背景:
紧接:Terraform系列一腾讯云CVM相关简略创建,Terraform系列二腾讯云CVM进一步相关玩法。cvm创建完成,预备初始化一下体系,挂载一下数据盘,在cvm中装置一些软件,做一些简略的装备!
Terraform系列三腾讯云CVM中的玩法
1. Terraform output
咱们经过terraform创建了cvm相关资源,咱们该怎么获取cvm的相关信息呢?前面我都是登陆控制台后台检查的。我能不能经过terraform获取相关的我需求的信息输出呢?能够的!这儿顺路提一下output……
1. 首要拿一个简略的例子来演示一下:
我需求打印出cvm_almalinux cvm云主机 的区域,id ,名称,公网ip相关信息。这样我就能够获取公网ip信息,不必去控制台查找ip信息,能够直接登陆服务器了。
1. cat output.tf
output "cvm_az" {
value = "${tencentcloud_instance.cvm_almalinux.availability_zone}"
}
output "cvm_id" {
value = "${tencentcloud_instance.cvm_almalinux.id}"
}
output "cvm_name" {
value = "${tencentcloud_instance.cvm_almalinux.instance_name}"
}
output "cvm_public_ip" {
value = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}"
}
2. terraform apply and terraform out
3. terraform output 其他的用法
从腾讯云的腾讯云Terraform使用指南学到的
[root@zhangpeng terraform]# terraform output cvm_id
"ins-hsakr7ah"
同理也能够打印其他相关信息.了解一个指令的最好办法还是经过–hlep看文档
[root@zhangpeng terraform]# terraform output --help
Usage: terraform [global options] output [options] [NAME]
Reads an output variable from a Terraform state file and prints
the value. With no additional arguments, output will display all
the outputs for the root module. If NAME is not specified, all
outputs are printed.
Options:
-state=path Path to the state file to read. Defaults to
"terraform.tfstate".
-no-color If specified, output won't contain any color.
-json If specified, machine readable output will be
printed in JSON format.
-raw For value types that can be automatically
converted to a string, will print the raw
string directly, rather than a human-oriented
representation of the value.
竟然能够json输出?体会一下!
[root@zhangpeng terraform]# terraform output -json
{
"cvm_az": {
"sensitive": false,
"type": "string",
"value": "ap-beijing-2"
},
"cvm_id": {
"sensitive": false,
"type": "string",
"value": "ins-hsxxxx"
},
"cvm_name": {
"sensitive": false,
"type": "string",
"value": "cvm-almalinux"
},
"cvm_public_ip": {
"sensitive": false,
"type": "string",
"value": "xxx.xxx.xxx.xxx"
}
}
更多的用法以后慢慢区发现了。这仅仅获取公网ip引申出来的!
2. 怎么经过terraform给cvm运行shell
1. 格式化vdb并挂载到data目录
1. 创建格式化tf装备文件
cat mkfs.tf
resource "null_resource" "connect_private" {
connection {
host = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}"
type = "ssh"
user = "root"
}
# set hostname
provisioner "remote-exec" {
inline = [
"sudo mkfs -t ext4 /dev/vdb",
"sudo mkdir /data",
"sudo mount /dev/vdb /data"
]
}
}
2. terraform plan and terraform init –upgrade
[root@zhangpeng terraform]# terraform plan
恩?提示我要uprade?什么鬼先执行一下!目测是要装置一个null的组件好吧……
[root@zhangpeng terraform]# terraform init --upgrade
3. terraform apply
[root@zhangpeng terraform]# terraform apply
4.正确的方式—特别强调
cat mkfs.tf
resource "null_resource" "connect_private" {
connection {
host = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}"
type = "ssh"
user = "root"
private_key = "${file("~/.ssh/id_rsa")}"
}
# set hostname
provisioner "remote-exec" {
inline = [
"sudo mkfs -t ext4 /dev/vdb",
"sudo mkdir /data",
"sudo mount /dev/vdb /data"
]
}
}
注:增加了private_key装备
terraform plan and terraform apply
[root@cvm-almalinux /]# lsblk
2.装置一个软件,比方nginx?
1. 创建nginx.tf装备文件
cat nginx.tf
resource "null_resource" "connect_private_nginx" {
connection {
host = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}"
type = "ssh"
user = "root"
private_key = "${file("~/.ssh/id_rsa")}"
}
# set hostname
provisioner "remote-exec" {
inline = [
"sudo yum update -y",
"sudo yum install nginx -y",
"sudo systemctl start nginx"
]
}
}
2. terraform plan and terraform apply
[root@zhangpeng terraform]# cat security_group.tf
resource "tencentcloud_security_group" "sg_bj" {
name = "sg-bj"
}
resource "tencentcloud_security_group_rule" "sg_bj_1" {
security_group_id = "${tencentcloud_security_group.sg_bj.id}"
type = "ingress"
cidr_ip = "0.0.0.0/0"
ip_protocol = "tcp"
port_range = "22,80"
policy = "accept"
}
resource "tencentcloud_security_group_rule" "sg_bj_2" {
security_group_id = "${tencentcloud_security_group.sg_bj.id}"
type = "egress"
cidr_ip = "0.0.0.0/0"
ip_protocol = "tcp"
policy = "accept"
}
继续terrafrom plan terraform apply
3.其他的方式?
不想讲脚本写在tf文件里边,我可不能够写一个shell脚本,然后用remote-exec去运行呢?能够的!装置一个httpd如下:
1. 编写install-http.sh脚本
install-httpd.sh
[root@k8s-master-01 terraform]# cat install-httpd.sh
#!/bin/bash
systemctl stop nginx
yum install -y httpd
systemctl start httpd
注:主机名变了….放假回家拿另外服务器跑的。嗯id_isa也搞了过来!前面装置过nginx了不做杂乱设置,先把!nginx中止了!
2. 编写httpd.tf
httpd.tf
resource "null_resource" "connect_private_httpd" {
provisioner "file" {
source = "install-httpd.sh"
destination = "/tmp/install-httpd.sh"
}
# set hostname
provisioner "remote-exec" {
inline = [
"chmod +x /tmp/install-httpd.sh && sh /tmp/install-httpd.sh"
]
}
connection {
host = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}"
type = "ssh"
user = "root"
private_key = "${file("~/.ssh/id_rsa")}"
}
}
3. terraform plain and terraform apply
[root@k8s-master-01 terraform]# terraform plan
[root@k8s-master-01 terraform]# terraform apply
下一步的方案
- 讲腾讯云后台的现有资源导出成terraform的装备。嗯便是导出资产…将资产统一管理一下装备即代码。
- tf文件更规范的模块化管理?
- 变量的更合理运用?
- ansible或许其他软件的整合?
- 日志输出的规范标准化
