Categories
DevOps

How to trace terraform execution

Use specific environment variables to enable and store detailed terraform execution logs.

Define TF_LOG environment variable to TRACE terraform execution. Use DEBUG, INFO, WARN, or ERROR values to decrease the verbosity.

$ TF_LOG=TRACE ./terraform version
2020/12/06 16:26:20 [INFO] Terraform version: 0.14.0  
2020/12/06 16:26:20 [INFO] Go runtime version: go1.15.2
2020/12/06 16:26:20 [INFO] CLI args: []string{"/home/container/terraform", "version"}
2020/12/06 16:26:20 [DEBUG] Attempting to open CLI config file: /home/container/.terraformrc
2020/12/06 16:26:20 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2020/12/06 16:26:20 [DEBUG] will search for provider plugins in terraform.d/plugins
2020/12/06 16:26:20 [TRACE] getproviders.SearchLocalDirectory: terraform.d/plugins is a symlink to terraform.d/plugins
2020/12/06 16:26:20 [TRACE] getproviders.SearchLocalDirectory: found registry.terraform.io/terraform-provider-graylog/graylog v1.0.4 for linux_amd64 at terraform.d/plugins/registry.terraform.io/terraform-provider-graylog/graylog/1.0.4/linux_amd64
2020/12/06 16:26:20 [DEBUG] ignoring non-existing provider search directory /home/container/.terraform.d/plugins
2020/12/06 16:26:20 [DEBUG] ignoring non-existing provider search directory /home/container/.local/share/terraform/plugins
2020/12/06 16:26:20 [DEBUG] ignoring non-existing provider search directory /usr/local/share/terraform/plugins
2020/12/06 16:26:20 [DEBUG] ignoring non-existing provider search directory /usr/share/terraform/plugins
2020/12/06 16:26:20 [INFO] CLI command args: []string{"version"}
Terraform v0.14.0
+ provider registry.terraform.io/terraform-provider-graylog/graylog v1.0.4

Define TF_LOG_PATH environment variable to append terraform execution logs to a file.

$ TF_LOG=TRACE TF_LOG_PATH=terraform.plan.log ./terraform plan
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # graylog_user.user will be created
  + resource "graylog_user" "user" {
      + client_address     = (known after apply)
      + email              = "user@example.com"
      + external           = (known after apply)
      + full_name          = "Example User"
      + id                 = (known after apply)
      + last_activity      = (known after apply)
      + password           = (sensitive value)
      + permissions        = (known after apply)
      + read_only          = (known after apply)
      + roles              = [
          + "Reader",
        ]
      + session_active     = (known after apply)
      + session_timeout_ms = 3600000
      + timezone           = (known after apply)
      + user_id            = (known after apply)
      + username           = "user"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

Inspect created log file.

$ ls -l terraform.plan.log
-rw-r--r-- 1 vagrant vagrant 42170 Dec  6 16:34 terraform.plan.log
$ cat terraform.plan.log 
2020/12/06 16:34:55 [INFO] Terraform version: 0.14.0  
2020/12/06 16:34:55 [INFO] Go runtime version: go1.15.2
2020/12/06 16:34:55 [INFO] CLI args: []string{"/home/container/terraform", "plan"}
2020/12/06 16:34:55 [DEBUG] Attempting to open CLI config file: /home/container/.terraformrc
2020/12/06 16:34:55 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2020/12/06 16:34:55 [DEBUG] will search for provider plugins in terraform.d/plugins
2020/12/06 16:34:55 [TRACE] getproviders.SearchLocalDirectory: terraform.d/plugins is a symlink to terraform.d/plugins
2020/12/06 16:34:55 [TRACE] getproviders.SearchLocalDirectory: found registry.terraform.io/terraform-provider-graylog/graylog v1.0.4 for linux_amd64 at terraform.d/plugins/registry.terraform.io/terraform-provider-graylog/graylog/1.0.4/linux_amd64
2020/12/06 16:34:55 [DEBUG] ignoring non-existing provider search directory /home/container/.terraform.d/plugins
2020/12/06 16:34:55 [DEBUG] ignoring non-existing provider search directory /home/container/.local/share/terraform/plugins
[...]
2020-12-06T16:34:56.331Z [WARN]  plugin.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2020-12-06T16:34:56.332Z [DEBUG] plugin: plugin process exited: path=.terraform/providers/registry.terraform.io/terraform-provider-graylog/graylog/1.0.4/linux_amd64/terraform-provider-graylog_v1.0.4 pid=9443
2020-12-06T16:34:56.332Z [DEBUG] plugin: plugin exited
2020/12/06 16:34:56 [TRACE] vertex "provider[\"registry.terraform.io/terraform-provider-graylog/graylog\"] (close)": visit complete
2020/12/06 16:34:56 [TRACE] dag/walk: visiting "root"
2020/12/06 16:34:56 [TRACE] vertex "root": starting visit (*terraform.nodeCloseModule)
2020/12/06 16:34:56 [TRACE] vertex "root": visit complete
2020/12/06 16:34:56 [INFO] backend/local: plan operation completed
2020/12/06 16:34:56 [TRACE] statemgr.Filesystem: removing lock metadata file .terraform.tfstate.lock.info
2020/12/06 16:34:56 [TRACE] statemgr.Filesystem: unlocking terraform.tfstate using fcntl flock

Define an alias to use this functionality on-demand.

$ alias terradebug="TF_LOG_PATH=terraform-\$(date +%Y%m%d_%H%S).log TF_LOG=TRACE ./terraform"
$ terradebug plan
$ ls -l terraform*.log
-rw-r--r-- 1 vagrant vagrant 42170 Dec  6 16:41 terraform-20201206_1638.log