Terraform Enterprise Containers (Replicated)

Avatar
Jacob McSwain
  • Updated

Introduction

HashiCorp utilizes Docker containers to facilitate the runtime of various services used by Terraform Enterprise. This guide provides a reference for the roles of the primary containers in both Terraform Enterprise (Replicated deployment) and the underlying Replicated management platform.

Terraform Enterprise Containers

The following sections describe the containers used by different versions of Terraform Enterprise.

Versions Prior to v202205-1

  • ptfe_nginx - Nginx reverse proxy that facilitates access to the Terraform Enterprise services.
  • ptfe_atlas - The API and Web UI. Terraform Enterprise was previously known as Atlas.
  • ptfe_build_manager - Manages the queue of Terraform runs.
  • ptfe_build_worker - Creates workers on-demand as required by the queue. Injects variables, secrets, and Terraform configuration to a temporary ptfe_worker container.
  • ptfe_worker - Executes a Terraform plan or apply. This container can be replaced with a custom image. This ephemeral container may be created with a randomly generated name by Docker.
  • ptfe_vault - HashiCorp Vault, which utilizes transit encryption for items such as sensitive workspace variables.
  • ptfe_registry_api - Terraform Private Module Registry API.
  • ptfe_slug_ingress (or ptfe_ingress in older versions) - Listens for VCS webhooks. Packages VCS repository data as a slug and sends it to ptfe_archivist.
  • ptfe_registry_worker - Processes VCS slugs and prepares modules to be published on the Terraform Private Module Registry.
  • ptfe_sidekiq - Background job scheduler system.
  • ptfe_redis - Redis in-memory database, used for caching and the ptfe_sidekiq queue. This container is not active on Active-Active Terraform Enterprise installations.
  • ptfe_nomad - HashiCorp Nomad, which schedules Sentinel and Cost Estimation runs.
  • ptfe_archivist - Object storage API.
  • ptfe_migrations - Runs on startup only to perform database migrations from ptfe_atlas.
  • ptfe_postgres - PostgreSQL database that holds relational data, such as workspace applies and where their state is stored in object storage.
  • ptfe_state_parser - Reads Terraform state files and parses important information from them.
  • rabbitmq - RabbitMQ message queue.
  • ptfe_backup_restore - The Terraform Enterprise Backup and Restore API.
  • ptfe_outbound_http_proxy - Outbound HTTP proxy for Terraform plans and applies to facilitate blocking services, such as the host’s AWS Metadata Service if configured.
  • ptfe_health_check - Runs a periodic health check against Terraform Enterprise.
  • ptfe_base_startup - Runs on install only to initialize Terraform Enterprise for installation.
  • ptfe_registry_migrations - Runs on startup only to perform database migrations from ptfe_registry_api.
  • telegraf - Data collection agent for collecting and reporting metrics. This container runs when enable_metrics_collection is enabled.
  • influxdb - Time-series database for storing metrics data from telegraf. This container runs when enable_metrics_collection is enabled.

Versions v202205-1 and Later

  • tfe-nginx - Nginx reverse proxy that facilitates access to the Terraform Enterprise services.
  • tfe-atlas - The API and Web UI. Terraform Enterprise was previously known as Atlas.
  • tfe-build-manager - Manages the queue of Terraform runs.
  • tfe-build-worker - Creates workers on-demand as required by the queue. Injects variables, secrets, and Terraform configuration to a temporary tfe-worker container.
  • tfe-worker - Executes a Terraform plan or apply. This container can be replaced with a custom image. The image will be hashicorp/build-worker:now or a configured custom build worker image.
  • tfe-vault - HashiCorp Vault, which utilizes transit encryption for items such as sensitive workspace variables.
  • tfe-registry-api - Terraform Private Module Registry API.
  • tfe-slug-ingress - Listens for VCS webhooks. Packages VCS repository data as a slug and sends it to tfe-archivist.
  • tfe-registry-worker - Processes VCS slugs and prepares modules to be published on the Terraform Private Module Registry.
  • tfe-sidekiq - Background job scheduler system.
  • tfe-redis - Redis in-memory database, used for caching and the tfe-sidekiq queue. This container is not active on Active-Active Terraform Enterprise installations.
  • tfe-nomad - HashiCorp Nomad, which schedules Sentinel and Cost Estimation runs.
  • tfe-archivist - Object storage API.
  • tfe-migrations - Runs on startup only to perform database migrations from tfe-atlas.
  • tfe-postgres - PostgreSQL database that holds relational data.
  • tfe-postgresql-setup - PostgreSQL database setup container that initializes the database.
  • tfe-state-parser - Reads Terraform state files and parses important information from them.
  • tfe-rabbitmq - RabbitMQ message queue.
  • tfe-plan-exporter-worker - Sets up a Nomad job to extract data from Terraform plans.
  • tfe-sentinel-worker - Sets up a Nomad job to run Sentinel jobs.
  • tfe-cost-estimation - Sets up a Nomad job to run Cost Estimation jobs.
  • tfe-backup-restore - The Terraform Enterprise Backup and Restore API.
  • tfe-outbound-http-proxy - Outbound HTTP proxy for Terraform plans and applies.
  • tfe-health-check - Runs a periodic health check against Terraform Enterprise.
  • tfe-base-startup - Runs on install only to initialize Terraform Enterprise.
  • tfe-bootstrap - Runs on install only to bootstrap the Docker network required for other containers.
  • tfe-registry-migrations - Runs on startup only to perform database migrations from tfe-registry_api.
  • tfe-anchor-isolation-network - This container is attached to the Docker isolation network to prevent the network from being removed.
  • tfe-base-workers - Sets up the Terraform Build Worker base container image.
  • tfe-admin - Contains useful CLI tools for use with replicated admin.
  • telegraf - Data collection agent for collecting and reporting metrics. Runs when enable_metrics_collection is enabled.
  • influxdb - Time-series database for storing metrics data from telegraf. Runs when enable_metrics_collection is enabled.
  • tfe-fluent-bit - Forwards logs as configured by the user. Runs when log_forwarding_enabled is enabled.
  • tfe-metrics - Exposes Terraform Enterprise container metrics. Runs when enable_metrics_collection is enabled.

Replicated Containers

The following containers are part of the Replicated platform used to manage the Terraform Enterprise application.

  • replicated - The daemon that runs Replicated services and starts the application. It communicates with the external Replicated API and registry unless running in airgapped mode.
  • replicated-ui - Provides the Replicated console, which listens on host port 8800.
  • replicated-operator - A utility image to transfer files between the host and daemon and to run application containers if using the native scheduler.
  • replicated-premkit - A reverse proxy to the audit log, metrics, and integration services.
  • replicated-statsd - A metrics service that runs when the application is running.
  • support-bundle - This image runs to collect system information when you create a support bundle.
  • cmd - This image may be used for custom commands if configured in the application YAML.
  • retraced - Provides an API and worker for the audit log component. It includes the following containers:
    • retraced-processor
    • retraced-api
    • retraced-cron
  • retraced-postgres - The database for the audit log.
  • retraced-nsq - The audit log’s queue.

Articles in this section

See more

Related articles