Terraform系列三腾讯云CVM中的玩法

Terraform系列三腾讯云CVM中的玩法

背景：

紧接：Terraform系列一腾讯云CVM相关简单创建，Terraform系列二腾讯云CVM进一步相关玩法。cvm创建完成,准备初始化一下系统，挂载一下数据盘，在cvm中安装一些软件，做一些简单的配置！

Terraform系列三腾讯云CVM中的玩法

1. Terraform output

我们通过terraform创建了cvm相关资源,我们该如何获取cvm的相关信息呢？前面我都是登陆控制台后台查看的。我能不能通过terraform获取相关的我需要的信息输出呢？可以的！这里顺路提一下output......

1. 首先拿一个简单的例子来演示一下：

我需要打印出cvm_almalinux cvm云主机 的区域，id ，名称，公网ip相关信息。这样我就可以获取公网ip信息，不用去控制台查找ip信息，可以直接登陆服务器了。

1. cat output.tf

output "cvm_az" { value = "${tencentcloud_instance.cvm_almalinux.availability_zone}" } output "cvm_id" { value = "${tencentcloud_instance.cvm_almalinux.id}" } output "cvm_name" { value = "${tencentcloud_instance.cvm_almalinux.instance_name}" } output "cvm_public_ip" { value = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" }

2. terraform apply and terraform out

3. terraform output 其他的用法

从腾讯云的腾讯云Terraform应用指南学到的

[root@zhangpeng terraform]# terraform output cvm_id "ins-hsakr7ah"

同理也可以打印其他相关信息.了解一个命令的最好方法还是通过--hlep看文档

[root@zhangpeng terraform]# terraform output --help Usage: terraform [global options] output [options] [NAME] Reads an output variable from a Terraform state file and prints the value. With no additional arguments, output will display all the outputs for the root module. If NAME is not specified, all outputs are printed. Options: -state=path Path to the state file to read. Defaults to "terraform.tfstate". -no-color If specified, output won't contain any color. -json If specified, machine readable output will be printed in JSON format. -raw For value types that can be automatically converted to a string, will print the raw string directly, rather than a human-oriented representation of the value.

竟然可以json输出？体验一下！

[root@zhangpeng terraform]# terraform output -json { "cvm_az": { "sensitive": false, "type": "string", "value": "ap-beijing-2" }, "cvm_id": { "sensitive": false, "type": "string", "value": "ins-hsxxxx" }, "cvm_name": { "sensitive": false, "type": "string", "value": "cvm-almalinux" }, "cvm_public_ip": { "sensitive": false, "type": "string", "value": "xxx.xxx.xxx.xxx" } }

更多的用法以后慢慢区发现了。这只是获取公网ip引申出来的！

2. 如何通过terraform给cvm运行shell

1. 格式化vdb并挂载到data目录

1. 创建格式化tf配置文件

cat mkfs.tf

resource "null_resource" "connect_private" { connection { host = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" type = "ssh" user = "root" } # set hostname provisioner "remote-exec" { inline = [ "sudo mkfs -t ext4 /dev/vdb", "sudo mkdir /data", "sudo mount /dev/vdb /data" ] } }

2. terraform plan and terraform init --upgrade

[root@zhangpeng terraform]# terraform plan

恩？提示我要uprade？什么鬼先执行一下！目测是要安装一个null的组件好吧......

[root@zhangpeng terraform]# terraform init --upgrade

3. terraform apply

[root@zhangpeng terraform]# terraform apply

4.正确的方式---特别强调

cat mkfs.tf

resource "null_resource" "connect_private" { connection { host = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" type = "ssh" user = "root" private_key = "${file("~/.ssh/id_rsa")}" } # set hostname provisioner "remote-exec" { inline = [ "sudo mkfs -t ext4 /dev/vdb", "sudo mkdir /data", "sudo mount /dev/vdb /data" ] } }

注：增加了private_key配置

[root@cvm-almalinux /]# lsblk

2.安装一个软件，比如nginx？

1. 创建nginx.tf配置文件

cat nginx.tf

resource "null_resource" "connect_private_nginx" { connection { host = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" type = "ssh" user = "root" private_key = "${file("~/.ssh/id_rsa")}" } # set hostname provisioner "remote-exec" { inline = [ "sudo yum update -y", "sudo yum install nginx -y", "sudo systemctl start nginx" ] } }

2. terraform plan and terraform apply

[root@zhangpeng terraform]# cat security_group.tf resource "tencentcloud_security_group" "sg_bj" { name = "sg-bj" } resource "tencentcloud_security_group_rule" "sg_bj_1" { security_group_id = "${tencentcloud_security_group.sg_bj.id}" type = "ingress" cidr_ip = "0.0.0.0/0" ip_protocol = "tcp" port_range = "22,80" policy = "accept" } resource "tencentcloud_security_group_rule" "sg_bj_2" { security_group_id = "${tencentcloud_security_group.sg_bj.id}" type = "egress" cidr_ip = "0.0.0.0/0" ip_protocol = "tcp" policy = "accept" }

3.其他的方式？

不想讲脚本写在tf文件里面，我可不可以写一个shell脚本，然后用remote-exec去运行呢？可以的！安装一个编写install-terraform]# cat install- #!/bin/bash systemctl stop nginx yum install -y httpd systemctl start 编写"null_resource" "connect_private_{ provisioner "file" { source = "install-httpd.sh" destination = "/tmp/install-httpd.sh" } # set hostname provisioner "remote-exec" { inline = [ "chmod +x /tmp/install-&& sh /tmp/install-httpd.sh" ] } connection { host = "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" type = "ssh" user = "root" private_key = "${file("~/.ssh/id_rsa")}" } }

3. terraform plain and terraform apply

[root@k8s-master-01 terraform]# terraform plan [root@k8s-master-01 terraform]# terraform apply

下一步的计划

讲腾讯云后台的现有资源导出成terraform的配置。嗯就是导出资产...将资产统一管理一下配置即代码。 tf文件更规范的模块化管理？ 变量的更合理运用？ ansible或者其他软件的整合？ 日志输出的规范标准化

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。