我在【Azure Terraform】中尝试使用已经配置好吞吐量的Azure CosmosDB进行创建
大綱
使用 Terraform 进行「基础设施即代码」,通过 Azure CLI 创建一个在 Azure CosmosDB 中使用的配置文件来进行确认。
本地环境
-
- macOS Monterey 12.3.1
-
- python 3.8.12
-
- Azure CLI 2.34.1
- terraform v1.0.11
前提 – qian2 ti2 – precondition/ premise
条件 – tiao2 jian4 – condition/ requirement
-
- 确认已准备好Azure环境(租户/订阅)
-
- 确认已在本地环境安装了”azure cli”
-
- 确认已在本地环境配置了”terraform”环境
- 确认已创建了用于使用Terraform在Azure上构建环境的服务主体,并定义了用于Terraform的本地环境变量的值。
试着创建Azure CosmosDB。
创建 Terraform 定义文件
提供者的定义 zhě de
# プロバイダーの定義
terraform {
required_providers {
azurerm = "~> 2.33"
}
}
provider "azurerm" {
features {}
tenant_id = var.ARM_TENANT_ID
subscription_id = var.ARM_SUBSCRIPTION_ID
client_id = var.ARM_CLIENT_ID
client_secret = var.ARM_CLIENT_SECRET
}
# リソースグループ
resource "azurerm_resource_group" "this" {
name = var.resource_group_name
location = var.region
tags = var.tags_def
}
参数定义文件
# 環境変数(Azureサービスプリンシパル)
variable ARM_TENANT_ID {}
variable ARM_SUBSCRIPTION_ID {}
variable ARM_CLIENT_ID {}
variable ARM_CLIENT_SECRET {}
# タグ情報
variable tags_def {
default = {
owner = "ituru"
period = "2022-06-30"
CostCenter = "PSG2"
Environment = "CPDemo"
}
}
# 各種パラメータ
variable region {} // 利用リージョン
variable resource_group_name {} // リソースグループ名
variable cosmosdb_account_name {} // CosmosDBアカウント名
variable database_name {} // CosmosDB Database名
variable container_name {} // CosmosDB Container(Table)名
参数值定义文件
# 環境変数の定義(Azureサービスプリンシパル)
ARM_TENANT_ID = "zzzzzzzz-cccc-4645-5757-zzzzzzzzzzzz"
ARM_SUBSCRIPTION_ID = "yyyyyyyy-1717-4343-9779-yyyyyyyyyyyy"
ARM_CLIENT_ID = "xxxxxxxx-xxxx-4444-9922-xxxxxxxxxxxx"
ARM_CLIENT_SECRET = "hogehogehogehogehogehogehogehogege"
# パラメータ値の定義
region = "japaneast" // 利用リージョン
resource_group_name = "rg_ituru_cosmosdb01" // リソースグループ名
cosmosdb_account_name = "iturucosmosdb01" // CosmosDBアカウント名
database_name = "CPDemoDB01" // CosmosDB Database名
container_name = "container01" // CosmosDB Container(Table)名
CosmosDB的定义文件
# CosmosDB Account
resource "azurerm_cosmosdb_account" "this" {
name = var.cosmosdb_account_name
location = azurerm_resource_group.this.location
resource_group_name = azurerm_resource_group.this.name
tags = var.tags_def
offer_type = "Standard"
kind = "GlobalDocumentDB"
consistency_policy {
consistency_level = "Session"
max_interval_in_seconds = 5
max_staleness_prefix = 100
}
geo_location {
location = azurerm_resource_group.this.location
failover_priority = 0
}
}
# CosmosDB Database
resource "azurerm_cosmosdb_sql_database" "this" {
name = var.database_name
resource_group_name = azurerm_cosmosdb_account.this.resource_group_name
account_name = azurerm_cosmosdb_account.this.name
throughput = 400
}
# CosmosDB Container
resource "azurerm_cosmosdb_sql_container" "this" {
name = var.container_name
resource_group_name = azurerm_cosmosdb_account.this.resource_group_name
account_name = azurerm_cosmosdb_account.this.name
database_name = azurerm_cosmosdb_sql_database.this.name
partition_key_path = "/section"
partition_key_version = 1
throughput = 400
}
输出定义文件 (Output definition file)
# CosmosDBのアカウントエンドポイントURIを出力
output "cosmosdb_account_endpoint" {
value = azurerm_cosmosdb_account.this.endpoint
}
# CosmosDBのアカウントKey情報を出力
output "cosmosdb_account_key" {
value = azurerm_cosmosdb_account.this.primary_key
sensitive = true
}
# CosmosDBのアカウント接続文字列を出力
output "cosmosdb_account_connect" {
value = azurerm_cosmosdb_account.this.connection_strings
sensitive = true
}
执行 Terraform
## init
$ terraform init
:
Terraform has been successfully initialized!
## plan
$ terraform plan
:
Plan: 4 to add, 0 to change, 0 to destroy.
## apply
$ terraform apply
:
Apply complete! Resources: 4 added, 0 changed, 0 destroyed.
本地工作目录的情况
$ tree -a
.
├── .terraform
│ └── providers
│ └── registry.terraform.io
│ └── hashicorp
│ └── azurerm
│ └── 2.99.0
│ └── darwin_amd64
│ └── terraform-provider-azurerm_v2.99.0_x5
├── .terraform.lock.hcl
├── cosmosdb.tf
├── main.tf
├── outputs.tf
├── terraform.tfstate
├── terraform.tfstate.backup
├── terraform.tfvars
└── variables.tf
执行 Terraform 后的确认
通过 Azure CLI 进行确认。
## 作成先サブスクリプションへの接続
$ az account set --subscription '<Subscription_Name>'
## Azure Cosmos DB データベース アカウントの一覧表示
$ az cosmosdb list -g rg_ituru_cosmosdb01 -o table
DatabaseAccountOfferType DefaultIdentity DisableKeyBasedMetadataWriteAccess DisableLocalAuth DocumentEndpoint EnableAnalyticalStorage EnableAutomaticFailover EnableFreeTier EnableMultipleWriteLocations InstanceId IsVirtualNetworkFilterEnabled Kind Location Name NetworkAclBypass ProvisioningState PublicNetworkAccess ResourceGroup
-------------------------- ------------------ ------------------------------------ ------------------ ------------------------------------------------ ------------------------- ------------------------- ---------------- ------------------------------ ------------------------------------ ------------------------------- ---------------- ---------- --------------- ------------------ ------------------- --------------------- -------------------
Standard FirstPartyIdentity False False https://iturucosmosdb01.documents.azure.com:443/ False False False False 37383738-aeae-4224-a66a-555a633360ed False GlobalDocumentDB Japan East iturucosmosdb01 None Succeeded Enabled rg_ituru_cosmosdb01
## Azure Cosmos DB アカウントの下にSQL データベースの一覧表示
$ az cosmosdb sql database list -g rg_ituru_cosmosdb01 -a iturucosmosdb01
[
{
"id": "/subscriptions/yyyyyyyy-1717-4343-9779-yyyyyyyyyyyy/resourceGroups/rg_ituru_cosmosdb01/providers/Microsoft.DocumentDB/databaseAccounts/iturucosmosdb01/sqlDatabases/CPDemoDB01",
"location": null,
"name": "CPDemoDB01",
"options": null,
"resource": {
"_self": "dbs/qyhAAA==/",
"colls": "colls/",
"etag": "\"0000b611-0000-2300-0000-627be1770000\"",
"id": "CPDemoDB01",
"rid": "qyhAAA==",
"ts": 1652285815.0,
"users": "users/"
},
"resourceGroup": "rg_ituru_cosmosdb01",
"tags": null,
"type": "Microsoft.DocumentDB/databaseAccounts/sqlDatabases"
}
]
## Azure Cosmos DB SQL データベースの下にあるSQL コンテナーの一覧表示
$ az cosmosdb sql container list -g rg_ituru_cosmosdb01 -a iturucosmosdb01 -d CPDemoDB01
[
{
"id": "/subscriptions/yyyyyyyy-1717-4343-9779-yyyyyyyyyyyy/resourceGroups/rg_ituru_cosmosdb01/providers/Microsoft.DocumentDB/databaseAccounts/iturucosmosdb01/sqlDatabases/CPDemoDB01/containers/tbl01",
"location": null,
"name": "container01",
"options": null,
"resource": {
"_conflicts": "conflicts/",
"_docs": "docs/",
"_self": "dbs/qyhAAA==/colls/qyhAAO0mfuc=/",
"_sprocs": "sprocs/",
"_triggers": "triggers/",
"_udfs": "udfs/",
"analyticalStorageTtl": null,
"conflictResolutionPolicy": {
"conflictResolutionPath": "/_ts",
"conflictResolutionProcedure": "",
"mode": "LastWriterWins"
},
"defaultTtl": null,
"etag": "\"0000ba11-0000-2300-0000-627be1970000\"",
"geospatialConfig": {
"type": "Geography"
},
"id": "tbl01",
"indexingPolicy": {
"automatic": true,
"compositeIndexes": null,
"excludedPaths": [
{
"path": "/\"_etag\"/?"
}
],
"includedPaths": [
{
"indexes": null,
"path": "/*"
}
],
"indexingMode": "consistent",
"spatialIndexes": null
},
"partitionKey": {
"kind": "Hash",
"paths": [
"/section"
],
"systemKey": null,
"version": 1
},
"rid": "qyhAAO0mfuc=",
"ts": 1652285847.0,
"uniqueKeyPolicy": {
"uniqueKeys": []
}
},
"resourceGroup": "rg_ituru_cosmosdb01",
"tags": null,
"type": "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers"
}
]
删除已创建的资源
## destroy
$ terraform destroy
总结
通过Terraform,您可以轻松地在Azure环境中使用预配置的吞吐量配置创建Azure CosmosDB。尽管使用Azure Portal或Azure CLI进行构建也不错,但将其纳入基础设施即代码(IaC)也是一个不错的选择。
