Terrafom v0.8升级至Terrafom v0.9时如何迁移S3的状态管理文件
这是有关在升级Terraform时需要迁移保存在S3的状态管理文件的操作记录。
Terraform的升级
从https://www.terraform.io/downloads.html下载适合环境的文件,并解压缩。将解压后生成的terraform文件放置在路径中。例如,可以将路径设置如下。
export PATH=$PATH:${HOME}/.terraform_0.9.3_darwin_amd64
状态管理文件的迁移
执行Terraform升级本身只需要几分钟,但是运行plan命令时会显示以下消息。
$ terraform plan
Deprecation warning: This environment is configured to use legacy remote state.
Remote state changed significantly in Terraform 0.9. Please update your remote
state configuration to use the new 'backend' settings. For now, Terraform
will continue to use your existing settings. Legacy remote state support
will be removed in Terraform 0.11.
You can find a guide for upgrading here:
https://www.terraform.io/docs/backends/legacy-0-8.html
There are warnings related to your configuration. If no errors occurred,
Terraform will continue despite these warnings. It is a good idea to resolve
these warnings in the near future.
据看到的消息,似乎在Terraform升级到v0.9时,状态管理文件的管理方法发生了变化。
从消息来看,似乎在v0.11之前不需要进行任何修改就可以继续使用,但是根据这个链接 https://www.terraform.io/docs/backends/legacy-0-8.html,在升级到v0.10时可能需要进行迁移工作,所以我会按照上述链接中的步骤进行迁移到新的状态管理文件。
获取现有的状态管理文件
从远程获取最新的状态管理文件。
$terraform remote pull
本地状态管理文件的备份
将.terraform/terraform.tfstate文件放置在terraform项目之外。
$cp .terraform/terraform.tfstate /tmp/
在后端配置中添加设置
创建后端配置文件。
由于之前已经将状态管理文件放在了S3上,所以我参考了以下网址并创建了backend.tf文件。
https://www.terraform.io/docs/backends/types/s3.html
terraform {
backend "s3" {
bucket = "terraform-state"
key = "tf"
region = "ap-northeast-1"
}
}
执行init命令
执行后端初始化命令。
$ terraform init -backend=true -force-copy -lock=false
Initializing the backend...
New backend configuration detected with legacy remote state!
Terraform has detected that you're attempting to configure a new backend.
At the same time, legacy remote state configuration was found. Terraform will
first configure the new backend, and then ask if you'd like to migrate
your remote state to the new backend.
Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your environment. If you forget, other
commands will detect it and remind you to do so if necessary.
看起来已成功地进行了迁移,显示了类似上述的消息。
使用terraform plan进行操作确认
最后,我将尝试通过 terraform plan 进行操作确认。
已消除警告,回到正常状态。
$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
...
追加:通过Amazon DynamoDB来添加状态锁定设置。
Terraform v0.9版本新增了状态管理文件的锁定功能。
如果您将状态管理文件保存在S3上,可以使用DynamoDB来使用锁定功能。
我将参考这里的内容,尝试将其转化为有效的状态锁定。
resource "aws_dynamodb_table" "terraform_statelock" {
name = "terraform-state-lock"
read_capacity = 20
write_capacity = 20
hash_key = "LockID"
attribute {
name = "LockID"
type = "S"
}
}
创建一个像上述tf文件一样的tf文件并使用terraform apply命令创建需要的DynamoDB表来实现状态锁。在创建DynamoDB表之后,修改后端配置文件。
terraform {
backend "s3" {
bucket = "terraform-state"
key = "tf"
region = "ap-northeast-1"
lock_table = "terraform-state-lock"
}
}
在这个状态下运行terraform plan命令会显示以下消息。
$ terraform plan
Backend reinitialization required. Please run "terraform init".
Reason: Backend configuration changed for "s3"
The "backend" is the interface that Terraform uses to store state,
perform operations, etc. If this message is showing up, it means that the
Terraform configuration you're using is using a custom configuration for
the Terraform backend.
Changes to backend configurations require reinitialization. This allows
Terraform to setup the new configuration, copy existing state, etc. This is
only done during "terraform init". Please run that command now then try again.
If the change reason above is incorrect, please verify your configuration
hasn't changed and try again. At this point, no changes to your existing
configuration or state have been made.
Failed to load backend: Initialization required. Please see the error message above.
根据要求,在更改后端配置文件后,请执行 terraform init。
$ terraform init
Initializing the backend...
Backend configuration changed!
Terraform has detected that the configuration specified for the backend
has changed. Terraform will now reconfigure for this backend. If you didn't
intend to reconfigure your backend please undo any changes to the "backend"
section in your Terraform configuration.
Do you want to copy the state from "s3"?
Would you like to copy the state from your prior backend "s3" to the
newly configured "s3" backend? If you're reconfiguring the same backend,
answering "yes" or "no" shouldn't make a difference. Please answer exactly
"yes" or "no".
Enter a value: yes
Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your environment. If you forget, other
commands will detect it and remind you to do so if necessary.
启用了使用DynamoDB实现的状态锁,以上操作已完成。
