Changing Network Addresses in Terraform Enterprise

Introduction

The internal services that make up Terraform Enterprise use certain network addresses for communication. Terraform Enterprise expects these network addresses to be reserved exclusively for its own usage. These network addresses should not overlap with each other or any other network Terraform Enterprise is expected to communicate with. By default, Terraform Enterprise uses the following IPv4 network addresses:

• Docker: 172.17.0.0/16, 172.19.0.0/16, 172.20.0.0/16
• Replicated: 172.18.0.0/16

Use Case

The default network addresses used by Terraform Enterprise may already be in use elsewhere on the network, causing network connectivity issues for Terraform Enterprise. In such cases, it is necessary to change the network addresses that Terraform Enterprise uses.

Procedure

For installations of Terraform Enterprise, the Docker and Replicated network addresses can be changed independently. That is, you may change only one of them if so desired.

This example details how to change the Docker network addresses to 10.10.0.0/16 and 10.11.0.0/16, and the Replicated network address to 10.12.0.0/16. If you are using different network addresses, please change the values accordingly.

1. Stop the Terraform Enterprise application.

    $ sudo replicatedctl app stop

2. Ensure the Terraform Enterprise application is stopped. The output should show the State as stopped.

    $ sudo replicatedctl app status

3. Stop the Replicated services.

    $ sudo systemctl stop replicated replicated-ui replicated-operator

4. Stop all of the running Docker containers on the host.

    $ sudo docker stop $(sudo docker ps -q)

5. Delete the replicated_retraced Docker network.

    $ sudo docker network rm replicated_retraced

6. For installations running version v202104-1 or greater, delete the tfe_services and tfe_terraform_isolation Docker networks.

    $ sudo docker network rm tfe_services
    $ sudo docker network rm tfe_terraform_isolation

7. Create a new replicated_retraced Docker network using the desired network address.

    $ sudo docker network create replicated_retraced --subnet=10.12.0.0/16

8. Create the file /etc/docker/daemon.json with the following content. Note, the value of bip is a network address, not just a subnet. This is because Docker will use this IPv4 address as its bridge IP address and the rest of the subnet will be for containers Docker creates.

    {
      "bip": "10.10.0.1/16",
      "default-address-pools": [
        {
          "base": "10.11.0.0/16",
          "size": 24
        }
      ]
    }

9. Restart the Docker service.

    $ sudo systemctl restart docker

10. Start the Replicated services.

     $ sudo systemctl start replicated replicated-ui replicated-operator

11. Start the Terraform Enterprise application.

     $ sudo replicatedctl app start

12. Ensure the Terraform Enterprise application is started. The output should show the State as started.

     $ sudo replicatedctl app status

Additional Information

If you continue to experience issues after following this guide, please contact HashiCorp Support for further assistance.