使用Terraform创建存储Terraform状态的S3存储桶

慢慢熟悉现场使用 Terraform 后,我开始好奇是否可以使用 Terraform 来管理存储 Terraform State 的 S3 存储桶,因此进行了调查。

结论 (jié

答案在《Terraform: Up & Running》一书中提到了。

    1. 首先,在没有设置后端的情况下,创建S3存储桶(以及顺便创建DynamoDB表)。

 

    1. 当前源代码。

然后,设置后端并通过terraform init进行初始化,会询问是否要复制本地状态文件,选择“是”进行复制。
当前源代码。

請提供更多細節。

如果从一开始就设置了backend并运行terraform init,那么显然会由于S3存储桶不存在而产生错误输出。

$ terraform init
Initializing modules...

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.
│
│ Error: Failed to get existing workspaces: S3 bucket does not exist.
│ 
│ The referenced S3 bucket must have been previously created. If the S3 bucket
│ was created within the last minute, please wait for a minute or two and try
│ again.
│ 
│ Error: NoSuchBucket: The specified bucket does not exist
│      status code: 404, request id: HTB65E17X76ME9GS, host id: J5mzHH4n5s29B5KujKHW/arHsdbxMHzGOv5KWg+8NuEs8A8jUTVXz9VIzCP2ImRJnTezUB/pGTk=

因此,临时地创建一个局部状态文件,无需设置后端,然后直接应用terraform apply来创建S3存储桶。

$ terraform init
Initializing modules...
- terraform_state in ../../modules/terraform-state

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/aws...
- Installing hashicorp/aws v3.65.0...
- Installed hashicorp/aws v3.65.0 (signed by HashiCorp)

Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

在这种情况下设置后端,然后重新执行 terraform init。
接下来会询问是否可以将本地状态复制到 S3 存储桶中,请输入“是”。

$ terraform init
Initializing modules...

Initializing the backend...
Do you want to copy existing state to the new backend?
  Pre-existing state was found while migrating the previous "local" backend to the
  newly configured "s3" backend. No existing state was found in the newly
  configured "s3" backend. Do you want to copy this state to the new "s3"
  backend? Enter "yes" to copy and "no" to start with an empty state.

  Enter a value: yes

然后,将本地状态文件复制到S3存储桶中。

Releasing state lock. This may take a few moments...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.

Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Using previously-installed hashicorp/aws v3.65.0

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

突然下雨了。