我在【Azure Terraform】中尝试使用已经配置好吞吐量的Azure CosmosDB进行创建

大綱

使用 Terraform 进行「基础设施即代码」,通过 Azure CLI 创建一个在 Azure CosmosDB 中使用的配置文件来进行确认。

本地环境

    • macOS Monterey 12.3.1

 

    • python 3.8.12

 

    • Azure CLI 2.34.1

 

    terraform v1.0.11

前提 – qian2 ti2 – precondition/ premise
条件 – tiao2 jian4 – condition/ requirement

    1. 确认已准备好Azure环境(租户/订阅)

 

    1. 确认已在本地环境安装了”azure cli”

 

    1. 确认已在本地环境配置了”terraform”环境

 

    确认已创建了用于使用Terraform在Azure上构建环境的服务主体,并定义了用于Terraform的本地环境变量的值。

试着创建Azure CosmosDB。

创建 Terraform 定义文件

提供者的定义 zhě de

# プロバイダーの定義
terraform {
  required_providers {
    azurerm =  "~> 2.33"
  }
}

provider "azurerm" {
  features {}
  tenant_id       = var.ARM_TENANT_ID
  subscription_id = var.ARM_SUBSCRIPTION_ID
  client_id       = var.ARM_CLIENT_ID
  client_secret   = var.ARM_CLIENT_SECRET
}


# リソースグループ
resource "azurerm_resource_group" "this" {
  name     = var.resource_group_name
  location = var.region
  tags     = var.tags_def
}

参数定义文件

# 環境変数(Azureサービスプリンシパル)
variable ARM_TENANT_ID {}
variable ARM_SUBSCRIPTION_ID {}
variable ARM_CLIENT_ID {}
variable ARM_CLIENT_SECRET {}

# タグ情報
variable tags_def {
  default = {
    owner      = "ituru"
    period     = "2022-06-30"
    CostCenter = "PSG2"
    Environment = "CPDemo"
  }
}

# 各種パラメータ
variable region {}                  // 利用リージョン
variable resource_group_name {}     // リソースグループ名

variable cosmosdb_account_name {}   // CosmosDBアカウント名
variable database_name {}           // CosmosDB Database名
variable container_name {}          // CosmosDB Container(Table)名

参数值定义文件

# 環境変数の定義(Azureサービスプリンシパル)
ARM_TENANT_ID       = "zzzzzzzz-cccc-4645-5757-zzzzzzzzzzzz"
ARM_SUBSCRIPTION_ID = "yyyyyyyy-1717-4343-9779-yyyyyyyyyyyy"
ARM_CLIENT_ID       = "xxxxxxxx-xxxx-4444-9922-xxxxxxxxxxxx"
ARM_CLIENT_SECRET   = "hogehogehogehogehogehogehogehogege"

# パラメータ値の定義
region                  = "japaneast"           // 利用リージョン
resource_group_name     = "rg_ituru_cosmosdb01" // リソースグループ名
cosmosdb_account_name   = "iturucosmosdb01"     // CosmosDBアカウント名
database_name           = "CPDemoDB01"          // CosmosDB Database名
container_name          = "container01"         // CosmosDB Container(Table)名

CosmosDB的定义文件

# CosmosDB Account
resource "azurerm_cosmosdb_account" "this" {
  name                = var.cosmosdb_account_name
  location            = azurerm_resource_group.this.location
  resource_group_name = azurerm_resource_group.this.name
  tags                = var.tags_def
  offer_type          = "Standard"
  kind                = "GlobalDocumentDB"

  consistency_policy {
    consistency_level       = "Session"
    max_interval_in_seconds = 5
    max_staleness_prefix    = 100
  }

  geo_location {
    location          = azurerm_resource_group.this.location
    failover_priority = 0
  }
}

# CosmosDB Database
resource "azurerm_cosmosdb_sql_database" "this" {
  name                = var.database_name
  resource_group_name = azurerm_cosmosdb_account.this.resource_group_name
  account_name        = azurerm_cosmosdb_account.this.name
  throughput          = 400
}

# CosmosDB Container
resource "azurerm_cosmosdb_sql_container" "this" {
  name                  = var.container_name
  resource_group_name   = azurerm_cosmosdb_account.this.resource_group_name
  account_name          = azurerm_cosmosdb_account.this.name
  database_name         = azurerm_cosmosdb_sql_database.this.name
  partition_key_path    = "/section"
  partition_key_version = 1
  throughput            = 400
}

输出定义文件 (Output definition file)

# CosmosDBのアカウントエンドポイントURIを出力
output "cosmosdb_account_endpoint" {
  value = azurerm_cosmosdb_account.this.endpoint
}

# CosmosDBのアカウントKey情報を出力
output "cosmosdb_account_key" {
  value = azurerm_cosmosdb_account.this.primary_key
  sensitive = true
}

# CosmosDBのアカウント接続文字列を出力
output "cosmosdb_account_connect" {
  value = azurerm_cosmosdb_account.this.connection_strings
  sensitive = true
}

执行 Terraform

## init
$ terraform init
    :
Terraform has been successfully initialized!

## plan
$ terraform plan
    :
Plan: 4 to add, 0 to change, 0 to destroy.

## apply
$ terraform apply
    :
Apply complete! Resources: 4 added, 0 changed, 0 destroyed.

本地工作目录的情况

$ tree -a
.
├── .terraform
│   └── providers
│       └── registry.terraform.io
│           └── hashicorp
│               └── azurerm
│                   └── 2.99.0
│                       └── darwin_amd64
│                           └── terraform-provider-azurerm_v2.99.0_x5
├── .terraform.lock.hcl
├── cosmosdb.tf
├── main.tf
├── outputs.tf
├── terraform.tfstate
├── terraform.tfstate.backup
├── terraform.tfvars
└── variables.tf

执行 Terraform 后的确认

通过 Azure CLI 进行确认。

## 作成先サブスクリプションへの接続
$ az account set --subscription '<Subscription_Name>'


## Azure Cosmos DB データベース アカウントの一覧表示
$ az cosmosdb list -g rg_ituru_cosmosdb01 -o table                       
DatabaseAccountOfferType    DefaultIdentity     DisableKeyBasedMetadataWriteAccess    DisableLocalAuth    DocumentEndpoint                                  EnableAnalyticalStorage    EnableAutomaticFailover    EnableFreeTier    EnableMultipleWriteLocations    InstanceId                            IsVirtualNetworkFilterEnabled    Kind              Location    Name             NetworkAclBypass    ProvisioningState    PublicNetworkAccess    ResourceGroup
--------------------------  ------------------  ------------------------------------  ------------------  ------------------------------------------------  -------------------------  -------------------------  ----------------  ------------------------------  ------------------------------------  -------------------------------  ----------------  ----------  ---------------  ------------------  -------------------  ---------------------  -------------------
Standard                    FirstPartyIdentity  False                                 False               https://iturucosmosdb01.documents.azure.com:443/  False                      False                      False             False                           37383738-aeae-4224-a66a-555a633360ed  False                            GlobalDocumentDB  Japan East  iturucosmosdb01  None                Succeeded            Enabled                rg_ituru_cosmosdb01


## Azure Cosmos DB アカウントの下にSQL データベースの一覧表示
$ az cosmosdb sql database list -g rg_ituru_cosmosdb01 -a iturucosmosdb01         
[
  {
    "id": "/subscriptions/yyyyyyyy-1717-4343-9779-yyyyyyyyyyyy/resourceGroups/rg_ituru_cosmosdb01/providers/Microsoft.DocumentDB/databaseAccounts/iturucosmosdb01/sqlDatabases/CPDemoDB01",
    "location": null,
    "name": "CPDemoDB01",
    "options": null,
    "resource": {
      "_self": "dbs/qyhAAA==/",
      "colls": "colls/",
      "etag": "\"0000b611-0000-2300-0000-627be1770000\"",
      "id": "CPDemoDB01",
      "rid": "qyhAAA==",
      "ts": 1652285815.0,
      "users": "users/"
    },
    "resourceGroup": "rg_ituru_cosmosdb01",
    "tags": null,
    "type": "Microsoft.DocumentDB/databaseAccounts/sqlDatabases"
  }
]


## Azure Cosmos DB SQL データベースの下にあるSQL コンテナーの一覧表示
$ az cosmosdb sql container list -g rg_ituru_cosmosdb01 -a iturucosmosdb01 -d CPDemoDB01
[
  {
    "id": "/subscriptions/yyyyyyyy-1717-4343-9779-yyyyyyyyyyyy/resourceGroups/rg_ituru_cosmosdb01/providers/Microsoft.DocumentDB/databaseAccounts/iturucosmosdb01/sqlDatabases/CPDemoDB01/containers/tbl01",
    "location": null,
    "name": "container01",
    "options": null,
    "resource": {
      "_conflicts": "conflicts/",
      "_docs": "docs/",
      "_self": "dbs/qyhAAA==/colls/qyhAAO0mfuc=/",
      "_sprocs": "sprocs/",
      "_triggers": "triggers/",
      "_udfs": "udfs/",
      "analyticalStorageTtl": null,
      "conflictResolutionPolicy": {
        "conflictResolutionPath": "/_ts",
        "conflictResolutionProcedure": "",
        "mode": "LastWriterWins"
      },
      "defaultTtl": null,
      "etag": "\"0000ba11-0000-2300-0000-627be1970000\"",
      "geospatialConfig": {
        "type": "Geography"
      },
      "id": "tbl01",
      "indexingPolicy": {
        "automatic": true,
        "compositeIndexes": null,
        "excludedPaths": [
          {
            "path": "/\"_etag\"/?"
          }
        ],
        "includedPaths": [
          {
            "indexes": null,
            "path": "/*"
          }
        ],
        "indexingMode": "consistent",
        "spatialIndexes": null
      },
      "partitionKey": {
        "kind": "Hash",
        "paths": [
          "/section"
        ],
        "systemKey": null,
        "version": 1
      },
      "rid": "qyhAAO0mfuc=",
      "ts": 1652285847.0,
      "uniqueKeyPolicy": {
        "uniqueKeys": []
      }
    },
    "resourceGroup": "rg_ituru_cosmosdb01",
    "tags": null,
    "type": "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers"
  }
]

删除已创建的资源

## destroy
$ terraform destroy

总结

通过Terraform,您可以轻松地在Azure环境中使用预配置的吞吐量配置创建Azure CosmosDB。尽管使用Azure Portal或Azure CLI进行构建也不错,但将其纳入基础设施即代码(IaC)也是一个不错的选择。

广告
将在 10 秒后关闭
bannerAds