Instruqt Labs (beta)
  • Instruqt
  • Getting started
    • Setting up Version Control
    • Install Instruqt CLI
    • Creating your first lab
    • Configuration basics
    • Exploring the lab configuration
    • Adding your first chapter
    • Configuring sandboxes
    • Adding quizzes
    • Adding tasks and gating content
    • Finishing up
  • Documentation
    • Writing Lab Content
      • Project Structure
      • Markdown and Components
    • Integrations
      • Version Control
    • Lab reference
      • Content
        • Lab
        • Page
        • Activities
          • Task
          • Quiz
            • Multiple Choice
            • Single Choice
            • Text Answer
            • Numeric Answer
        • Layout
        • Tabs
          • Terminal
          • Service
          • Editor
          • External Website
          • Note
      • Sandbox
        • Containers
          • Container
          • Sidecar Container
        • Kubernetes
          • Cluster
          • Config
          • Helm
        • Nomad
          • Cluster
          • Job
        • Networking
          • Network
          • Ingress
        • Cloud Accounts
          • AWS
          • Azure
          • Google Cloud
        • Terraform
        • Template
        • Exec
        • Copy
        • Certificates
          • Root
          • Leaf
        • Random
          • Number
          • ID
          • UUID
          • Password
          • Creature
      • Functions
    • Tools
      • Instruqt CLI
    • Glossary
Powered by GitBook
On this page
  • Terraform
  • NetworkAttachment
  • Volume
Edit on GitHub
Export as PDF
  1. Documentation
  2. Lab reference
  3. Sandbox

Terraform

Terraform

ExecRemote allows commands to be executed in remote containers


resource "terraform" "name" {
  ...
}

Attributes

Attribute
Description

Source source required type: string

The source directory containing the Terraform config to provision.

Network attaches the container to an existing network defined in a separate stanza. This block can be specified multiple times to attach the container to multiple networks.

Version version type: string

The version of Terraform to use.

WorkingDirectory working_directory type: string

The working directory to run the Terraform commands.

Environment environment type: map[string]string

Environment variables to set.

Variables variables type: map[string]any

Terraform variables to pass to Terraform.

A volume allows you to specify a local volume which is mounted to the container when it is created. This stanza can be specified multiple times.

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.

Attribute
Description

Meta ID meta.id string

The full ID of the resource e.g. resource.type.name. This is computed from the full resource path:

Meta Type meta.type string

The type of the resource. This taken from the type label of the resource definition.

Meta Name meta.name string

The name of the resource. This taken from the name label of the resource definition.

Output output type: map[string]any

Any outputs defined in the Terraform configuration will be exposed as output values on the Terraform resource.

ApplyOutput apply_output type: string

Console output from the Terraform apply.

NetworkAttachment

Network attachment defines a network to which the container is attached.


network {
  ...
}

Attributes

Attribute
Description

ID id required type: string

ID of the network to attach the container to, specified in reference format. e.g. to attach to a network called cloud.

IPAddress ip_address type: string

Static IP address to assign container for the network, the ip address must be within range defined by the network subnet. If this parameter is omitted an IP address will be automatically assigned.

Aliases aliases type: []string

Aliases allow alternate names to specified for the container. Aliases can be used to reference a container across the network, the container will respond to ping and other network resolution using the primary assigned name [name].container.shipyard.run and the aliases.

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.

Attribute
Description

Name name type: string

Name will equal the name of the network as created by jumppad.

AssignedAddress assigned_address type: string

assigned_address will equal the assigned IP address for the network. This will equal ip_address if set; otherwise, this is the automatically assigned IP address.

Volume

A volume type allows the specification of an attached volume.


container {
  volume {
    ...
  }
}

Attributes

Attribute
Description

Source source required type: string

The source volume to mount in the container, can be specified as a relative ./ or absolute path /usr/local/bin. Relative paths are relative to the file declaring the container.

Destination destination required type: string

The destination in the container to mount the volume to, must be an absolute path.

Type type type: string

The type of the mount, can be one of the following values:

  • bind: bind the source path to the destination path in the container.

  • volume: source is a Docker volume.

  • tmpfs: create a temporary filesystem.

ReadOnly read_only type: bool

Whether or not the volume is read only.

BindPropagation bind_propagation type: string

Configures bind propagation for Docker volume mounts, only applies to bind mounts, can be one of the following values:

  • shared

  • slave

  • private

  • rslave

  • rprivate

For more information please see the Docker documentation https://docs.docker.com/storage/bind-mounts/#configure-bind-propagation

BindPropagationNonRecursive bind_propagation_non_recursive type: bool

Configures recursiveness of the bind mount.

By default Docker mounts with the equivalent of mount --rbind meaning that mounts below the the source directory are visible in the container. or instance running docker run --rm --mount type=bind,src=/,target=/host,readonly busybox will make /run of the host available as/host/run in the container. To make matters even worse it will be writable (since only the toplevel bind is set readonly, not the children).

If bind_propagation_non_recursive is set to true then the container will only see an empty /host/run, meaning thetmpfs which is typically mounted to /run on the host is not propagated into the container.

SelinuxRelabel selinux_relabel type: string

Configures Selinux relabeling for the container (usually specified as :z or :Z) and can be one of the following values:

  • shared (Equivalent to :z)

  • private (Equivalent to :Z)

Computed Attributes

These attributes are computed when the config is parsed and applied, and are therefore only known at parsetime or runtime.

PreviousGoogle CloudNextTemplate

Last updated 11 days ago

Networks network type:

Volumes volume type: []block 

source = "/home/terraform"
network {
  id = resource.network.main.meta.id
}
version = "1.9.8"
working_directory = "/home/terraform"
environment = {
  key = "value"
}
variables = {
  vault_address = "${resource.container.vault.container_name}:8200"
}
volume {
  source      = "./"
  destination = "/files"
}
// given the following resource
resource "container" "ubuntu" {
  ...
}

// the resulting id will be
resource.container.ubuntu
// given the following resource
resource "container" "ubuntu" {
  ...
}

// the resulting type will be
container
// given the following resource
resource "container" "ubuntu" {
  ...
}

// the resulting name will be
ubuntu
id = resource.network.main.meta.id
ip_address = "10.0.5.24"
aliases = [
  "alt1.container.local.jmpd.in",
  "alt2.container.local.jmpd.in"
]
source = "./files/nginx"
destination = "/etc/nginx"
type = "bind"
read_only = true
bind_propagation = "shared"
bind_propagation_non_recursive = true
selinux_relabel = "shared"
[]NetworkAttachment
Volume