Terraform can utilize a http backend for maintaining state. This is a test of a Terraform http backend using a server implemented with go.<\/p>\n
\u2022 Using Virtualbox Ubuntu 20.10 and links listed below\n\u2022 Run as http server\n\u2022 Change to https\n\u2022 For a future test terraform http backend locking feature and\/or include locking in server<\/code><\/pre>\nlinks<\/h2>\n\u2022 https:\/\/www.terraform.io\/docs\/language\/settings\/backends\/http.html\n\u2022 https:\/\/linuxhint.com\/install-golang-ubuntu\/\n\u2022 https:\/\/github.com\/MerlinDMC\/go-terraform-stateserver\n\u2022 https:\/\/github.com\/denji\/golang-tls<\/code><\/pre>\nsetup go and test<\/h2>\n# go version\ngo version go1.14.7 linux\/amd64\n\n$ pwd\n\/home\/rrosso\/tf-go-server<\/code><\/pre>\n$ cat main.go \npackage main\nimport \"fmt\"\nfunc main() {\nfmt.Println(\"Hello World\");\n}<\/code><\/pre>\n$ go run main.go \nHello World\n\n$ go build main.go \n$ .\/main \nHello World<\/code><\/pre>\nrun server and test response<\/h2>\n$ go run tf-stateserver.go -data_path=\/home\/rrosso\/tf-go-server -listen_address=192.168.1.235:8080\n\n$ curl -sL http:\/\/192.168.1.235:8080 | xxd\n00000000: 3430 3420 7061 6765 206e 6f74 2066 6f75 404 page not fou\n00000010: 6e64 0and.<\/code><\/pre>\nterraform init with http backend<\/h2>\n\u279c terraform-poc tail -8 main.tf \n#}\n## POC to test a go server\nterraform {\n backend \"http\" {\n address = \"http:\/\/192.168.1.235:8080\/states\/terraform.tfstate\"\n }\n}\n\n\u279c terraform-poc terraform init\n\nInitializing the backend...\nDo you want to copy existing state to the new backend?\n Pre-existing state was found while migrating the previous \"local\" backend to the\n newly configured \"http\" backend. No existing state was found in the newly\n configured \"http\" backend. Do you want to copy this state to the new \"http\"\n backend? Enter \"yes\" to copy and \"no\" to start with an empty state.\n\n Enter a value: yes\n\nSuccessfully configured the backend \"http\"! Terraform will automatically\nuse this backend unless the backend configuration changes.\n\nInitializing provider plugins...\n\nThe following providers do not have any version constraints in configuration,\nso the latest version was installed.\n\nTo prevent automatic upgrades to new major versions that may contain breaking\nchanges, it is recommended to add version = \"...\" constraints to the\ncorresponding provider blocks in configuration, with the constraint strings\nsuggested below.\n\n* provider.oci: version = \"~> 4.17\"\n\nTerraform has been successfully initialized!\n\nYou may now begin working with Terraform. Try running \"terraform plan\" to see\nany changes that are required for your infrastructure. All Terraform commands\nshould now work.\n\nIf you ever set or change modules or backend configuration for Terraform,\nrerun this command to reinitialize your working directory. If you forget, other\ncommands will detect it and remind you to do so if necessary.<\/code><\/pre>\nobserve server log messages<\/h2>\n\u2022 file not found if no file exist during init is expected\n\u2022 if file same and already there GET fine during init\n\u2022 plan does a GET\n\u2022 apply does a POST\n\u2022 did not observe a DELETE<\/code><\/pre>\n$ go run tf-stateserver.go -data_path=\/home\/rrosso\/tf-go-server -listen_address=192.168.1.235:8080\n2021\/03\/18 09:57:41 received GET for state file: \/home\/rrosso\/tf-go-server\/states\/terraform.tfstate\n...\n2021\/03\/18 09:58:33 received POST for state file: \/home\/rrosso\/tf-go-server\/states\/terraform.tfstate\n...\n2021\/03\/18 10:00:50 received GET for state file: \/home\/rrosso\/tf-go-server\/states\/terraform.tfstate\n2021\/03\/18 10:00:50 during GET cannot open file: open \/home\/rrosso\/tf-go-server\/states\/terraform.tfstate: no such file or directory\n2021\/03\/18 10:00:50 received GET for state file: \/home\/rrosso\/tf-go-server\/states\/terraform.tfstate<\/code><\/pre>\nchange to self signed cert for https test<\/h2>\n
NOTE:
\n\u2022 use sudo since linux instance is not running low ports like 443 for normal users
\n\u2022 need terraform skip_cert_verification for this self signed certificate<\/p>\n
$ openssl genrsa -out server.key 2048\nGenerating RSA private key, 2048 bit long modulus (2 primes)\n..........................+++++\n.......................................................+++++\ne is 65537 (0x010001)\n\n$ openssl ecparam -genkey -name secp384r1 -out server.key\n\n$ openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650\n...\n\n$ sudo go run tf-stateserver.go -certfile=\"server.crt\" -keyfile=\"server.key\" -data_path=.\/ -listen_address=192.168.1.235:443\n\n$ curl -sL http:\/\/192.168.1.235:443 | xxd\n00000000: 436c 6965 6e74 2073 656e 7420 616e 2048 Client sent an H\n00000010: 5454 5020 7265 7175 6573 7420 746f 2061 TTP request to a\n00000020: 6e20 4854 5450 5320 7365 7276 6572 2e0a n HTTPS server..\n\n\u279c terraform-poc tail -8 main.tf \n#}\n## POC to test a go server\nterraform {\n backend \"http\" {\n address = \"https:\/\/192.168.1.235\/states\/terraform.tfstate\"\n skip_cert_verification = true\n }\n}<\/code><\/pre>\nNOTE: terraform init, plan, apply works<\/p>\n
additional links<\/h2>\n\u2022 https:\/\/appdividend.com\/2019\/11\/29\/golang-json-example-how-to-use-json-with-go\/\n\u2022 https:\/\/www.golangprograms.com\/web-application-to-read-and-write-json-data-in-json-file.html\n\u2022 https:\/\/tutorialedge.net\/golang\/parsing-json-with-golang\/\n\u2022 https:\/\/dzone.com\/articles\/how-to-write-a-http-rest-api-server-in-go-in-minut<\/code><\/pre>\nsource<\/h2>\n