To use Terraform with DigitalOcean, you need to install Terraform and configure a provider file.
You can install the latest version of Terraform on most operating systems from the command line using various package managers. Click your operating system’s tab below to view instructions on how to Terraform.
To install Terraform on MacOS using Homebrew, run the following command in a terminal:
brew install terraform
Once installed, verify Terraform’s installation:
terraform -v
The command returns Terraform’s version information:
Terraform v1.5.7
To install Terraform on Windows using Chocolatey, run the following command from the command prompt:
choco install terraform
Once installed, verify Terraform’s installation:
terraform -v
The command returns Terraform’s version information:
Terraform v1.6.4
To install Terraform on Ubuntu, add the HashiCorp GPG key to your system:
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
Next, add the official HashiCorp Terraform Linux repository to apt:
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
Then update apt and install Terraform:
sudo apt-get update && sudo apt-get install terraform
Once installed, verify the installation:
terraform -v
The command returns Terraform’s version information:
Terraform v1.6.4
To install Terraform on CentOS, install the yum-config-manager to manage your repositories:
sudo yum install -y yum-utils
Use yum-config-manager to add the official HashiCorp Linux repository:
sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
Then install Terraform:
sudo yum -y install terraform
Once installed, verify Terraform’s installation:
terraform -v
The command returns Terraform’s version information:
Terraform v1.6.4
To use the DigitalOcean provider with Terraform, you have to configure the plugin using a provider file. This file tells Terraform which provider you’re using (DigitalOcean) and where to find the necessary credentials (your DigitalOcean API token, and your public and private SSH keys). If you do not have any SSH keys set up, you need to create one and upload the public key to your DigitalOcean account before continuing.
To start, create and move into a directory. This is where you configure and deploy your infrastructure and where you create the provider file.
mkdir ~/example-terraform-directory
cd ~/example-terraform-directory
Create a new file in the working directory called provider.tf and then open it with your preferred text editor.
Add the following lines to the file, substituting the_name_of_your_public_SSH_key value for the name of the public SSH key uploaded to your DigitalOcean account:
terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 2.0"
}
}
}
variable "do_token" {}
variable "pvt_key" {}
provider "digitalocean" {
token = var.do_token
}
data "digitalocean_ssh_key" "terraform" {
name = "the_name_of_your_public_SSH_key"
}
Here is a breakdown of what each part of this file defines:
The following lines tells Terraform which provider you are using.
terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 2.0"
}
}
}
The next lines tell Terraform to seek values for the DigitalOcean security variables upon deployment.
variable "do_token"- Tells Terraform to seek your DigitalOcean API token upon deployment so it can access your DigitalOcean account and deploy resources via the API.variable "pvt_key" - Tells Terraform to seek the path to your private SSH key on your local machine upon deployment so it can access the Droplets you deploy.variable "do_token" {}
variable "pvt_key" {}
The next lines further specify the DigitalOcean provider information by assigning token to the do_token variable.
provider "digitalocean" {
token = var.do_token
}
The last lines define your public SSH key and allows Terraform to automatically add your SSH key to any new Droplets you create.
data "digitalocean_ssh_key" "terraform" {
name = "the_name_of_your_public_SSH_key"
}
Once you have pasted the lines into the file and defined the name of your public key in the data "digitalocean_ssh_key" section, save the file and then exit.
Once you have configured Terraform to access your DigitalOcean account, you can begin developing Terraform files that describe and declare the DigitalOcean resources that you want to deploy into your account. Terraform configuration files are text files stored with .tf extensions. They are human-readable and they support comments.
During deployment, Terraform loads all files with a .tf extension and creates a manifest of resources to deploy called a “plan”. You can divide resource configurations between as many or as few .tf files as you want.
Below is a sample Terraform file describing a Droplet with an nginx web server running on it. You can copy and paste this file into your working directory as a new .tf file and deploy it using the steps in the next section.
resource "digitalocean_droplet" "www-1" {
image = "ubuntu-18-04-x64"
name = "www-1"
region = "nyc2"
size = "s-1vcpu-1gb"
ssh_keys = [
data.digitalocean_ssh_key.terraform.id
]
connection {
host = self.ipv4_address
user = "root"
type = "ssh"
private_key = file(var.pvt_key)
timeout = "2m"
}
provisioner "remote-exec" {
inline = [
"export PATH=$PATH:/usr/bin",
# install nginx
"sudo apt-get update",
"sudo apt-get -y install nginx"
]
}
}
Use our reference documentation to develop more Terraform configuration files.
Once you have configured your Terraform files, you can deploy all of the resources you have configured from the command line. Terraform requires three steps for deployment: initializing the directory, reviewing an execution plan, and applying (executing) the Terraform plan.
Initialization prepares the working directory for use by accounting for any changes in Terraform’s backend configuration. The planning step provides you a detailed manifest of the resources for you to review before execution. Lastly, the terraform apply command executes the deployment of the resources into your account.
To initialize the working directory:
terraform init
If Terraform was successful in initializing the directory, you receive the message Terraform has been successfully initialized!.
Next, you need to create and view your Terraform plan. To create your Terraform plan:
terraform plan -out=infra.out
Terraform returns a manifest of resources it deploys when you apply the plan. It also creates an infra.out file with the manifest inside of it. Terraform uses the infra.out file to deploy the resources into your account.
After reviewing the plan, you can apply it and deploy the resources to your account. To execute the plan:
terraform apply "infra.out"
Terraform begins executing the plan and prompts you for two security variables:
var.do_token - Your DigitalOcean API token.var.pvt_key - The path to the private SSH key on your local machine, for example, ~/.ssh/id_rsa.Once you have provided the variables, Terraform deploys the resources into your account. You can open the DigitalOcean Control Panel to view their creation.
After configuring Terraform, you can follow an in-depth tutorial that guides you through deploying a complete sample network infrastructure, or you can reference our provider documentation to develop more Terraform configuration files.