6. What is the difference between Terraform's "plan" and "apply" commands?

Basic

6. What is the difference between Terraform's "plan" and "apply" commands?

Overview

In Terraform, the plan and apply commands are fundamental to the workflow of writing, reviewing, and deploying infrastructure as code. Understanding the difference between these two commands is crucial for efficiently managing infrastructure changes and ensuring the desired state is correctly applied to your environment.

Key Concepts

  • Planning Phase: The stage where Terraform calculates the changes required to reach the desired state of the infrastructure without applying them.
  • Applying Phase: The step where Terraform actually implements the changes to achieve the desired state.
  • State Management: How Terraform tracks the real-world resources' state through the planning and applying phases.

Common Interview Questions

Basic Level

  1. What is the primary purpose of Terraform's plan command?
  2. How does the apply command differ from the plan command in terms of execution?

Intermediate Level

  1. How can you ensure that the apply command only applies the changes you have reviewed in the plan output?

Advanced Level

  1. Discuss how to use the plan and apply commands in a CI/CD pipeline for infrastructure changes.

Detailed Answers

1. What is the primary purpose of Terraform's plan command?

Answer: The primary purpose of the Terraform plan command is to create an execution plan. This command allows users to see which actions Terraform will take to change the infrastructure to match the configuration without making any actual changes. It's a crucial step for reviewing changes before they are applied, helping to avoid potential misconfigurations and disruptions.

Key Points:
- Generates an execution plan.
- Shows the user what Terraform will do without making any changes.
- Helps in reviewing and validating changes before applying.

Example:

// Terraform commands are not applicable in C#, but the conceptual workflow can be understood as:
void PlanInfrastructureChanges() 
{
    Console.WriteLine("Review proposed changes to infrastructure");
    // Analogous to running `terraform plan`
}

void ApplyInfrastructureChanges()
{
    Console.WriteLine("Apply changes to infrastructure");
    // This would be after reviewing the plan and running `terraform apply`
}

2. How does the apply command differ from the plan command in terms of execution?

Answer: The apply command differs from the plan command in that it actually applies the changes to reach the desired state of the infrastructure as defined in the configuration files. While plan only shows what changes will be made, apply performs the addition, update, and deletion of resources as needed to align the real-world infrastructure with the configuration.

Key Points:
- apply executes the changes, while plan only shows them.
- You can review changes with plan before executing them with apply.
- apply can also show a plan if run without a prior plan command, requiring confirmation before proceeding.

Example:

// Following the conceptual model:
void ApplyChangesAfterPlanReview()
{
    Console.WriteLine("Executing changes to align infrastructure with configuration");
    // This simulates running `terraform apply` after a satisfactory review of the plan
}

3. How can you ensure that the apply command only applies the changes you have reviewed in the plan output?

Answer: To ensure that apply only applies the changes reviewed in the plan output, you can use the -out option with the plan command to save the execution plan to a file. Then, you pass this file to the apply command. This approach guarantees that apply will only execute the exact changes you reviewed, preventing any unintended modifications that could occur due to changes in the configuration or state between planning and applying.

Key Points:
- Use the -out option with plan to save the plan to a file.
- Use the saved plan file as an argument to apply.
- This method ensures consistency between reviewed plans and applied changes.

Example:

// Conceptual workflow in C#-like pseudocode:
void SavePlanAndApply()
{
    string planFile = "terraform-plan.out";
    Console.WriteLine($"Save plan to {planFile}");
    // Equivalent to `terraform plan -out=terraform-plan.out`

    Console.WriteLine($"Apply changes from {planFile}");
    // Equivalent to `terraform apply "terraform-plan.out"`
}

4. Discuss how to use the plan and apply commands in a CI/CD pipeline for infrastructure changes.

Answer: Integrating Terraform's plan and apply commands into a CI/CD pipeline enables automated testing and deployment of infrastructure changes. In such a pipeline, plan can be executed in a pull request stage to review changes. Upon approval, the pipeline can automate the apply step in a safe deployment environment. This integration ensures that all changes are reviewed, tested, and applied consistently, minimizing human error and streamlining the deployment process.

Key Points:
- Automate plan in the CI stage for change review.
- Automate apply in the CD stage for safe deployment.
- Ensures consistency, reduces errors, and streamlines deployments.

Example:

// While specific CI/CD pipeline code varies, the conceptual approach is:
void CiCdPipeline()
{
    Console.WriteLine("CI Stage: Run `terraform plan` to review changes");
    // Upon PR or commit, automatically run and review the plan

    Console.WriteLine("CD Stage: Automatically `terraform apply` approved changes");
    // After review and merge, automatically apply changes in a controlled environment
}

This guide provides a foundational understanding of Terraform's plan and apply commands, crucial for managing infrastructure as code efficiently and safely.

logo