使用Terraform管理環(huán)境實(shí)例
Terraform是HashiCorp公司提供的一種開源工具,用于安全高效地預(yù)覽、配置和管理云基礎(chǔ)架構(gòu)和資源,幫助開發(fā)者自動(dòng)化地創(chuàng)建、更新阿里云基礎(chǔ)設(shè)施資源,并進(jìn)行版本管理。您可以使用Terraform通過創(chuàng)建環(huán)境實(shí)例將云資源接入ARMS,實(shí)時(shí)監(jiān)控云資源的性能指標(biāo),幫助運(yùn)維團(tuán)隊(duì)及時(shí)解決問題以及優(yōu)化系統(tǒng)性能。
前提條件
已安裝Terraform,且Terraform版本不低于v0.12.28。您可以通過
terraform --version命令查看Terraform版本。方式一:在Cloud Shell中使用Terraform。具體操作,請(qǐng)參見Cloud Shell。Cloud Shell默認(rèn)安裝配置了Terraform和阿里云賬號(hào)信息,無需任何額外配置。
方式二:本地安裝Terraform。具體操作,請(qǐng)參見在本地安裝和配置Terraform。
說明資源編排服務(wù)為Terraform提供了托管的能力,您可以創(chuàng)建Terraform類型的模板,定義阿里云、AWS或Azure資源,配置資源參數(shù)和資源間的依賴關(guān)系。更多信息,請(qǐng)參見創(chuàng)建Terraform類型模板、創(chuàng)建Terraform類型資源棧。
已配置阿里云賬號(hào)信息。
方式一:添加環(huán)境變量,存放身份認(rèn)證信息。
export ALICLOUD_ACCESS_KEY="************" export ALICLOUD_SECRET_KEY="************" export ALICLOUD_REGION="cn-beijing"方式二:在配置文件的
provider中指定身份認(rèn)證信息。provider "alicloud" { access_key = "************" secret_key = "************" region = "cn-beijing" }
說明為了提高權(quán)限管理的靈活性和安全性,建議您創(chuàng)建名為Terraform的RAM用戶,并為該RAM用戶創(chuàng)建AccessKey并授權(quán)。具體操作,請(qǐng)參見創(chuàng)建RAM用戶和為RAM用戶授權(quán)。
已開通Prometheus服務(wù)。
創(chuàng)建環(huán)境實(shí)例
創(chuàng)建容器服務(wù)的環(huán)境實(shí)例
創(chuàng)建一個(gè)工作目錄,并在工作目錄中創(chuàng)建名為
main.tf的配置文件。# provider, use alicloud provider "alicloud" { # access_key = "************" # secret_key = "************" # region = "cn-beijing" } # 容器服務(wù)的環(huán)境實(shí)例。 resource "alicloud_arms_environment" "my_ack-env1" { environment_name = "容器服務(wù)的環(huán)境名稱1" environment_type = "CS" environment_sub_type = "ACK" bind_resource_id = "容器服務(wù)的集群Id" }執(zhí)行以下命令,初始化Terraform運(yùn)行環(huán)境。
terraform init預(yù)期輸出:
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1... ... You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.執(zhí)行以下命令,生成資源規(guī)劃。
terraform plan預(yù)期輸出:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ... Plan: 5 to add, 0 to change, 0 to destroy. ...執(zhí)行以下命令,創(chuàng)建實(shí)例。
terraform apply預(yù)期輸出:
... Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes ... alicloud_arms_environment: Creation complete after 8m26s [id=************] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.提示
Enter a value時(shí),請(qǐng)輸入yes。登錄ARMS控制臺(tái),在接入管理頁面的環(huán)境列表中,查看是否已成功創(chuàng)建容器服務(wù)環(huán)境實(shí)例。
創(chuàng)建ECS環(huán)境實(shí)例
創(chuàng)建一個(gè)工作目錄,并在工作目錄中創(chuàng)建名為
main.tf的配置文件。#provider, use alicloud provider "alicloud" { #access_key = "************" #secret_key = "************" #region = "cn-beijing" } # ECS環(huán)境實(shí)例。 resource "alicloud_arms_environment" "my_ecs-env1" { environment_name = "ECS環(huán)境名1" environment_type = "ECS" environment_sub_type = "ECS" bind_resource_id = "vpcId,如vpc-bp1jxxx" }執(zhí)行以下命令,初始化Terraform運(yùn)行環(huán)境。
terraform init預(yù)期輸出:
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1... ... You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.執(zhí)行以下命令,生成資源規(guī)劃。
terraform plan預(yù)期輸出:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ... Plan: 5 to add, 0 to change, 0 to destroy. ...執(zhí)行以下命令,創(chuàng)建實(shí)例。
terraform apply預(yù)期輸出:
... Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes ... alicloud_arms_environment: Creation complete after 8m26s [id=************] Apply complete! Resources: 3 added, 0 changed, 0 destroyed.提示
Enter a value時(shí),請(qǐng)輸入yes。登錄ARMS控制臺(tái),在接入管理頁面的環(huán)境列表中,查看是否已成功創(chuàng)建ECS環(huán)境實(shí)例。
創(chuàng)建云服務(wù)環(huán)境實(shí)例
創(chuàng)建一個(gè)工作目錄,并在工作目錄中創(chuàng)建名為
main.tf的配置文件。#provider, use alicloud provider "alicloud" { #access_key = "************" #secret_key = "************" #region = "cn-beijing" } # 云服務(wù)環(huán)境實(shí)例。 resource "alicloud_arms_environment" "my_cloud-env1" { environment_name = "云服務(wù)環(huán)境名1" environment_type = "Cloud" environment_sub_type = "Cloud" bind_resource_id = "云服務(wù)實(shí)例的regionId,如cn-hangzhou" }執(zhí)行以下命令,初始化Terraform運(yùn)行環(huán)境。
terraform init預(yù)期輸出:
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1... ... You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.執(zhí)行以下命令,生成資源規(guī)劃。
terraform plan預(yù)期輸出:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ... Plan: 5 to add, 0 to change, 0 to destroy. ...執(zhí)行以下命令,創(chuàng)建實(shí)例。
terraform apply預(yù)期輸出:
... Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes ... alicloud_arms_environment: Creation complete after 8m26s [id=************] Apply complete! Resources: 4 added, 0 changed, 0 destroyed.提示
Enter a value時(shí),請(qǐng)輸入yes。登錄ARMS控制臺(tái),在接入管理頁面的環(huán)境列表中,查看是否已成功創(chuàng)建云服務(wù)環(huán)境實(shí)例。
刪除環(huán)境實(shí)例
執(zhí)行以下命令,刪除通過Terraform創(chuàng)建的集群。
terraform destroy預(yù)期輸出:
... Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value: yes ... Destroy complete! Resources: 1 destroyed.提示
Enter a value時(shí),請(qǐng)輸入yes。登錄ARMS控制臺(tái),在接入管理頁面的實(shí)例列表中,查看是否已成功刪除對(duì)應(yīng)的環(huán)境實(shí)例。