Consul
Consul-Terraform-Sync Command (CLI)
Consul-Terraform-Sync (CTS) is controlled via an easy to use command-line interface (CLI). CTS is only a single command-line application: consul-terraform-sync
. CTS can be run as a daemon and execute CLI commands. When CTS is run as a daemon, it acts as a server to the CLI commands. Users can use the commands to interact and modify the daemon as it is running. The complete list of commands is in the navigation to the left. Both the daemon and commands return a non-zero exit status on error.
Daemon
When running as a daemon, there is no default configuration to run CTS in a meaningful way. Setting a configuration flag -config-file
or -config-dir
is required. For example:
$ consul-terraform-sync -config-file=config.hcl
To view a list of available flags, use the -help
or -h
flag.
Modes
CTS can be run as a daemon in different modes.
Long-running Mode
Flag: none
Behavior: This is the default mode in which CTS passes through a once-mode phase and then turns into a long running process. During the once-mode phase, the daemon will exit with a non-zero status if it encounters an error. After successfully passing through once-mode phase, it will begin a long-running process in which errors are logged and exiting is not expected behavior. Once beginning the long-running process, the daemon serves any API and command requests.
Usage: Intended to be run as a long running process after running once-mode successfully for given configuration and tasks.
Inspect Mode
Flag: -inspect
Behavior: CTS will display the proposed state changes for all tasks once and exit. No changes are applied in this mode. On encountering an error before completing, CTS will exit with a non-zero status.
Usage: Intended to be run before daemon-mode in order to confirm configuration is accurate and tasks would update network infrastructure as expected.
Flag: -inspect-task [task-name]
Behavior: This has similar behavior as -inspect
mode for the selected task. The flag can be specified multiple times to inspect multiple tasks. No changes are applied in this mode.
Usage: Useful to debug one or more tasks to confirm configuration is accurate and the selected tasks would update network infrastructure as expected.
Once Mode
Flag: -once
Behavior: CTS will run all tasks once with buffer periods disabled and exit. On encountering an error before completing, CTS will exit with a non-zero status.
Usage: Intended to be run before daemon-mode in order to confirm configuration is accurate and tasks update network infrastructure as expected.
Commands
In addition to running the daemon, CTS has a set of commands that act as a client to the daemon server. The commands provide a user-friendly experience interacting with the daemon. The commands use the CTS APIs but does not correspond one-to-one with it. Please see the individual commands in the left navigation for more details.
To get help for a command, run: consul-terraform-sync <command> -h
CLI Structure
CTS commands follow the below structure
consul-terraform-sync <command> [options] [args]
options
: Flags to specify additional settings. There are general options that can be used across all commands and command-specific options.args
: Required arguments specific to a commands
Example:
consul-terraform-sync task disable -http-addr=http://localhost:2000 task_a
General Options
Below are options that can be used across all commands:
Option | Required | Type | Description | Default |
---|---|---|---|---|
-port | Optional | integer | Deprecated in Consul-Terraform-Sync 0.5.0 and will be removed in a later version. Use -http-addr option instead to specify the address and port of the Consul-Terraform-Sync API.Port from which the CTS daemon serves its API. The value is prepended with http://localhost: , but you can specify a different scheme or address with the -http-addr if necessary. | 8558 |
-http-addr | Optional | string | Address and port of the CTS API. You can specify an IP or DNS address. Alternatively, you can specify a value using the CTS_ADDRESS environment variable. | http://localhost:8558 |
-ssl-verify | Optional | boolean | Enables verification for TLS/SSL connections to the API if set to true. This does not affect insecure HTTP connections. Alternatively, you can specify the value using the CTS_SSL_VERIFY environment variable. | true |
-ca-cert | Optional | string | Path to a PEM-encoded certificate authority file that is used to verify TLS/SSL connections. Takes precedence over -ca-path if both are provided.Alternatively, you can specify the value using the CTS_CACERT environment variable. | none |
-ca-path | Optional | string | Path to a directory containing a PEM-encoded certificate authority file that is used to verify TLS/SSL connections. Alternatively, you can specify the value using the CTS_CAPATH environment variable. | none |
-client-cert                          | Optional | string | Path to a PEM-encoded client certificate that the CTS API requires when verify_incoming is set to true on the API.Alternatively, you can specify the value using the CTS_CLIENT_CERT environment variable. | none |
-client-key | Optional | string | Path to a PEM-encoded client key for the certificate configured with the -client-cert option. This is required if -client-cert is set and if verify_incoming is set to true on the CTS API.Alternatively, you can specify the value using the CTS_CLIENT_KEY environment variable. | none |