Terraform
Docker requirements
Terraform Enterprise requires:
You meet the shared requirements for all Flexible deployment methods.
A supported Docker Engine version that can run amd64 containers. We do not publish arm64 images.
A DNS hostname for accessing Terraform Enterprise.
Note: For exisiting Terraform Enterprise users with Replicated deployments, refer to Migrating to Flexible Deployment Options.
Docker engine
We support the following versions of Docker Engine:
- 23.0.x
- 24.0.x
Install Docker Engine for your operating system.
TLS certificate
You need three TLS certificate files:
cert.pem
- The end-entity certificate for your DNS hostname with any intermediate certificates appended to it.key.pem
- The private key for the end-entity certificate. Must not be protected by a passphrase.bundle.pem
- Additional certificates to be added to the Certificate Authority (CA) bundle.
If you’re using a certificate from Let’s Encrypt, here’s how those files relate:
Terraform Enterprise | Let’s Encrypt |
---|---|
key.pem | privkey.pem |
cert.pem | fullchain.pem |
bundle.pem | fullchain.pem |
If you don’t have a certificate, you can generate a self-signed one. Note the
presence of the -nodes
option is required since Terraform Enterprise cannot
use a private key that is protected by a passphrase.
$ openssl req -x509 -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 365
Be sure to replace <terraform.example.com>
with the hostname you’ll be using
to access Terraform Enterprise.
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:California
Locality Name (eg, city) []:San Francisco
Organization Name (eg, company) [Internet Widgits Pty Ltd]:HashiCorp, Inc.
Organizational Unit Name (eg, section) []:Engineering
Common Name (e.g. server FQDN or YOUR name) []:<terraform.example.com>
Email Address []:
When done, you’ll have your cert.pem
and key.pem
files but no bundle.pem
file.
Create your bundle.pem
like so:
$ cp cert.pem bundle.pem