Logz.io has deepened its partnership with Hashicorp over the last few months. Recently, we announced our integration with their service mesh, Hashicorp Consul. Simultaneously, we have worked on and completed an integration with their infrastructure orchestrator (a.k.a, infrastructure-as-code or IAC), Terraform. IACs take manual configurations and treats them as, well, code (along with procedures, build guides, run books, etc.).
It is written in Hashicorp Language (HCL) and can build almost anything up to the servers themselves. This includes security objects, network objects, cloud networks, and scaling objects. Additionally, it provides automated feedback on your planned revisions before it runs. Other features, like Terragrunt, seek and highlight code duplication to help with efficiency.
Install Terraform
To install on MacOS with Homebrew, simply run:
$ brew install hashicorp/tap/terraform
And confirm the installation by simply running terraform without arguments. This will also conveniently show you the list of the most common Terraform CLI commands ($ terraform -help
will show the same result):
$ terraform Usage: terraform [-version] [-help] <command> [args] The available commands for execution are listed below. The most common, useful commands are shown first, followed by less common or more advanced commands. If you're just getting started with Terraform, stick with the common commands. For the other commands, please read the help and docs before usage. Common commands: apply Builds or changes infrastructure console Interactive console for Terraform interpolations destroy Destroy Terraform-managed infrastructure env Workspace management fmt Rewrites config files to canonical format get Download and install modules for the configuration graph Create a visual graph of Terraform resources import Import existing infrastructure into Terraform init Initialize a Terraform working directory login Obtain and save credentials for a remote host logout Remove locally-stored credentials for a remote host output Read an output from a state file plan Generate and show an execution plan providers Prints a tree of the providers used in the configuration refresh Update local state file against real resources show Inspect Terraform state or plan taint Manually mark a resource for recreation untaint Manually unmark a resource as tainted validate Validates the Terraform files version Prints the Terraform version workspace Workspace management All other commands: 0.12upgrade Rewrites pre-0.12 module source code for v0.12 0.13upgrade Rewrites pre-0.13 module source code for v0.13 debug Debug output management (experimental) force-unlock Manually unlock the terraform state push Obsolete command for Terraform Enterprise legacy (v1) state Advanced state management
You can also customize Terraform CLI commands by running:
$terraform -help -plan
#Note that Terraform CLI configuration is separate from infrastructure configuration. Additionally, there is a specific Terraform configuration language.
Logz.io API and the Logz.io Provider for Terraform
Terraform operates its integrations on providers. These providers manage a set of resource types, usually linked to a given cloud or infrastructure service. The Logz.io provider will connect Terraform with the Logz.io API. Terraform can run any of the following four Logz.io API endpoints:
- User management – CRUD operations (The acronym CRUD stands for Create, Read, Update, Delete.)
- Notification channels – custom and pre-configured integrations.
- Log-Based Alerts
- Sub Accounts
You’ll need the Terraform CLI before getting started. Additionally, you will access your Logz.io API token.
Next, download the Logz.io Provider (and the JetBrains IDE HCL metadata for running the repo script. You’ll find it under ./scripts/update_plugin.sh
.
Then run:
./scripts/build.sh
#If you’re using a *nix style system, you can build from the project root. This will copy it into your plugins directory. Otherwise, you can copy it into your Terraform templates folder instead.
Using the Logz.io Provider for Terraform
Next, configure the api_token and region fields. The API token is a requirement, while the two-letter region code identifies where your Logz.io account is hosted. Those codes you can see in the chart below. Also look at the Logz.io Docs for regions.
Here is an example of the provider configuration with both fields:
provider "logzio" { api_token = "<<token>>" region= "<<region>>" #e.g. https://api-au.logz.io }
Replace {var.api_token}
with your designated account API token (remember to ensure that if you’re using a sub account that you’re using that sub account’s token.
Creating a Slack Notification Endpoint
This example adds a brand new Slack notification channel for an existing alert. The example assumes triggers an alert whenever Logz.io records 10 loglevel:ERROR
messages in 10 minutes.
If you want to try out this example, you will need to first fill in the specifics for your account, including and provide your Logz.io API token and base_url
.
provider "logzio" { api_token = "<<token>>" region= "<<region>>" } resource "logzio_endpoint" "my_endpoint" { title = "my_endpoint" description = "my slack endpoint" endpoint_type = "slack" slack { url = "${var.slack_url}" } } resource "logzio_alert" "my_alert" { title = "my_other_title" query_string = "loglevel:ERROR" operation = "GREATER_THAN" notification_emails = [] search_timeframe_minutes = 10 value_aggregation_type = "NONE" alert_notification_endpoints = ["${logzio_endpoint.my_endpoint.id}"] suppress_notifications_minutes = 30 severity_threshold_tiers { severity = "HIGH", threshold = 10 } }
Logz.io and Hashicorp
With this integration, Logz.io becomes an official provider of Terraform. It also complements Logz.io tie-ins with Hashicorp Vault and service mesh Hashicorp Consul. Check back for more info on Logz integrations and logging tutorials.