使用Terraform创建AWS VPC环境的入门指南
我想做的事情
我想要了解Terraform的基本流程。首先创建AWS VPC环境,确认后再删除。
准备各种文件
虚拟私有云本身
vpc.tf 是一个添加虚拟专用网络的 Terraform 文件扩展名。
variable "aws_region" {}
provider "aws" {
version = "~> 3.1"
region = var.aws_region
}
variable "project_prefix" {}
variable "vpc_cidr" {}
resource "aws_vpc" "vpc" {
cidr_block = var.vpc_cidr
instance_tenancy = "default"
enable_dns_support = true
enable_dns_hostnames = true
tags = {
Name = "${var.project_prefix}-vpc"
}
}
设置变量
测试.tfvars
project_prefix = "tftest"
vpc_cidr = "10.0.0.0/16"
aws_region = "ap-northeast-1"
忽略 Git
参考:https://github.com/github/gitignore/blob/master/Terraform.gitignore
请提供一个选项的汉语原生解释。
.gitignore = 忽略文件列表
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.log
# Exclude all .tfvars files, which are likely to contain sentitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
#
*.tfvars
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Include override files you do wish to add to version control using negated pattern
#
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
# Ignore CLI configuration files
.terraformrc
terraform.rc
执行
开始
$ terraform init
确认差异
$ terraform plan -var-file=test.tfvars
适用
$ terraform apply -var-file=test.tfvars
即使在AWS控制台上,也可以查看资源。
显示执行结果
$ terraform show
放弃
$ terraform destroy -var-file=test.tfvars
赠品
生成文件
这次使用环境变量来控制调用文件,但是使用工作区可能更好(?)。
env=test
clean:
rm -rf ./.terraform
init:
terraform init
plan:
terraform plan -var-file=$(env).tfvars
apply:
terraform apply -var-file=$(env).tfvars
show:
terraform show
deploy: init plan apply show
destroy:
terraform destroy -var-file=$(env).tfvars
我下次想做的事情
-
- Docker 化
-
- リソース間連携
VPC に IGW 生やして Attach みたいな
module 分割
workspace の活用
