empty. On my local filesystem a terraform.tfstate will be created with all the proper configuration. I would expect that the terraform.tfstate would be updated in my GCS bucket and not locally.

Below is my setup and what the file output looks like on the server. I didn't include my local terraform.tfstate as it has some proprietary stuff in it (but it is populated with my current state).

Any help would be appreciated.

main.tf

variable "cluster" {}
variable "project" {}
variable "region" {}
variable "bucket" {}
variable "terraformPrefix" {}
variable "mainNodeName" {}
variable "vpcLocation" {}
variable "nodeMachineType" {}
variable "credentialsLocation" {}


data "terraform_remote_state" "foo" {
  backend = "gcs"
  config = {
    bucket = "${var.bucket}"
    prefix = "${var.terraformPrefix}"
  }
}

provider "google" {
  //This needs to be updated to wherever you put your credentials
  credentials = "${file("${var.credentialsLocation}")}"
  project     = "${var.project}"
  region      = "${var.region}"
}

resource "google_container_node_pool" "primary_pool" {
  name       = "${var.mainNodeName}"
  cluster    = "${var.cluster}"
  location   = "${var.vpcLocation}"
  node_count = "2"

  node_config {
    machine_type = "${var.nodeMachineType}"

    oauth_scopes = [
      "https://www.googleapis.com/auth/logging.write",
      "https://www.googleapis.com/auth/monitoring",
      "https://www.googleapis.com/auth/devstorage.read_only",
      "https://www.googleapis.com/auth/service.management.readonly",
      "https://www.googleapis.com/auth/servicecontrol",
      "https://www.googleapis.com/auth/trace.append",
    ]
  }

  management {
    auto_repair  = true
    auto_upgrade = true
  }
  autoscaling {
    min_node_count = 2
    max_node_count = 10
  }
}

GCS Remote Backend State:

{
    "version": 3,
    "serial": 1,
    "lineage": "760dcfe4-dee3-4875-b953-3f085439a25b",
    "modules": [
        {
            "path": [
                "root"
            ],
            "outputs": {},
            "resources": {},
            "depends_on": []
        }
    ]
}
1

1 Answers

3
votes

You are using a data source, to define the remote state, instead of a backend resource.

That way you will only be able to read the remote state you've defined, instead of writing it.

Use backend instead.

Example:

terraform {
  backend "gcs" {
    bucket  = "tf-state-prod"
    prefix  = "terraform/state"
  }
}

Source: https://www.terraform.io/docs/backends/types/gcs.html