我第一次尝试使用Terraform导入AWS / CloudFront!

1 年 ago
清, 宇
3 minutes

Terraform是什么?

这是HashiCorp公司开发的基础架构定义工具。

更多详细信息请点击以下链接:
https://qiita.com/Chanmoro/items/55bf0da3aaf37dc26f73#terraform-%E4%B8%8E%E6%97%A0

Terraform Import 的意思是什么?

使用Terraform Import工具可以将现有的基础设施资源导入到Terraform中。
您可以将使用其他方法创建的资源放置在Terraform的管理下。

使用 Terraform Import 命令的方法

用法:terraform import [选项] 地址 ID

截至2019年10月9日,您只能同时导入一个资源。
例如,无法一次性导入一个整体的资源集合,比如AWS VPC。
据说这个问题将在Terraform的未来版本中得到改进!

■ 创建文件

首先,我们要创建一个文件并制作一个容器和框架。给文件命名为 instance.tf 等,根据资源类型进行分类命名会更加清楚易懂!

resource "aws_instance" "example" {
}

导入命令使用示例
您可以通过给予”aws_instance”资源类型、”example”资源名称以及要导入的实例ID来完成导入!

$ terraform import aws_instance.example i-abcd1234

在 state 文件中,将导入目标资源。
执行 terraform plan 命令以查看代码和资源之间的差异,并手动修改文件。
接下来,我将介绍我实际尝试的内容!

我尝试使用Terraform Import将CloudFront资源导入

Terraform 版本:v0.12.7
AWS 供应商版本:~> 2.14.0
投稿日期:2019/10/09

从现在开始,我们假设您已经熟悉并使用了terraform!

这次我们想要导入下面已有的CloudFront资源!请适当替换资源名称和ID。

资源类型:aws_cloudfront_distribution(CloudFront)
资源名称:例子
CloudFront的ID:XXXXXXXXXXXXX

暫時試試打terraform import

前面已经提到了,首先需要创建一个文件,并简单地填写框架。
让我们按照错误信息的提示来创建文件吧。

[terraform/envs/aws/workspace]
$ terraform import aws_cloudfront_distribution.example XXXXXXXXXXXXX
Error: resource address "aws_cloudfront_distribution.example" does not exist in the configuration.

Before importing this resource, please create its configuration in the root module. For example:

resource "aws_cloudfront_distribution" "example" {
  # (resource arguments)
}

创建文件并仅编写框架部分。

[terraform/envs/aws/workspace]
$ vim cloudfront_distribution.tf

[terraform/envs/aws/workspace]
$ cat cloudfront_distribution.tf
resource "aws_cloudfront_distribution" "example" {
  # (resource arguments)
}

重新运行terraform import

[terraform/envs/aws/workspace]
$ terraform import aws_cloudfront_distribution.example XXXXXXXXXXXXX
aws_cloudfront_distribution.example: Importing from ID "XXXXXXXXXXXXX"...
aws_cloudfront_distribution.example: Import prepared!
  Prepared aws_cloudfront_distribution for import
aws_cloudfront_distribution.example: Refreshing state... [id=XXXXXXXXXXXXX]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

通过运行terraform plan命令来检查差异。

当我制定计划时,被告知需要各种不同的”blocks”,但”enabled”是必要的。

[terraform/envs/aws/workspace]
$ terraform plan

Error: Insufficient viewer_certificate blocks

  on  line 0:
  (source code not available)

At least 1 "viewer_certificate" blocks are required.


Error: Insufficient default_cache_behavior blocks

  on  line 0:
  (source code not available)

At least 1 "default_cache_behavior" blocks are required.


Error: Insufficient restrictions blocks

  on  line 0:
  (source code not available)

At least 1 "restrictions" blocks are required.


Error: Insufficient origin blocks

  on  line 0:
  (source code not available)

At least 1 "origin" blocks are required.


Error: Missing required argument

  on cloudfront_distribution.tf line 1, in resource "aws_cloudfront_distribution" "example":
   1: resource "aws_cloudfront_distribution" "example" {

The argument "enabled" is required, but no definition was found.

根据错误信息准备必填项。

我之所以决定按顺序进行,所以只制作了被错误消息告知的部分!

[terraform/envs/aws/workspace]
$ cat cloudfront_distribution.tf
resource "aws_cloudfront_distribution" "example" {
  # (resource arguments)

  enabled             = true

  origin {

  }


  default_cache_behavior {

  }

  restrictions {

  }

  viewer_certificate {

  }

}

Terraform 计划的第二次执行。

当我进一步观察时,我发现在blocks中存在着两种类型的模式:一种是仍然需要blocks的模式,另一种是需要The argument的模式。

[/terraform/envs/aws/workspace]
$ terraform plan

Error: Insufficient geo_restriction blocks

  on  line 0:
  (source code not available)

At least 1 "geo_restriction" blocks are required.


Error: Insufficient forwarded_values blocks

  on  line 0:
  (source code not available)

At least 1 "forwarded_values" blocks are required.


Error: Missing required argument

  on cloudfront_distribution.tf line 6, in resource "aws_cloudfront_distribution" "example":
   6:   origin {

The argument "domain_name" is required, but no definition was found.


Error: Missing required argument

  on cloudfront_distribution.tf line 6, in resource "aws_cloudfront_distribution" "example":
   6:   origin {

The argument "origin_id" is required, but no definition was found.


Error: Missing required argument

  on cloudfront_distribution.tf line 17, in resource "aws_cloudfront_distribution" "example":
  17:   default_cache_behavior {

The argument "cached_methods" is required, but no definition was found.


Error: Missing required argument

  on cloudfront_distribution.tf line 17, in resource "aws_cloudfront_distribution" "example":
  17:   default_cache_behavior {

The argument "viewer_protocol_policy" is required, but no definition was
found.


Error: Missing required argument

  on cloudfront_distribution.tf line 17, in resource "aws_cloudfront_distribution" "example":
  17:   default_cache_behavior {

The argument "allowed_methods" is required, but no definition was found.


Error: Missing required argument

  on cloudfront_distribution.tf line 17, in resource "aws_cloudfront_distribution" "example":
  17:   default_cache_behavior {

The argument "target_origin_id" is required, but no definition was found.

这就是一种重复的感觉!

terraform plan → 阅读错误消息 → 按照错误提示写入文件

通过反复执行这个步骤,将现有的基础设施资源和代码变为相同的状态。

总结

①制作一个框架。
②导入。
③反复记录错误计划描述。

目前来看,导入功能并不是非常方便!会经常看到很多错误信息,需要反复进行细致的修正工作。
不过,相反地,只要能读懂错误信息,我觉得就没有什么可怕的,所以如果还有尚未进行代码化的基础设施资源,一定要试一试!
试了之后,感觉比最初想象的要简单得多!

感谢您一直阅读到最后!

请提供相关链接

(Google Translate)

由于Terraform能够积极地进行更新,因此让我们密切关注官方资讯吧!

广告
将在 10 秒后关闭
bannerAds