在使用Terraform的模板语言定义、预览和部署云资源前,您也可以在本地安装预配置Terraform。
操作步骤
安装程序包。
前往Terraform官网下载适用于您的操作系统的程序包。
将程序包解压。
Linux或macOS操作系统:将程序包解压到
/usr/local/bin目录中,如果将可执行文件解压到其他目录,需要为其设置环境变量。具体方法请参见在Linux系统或macOS系统设置环境变量。Windows操作系统:将程序包解压到任意目录,例如
D:\terraform\目录,然后将该目录添加到环境变量path中。具体方法请参见在Windows系统设置环境变量。
运行
terraform验证路径配置。将显示可用的Terraform选项的列表,类似如下所示,表示安装完成。
Usage: terraform [global options] <subcommand> [args] The available commands for execution are listed below. The primary workflow commands are given first, followed by less common or more advanced commands. Main commands: init Prepare your working directory for other commands validate Check whether the configuration is valid plan Show changes required by the current configuration apply Create or update infrastructure destroy Destroy previously-created infrastructure All other commands: console Try Terraform expressions at an interactive command prompt fmt Reformat your configuration in the standard style force-unlock Release a stuck lock on the current workspace get Install or upgrade remote Terraform modules graph Generate a Graphviz graph of the steps in an operation import Associate existing infrastructure with a Terraform resource login Obtain and save credentials for a remote host logout Remove locally-stored credentials for a remote host output Show output values from your root module providers Show the providers required for this configuration refresh Update the state to match remote systems show Show the current state or a saved plan state Advanced state management taint Mark a resource instance as not fully functional test Experimental support for module integration testing untaint Remove the 'tainted' state from a resource instance version Show the current Terraform version workspace Workspace management Global options (use these before the subcommand, if any): -chdir=DIR Switch to a different working directory before executing the given subcommand. -help Show this help output, or the help for a specified subcommand. -version An alias for the "version" subcommand.
为提高权限管理的灵活性和安全性,建议您创建RAM用户,并为其授权。
登录RAM控制台。
创建名为Terraform的RAM用户,并为该用户创建AccessKey。具体步骤请参见创建RAM用户和创建AccessKey。
为RAM用户授权。在本示例中,给用户Terraform授予AliyunRDSFullAccess、AliyunVPCFullAccess和AliyunRAMFullAccess权限,具体步骤请参见为RAM用户授权。
创建环境变量,用于存放身份认证信息。
Linux或macOS:
export ALICLOUD_ACCESS_KEY="*****" export ALICLOUD_SECRET_KEY="*****" export ALICLOUD_REGION="cn-hangzhou"说明ALICLOUD_REGION表示待操作的地域,该配置需与后续创建实例的地域保持一致,请根据实际情况修改。
Windows:在系统环境变量中分别添加ALICLOUD_ACCESS_KEY、ALICLOUD_SECRET_KEY和ALICLOUD_REGION。
创建执行目录及Terraform模板(terraform.tf)文件。
创建执行目录并进入。
说明需要为每个Terraform项目创建一个独立的执行目录。
Linux或macOS:
sudo mkdir /usr/local/terraform cd /usr/local/terraform重要如果您使用的非root权限用户,则还需要为
terraform目录授权,使用sudo chown -R <当前用户名>:<用户所属组名> /usr/local/terraform命令,将terraform文件夹的owner修改为当前用户。Windows:以D盘下创建
rdspg文件夹为例,进入rdspg文件夹。
在执行目录下,创建Terraform模板(terraform.tf)文件。
Linux或macOS:
touch terraform.tfWindows:手动创建
terraform.tf文件。
以查询可用区信息为例,编辑
terraform.tf文件,补充如下信息。Linux或macOS:
vim terraform.tfWindows:编辑
terraform.tf文件。
模板内容如下:
data "alicloud_db_zones" "queryzones" { instance_charge_type= "PostPaid" engine = "PostgreSQL" db_instance_storage_type = "cloud_essd" }说明vim命令配置完成后,需按Esc后输入:wq保存并退出。在执行目录中使用
terraform init命令初始化配置。以Windows客户端为例,执行结果示例如下:
PS D:\rdspg> terraform init Initializing the backend... Initializing provider plugins... - Reusing previous version of hashicorp/alicloud from the dependency lock file - Using previously-installed hashicorp/alicloud v1.186.0 ╷ │ Warning: Additional provider information from registry │ │ The remote registry returned warnings for registry.terraform.io/hashicorp/alicloud: │ - For users on Terraform 0.13 or greater, this provider has moved to aliyun/alicloud. Please update your source in │ required_providers. ╵ Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.执行
terraform plan命令预览配置。以Windows客户端为例,执行结果示例如下:
PS D:\rdspg> terraform plan data.alicloud_db_zones.queryzones: Reading... data.alicloud_db_zones.queryzones: Read complete after 4s [id=491248936] No changes. Your infrastructure matches the configuration. Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.执行
terraform apply应用配置。以Windows客户端为例,执行结果示例如下:
PS D:\rdspg> terraform apply data.alicloud_db_zones.queryzones: Reading... data.alicloud_db_zones.queryzones: Read complete after 0s [id=491248936] No changes. Your infrastructure matches the configuration. Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed. Apply complete! Resources: 0 added, 0 changed, 0 destroyed.执行
terraform show查看查询结果。以Windows客户端为例,执行结果示例如下:
PS D:\rdspg> terraform show # data.alicloud_db_zones.queryzones: data "alicloud_db_zones" "queryzones" { db_instance_storage_type = "cloud_essd" engine = "PostgreSQL" id = "491248936" ids = [ "cn-hangzhou-g", "cn-hangzhou-j", "cn-hangzhou-k", ] instance_charge_type = "PostPaid" multi = false multi_zone = false zones = [ { id = "cn-hangzhou-g" multi_zone_ids = [] }, { id = "cn-hangzhou-j" multi_zone_ids = [] }, { id = "cn-hangzhou-i" multi_zone_ids = [] }, { id = "cn-hangzhou-j" multi_zone_ids = [] }, { id = "cn-hangzhou-k" multi_zone_ids = [] }, ] }