在AWS上的Terraform简易教程
总结
使用Terraform的AWS和CLI来启动,更改和停止实例的教程。旨在帮助理解Terraform的基本概念,即计划-应用-显示循环。
以下是這篇文章的中文譯文:
追記
Terraform的部落格投稿,參考譯文 – Qiita
http://qiita.com/zembutsu/items/402e02950ce9d59fa0e6
Terraform入門日本語譯 – Qiita
http://qiita.com/zembutsu/items/84f5478701c5391df537
Terraform 是什么
歐普源科技(Hashicorp)是創建了Vagrant、Packer、Serf和Consul的公司,他們在7月28日推出了一個新的開源產品。
Terraform
http://www.terraform.io/
Terraform – HashiCorp
http://www.hashicorp.com/blog/terraform.html
Terraform 是一个安全高效的工具,用于构建、修改和版本化基础架构。Terraform 可以管理已存在的热门服务提供商和定制内部解决方案。
Terraform是一个安全高效的工具,可用于构建、更改和版本控制基础设施环境。Terraform还能管理现有知名服务提供商提供的内部服务。
准备工作
-
- AWS のアカウント
Access Key ID
Secret Access Key
t1.micro インスタンス利用料金($0.8ドルくらい)が実費で必要
下载并验证Terraform操作
Terraform提供了针对MacOS(AMD64)、Linux(i386,AMD64)和Windows(i386)的二进制文件,可从下载页面获取。以下是有关Linux版本的下载和解压步骤。在进行解压之前创建目录是为了将二进制文件解压到当前目录。
$ mkdir terraform
$ cd terraform
$ wget -O 0.1.0_linux_amd64.zip https://dl.bintray.com/mitchellh/terraform/0.1.0_linux_amd64.zip
$ unzip ./0.1.0_linux_amd64.zip
Archive: ./0.1.0_linux_amd64.zip
inflating: terraform
inflating: terraform-provider-aws
inflating: terraform-provider-consul
inflating: terraform-provider-digitalocean
inflating: terraform-provider-dnsimple
inflating: terraform-provider-heroku
inflating: terraform-provisioner-file
inflating: terraform-provisioner-local-exec
inflating: terraform-provisioner-remote-exec
确认操作只需直接执行命令即可。
如果有必要的话,将它复制到已经过路径设置的/usr/bin/terraform目录中。
$ ./terraform --version
Terraform v0.1.0
$ ./terraform
usage: terraform [--version] [--help] <command> [<args>]
Available commands are:
apply Builds or changes infrastructure
graph Create a visual graph of Terraform resources
output Read an output from a state file
plan Generate and show an execution plan
refresh Update local state file against real resources
show Inspect Terraform state or plan
version Prints the Terraform version
使用Terraform
建设基础设施
准备设置文件
首先,创建一个定义文件。文件扩展名为*.tf。在这里创建一个名为aws.tf的文件。
provider "aws" {
access_key = "自分のACCESS_KEY_をここに"
secret_key = "自分のSECRET_KEY_をここに"
region = "us-east-1"
}
resource "aws_instance" "example" {
ami = "ami-408c7f28"
instance_type = "t1.micro"
}
在执行terraform时,会自动加载当前目录中的*.tf文件。
计划:计划
由于要建立新的基础设施环境,可以使用plan命令来确认更改的内容。
$ ./terraform plan
Refreshing Terraform state prior to plan...
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed.
Note: You didn't specify an "-out" parameter to save this plan, so when
"apply" is called, Terraform can't guarantee this is what will execute.
+ aws_instance.example
ami: "" => "ami-408c7f28"
availability_zone: "" => "<computed>"
instance_type: "" => "t1.micro"
key_name: "" => "<computed>"
private_dns: "" => "<computed>"
private_ip: "" => "<computed>"
public_dns: "" => "<computed>"
public_ip: "" => "<computed>"
security_groups: "" => "<computed>"
subnet_id: "" => "<computed>"
在这里,可以确认正在尝试读取在配置文件中定义的 AMI ami-408c7f28,并且实例类型为 t1.micro。
应用程序启动实例。
当执行terraform apply时,会执行之前用plan确认过的内容。
$ ./terraform apply
aws_instance.example: Creating...
ami: "" => "ami-408c7f28"
instance_type: "" => "t1.micro"
aws_instance.example: Creation complete
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
The state of your infrastructure has been saved to the path
below. This state is required to modify and destroy your
infrastructure, so keep it safe. To inspect the complete state
use the `terraform show` command.
State path: terraform.tfstate
当时,检查AWS管理控制台时,可以确认实际上开始启动实例。
用show来确认进展情况
可以查看与实例相关的信息,例如公共IP和私有IP等。在show命令中,参数是必需的。在应用时,使用默认的输出文件terraform.tfstate来确认情况。
$ ./terraform show terraform.tfstate
aws_instance.example:
id = i-98c6ddb3
ami = ami-408c7f28
availability_zone = us-east-1d
instance_type = t1.micro
key_name =
private_dns = ip-10-178-172-29.ec2.internal
private_ip = 10.178.172.29
public_dns = ec2-107-20-63-177.compute-1.amazonaws.com
public_ip = 107.20.63.177
security_groups.# = 1
security_groups.0 = default
subnet_id =
以上是指实例启动完成。
改变
请编辑之前创建的 aws.tf 文件,将 AMI 类型更改为其他选项。
resource "aws_instance" "example" {
ami = "ami-aa7ab6c2"
instance_type = "t1.micro"
}
为了更换AMI,执行计划并确认预计的更改内容。
$ ./terraform plan
Refreshing Terraform state prior to plan...
aws_instance.example: Refreshing state... (ID: i-98c6ddb3)
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed.
Note: You didn't specify an "-out" parameter to save this plan, so when
"apply" is called, Terraform can't guarantee this is what will execute.
-/+ aws_instance.example
ami: "ami-408c7f28" => "ami-aa7ab6c2" (forces new resource)
availability_zone: "us-east-1d" => "<computed>"
key_name: "" => "<computed>"
private_dns: "ip-10-178-172-29.ec2.internal" => "<computed>"
private_ip: "10.178.172.29" => "<computed>"
public_dns: "ec2-107-20-63-177.compute-1.amazonaws.com" => "<computed>"
public_ip: "107.20.63.177" => "<computed>"
security_groups: "" => "<computed>"
subnet_id: "" => "<computed>"
为了应用更改内容,请执行“apply”。
$ ./terraform apply
aws_instance.example: Refreshing state... (ID: i-98c6ddb3)
aws_instance.example: Destroying...
aws_instance.example: Destruction complete
aws_instance.example: Modifying...
ami: "ami-408c7f28" => "ami-aa7ab6c2"
aws_instance.example: Modifications complete
Apply complete! Resources: 0 added, 1 changed, 1 destroyed.
The state of your infrastructure has been saved to the path
below. This state is required to modify and destroy your
infrastructure, so keep it safe. To inspect the complete state
use the `terraform show` command.
State path: terraform.tfstate
当再次检查AWS管理控制台时,可以确认AMI已被更换。此时,可以看到实例的状态与show命令显示的内容相匹配。
$ ./terraform show terraform.tfstate
aws_instance.example:
id = i-dbf2e9f0
ami = ami-aa7ab6c2
availability_zone = us-east-1d
instance_type = t1.micro
key_name =
private_dns = ip-10-9-160-50.ec2.internal
private_ip = 10.9.160.50
public_dns = ec2-54-82-34-124.compute-1.amazonaws.com
public_ip = 54.82.34.124
security_groups.# = 1
security_groups.0 = default
subnet_id =
执行计划后发现已经没有需要更改的地方。
$ ./terraform plan
Refreshing Terraform state prior to plan...
aws_instance.example: Refreshing state... (ID: i-dbf2e9f0)
No changes. Infrastructure is up-to-date. This means that Terraform
could not detect any differences between your configuration and
the real physical resources that exist. As a result, Terraform
doesn't need to do anything.
实例结束
当销毁实例时,首先需要进行计划。由于我们想要销毁目标已有的环境,因此按如下方式创建。
$ ./terraform plan -destroy -out=./terraform.tfplan
Refreshing Terraform state prior to plan...
aws_instance.example: Refreshing state... (ID: i-dbf2e9f0)
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed.
Your plan was also saved to the path below. Call the "apply" subcommand
with this plan file and Terraform will exactly execute this execution
plan.
Path: ./terraform.tfplan
- aws_instance.example
然后,通过apply应用并应用废弃的设置信息。
$ ./terraform apply ./terraform.tfplan
aws_instance.example: Destroying...
aws_instance.example: Destruction complete
Apply complete! Resources: 0 added, 0 changed, 1 destroyed.
在AWS管理控制台上再次确认,可以看到目标实例正在被终止(terminate)。
下一步
其他文件:
ElasticIP の定義と適用
http://www.terraform.io/intro/getting-started/dependencies.html
プロビジョナーの定義 (構成管理ツール適用)
http://www.terraform.io/intro/getting-started/provision.html
リージョン変更
http://www.terraform.io/intro/getting-started/variables.html
Web DB 構成
http://www.terraform.io/intro/examples/aws.html
複数の事業者をまたぐ
http://www.terraform.io/intro/examples/cross-provider.html
設定例
http://www.terraform.io/intro/examples/count.html
Consul 連携例
http://www.terraform.io/intro/examples/consul.html
…等等,具体详情请访问 http://www.terraform.io/
以下是一个自然的中文版本:
请引用
-
- Installing Terraform – Terraform
http://www.terraform.io/intro/getting-started/install.html
