Terraform是什么？

• インフラの構築・変更・バージョン管理を安全かつ効率的に行うためのツール

Infrastructure as a code

亲身实践

安装

• ダウンロードし、zip解凍する

• https://www.terraform.io/downloads.html

パスを通す

$ cp ~/Download/terraform /usr/bin/

~/.zshrcにPATH追記する

export PATH="$GOPATH/bin:$GOROOT/bin:$PATH:$HOME/.nodebrew/current/bin:/usr/bin/terraform"

PATHを読み直す

source ~/.zshrc

创建配置文件

# Configure the Google Cloud provider
provider "google" {
    project = "lovelytokyo-018"
    region = "asia-northeast1"
}

# Configure the Google Compute Engine Instance
resource "google_compute_instance" "test-instance" {
    name = "test"
    machine_type = "f1-micro"
    zone = "asia-northeast1-c"
    tags = ["try-terraform"]

    disk {
        image = "debian-7-wheezy-v20140814"
    }

    network_interface {
      subnetwork = "lovelytokyo"
   }

   service_account {
     scopes = ["compute-rw"]
   }
}

执行计划（计划）

※provider.google.credentials 可暂时为空。

$ terraform plan
provider.google.credentials
  Enter a value:

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but
will not be persisted to local or remote state storage.


The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed. Cyan entries are data sources to be read.

Note: You didn't specify an "-out" parameter to save this plan, so when
"apply" is called, Terraform can't guarantee this is what will execute.

+ google_compute_instance.test-instance
    can_ip_forward:                     "false"
    create_timeout:                     "4"
    disk.#:                             "1"
    disk.0.auto_delete:                 "true"
    disk.0.image:                       "debian-7-wheezy-v20140814"
    machine_type:                       "f1-micro"
    metadata_fingerprint:               "<computed>"
    name:                               "test"
    network_interface.#:                "1"
    network_interface.0.address:        "<computed>"
    network_interface.0.name:           "<computed>"
    network_interface.0.subnetwork:     "lovelytokyo"
    self_link:                          "<computed>"
    service_account.#:                  "1"
    service_account.0.email:            "<computed>"
    service_account.0.scopes.#:         "1"
    service_account.0.scopes.299962681: "https://www.googleapis.com/auth/compute"
    tags.#:                             "1"
    tags.1564706445:                    "try-terraform"
    tags_fingerprint:                   "<computed>"
    zone:                               "asia-northeast1-c"


Plan: 1 to add, 0 to change, 0 to destroy.

申请

$ terraform apply
provider.google.credentials
  Enter a value:

google_compute_instance.test-instance: Creating...
  can_ip_forward:                     "" => "false"
  create_timeout:                     "" => "4"
  disk.#:                             "" => "1"
  disk.0.auto_delete:                 "" => "true"
  disk.0.image:                       "" => "debian-7-wheezy-v20140814"
  machine_type:                       "" => "f1-micro"
  metadata_fingerprint:               "" => "<computed>"
  name:                               "" => "test"
  network_interface.#:                "" => "1"
  network_interface.0.address:        "" => "<computed>"
  network_interface.0.name:           "" => "<computed>"
  network_interface.0.subnetwork:     "" => "lovelytokyo"
  self_link:                          "" => "<computed>"
  service_account.#:                  "" => "1"
  service_account.0.email:            "" => "<computed>"
  service_account.0.scopes.#:         "" => "1"
  service_account.0.scopes.299962681: "" => "https://www.googleapis.com/auth/compute"
  tags.#:                             "" => "1"
  tags.1564706445:                    "" => "try-terraform"
  tags_fingerprint:                   "" => "<computed>"
  zone:                               "" => "asia-northeast1-c"
google_compute_instance.test-instance: Still creating... (10s elapsed)
google_compute_instance.test-instance: Still creating... (20s elapsed)
google_compute_instance.test-instance: Still creating... (30s elapsed)
google_compute_instance.test-instance: Creation complete

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

The state of your infrastructure has been saved to the path
below. This state is required to modify and destroy your
infrastructure, so keep it safe. To inspect the complete state
use the `terraform show` command.

State path: terraform.tfstate

删除资源

$ terraform destroy

尝试运行示例代码

$ git clone git@github.com:hashicorp/terraform.git

$ cd terraform
$ terraform apply \
    -var="region=asia-northeast1" \
    -var="region_zone=asia-northeast1-b" \
    -var="region_zone_2=asia-northeast1-c" \
    -var="project_name=lovelytokyo-018"

根据 main.tf 的设置，会创建network、subnetwork、firewall、instance、instance_group、load_balancer。

文件

https://www.terraform.io/docs/providers/google/