How to start Terraform Enterprise container without the application itself

Introduction

When you start the Terraform Enterprise container, it automatically launches all internal processes. If a configuration error exists, the container may crash, making it difficult to troubleshoot since some logs can become inaccessible.

Expected Outcome

This guide provides procedures to start the Terraform Enterprise container without automatically initiating its application processes. This approach allows you to manually start the application, ensuring the container remains running even if a process fails, which provides full access to all logs for troubleshooting.

Prerequisites

• A Terraform Enterprise installation using Flexible Deployment Options (FDO).

Procedure

This procedure covers three common container environments: Docker, Podman, and Kubernetes/OpenShift.

Option 1: Docker

1. Alter the compose.yaml file to add a different entrypoint that keeps the container running without starting the application.

   version: "3.9"
   name: terraform-enterprise
   services:
     tfe:
       image: images.releases.hashicorp.com/hashicorp/terraform-enterprise:v202409-3
       entrypoint: ["sleep", "infinity"]

2. Start the container.

   $ docker compose up --detach

3. Connect to the running container.

   $ docker exec -it terraform-enterprise-tfe-1 bash

4. From inside the container, manually start the Terraform Enterprise application components.

   $ /usr/local/bin/supervisord-run

Option 2: Podman

1. Alter the tfe.yaml file to add a command that keeps the container running without starting the application.

   apiVersion: "v1"
   kind: "Pod"
   metadata:
     labels:
       app: "terraform-enterprise"
     name: "terraform-enterprise"
   spec:
     restartPolicy: "Never"
     containers:
       - image: "images.releases.hashicorp.com/hashicorp/terraform-enterprise:v202410-1"
         command: ["sleep", "infinity"]

2. Stop the current pod, remove it, and restart it with the new settings.

   $ podman pod stop terraform-enterprise
   $ podman pod rm terraform-enterprise
   $ podman play kube /opt/tfe/tfe.yaml

3. Connect to the running container.

   $ podman exec -it terraform-enterprise-terraform-enterprise bash

4. From inside the container, manually start the Terraform Enterprise application components.

   $ /usr/local/bin/supervisord-run

Option 3: Kubernetes/OpenShift

1. If the pod is failing, it may appear in a CrashLoopBackOff state.

   $ kubectl -n terraform-enterprise get pods
   ## NAME                                   READY   STATUS             RESTARTS   AGE
   ## terraform-enterprise-69f4866769-h8lq4   0/1     CrashLoopBackOff   5          1h

2. Edit the deployment to override the default entrypoint.

   $ kubectl -n terraform-enterprise edit deployment terraform-enterprise

3. In the editor, add the command directive to the container specification.

   spec:
     containers:
       - image: images.releases.hashicorp.com/hashicorp/terraform-enterprise:v202410-1
         command: ["sleep","infinity"]

4. After saving the changes, Kubernetes creates a new pod that should remain in a Running state.

   $ kubectl -n terraform-enterprise get pods
   ## NAME                                   READY   STATUS    RESTARTS   AGE
   ## terraform-enterprise-69f4866769-hxlq5   1/1     Running   0          5m

5. Connect to the new, stable pod.

   $ kubectl -n terraform-enterprise exec -it terraform-enterprise-69f4866769-hxlq5 -- bash

6. From inside the container, manually start the Terraform Enterprise application components.

   $ /usr/local/bin/supervisord-run

Reviewing Logs

If the application crashes after being started manually, the container will remain active, allowing you to review all logs in the /var/log/terraform-enterprise/ directory.

$ ls -al /var/log/terraform-enterprise/
## total 96
## drwxrwxr-x. 2 root               root                460 .
## drwxr-xr-x. 1 root               root                 36 ..
## -rw-r--r--. 1 terraform-enterprise root               1737 archivist.log
## -rw-r--r--. 1 terraform-enterprise root               1673 atlas.log
## -rw-r--r--. 1 terraform-enterprise root               1519 backup-restore.log
## -rw-r--r--. 1 terraform-enterprise root              10036 licensing.log
## -rw-r--r--. 1 terraform-enterprise root                774 metrics.log
## -rw-r--r--. 1 nginx              nginx                 0 nginx-access.log
## -rw-r--r--. 1 nginx              nginx                 0 nginx-error.log
## -rw-r--r--. 1 terraform-enterprise root                  0 nginx.log
## -rw-r--r--. 1 terraform-enterprise root                215 outbound-http-proxy.log
## -rw-r--r--. 1 terraform-enterprise root               2749 postgres.log
## -rw-r--r--. 1 terraform-enterprise root               1616 redis.log
## -rw-r--r--. 1 terraform-enterprise root               1978 sidekiq.log
## -rw-r--r--. 1 terraform-enterprise root                966 slug-ingress.log
## -rw-r--r--. 1 terraform-enterprise root               6133 supervisord.log
## -rw-r--r--. 1 terraform-enterprise root               2125 task-worker.log
## -rw-r--r--. 1 terraform-enterprise root              10808 terraform-enterprise.log
## -rw-r--r--. 1 terraform-enterprise root               3098 terraform-registry-api.log
## -rw-r--r--. 1 terraform-enterprise root               2631 terraform-registry-worker.log
## -rw-r--r--. 1 terraform-enterprise root                753 terraform-state-parser.log
## -rw-r--r--. 1 terraform-enterprise root                116 tfe-health-check.log
## -rw-r--r--. 1 terraform-enterprise root               8174 vault.log

Additional Information

• For more details on this deployment model, refer to the Terraform Enterprise Flexible Deployment Options (FDO) documentation.