使用Terraform导入功能可使现有的VPC和子网能够在Terraform中进行管理
首先
本文介绍了如何使用Terraform的导入功能,将手动创建的现有VPC和子网管理到Terraform中的步骤。
前提条件
假设Terraform已被安装。
$ terraform --version
Terraform v0.11.8
步驟
请为工作目录准备好各个设定文件。
(请根据现有环境相应地调整 variables.tf 文件中各个变量的值以及 NameTag 的存在与否。)
$ tree terraform/
terraform/
├── aws.tf
├── terraform.tfvars
├── variables.tf
└── vpc.tf
aws_access_key = "アクセスキー"
aws_secret_key = "シークレットキー"
aws_region = "ap-northeast-1"
provider "aws" {
access_key = "${var.aws_access_key}"
secret_key = "${var.aws_secret_key}"
region = "${var.aws_region}"
version = "~> 1.0"
}
## AWS
variable "aws_access_key" {}
variable "aws_secret_key" {}
variable "aws_region" {
default = "ap-northeast-1"
}
data "aws_caller_identity" "self" {}
## VPC CIDR
variable "vpc_cidr" {
default = "10.1.0.0/16"
}
## VPC Name Tag
variable "vpc_name_tag" {
default = "terraform-import-vpc"
}
## Subnet
variable "subnet_cidr" {
type = "map"
default = {
public-a = "10.1.10.0/24"
public-c = "10.1.20.0/24"
private-a = "10.1.100.0/24"
private-c = "10.1.200.0/24"
}
}
## Subnet Name Tag
variable "subnet_name_tag" {
type = "map"
default = {
public-a = "terraform-import-public-subnet-a"
public-c = "terraform-import-public-subnet-c"
private-a = "terraform-import-private-subnet-a"
private-c = "terraform-import-private-subnet-c"
}
}
# VPC
resource "aws_vpc" "vpc" {
cidr_block = "${var.vpc_cidr}"
tags {
Name = "${var.vpc_name_tag}"
}
}
# Subnet
resource "aws_subnet" "public-a" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "${var.subnet_cidr["public-a"]}"
availability_zone = "ap-northeast-1a"
tags {
Name = "${var.subnet_name_tag["public-a"]}"
}
}
resource "aws_subnet" "public-c" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "${var.subnet_cidr["public-c"]}"
availability_zone = "ap-northeast-1c"
tags {
Name = "${var.subnet_name_tag["public-c"]}"
}
}
resource "aws_subnet" "private-a" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "${var.subnet_cidr["private-a"]}"
availability_zone = "ap-northeast-1a"
tags {
Name = "${var.subnet_name_tag["private-a"]}"
}
}
resource "aws_subnet" "private-c" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "${var.subnet_cidr["private-c"]}"
availability_zone = "ap-northeast-1c"
tags {
Name = "${var.subnet_name_tag["private-c"]}"
}
}
使用下面的命令,对Terraform的工作目录进行初始化。
$ terraform init
Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...
- Downloading plugin for provider "aws" (1.58.0)...
Terraform has been successfully initialized!
请使用以下命令来导入现有的VPC。
terraform import aws_vpc.vpc [VPCのID]
请使用以下命令导入现有子网。
terraform import aws_subnet.public-a [Public Subnet A の ID]
terraform import aws_subnet.public-c [Public Subnet C の ID]
terraform import aws_subnet.private-a [Private Subnet A の ID]
terraform import aws_subnet.private-c [Private Subnet C の ID]
将会生成 terraform.tfstate 文件。
$ tree terraform/
terraform/
├── aws.tf
├── terraform.tfstate
├── terraform.tfstate.backup
├── terraform.tfvars
├── variables.tf
└── vpc.tf
通过以下命令,确认是否存在差异,若显示以下消息,则表示完成。
$ terraform plan
No changes. Infrastructure is up-to-date.
