Terraform:高效定义、启动和管理
思维导图
前言
IaC:用代码编写架构配置,可以自动化部署基础设施,降低配置错误风险
编写配置
校验规则
校验location变量是否在westeurope、westus范围内
variable "location" { description = "The name of the Azure location" default = "West Europe" validation { condition = can(index([ "westeurope", "westus"], var.location) >= 0) error_message = "The location must be westeurope or westus." }}局部变量使用
参考: https://www.terraform.io/docs/configuration/variables.html https://developer.hashicorp.com/terraform/language/values/locals
variable "application_name" { description = "The name of application"}variable "environment_name" { description = "The name of environment"}variable "country_code" { description = "The country code (FR-US-...)"}locals { resource_name = "${var.application_name}-${var.environment_name}-${var.country_code}"}resource "tencentcloud_vpc" "hello" { name = "RG-${local.resource_name}"}输出Terraform提供的数据
参考:https://developer.hashicorp.com/terraform/language/values/outputs
resource "tencentcloud_vpc" "hello" { name = "RG-${local.resource_name}"}output "vpc_hello_name" { description = "vpc hello name" value = tencentcloud_vpc.hello.name}在多个环境配置基础设施
https://github.com/PacktPublishing/Terraform-Cookbook/tree/master/CHAP02/myApp/simple-env
单个文件夹目录结构
多环境目录结构
在执行时使用
-var-file选项与产生计划或应用变更
使用数据源获取外部数据
https://github.com/PacktPublishing/Terraform-Cookbook/tree/master/CHAP02/data
- 配置数据块:查询数据源
data "azurerm_app_service_plan" "myplan" { name = "app-service-plan" resource_group_name = "rg-service_plan"}- 使用
resource "azurerm_app_service" "app" { name = "${var.app_name}-${var.environment}" location = azurerm_resource_group.rg-app.location resource_group_name = azurerm_resource_group.rg-app.name app_service_plan_id = data.azurerm_app_service_plan.myplan.id}使用其他状态文件中的外部资源
data "terraform_remote_state" "service_plan_tfstate" { backend = "azurerm" config = { resource_group_name = "rg_tfstate" storage_account_name = "storstate" container_name = "tfbackends" key = "serviceplan.tfstate" }}resource "azurerm_app_service" "app" { name = "${var.app_name}-${var.environment}" location = azurerm_resource_group.rg-app.location resource_group_name = azurerm_resource_group.rg-app.name app_service_plan_id = data.terraform_remote_state.service_plan_tfstate.service_plan_id}调用Terraform内置函数
variable "app_name" { description = "Name of application"}variable "environement" { description = "Environement Name"}resource "azurerm_resource_group" "rg-app" { name = upper(format("RG-%s-%s",var.app-name,var.environement)) location = "westeurope"}编写条件表达式
resource "azurerm_resource_group" "rg-app" { name = var.environment == "Production" ? upper(format("RG-%s",var.app-name)) : upper(format("RG-%s-%s",var.app-name,var.environment)) location = "westeurope"}使用Terraform操作本地文件
resource "local_file" "myfile" { content = "This is my text" filename = "../mytextfile.txt"}使用Terraform执行本地程序
resource "local_file" "myfile" { content = "This is my text" filename = "../mytextfile.txt"}resource "null_resource" "readcontentfile" { triggers = { trigger = timestamp() } provisioner "local-exec" { command = "Get-Content -Path ../mytextfile.txt" interpreter = ["PowerShell", "-Command"] }}执行本地脚本
resource "null_resource" "readcontentfile" { provisioner "local-exec" { command = "myscript.ps1" interpreter = ["PowerShell", "-Command"] }}使用Terraform生成密码
resource "random_password" "password" { length = 16 special = true override_special = "_%@"}resource "azurerm_virtual_machine" "myterraformvm" { name = "myVM" location = "westeurope"………………………… os_profile { computer_name = "vmdemo" admin_username = "admin" admin_password = random_password.password.result }…………………………}构建动态环境
使用count属性设置多个资源
variable "nb_webapp" { description = "Number of App Service to create"}nb_webapp = 2resource "azurerm_app_service" "app" { count = var.nb_webapp name = "${var.app_name}-${var.environement}-${count.index+1}" location = azurerm_resource_group.rg-app.location resource_group_name = azurerm_resource_group.rg-app.name app_service_plan_id = azurerm_app_service_plan.plan-app.id}使用带有映射的键值变量表
variables.tf
variable "tags" { type = map(string) description = "Tags" default = {}}variable "app_settings" { type = map(string) description = "App settings of the web app" default = {}}terraform.tfvars
tags = { ENV = "DEV1" CODE_PROJECT = "DEMO"}app_settings = { KEY1 = "VAL1"}main.tf
resource "azurerm_resource_group" "rg-app" { name = "${var.resource_group_name}-${var.environment}" location = var.location tags = var.tags}resource "azurerm_app_service" "app" { name = "${var.app_name}-${var.environment}" location = azurerm_resource_group.rg-app.location resource_group_name = azurerm_resource_group.rg-app.name app_service_plan_id = azurerm_app_service_plan.plan-app.id site_config { dotnet_framework_version = "v4.0" scm_type = "LocalGit" } app_settings = var.app_settings}命令行
格式化
terraform fmtterraform fmt -recursive可以使用插件提交时自动格式化
验证代码语法
terraform validate导入现有资源
resource "azurerm_resource_group" "rg-app" { name = "RG-APP-IMPORT" location = "westeurope"}terraform import azurerm_resource_group.rg-app用json导出输入
terraform output -json | jq -r .availability_zone{ "sensitive": false, "type": "string", "value": "ap-guangzhou-7"}生成图形依赖项
terraform graph | dot -Tsvg > graph.svg
调试Terraform执行
export TF_LOG="TRACE"export TF_LOG="" # 禁用调试资料
视频:https://www.youtube.com/playlist?list=PLeLcvrwLe184_AH9mfXGn20EecskV6qaU
本文参与 腾讯云自媒体同步曝光计划,分享自微信公众号。
原始发表:2024-02-29,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
目录
腾讯云开发者
