我第一次尝试使用Terraform导入AWS / CloudFront!
Terraform是什么?
这是HashiCorp公司开发的基础架构定义工具。
更多详细信息请点击以下链接:
https://qiita.com/Chanmoro/items/55bf0da3aaf37dc26f73#terraform-%E4%B8%8E%E6%97%A0
Terraform Import 的意思是什么?
使用Terraform Import工具可以将现有的基础设施资源导入到Terraform中。
您可以将使用其他方法创建的资源放置在Terraform的管理下。
使用 Terraform Import 命令的方法
用法:terraform import [选项] 地址 ID
截至2019年10月9日,您只能同时导入一个资源。
例如,无法一次性导入一个整体的资源集合,比如AWS VPC。
据说这个问题将在Terraform的未来版本中得到改进!
■ 创建文件
首先,我们要创建一个文件并制作一个容器和框架。给文件命名为 instance.tf 等,根据资源类型进行分类命名会更加清楚易懂!
resource "aws_instance" "example" {
}
导入命令使用示例
您可以通过给予”aws_instance”资源类型、”example”资源名称以及要导入的实例ID来完成导入!
$ terraform import aws_instance.example i-abcd1234
在 state 文件中,将导入目标资源。
执行 terraform plan 命令以查看代码和资源之间的差异,并手动修改文件。
接下来,我将介绍我实际尝试的内容!
我尝试使用Terraform Import将CloudFront资源导入
Terraform 版本:v0.12.7
AWS 供应商版本:~> 2.14.0
投稿日期:2019/10/09
从现在开始,我们假设您已经熟悉并使用了terraform!
这次我们想要导入下面已有的CloudFront资源!请适当替换资源名称和ID。
资源类型:aws_cloudfront_distribution(CloudFront)
资源名称:例子
CloudFront的ID:XXXXXXXXXXXXX
暫時試試打terraform import
前面已经提到了,首先需要创建一个文件,并简单地填写框架。
让我们按照错误信息的提示来创建文件吧。
[terraform/envs/aws/workspace]
$ terraform import aws_cloudfront_distribution.example XXXXXXXXXXXXX
Error: resource address "aws_cloudfront_distribution.example" does not exist in the configuration.
Before importing this resource, please create its configuration in the root module. For example:
resource "aws_cloudfront_distribution" "example" {
# (resource arguments)
}
创建文件并仅编写框架部分。
[terraform/envs/aws/workspace]
$ vim cloudfront_distribution.tf
[terraform/envs/aws/workspace]
$ cat cloudfront_distribution.tf
resource "aws_cloudfront_distribution" "example" {
# (resource arguments)
}
重新运行terraform import
[terraform/envs/aws/workspace]
$ terraform import aws_cloudfront_distribution.example XXXXXXXXXXXXX
aws_cloudfront_distribution.example: Importing from ID "XXXXXXXXXXXXX"...
aws_cloudfront_distribution.example: Import prepared!
Prepared aws_cloudfront_distribution for import
aws_cloudfront_distribution.example: Refreshing state... [id=XXXXXXXXXXXXX]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
通过运行terraform plan命令来检查差异。
当我制定计划时,被告知需要各种不同的”blocks”,但”enabled”是必要的。
[terraform/envs/aws/workspace]
$ terraform plan
Error: Insufficient viewer_certificate blocks
on line 0:
(source code not available)
At least 1 "viewer_certificate" blocks are required.
Error: Insufficient default_cache_behavior blocks
on line 0:
(source code not available)
At least 1 "default_cache_behavior" blocks are required.
Error: Insufficient restrictions blocks
on line 0:
(source code not available)
At least 1 "restrictions" blocks are required.
Error: Insufficient origin blocks
on line 0:
(source code not available)
At least 1 "origin" blocks are required.
Error: Missing required argument
on cloudfront_distribution.tf line 1, in resource "aws_cloudfront_distribution" "example":
1: resource "aws_cloudfront_distribution" "example" {
The argument "enabled" is required, but no definition was found.
根据错误信息准备必填项。
我之所以决定按顺序进行,所以只制作了被错误消息告知的部分!
[terraform/envs/aws/workspace]
$ cat cloudfront_distribution.tf
resource "aws_cloudfront_distribution" "example" {
# (resource arguments)
enabled = true
origin {
}
default_cache_behavior {
}
restrictions {
}
viewer_certificate {
}
}
Terraform 计划的第二次执行。
当我进一步观察时,我发现在blocks中存在着两种类型的模式:一种是仍然需要blocks的模式,另一种是需要The argument的模式。
[/terraform/envs/aws/workspace]
$ terraform plan
Error: Insufficient geo_restriction blocks
on line 0:
(source code not available)
At least 1 "geo_restriction" blocks are required.
Error: Insufficient forwarded_values blocks
on line 0:
(source code not available)
At least 1 "forwarded_values" blocks are required.
Error: Missing required argument
on cloudfront_distribution.tf line 6, in resource "aws_cloudfront_distribution" "example":
6: origin {
The argument "domain_name" is required, but no definition was found.
Error: Missing required argument
on cloudfront_distribution.tf line 6, in resource "aws_cloudfront_distribution" "example":
6: origin {
The argument "origin_id" is required, but no definition was found.
Error: Missing required argument
on cloudfront_distribution.tf line 17, in resource "aws_cloudfront_distribution" "example":
17: default_cache_behavior {
The argument "cached_methods" is required, but no definition was found.
Error: Missing required argument
on cloudfront_distribution.tf line 17, in resource "aws_cloudfront_distribution" "example":
17: default_cache_behavior {
The argument "viewer_protocol_policy" is required, but no definition was
found.
Error: Missing required argument
on cloudfront_distribution.tf line 17, in resource "aws_cloudfront_distribution" "example":
17: default_cache_behavior {
The argument "allowed_methods" is required, but no definition was found.
Error: Missing required argument
on cloudfront_distribution.tf line 17, in resource "aws_cloudfront_distribution" "example":
17: default_cache_behavior {
The argument "target_origin_id" is required, but no definition was found.
这就是一种重复的感觉!
terraform plan → 阅读错误消息 → 按照错误提示写入文件
通过反复执行这个步骤,将现有的基础设施资源和代码变为相同的状态。
总结
①制作一个框架。
②导入。
③反复记录错误计划描述。
目前来看,导入功能并不是非常方便!会经常看到很多错误信息,需要反复进行细致的修正工作。
不过,相反地,只要能读懂错误信息,我觉得就没有什么可怕的,所以如果还有尚未进行代码化的基础设施资源,一定要试一试!
试了之后,感觉比最初想象的要简单得多!
感谢您一直阅读到最后!
请提供相关链接
(Google Translate)
由于Terraform能够积极地进行更新,因此让我们密切关注官方资讯吧!