{"id":48921,"date":"2022-12-21T19:13:10","date_gmt":"2023-03-07T02:49:21","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/"},"modified":"2024-04-29T06:22:39","modified_gmt":"2024-04-28T22:22:39","slug":"%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/","title":{"rendered":"\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219"},"content":{"rendered":"

\u901a\u8fc7\u5c1d\u8bd5\u4ece\u786c\u7f16\u7801\u8bed\u6cd5\u5230\u53d8\u91cf\u5b9a\u4e49\u8bed\u6cd5\uff0c\u5b66\u4e60terraform\u8bed\u6cd5\u5427\uff01<\/p>\n

\u987a\u4fbf\u63d0\u4e00\u4e0b\uff0c\u7531\u4e8e\u6211\u4e0d\u4f1a\u5728\u8fd9\u91cc\u6559\u5982\u4f55\u521b\u5efaTerraform\u73af\u5883\uff0c\u6240\u4ee5\u5982\u679c\u60f3\u4ece\u96f6\u5f00\u59cb\u5efa\u7acb\u73af\u5883\uff0c\u8bf7\u53c2\u8003\u4ee5\u4e0b\u94fe\u63a5\uff0c\u52a0\u6cb9\uff01<\/p>\n

\u5728Terraform\u7684CD\u4e2d\u53ef\u4ee5\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u3002<\/p>\n

# \u30ab\u30ec\u30f3\u30c8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306eTF\u30d5\u30a1\u30a4\u30eb\u3092\u898b\u3064\u3051\u3066\u89e3\u6790\u3057\u3001tf\u30c7\u30d7\u30ed\u30a4\u53ef\u80fd\u306a\u74b0\u5883\u3092\u4f5c\u308b\u3001\u30b3\u30fc\u30c9\u304c\u304a\u304b\u3057\u3044\u3068\u6587\u53e5\u3092\u8a00\u308f\u308c\u308b\r\nterraform init\r\n\r\n\r\n# \u30af\u30e9\u30a6\u30c9\u3067\u306a\u304f\u3001\u30ed\u30fc\u30ab\u30eb\u306b\u7a7a\u30c7\u30d7\u30ed\u30a4\u3059\u308b\u3001plan\u3067\u6210\u529f\u3059\u308c\u3070apply\u3082\u3046\u307e\u304f\u3044\u304f\r\nterraform plan\r\n\r\n\r\n# \u30af\u30e9\u30a6\u30c9\u306bTF\u3092\u30c7\u30d7\u30ed\u30a4\u3059\u308b\u3002\r\nterraform apply\r\n\r\n\r\n# \u30af\u30e9\u30a6\u30c9\u306bTF\u3092\u30c7\u30d7\u30ed\u30a4\u3059\u308b\u3002\r\nterraform apply\r\n<\/code><\/pre>\n
\u4ece\u8fd9\u91cc\u5f00\u59cb\uff0c\u6211\u4eec\u5c06\u8fdb\u5165\u4ee3\u7801\u793a\u4f8b\uff0c\u5e76\u4e14\u4f7f\u7528\u65f6\u8bf7\u5220\u9664\u6ce8\u91ca\u3002<\/p>\n
\n
GCS\u7684terraform\u8bed\u6cd5<\/h2>\n
\u53c2\u8003\u94fe\u63a5\uff1ahttps:\/\/qiita.com\/yagince\/items\/c2ef99e770f559720eec<\/p>\n
\u53ea\u9700\u8981\u4e00\u79cd\u65b9\u5f0f\u6765\u628a\u4ee5\u4e0b\u53e5\u5b50\u8fdb\u884c\u6c49\u8bed\u7684\u539f\u751f\u91ca\u4e49\uff1a<\/p>\n
\u9996\u5148\uff0c\u6211\u4eec\u53ef\u4ee5\u8bd5\u7740\u7528Terraform\u521b\u5efa\u4e00\u4e2a\u6876\u4f5c\u4e3a\u7ec3\u4e60\u3002<\/p>\n
\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u5728\u4e2d\u56fd\u5730\u533a\u521b\u5efa\u4e00\u4e2a\u591a\u533a\u57df\u5b58\u50a8\u6876\uff1agsutil mb -c multi_regional -l Asia gs:\/\/19870331-tf-state<\/p>\n
#pro\r\nprovider \"google\" {\r\n  project     = \"xxx\"  #\u3042\u306a\u305f\u306e\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u540d\u3092\u5165\u308c\u3066\r\n  region      = \"us-central1\"  #\u516c\u5f0f\u306e\u304a\u3059\u3059\u3081\u306f\u30a2\u30a4\u30aa\u30ef(us-central1)\r\n}\r\n\r\nresource \"google_storage_bucket\" \"private-bucket\" {\r\n  name          = \"private-bucket-abc19870331\"\r\n  location      = \"us-central1-a\"\r\n  storage_class = \"REGIONAL\"\r\n  labels = {\r\n    app = \"test-app\"\r\n    env = \"test\"\r\n  }\r\n}\r\n<\/code><\/pre>\n
\u521b\u5efa\u670d\u52a1\u8d26\u6237<\/h2>\n
    \n
  • \n
      gcloud\u30b3\u30de\u30f3\u30c9\u306f\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u6e08\u307f<\/ul>\n<\/li>\n<\/ul>\n
       <\/p>\n
        \n
      • \n
          terraform\u5b9f\u884c\u7528\u306e\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30c8\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n
           <\/p>\n
            \n
          • \n
              \u6a29\u9650\u306f\u300cProject > \u7de8\u96c6\u8005\u300d\u3092\u3064\u3051\u307e\u3057\u305f<\/ul>\n<\/li>\n<\/ul>\n
               <\/p>\n
                \n
              • \n
                  \u9375\u3092json\u5f62\u5f0f\u3067\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9<\/ul>\n<\/li>\n<\/ul>\n
                  credentials.json \u3068\u3057\u3066\u7f6e\u3044\u3066\u304a\u304d\u307e\u3059
                  \n\u540d\u524d\u306f\u9069\u5f53\u3067\u3059<\/p>\n
                  service accounnt\u3092activate\u3057\u307e\u3059<\/p>\n
                    gcloud auth activate-service-account --key-file<\/span>=<\/span>credentials.json\r\n<\/code><\/pre>\n
                    project\u3092\u30bb\u30c3\u30c8\u3057\u3066\u304a\u304d\u307e\u3059<\/ul>\n
                      $ <\/span>gcloud config set <\/span>project xxxxx\r\n<\/code><\/pre>\n
                    \u521b\u5efa\u4e00\u4e2aGCS\u5b58\u50a8\u6876<\/h2>\n
                    \u4e3a\u4e86\u4fdd\u5b58 xxx.tfstate \u6587\u4ef6\uff0c\u9700\u8981\u5728 GCS \u4e0a\u521b\u5efa\u4e00\u4e2a\u5b58\u50a8\u6876\u3002
                    \n\u203b\u6b64\u6587\u4ef6\u7528\u4e8e\u4fdd\u5b58\u53d7\u7ba1\u7406\u57fa\u7840\u8bbe\u65bd\u7684\u72b6\u6001\u3002<\/p>\n
                    $ <\/span>gsutil mb -c<\/span> multi_regional -l<\/span> Asia gs:\/\/xxxx-tf-state\r\n<\/code><\/pre>\n
                    \u5199\u5165Provider\u7684\u8bbe\u7f6e<\/h1>\n
                    provider<\/span> \"google\"<\/span> {<\/span>\r\n  credentials<\/span> =<\/span> \"<\/span>${<\/span>file<\/span>(<\/span>\"credentials.json\"<\/span>)<\/span>}<\/span>\"<\/span>\r\n  project<\/span>     =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>project<\/span>}<\/span>\"<\/span>\r\n  region<\/span>      =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region<\/span>}<\/span>\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                    variable<\/span> \"project\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"xxx\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"region\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"asia-northeast1\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                      \n
                    • \n
                        project,region\u306fvariables.tf\u306b\u5916\u3060\u3057\u3057\u307e\u3057\u305f<\/ul>\n<\/li>\n<\/ul>\n
                         <\/p>\n
                          credentials.json\u306f\u3055\u3063\u304d\u3064\u304f\u3063\u305fservice account\u306e\u9375\u30d5\u30a1\u30a4\u30eb\u3067\u3059<\/ul>\n
                          \u7f16\u5199\u540e\u7aef\u8bbe\u7f6e<\/h1>\n
                          \u5728GCS\u4e0a\u914d\u7f6e\u7ba1\u7406tfstate\u6587\u4ef6\u7684\u8bbe\u7f6e<\/p>\n
                          terraform<\/span> {<\/span>\r\n  backend<\/span> \"gcs\"<\/span> {<\/span>\r\n    bucket<\/span>      =<\/span> \"xxxx-tf-state\"<\/span>\r\n    path<\/span>        =<\/span> \"practice.tfstate\"<\/span>\r\n    credentials<\/span> =<\/span> \"credentials.json\"<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                          \u8fdb\u884cterraform\u521d\u59cb\u5316<\/h1>\n
                          $ <\/span>gsutil ls <\/span>gs:\/\/xxxx-tf-state\r\ngs:\/\/xxxx-tf-state\/practice.tfstate\r\n<\/code><\/pre>\n
                          \u6211\u5df2\u7ecf\u5b8c\u6210\u4e86tfstate\u6587\u4ef6\u3002<\/p>\n
                          \u5c1d\u8bd5\u521b\u5efa\u4e00\u4e2aVPC\u3002<\/h1>\n
                          \u6211\u60f3\u8a66\u8457\u505a\u4e9b\u6771\u897f\uff0c\u6240\u4ee5\u6c7a\u5b9a\u5efa\u7acb\u4e00\u500bVPC\u4f86\u5617\u8a66\u3002<\/p>\n
                          \u8d44\u6e90\u5b9a\u4e49<\/h2>\n
                          resource<\/span> \"google_compute_network\"<\/span> \"vpc\"<\/span> {<\/span>\r\n  name<\/span> =<\/span> \"terraform-practice-network\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"google_compute_subnetwork\"<\/span> \"vpc_subnet1\"<\/span> {<\/span>\r\n  name<\/span>          =<\/span> \"terraform-practice-network-subnet1\"<\/span>\r\n  ip_cidr_range<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnet_cidr_range<\/span>}<\/span>\"<\/span>\r\n  network<\/span>       =<\/span> \"<\/span>${<\/span>google_compute_network<\/span>.<\/span>vpc<\/span>.<\/span>name<\/span>}<\/span>\"<\/span>\r\n  description<\/span>   =<\/span> \"example.subnet1\"<\/span>\r\n  region<\/span>        =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region<\/span>}<\/span>\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                          variable<\/span> \"project\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"xxxx\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"region\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"asia-northeast1\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"subnet_cidr_range\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"192.168.10.0\/24\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                          \u6267\u884c terraform plan<\/h2>\n
                          $ <\/span>terraform plan\r\n<\/code><\/pre>\n
                          \u7533\u8bf7<\/h2>\n
                          \u6682\u65f6\u770b\u8d77\u6765\u53ef\u4ee5\uff0c\u6211\u4f1a\u8bd5\u7740\u7533\u8bf7\u4e00\u4e0b\u3002<\/p>\n
                          $ <\/span>terraform apply\r\n\r\n\r\n\u7d50\u69cb\u6642\u9593\u304b\u304b\u308a\u307e\u3057\u305f\u304c\u3001\u3061\u3083\u3093\u3068\u51fa\u6765\u305f\u3088\u3046\u3067\u3059\u3002\r\n\r\n```<\/span>shell\r\n$ <\/span>gcloud compute networks list\r\nNAME                        SUBNET_MODE  BGP_ROUTING_MODE  IPV4_RANGE  GATEWAY_IPV4\r\ndefault                     AUTO         REGIONAL\r\nterraform-practice-network  AUTO         REGIONAL\r\n$ <\/span>gcloud compute networks subnets list | grep <\/span>subnet1\r\nterraform-practice-network-subnet1  asia-northeast1          terraform-practice-network  192.168.10.0\/24\r\n<\/code><\/pre>\n
                          \u5c1d\u8bd5\u5c06”name”\u4f5c\u4e3a\u53d8\u91cf\u3002<\/h2>\n
                          resource<\/span> \"google_compute_network\"<\/span> \"vpc\"<\/span> {<\/span>\r\n  name<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>vpc_name<\/span>}<\/span>\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"google_compute_subnetwork\"<\/span> \"vpc_subnet1\"<\/span> {<\/span>\r\n  name<\/span>          =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnetwork_name<\/span>}<\/span>\"<\/span>\r\n  ip_cidr_range<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnet_cidr_range<\/span>}<\/span>\"<\/span>\r\n  network<\/span>       =<\/span> \"<\/span>${<\/span>google_compute_network<\/span>.<\/span>vpc<\/span>.<\/span>name<\/span>}<\/span>\"<\/span>\r\n  description<\/span>   =<\/span> \"example.subnet1\"<\/span>\r\n  region<\/span>        =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region<\/span>}<\/span>\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                          variable<\/span> \"project\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"xxxx\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"region\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"asia-northeast1\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"subnet_cidr_range\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"192.168.10.0\/24\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"vpc_name\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"terraform-practice-network\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"subnetwork_name\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"terraform-practice-network-subnet1\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                          $ <\/span>terraform plan\r\n<\/code><\/pre>\n
                          \u4e00\u5207\u6ca1\u6709\u53d8\u5316\u3002<\/p>\n
                          \u8003\u8651\u6bcf\u4e2a\u73af\u5883\u7684\u914d\u7f6e<\/h1>\n
                          \u6211\u5011\u5c07\u601d\u8003\u5982\u4f55\u5be6\u73fe\u5404\u7a2e\u74b0\u5883\uff08\u5982\u751f\u7522\u3001\u6e2c\u8a66\u7b49\uff09\u7684\u914d\u7f6e\u3002
                          \n\u56e0\u6b64\uff0c\u6211\u5011\u53c3\u8003\u4e86\u9577\u751f\u6751\u672c\u9109\u5de5\u7a0b\u5e2b\u90e8\u843d\u683c\u4e0a\u7684\u4e00\u7bc7\u6587\u7ae0\u300aTerraform \u904b\u7528\u6700\u4f73\u5be6\u8e102019\uff5e\u5617\u8a66\u653e\u68c4workspace\u7b49\u7b49\uff5e\u300b\uff0c\u4e26\u4e14\u975e\u5e38\u8a8d\u540c\u5176\u4e2d\u7684\u89c0\u9ede\u3002<\/p>\n
                          \u76ee\u524d\u53ea\u6709\u751f\u4ea7\u8fd9\u4e2a\u9009\u9879\uff0c\u4f46\u6211\u8bd5\u7740\u8fd9\u6837\u505a\u4e86\u3002<\/p>\n
                          $ tree\r\n.\r\n\u251c\u2500\u2500 credentials.json\r\n\u2514\u2500\u2500 environments\r\n    \u2514\u2500\u2500 production\r\n        \u251c\u2500\u2500 backend.tf\r\n        \u251c\u2500\u2500 network.tf\r\n        \u251c\u2500\u2500 provider.tf\r\n        \u2514\u2500\u2500 variables.tf\r\n<\/code><\/pre>\n
                          \u5c1d\u8bd5\u5c06\u5176\u6a21\u5757\u5316<\/h1>\n
                          \u65e2\u7136\u5df2\u7ecf\u5728variables\u4e2d\u5b9a\u4e49\u4e86\u53d8\u91cf\uff0c\u90a3\u4e48\u6211\u60f3\u5c06\u6bcf\u4e2a\u8d44\u6e90\u5b9a\u4e49\u8fdb\u884c\u901a\u7528\u5316\uff0c\u4ee5\u4fbf\u5728staging\u73af\u5883\u4e2d\u4e5f\u53ef\u4ee5\u4f7f\u7528\u3002
                          \n\u6211\u60f3\u5c06\u7f51\u7edc\u914d\u7f6e\u5206\u79bb\u5230\u6a21\u5757\u4e2d\u8bd5\u8bd5\u3002<\/p>\n
                          \u76ee\u5f55\u7ed3\u6784<\/h2>\n
                          $ tree\r\n.\r\n\u251c\u2500\u2500 credentials.json\r\n\u251c\u2500\u2500 environments\r\n\u2502   \u2514\u2500\u2500 production\r\n\u2502       \u251c\u2500\u2500 backend.tf\r\n\u2502       \u251c\u2500\u2500 main.tf\r\n\u2502       \u251c\u2500\u2500 provider.tf\r\n\u2502       \u2514\u2500\u2500 variables.tf\r\n\u2514\u2500\u2500 modules\r\n    \u2514\u2500\u2500 network\r\n        \u2514\u2500\u2500 main.tf\r\n<\/code><\/pre>\n
                          \u91cd\u65b0\u64b0\u5199\u8d44\u6e90\u5b9a\u4e49<\/h2>\n
                          ariable<\/span> \"vpc_name\"<\/span> {}<\/span>\r\nvariable<\/span> \"subnetwork_name\"<\/span> {}<\/span>\r\nvariable<\/span> \"subnet_cidr_range\"<\/span> {}<\/span>\r\nvariable<\/span> \"region\"<\/span> {}<\/span>\r\n\r\nresource<\/span> \"google_compute_network\"<\/span> \"vpc\"<\/span> {<\/span>\r\n  name<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>vpc_name<\/span>}<\/span>\"<\/span>\r\n  auto_create_subnetworks<\/span> =<\/span> false<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"google_compute_subnetwork\"<\/span> \"vpc_subnet1\"<\/span> {<\/span>\r\n  name<\/span>          =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnetwork_name<\/span>}<\/span>\"<\/span>\r\n  ip_cidr_range<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnet_cidr_range<\/span>}<\/span>\"<\/span>\r\n  network<\/span>       =<\/span> \"<\/span>${<\/span>google_compute_network<\/span>.<\/span>vpc<\/span>.<\/span>name<\/span>}<\/span>\"<\/span>\r\n  description<\/span>   =<\/span> \"example.subnet1\"<\/span>\r\n  region<\/span>        =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region<\/span>}<\/span>\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                          module<\/span> \"network\"<\/span> {<\/span>\r\n  source<\/span> =<\/span> \"..\/..\/modules\/network\"<\/span>\r\n\r\n  vpc_name<\/span>          =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>vpc_name<\/span>}<\/span>\"<\/span>\r\n  subnetwork_name<\/span>   =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnetwork_name<\/span>}<\/span>\"<\/span>\r\n  subnet_cidr_range<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnet_cidr_range<\/span>}<\/span>\"<\/span>\r\n  region<\/span>            =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region<\/span>}<\/span>\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                          \u8ba1\u5212<\/h2>\n
                          \u7834\u574f -> \u521b\u9020\u4e86<\/p>\n
                          \u8fc1\u79fbterraform\u7684\u72b6\u6001<\/h2>\n
                          \u4f7f\u7528Terraform\u7684state mv\u547d\u4ee4\uff0c\u5c06\u76f4\u63a5\u7f16\u5199\u7684\u8d44\u6e90\u79fb\u52a8\u5230\u6a21\u5757\u4e2d\u7684\u6280\u5de7 | Cry for the Moon.<\/p>\n
                          \u542c\u8bf4\u5728\u5c06\u786c\u7f16\u7801\u8d44\u6e90\u6a21\u5757\u5316\u65f6\uff0c\u53ef\u4ee5\u4f7f\u7528terraform state mv\u547d\u4ee4\u8fdb\u884c\u79fb\u52a8\u3002
                          \n\u6211\u4f1a\u5c1d\u8bd5\u4e00\u4e0b\u3002<\/p>\n
                          $ <\/span>terraform state mv <\/span>google_compute_network.vpc module.network.google_compute_network.vpc\r\n\r\nError: Invalid target address\r\n\r\nCannot move to module.network.google_compute_network.vpc: module.network does\r\nnot exist in <\/span>the current state.\r\n<\/code><\/pre>\n
                          \u53d1\u751f\u4e86\u9519\u8bef\u3002
                          \n\u6ca1\u6709module.network\u8fd9\u4e2a\u4e1c\u897f\u3002<\/p>\n
                          \u65e0\u6cd5\u5c06\u8d44\u6e90\u79fb\u52a8\u5230\u65b0\u6a21\u5757 \u00b7 \u95ee\u9898\uff0321346 \u00b7 hashicorp\/terraform<\/p>\n
                          \u53d1\u73b0\u4e86\u8fd9\u4e2a\u95ee\u9898\u3002<\/p>\n
                          \u5141\u8bb8\u5c06\u8d44\u6e90\u8f6c\u79fb\u5230\u4e0d\u5728\u72b6\u6001\u4e2d\u7684\u65b0\u6a21\u5757 \u2014 \u7531 jbardin \u63d0\u4ea4 \u00b7 \u8bf7\u6c42\u5408\u5e76 #22299 \u00b7 hashicorp\/terraform<\/p>\n
                          \u8fd9\u6837\u4fee\u597d\u4e86\u5417\uff1f
                          \n\u770b\u8d77\u6765\u57282019\/08\/02\u5df2\u7ecf\u5408\u5e76\u4e86\u3002
                          \n\u4f46\u4f3c\u4e4e\u8fd8\u6ca1\u6709\u53d1\u5e03\u3002\u203b\u622a\u6b62\u81f32019\/08\/06 22:32\u3002<\/p>\n
                          \u5bfc\u5165\u5e76\u58f0\u660erm<\/h2>\n
                          \u6211\u4f1a\u8bd5\u7740\u6309\u7167\u5176\u4e2d\u63d0\u5230\u7684\u65b9\u6cd5\u8fdb\u884c\u64cd\u4f5c\uff0c\u5373\u901a\u8fc7\u5bfc\u5165\u7136\u540e\u5220\u9664\u65e7\u7684\u65b9\u5f0f\u6765\u89e3\u51b3\u3002<\/p>\n
                          $ <\/span>terraform import module.network.google_compute_network.vpc terraform-practice-network\r\n\r\n\r\n$ <\/span>terraform state rm <\/span>google_compute_network.vpc\r\n\r\n$ <\/span>terraform plan\r\n<\/code><\/pre>\n
                          \u6211\u539f\u672c\u7684VPC\u7684destroy\u548ccreate\u9009\u9879\u6d88\u5931\u4e86\uff01
                          \n\u55ef\uff0c\u6211\u660e\u767d\u4e86\u3002
                          \n\u8fd9\u6837\u4e00\u6765\uff0c\u5b50\u7f51\u4e5f\u4f1a\u53d7\u5f71\u54cd\u3002<\/p>\n
                          $ <\/span>terraform import module.network.google_compute_subnetwork.vpc_subnet1 terraform-practice-network-subnet1\r\n\r\n$ <\/span>terraform state rm <\/span>google_compute_subnetwork.vpc_subnet1\r\n\r\n$ <\/span>terraform plan\r\n<\/code><\/pre>\n
                          \u6211\u53bb\u4e86\u3002<\/p>\n
                          \u5c06\u5b58\u5728\u4e8eGCP\u4e0a\u7684\u73b0\u6709\u8d44\u6e90\u653e\u5165terraform\u4e2d<\/h1>\n
                          \u5728\u5df2\u7ecf\u65e0\u6cd5\u521b\u5efastate mv\u7684\u60c5\u51b5\u4e0b\uff0c\u6211\u5df2\u7ecf\u4f7f\u7528\u4e86import\uff0c\u4f46\u4f3c\u4e4e\u53ef\u4ee5\u901a\u8fc7\u4f7f\u7528import\u5c06\u73b0\u6709\u8d44\u6e90\u653e\u5165tfstate\u4e2d\u3002
                          \n\u5f53\u8fc1\u79fb\u73b0\u6709\u8d44\u6e90\u7ba1\u7406\u5230Terraform\u65f6\uff0c\u8fd9\u4f3c\u4e4e\u662f\u5fc5\u9700\u7684\uff0c\u6211\u5c06\u5c1d\u8bd5\u4e00\u4e0b\u3002<\/p>\n
                          \u521b\u5efaGCE\u5b9e\u4f8b<\/h2>\n
                          \u9996\u5148\uff0c\u6211\u4eec\u624b\u52a8\u521b\u5efaGCE\u5b9e\u4f8b\u3002
                          \nVPC\u5c06\u4f7f\u7528\u4e4b\u524d\u521b\u5efa\u7684\u90a3\u4e2a\u3002<\/p>\n
                            \n
                          • \n
                              \u30de\u30b7\u30f3\u30bf\u30a4\u30d7<\/ul>\n<\/li>\n<\/ul>\n
                              f1-micro\uff08vCPU x 1\u3001\u30e1\u30e2\u30ea 0.6 GB\uff09<\/p>\n
                              \u30be\u30fc\u30f3<\/p>\n
                              asia-northeast1-a<\/p>\n
                              network<\/p>\n
                              terraform-practice-network<\/p>\n
                              subnetwork<\/p>\n
                              terraform-practice-network-subnet1<\/p>\n
                              \u5185\u90e8IP<\/p>\n
                              192.168.10.2<\/p>\n
                              boot disk image<\/p>\n
                              ubuntu-1804-bionic-v20190722a<\/p>\n
                              \u5199\u8d44\u6e90\u5b9a\u4e49<\/h2>\n
                              \u8c37\u6b4c\uff1a\u8c37\u6b4c\u8ba1\u7b97\u5b9e\u4f8b – Terraform by HashiCorp<\/p>\n
                              \u4e3a\u4e86\u65b9\u4fbf\u8d77\u89c1\uff0c\u6211\u4f1a\u5c06\u5176\u5199\u5728modules\u4e2d\uff08\u5047\u8bbe\u5728\u751f\u4ea7\u73af\u5883\u548c\u6682\u5b58\u73af\u5883\u4e2d\u4f7f\u7528\u76f8\u540c\u7684\u6a21\u5757\uff09\u3002
                              \n\u7531\u4e8e\u8fd9\u6b21\u8981\u521b\u5efa\u4e00\u4e2a\u8df3\u677f\u670d\u52a1\u5668\u7684\u5b9e\u4f8b\uff0c\u6240\u4ee5\u6211\u60f3\u628a\u5b83\u547d\u540d\u4e3abastion\u3002<\/p>\n
                              variable<\/span> \"name\"<\/span> {}<\/span>\r\nvariable<\/span> \"subnetwork_name\"<\/span> {}<\/span>\r\nvariable<\/span> \"machine_type\"<\/span> {}<\/span>\r\nvariable<\/span> \"region\"<\/span> {}<\/span>\r\nvariable<\/span> \"zone\"<\/span> {}<\/span>\r\nvariable<\/span> \"boot_disk_image\"<\/span> {}<\/span>\r\nvariable<\/span> \"private_ip\"<\/span> {}<\/span>\r\nvariable<\/span> \"service_account\"<\/span> {}<\/span>\r\n\r\nresource<\/span> \"google_compute_address\"<\/span> \"bastion\"<\/span> {<\/span>\r\n  name<\/span>         =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>name<\/span>}<\/span>\"<\/span>\r\n  region<\/span>       =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region<\/span>}<\/span>\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"google_compute_instance\"<\/span> \"bastion\"<\/span> {<\/span>\r\n  name<\/span>         =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>name<\/span>}<\/span>\"<\/span>\r\n  machine_type<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>machine_type<\/span>}<\/span>\"<\/span>\r\n  zone<\/span>         =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>zone<\/span>}<\/span>\"<\/span>\r\n  tags<\/span>         =<\/span> [<\/span>\"server\"<\/span>,<\/span> \"bastion\"<\/span>]<\/span>\r\n\r\n  boot_disk<\/span> {<\/span>\r\n    initialize_params<\/span> {<\/span>\r\n      image<\/span> =<\/span> \"https:\/\/www.googleapis.com\/compute\/v1\/projects\/ubuntu-os-cloud\/global\/images\/<\/span>${<\/span>var<\/span>.<\/span>boot_disk_image<\/span>}<\/span>\"<\/span>\r\n    }<\/span>\r\n  }<\/span>\r\n\r\n  network_interface<\/span> {<\/span>\r\n    network_ip<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>private_ip<\/span>}<\/span>\"<\/span>\r\n    subnetwork<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnetwork_name<\/span>}<\/span>\"<\/span>\r\n    access_config<\/span> {<\/span>\r\n      # static external ip<\/span>\r\n      nat_ip<\/span>   =<\/span> \"<\/span>${<\/span>google_compute_address<\/span>.<\/span>bastion<\/span>.<\/span>address<\/span>}<\/span>\"<\/span>\r\n    }<\/span>\r\n  }<\/span>\r\n\r\n  service_account<\/span> {<\/span>\r\n    email<\/span>  =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>service_account<\/span>}<\/span>\"<\/span>\r\n    scopes<\/span> =<\/span> [<\/span>\r\n      \"https:\/\/www.googleapis.com\/auth\/devstorage.read_only\"<\/span>,<\/span>\r\n      \"https:\/\/www.googleapis.com\/auth\/logging.write\"<\/span>,<\/span>\r\n      \"https:\/\/www.googleapis.com\/auth\/monitoring.write\"<\/span>,<\/span>\r\n      \"https:\/\/www.googleapis.com\/auth\/service.management.readonly\"<\/span>,<\/span>\r\n      \"https:\/\/www.googleapis.com\/auth\/servicecontrol\"<\/span>,<\/span>\r\n      \"https:\/\/www.googleapis.com\/auth\/trace.append\"<\/span>,<\/span>\r\n    ]<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                              module<\/span> \"network\"<\/span> {<\/span>\r\n  source<\/span> =<\/span> \"..\/..\/modules\/network\"<\/span>\r\n\r\n  vpc_name<\/span>          =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>vpc_name<\/span>}<\/span>\"<\/span>\r\n  subnetwork_name<\/span>   =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnetwork_name<\/span>}<\/span>\"<\/span>\r\n  subnet_cidr_range<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnet_cidr_range<\/span>}<\/span>\"<\/span>\r\n  region<\/span>            =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region<\/span>}<\/span>\"<\/span>\r\n}<\/span>\r\n\r\nmodule<\/span> \"bastion\"<\/span> {<\/span>\r\n  source<\/span> =<\/span> \"..\/..\/modules\/bastion\"<\/span>\r\n\r\n  name<\/span>            =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>bastion_name<\/span>}<\/span>\"<\/span>\r\n  subnetwork_name<\/span> =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>subnetwork_name<\/span>}<\/span>\"<\/span>\r\n  machine_type<\/span>    =<\/span> \"f1-micro\"<\/span>\r\n  region<\/span>          =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region<\/span>}<\/span>\"<\/span>\r\n  zone<\/span>            =<\/span> \"<\/span>${<\/span>var<\/span>.<\/span>region_zone<\/span>}<\/span>\"<\/span>\r\n  boot_disk_image<\/span> =<\/span> \"ubuntu-1804-bionic-v20190722a\"<\/span>\r\n  private_ip<\/span>      =<\/span> \"192.168.10.2\"<\/span>\r\n  service_account<\/span> =<\/span> \"xxx-compute\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                              variable<\/span> \"project\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"xxxx\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"region\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"asia-northeast1\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"region_zone\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"asia-northeast1-a\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"subnet_cidr_range\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"192.168.10.0\/24\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"vpc_name\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"terraform-practice-network\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"subnetwork_name\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"terraform-practice-network-subnet1\"<\/span>\r\n}<\/span>\r\n\r\nvariable<\/span> \"bastion_name\"<\/span> {<\/span>\r\n  default<\/span> =<\/span> \"terraform-practice-instance-1\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                              \u5e94\u8be5\u5c06\u53d8\u91cf\u5b8c\u5168\u5206\u79bb\u51fa\u6765\uff0c\u8fd8\u662f\u76f4\u63a5\u5728main.tf\u6587\u4ef6\u4e2d\u5199\u5165\uff0c\u8fd9\u662f\u4e00\u4e2a\u5fae\u5999\u7684\u754c\u9650\uff0c\u4f46\u5982\u679c\u53ef\u80fd\u4f1a\u5728\u5176\u4ed6\u5730\u65b9\u4f7f\u7528\uff0c\u6211\u4f1a\u5c06\u5176\u653e\u5728variables\u4e2d\u3002<\/p>\n
                              \u5bfc\u5165<\/h2>\n
                              $ <\/span>terraform import module.bastion.google_compute_instance.bastion xxxx\/asia-northeast1-a\/terraform-practice-instance-1\r\n\r\n<\/code><\/pre>\n
                              \u5f53\u521b\u5efa\u5b9e\u4f8b\u65f6\uff0c\u4f1a\u81ea\u52a8\u521b\u5efaGCE\u5b9e\u4f8b\u7684\u9ed8\u8ba4\u670d\u52a1\u5e10\u53f7\u3002\u56e0\u6b64\uff0c\u6211\u60f3\u5c06\u670d\u52a1\u5e10\u53f7\u4e5f\u5bfc\u5165\u5e76\u5b9a\u4e49\u4e3a\u8d44\u6e90\u3002\u4f46\u662f\u81ea\u52a8\u751f\u6210\u7684\u670d\u52a1\u5e10\u53f7\u7684\u540d\u79f0\u4ee5\u6570\u5b57\u5f00\u5934\uff0c\u800cTerraform\u7684google_service_account\u7684account_id\u9700\u8981\u4ee5 [a-z] \u5f00\u5934\uff0c\u6240\u4ee5\u6211\u6682\u65f6\u653e\u5f03\u4e86\u8fd9\u4e2a\u60f3\u6cd5\u3002<\/p>\n
                              \u82e5\u8981\u8fdb\u884c\u5bfc\u5165\u64cd\u4f5c\uff0c\u5219\u9700\u8981\u542f\u7528 Identity and Access Management (IAM) API\u3002\u60a8\u53ef\u4ee5\u901a\u8fc7\u5f00\u53d1\u8005\u63a7\u5236\u53f0\u8fdb\u884c\u542f\u7528\u64cd\u4f5c\u3002<\/p>\n
                              \u8ba1\u5212<\/h2>\n
                              $ <\/span>terraform plan\r\n\r\n\r\n## apply<\/span>\r\n\r\n```<\/span>shell\r\n$ <\/span>terraform apply\r\n<\/code><\/pre>\n
                              \u4e0b\u4e00\u6b21<\/h1>\n
                                \n
                              • \n
                                  \u65e2\u5b58\u306e\u624b\u52d5\u3067\u4f5c\u3063\u305f\u30ea\u30bd\u30fc\u30b9\u3092\u3059\u3079\u3066\u624b\u3067\u66f8\u304d\u8d77\u3053\u3057\u3066\u3044\u304f\u306e\u306f\u3057\u3093\u3069\u3044\u306e\u3067\u3001terraformer\u3092\u3064\u304b\u3063\u3066\u307f\u305f\u3044<\/ul>\n<\/li>\n<\/ul>\n
                                  GoogleCloudPlatform\/terraformer: CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code<\/p>\n
                                  \n
                                  \u4f7f\u7528GCF\u7684terraform\u7f16\u5199\u65b9\u5f0f\uff0c\u9002\u7528\u4e8e\u65e0\u670d\u52a1\u5668\u5e94\u7528<\/h2>\n
                                  \u8bf7\u53c2\u8003\u4ee5\u4e0b\u94fe\u63a5\uff1ahttps:\/\/qiita.com\/donko_\/items\/6289bb31fecfce2cda79<\/p>\n
                                  main.tf\r\nprovider \"google\" {\r\n  credentials = \"${file(\"${var.credential.data}\")}\"\r\n  project     = \"${lookup(var.project_name, \"${terraform.workspace}\")}\"\r\n  region      = \"asia-northeast1\"\r\n}\r\n\r\ndata \"archive_file\" \"function_zip\" {\r\n  type        = \"zip\"\r\n  source_dir  = \"${path.module}\/..\/src\"\r\n  output_path = \"${path.module}\/files\/functions.zip\"\r\n}\r\n\r\nresource \"google_storage_bucket\" \"slack_functions_bucket\" {\r\n  name          = \"${lookup(var.project_name, \"${terraform.workspace}\")}-scheduler-bucket\"\r\n  project       = \"${lookup(var.project_name, \"${terraform.workspace}\")}\"\r\n  location      = \"asia\"\r\n  force_destroy = true\r\n}\r\n\r\nresource \"google_storage_bucket_object\" \"functions_zip\" {\r\n  name   = \"functions.zip\"\r\n  bucket = \"${google_storage_bucket.slack_functions_bucket.name}\"\r\n  source = \"${path.module}\/files\/functions.zip\"\r\n}\r\n\r\nresource \"google_pubsub_topic\" \"slack_notify\" {\r\n  name    = \"slack-notify\"\r\n  project = \"${lookup(var.project_name, \"${terraform.workspace}\")}\"\r\n}\r\n\r\nresource \"google_cloudfunctions_function\" \"slack_notification\" {\r\n  name        = \"SlackNotification\"\r\n  project     = \"${lookup(var.project_name, \"${terraform.workspace}\")}\"\r\n  region      = \"asia-northeast1\"\r\n  runtime     = \"go111\"\r\n  entry_point = \"SlackNotification\"\r\n\r\n  source_archive_bucket = \"${google_storage_bucket.slack_functions_bucket.name}\"\r\n  source_archive_object = \"${google_storage_bucket_object.functions_zip.name}\"\r\n\r\n  environment_variables = {\r\n    SLACK_WEBHOOK_URL = \"${var.webhook.url}\"\r\n  }\r\n\r\n  event_trigger {\r\n    event_type = \"providers\/cloud.pubsub\/eventTypes\/topic.publish\"\r\n    resource   = \"${google_pubsub_topic.slack_notify.name}\"\r\n  }\r\n}\r\n\r\nresource \"google_cloud_scheduler_job\" \"slack-notify-scheduler\" {\r\n  name        = \"slack-notify-daily\"\r\n  project     = \"${lookup(var.project_name, \"${terraform.workspace}\")}\"\r\n  schedule    = \"0 8 * * *\"\r\n  description = \"suggesting your morning\/lunch\/dinner\"\r\n  time_zone   = \"Asia\/Tokyo\"\r\n\r\n  pubsub_target {\r\n    topic_name = \"${google_pubsub_topic.slack_notify.id}\"\r\n    data       = \"${base64encode(\"{\\\"mention\\\":\\\"channel\\\",\\\"channel\\\":\\\"random\\\"}\")}\"\r\n  }\r\n}\r\nvariable.tf\r\nvariable \"project_name\" {\r\n  default = {\r\n    tf-sample = \"<your-project>\"\r\n  }\r\n}\r\n\r\nvariable \"credential\" {\r\n  default = {\r\n    data = \"<your-credential-path>\"\r\n  }\r\n}\r\n\r\nvariable \"webhook\" {\r\n  default = {\r\n    url = \"<your-webhook-url>\"\r\n  }\r\n}\r\n\r\n<\/code><\/pre>\n
                                  \n
                                  NW\u548cGCE\u7684terraform\u8bed\u6cd5\u7684\u516c\u5f00\u8bbe\u7f6e\u3002<\/h2>\n
                                  \u8bf7\u53c2\u8003\u4ee5\u4e0b\u94fe\u63a5\u83b7\u53d6\u76f8\u5173\u4fe1\u606f\uff1a
                                  \nhttps:\/\/qiita.com\/y-uemurax\/items\/4376e27ccc0b2dcc85f0<\/p>\n
                                  \n
                                  NW\u548cGCE\u7684terraform\u8bed\u6cd5\u8bbe\u7f6e\u662f\u6709\u9650\u5236\u7684\u3002<\/h2>\n
                                  \u8ba9\u6211\u4eec\u8003\u8651\u5b9e\u7528\u6027\u5e76\u6784\u5efa\u4e00\u4e2a\u65e0\u6cd5\u5916\u90e8\u8bbf\u95ee\u7684\u7f51\u7edc\uff08NW\uff09\u548cGCE\u5b9e\u4f8b\u3002<\/p>\n
                                  \u8d44\u6e90 “google_compute_instance” “default” {
                                  \n\u540d\u79f0 = “\u6d4b\u8bd5”
                                  \n\u673a\u5668\u7c7b\u578b = “n1-standard-1”
                                  \n\u533a\u57df = “us-central1-a”
                                  \n\u5f15\u5bfc\u78c1\u76d8 {
                                  \n\u521d\u59cb\u5316\u53c2\u6570 {
                                  \n\u955c\u50cf = “debian-cloud\/debian-9”
                                  \n}
                                  \n}<\/p>\n
                                  \/\/ \u672c\u5730SSD\u78c1\u76d8
                                  \nscratch_disk {
                                  \n\u63a5\u53e3 = “SCSI”
                                  \n}<\/p>\n
                                  \u7f51\u7edc\u63a5\u53e3{
                                  \n\u7f51\u7edc = “\u9ed8\u8ba4”<\/p>\n
                                  access_config {\r\n  \/\/ Ephemeral IP\r\n}\r\n<\/code><\/pre>\n
                                  \u8bf7\u7528\u4e2d\u6587\u5c06\u4ee5\u4e0b\u5185\u5bb9\u8fdb\u884c\u6539\u5199\uff1a<\/p>\n
                                  \u670d\u52a1\u8d26\u6237{
                                  \nscopes = [“userinfo-email”, “compute-ro”, “storage-ro”]
                                  \n}<\/p>\n
                                  \n
                                  \u6709\u6548\u7684CloudComposer\u79c1\u6709\u73af\u5883\u4e0b\u7684Terraform\u8bed\u6cd5\u3002<\/h2>\n
                                  # \u8a18\u8f09\u6642\u70b9\u3067\u306e\u6700\u65b0\u7248<\/span>\r\nterraform<\/span> {<\/span>\r\n  required_version<\/span> =<\/span> \"0.14.6\"<\/span>\r\n  required_providers<\/span> {<\/span>\r\n    google<\/span> =<\/span> {<\/span>\r\n      source<\/span>  =<\/span> \"hashicorp\/google\"<\/span>\r\n      version<\/span> =<\/span> \"google v3.59.0\"<\/span>\r\n    }<\/span>\r\n    google<\/span>-<\/span>beta<\/span> =<\/span> {<\/span>\r\n      source<\/span>  =<\/span> \"hashicorp\/google-beta\"<\/span>\r\n      version<\/span> =<\/span> \"google v3.59.0\"<\/span>\r\n    }<\/span>\r\n  }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                                  #pro<\/span>\r\nprovider<\/span> \"google\"<\/span> {<\/span>\r\n  project<\/span>     =<\/span> \"xxx\"<\/span>\r\n  region<\/span>      =<\/span> \"asia-northeast1\"<\/span>\r\n}<\/span>\r\n\r\n\r\nterraform<\/span> {<\/span>\r\n  required_version<\/span> =<\/span> \"0.14.6\"<\/span>\r\n}<\/span>\r\n\r\nresource<\/span> \"google_composer_environment\"<\/span> \"test\"<\/span> {<\/span>\r\n  name<\/span>   =<\/span> \"my-composer-env\"<\/span>\r\n  region<\/span> =<\/span> \"asia-northeast1\"<\/span>\r\n  config<\/span> {<\/span>\r\n    node_count<\/span> =<\/span> \"3\"<\/span>                            #\u6700\u5c0f\u8a2d\u5b9a<\/span>\r\n    node_config<\/span> {<\/span>\r\n      network<\/span>    =<\/span> google_compute_network<\/span>.<\/span>vpc<\/span>.<\/span>self_link<\/span>\r\n      subnetwork<\/span> =<\/span> google_compute_subnetwork<\/span>.<\/span>vpc<\/span>-<\/span>sub<\/span>.<\/span>self_link<\/span>\r\n      zone<\/span>         =<\/span> \"asia-northeast1-a\"<\/span>\r\n      machine_type<\/span> =<\/span> \"n1-standard-1\"<\/span>  #\u6700\u5c0f\u8a2d\u5b9a<\/span>\r\n      disk_size_gb<\/span> =<\/span> \"20\"<\/span>                        #\u6700\u5c0f\u8a2d\u5b9a<\/span>\r\n\r\n      #VPC\u30cd\u30a4\u30c6\u30a3\u30d6\u6709\u52b9\u5316<\/span>\r\n      ip_allocation_policy<\/span> {<\/span>\r\n        use_ip_aliases<\/span> =<\/span> true<\/span>\r\n        #cluster_secondary_range_name = google_compute_subnetwork.test.secondary_ip_range[0].range_name<\/span>\r\n        #services_secondary_range_name = google_compute_subnetwork.test.secondary_ip_range[1].range_name<\/span>\r\n      }<\/span>\r\n    }<\/span>\r\n    #\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u74b0\u5883\u6709\u52b9\u5316<\/span>\r\n    private_environment_config<\/span> {<\/span>\r\n        enable_private_endpoint<\/span> =<\/span> \"true\"<\/span>\r\n    }<\/span>\r\n\r\n      software_config<\/span> {<\/span>\r\n      airflow_config_overrides<\/span> =<\/span> {<\/span>\r\n        core<\/span>-<\/span>load_example<\/span> =<\/span> \"True\"<\/span>\r\n      }<\/span>\r\n\r\n      pypi_packages<\/span> =<\/span> {<\/span>\r\n        numpy<\/span> =<\/span> \"\"<\/span>\r\n        scipy<\/span> =<\/span> \"==1.1.0\"<\/span>\r\n      }<\/span>\r\n\r\n      env_variables<\/span> =<\/span> {<\/span>\r\n        FOO<\/span> =<\/span> \"bar\"<\/span>\r\n      }<\/span>\r\n      image_version<\/span> =<\/span> \"composer-1.11.3-airflow-1.10.6\"<\/span>\r\n      python_version<\/span> =<\/span> \"3\"<\/span>\r\n    }<\/span>  # fin_software_config<\/span>\r\n\r\n\r\n\r\n  }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                                  \n
                                  \u5c06\u4e0b\u9762\u7684\u5185\u5bb9\u8f6c\u5316\u4e3a\u952e\u503c\u5bf9\u683c\u5f0f\u7684\u5199\u6cd5<\/p>\n
                                  \r\nresource \"google_compute_network\" \"vpc\" {\r\n  name                    = \"sharedvpc\"\r\n  auto_create_subnetworks = false\r\n}\r\n\r\nresource \"google_compute_subnetwork\" \"vpc-sub\" {\r\n  name                     = google_compute_network.vpc.name\r\n  network                  = google_compute_network.vpc.name\r\n  ip_cidr_range            = \"10.0.36.0\/24\"\r\n  region                   = \"us-central1\"\r\n  private_ip_google_access = true\r\n\r\n  secondary_ip_range {\r\n    range_name    = \"pod\"\r\n    ip_cidr_range = \"10.0.0.0\/19\"\r\n  }\r\n\r\n  secondary_ip_range {\r\n    range_name    = \"svc\"\r\n    ip_cidr_range = \"10.0.32.0\/22\"\r\n  }\r\n}\r\n\r\nresource \"google_composer_environment\" \"test\" {\r\n  name   = \"test-env\"\r\n  region = \"us-central1\"\r\n  config {\r\n    node_config {\r\n      network    = google_compute_network.vpc.self_link\r\n      subnetwork = google_compute_subnetwork.vpc-sub.self_link\r\n      zone       = \"us-central1-a\"\r\n\r\n      ip_allocation_policy {\r\n        use_ip_aliases = true\r\n        cluster_secondary_range_name = google_compute_subnetwork.test.secondary_ip_range[0].range_name\r\n        services_secondary_range_name = google_compute_subnetwork.test.secondary_ip_range[1].range_name\r\n      }\r\n    }\r\n  }\r\n}\r\n\r\n\r\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
                                  \u901a\u8fc7\u5c1d\u8bd5\u4ece\u786c\u7f16\u7801\u8bed\u6cd5\u5230\u53d8\u91cf\u5b9a\u4e49\u8bed\u6cd5\uff0c\u5b66\u4e60terraform\u8bed\u6cd5\u5427\uff01 \u987a\u4fbf\u63d0\u4e00\u4e0b\uff0c\u7531\u4e8e\u6211\u4e0d\u4f1a\u5728\u8fd9\u91cc\u6559\u5982\u4f55\u521b\u5efaTe […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-48921","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\n\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\u5b9a\u4e49gcp\u8d44\u6e90\u89c4\u5219\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219\" \/>\n<meta property=\"og:description\" content=\"\u901a\u8fc7\u5c1d\u8bd5\u4ece\u786c\u7f16\u7801\u8bed\u6cd5\u5230\u53d8\u91cf\u5b9a\u4e49\u8bed\u6cd5\uff0c\u5b66\u4e60terraform\u8bed\u6cd5\u5427\uff01 \u987a\u4fbf\u63d0\u4e00\u4e0b\uff0c\u7531\u4e8e\u6211\u4e0d\u4f1a\u5728\u8fd9\u91cc\u6559\u5982\u4f55\u521b\u5efaTe […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\u5b9a\u4e49gcp\u8d44\u6e90\u89c4\u5219\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-07T02:49:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-28T22:22:39+00:00\" \/>\n<meta name=\"author\" content=\"\u79d1, \u96c5\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u79d1, \u96c5\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/\",\"name\":\"\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-03-07T02:49:21+00:00\",\"dateModified\":\"2024-04-28T22:22:39+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/41e222757cdd2a3365361328bd79970a\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/41e222757cdd2a3365361328bd79970a\",\"name\":\"\u79d1, \u96c5\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/1b2d3e00a7df03689797ebd4af8c5827ba5af936849a71050ec331f4cf902c5d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/1b2d3e00a7df03689797ebd4af8c5827ba5af936849a71050ec331f4cf902c5d?s=96&d=mm&r=g\",\"caption\":\"\u79d1, \u96c5\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/keya\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\u5b9a\u4e49gcp\u8d44\u6e90\u89c4\u5219\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219","og_description":"\u901a\u8fc7\u5c1d\u8bd5\u4ece\u786c\u7f16\u7801\u8bed\u6cd5\u5230\u53d8\u91cf\u5b9a\u4e49\u8bed\u6cd5\uff0c\u5b66\u4e60terraform\u8bed\u6cd5\u5427\uff01 \u987a\u4fbf\u63d0\u4e00\u4e0b\uff0c\u7531\u4e8e\u6211\u4e0d\u4f1a\u5728\u8fd9\u91cc\u6559\u5982\u4f55\u521b\u5efaTe […]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528terraform\u5b9a\u4e49gcp\u8d44\u6e90\u89c4\u5219\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-03-07T02:49:21+00:00","article_modified_time":"2024-04-28T22:22:39+00:00","author":"\u79d1, \u96c5","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u79d1, \u96c5","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"7 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/","name":"\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-03-07T02:49:21+00:00","dateModified":"2024-04-28T22:22:39+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/41e222757cdd2a3365361328bd79970a"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u4f7f\u7528Terraform\u5b9a\u4e49GCP\u8d44\u6e90\u89c4\u5219"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/41e222757cdd2a3365361328bd79970a","name":"\u79d1, \u96c5","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/1b2d3e00a7df03689797ebd4af8c5827ba5af936849a71050ec331f4cf902c5d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1b2d3e00a7df03689797ebd4af8c5827ba5af936849a71050ec331f4cf902c5d?s=96&d=mm&r=g","caption":"\u79d1, \u96c5"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/keya\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8terraform%e5%ae%9a%e4%b9%89gcp%e8%b5%84%e6%ba%90%e8%a7%84%e5%88%99%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48921","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=48921"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48921\/revisions"}],"predecessor-version":[{"id":83577,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48921\/revisions\/83577"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=48921"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=48921"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=48921"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}