Terraform(全称:Hashicorp Terraform )是一种开源工具,用于预配和管理云基础结构。 它将基础结构编入描述云资源拓扑的配置文件中。 这些资源包括虚拟机、存储帐户和网络接口等。
本文介绍在Windows系统中,如何安装Terraform,并且根据Azure的示例模板创建,在中国区创建一个虚拟机(VM)的入门级教程。
安装Terraform
Terraform的Windows版本为一个.exe文件,下载后把放置在自定义的文件夹中,最后配置号系统的PATH即可。
- 下载Terraform(https://www.terraform.io/downloads.html),根据情况选择Windows 32-bit版 或 64-bit版
- 解压文件,复制到目标文件夹中,如:C:\LBWorkSpace\tool
- 配置系统PATH路径
- 打开CMD,使用Terraform --version测试
准备创建VM的Terraform模板
准备Terraform模板,参考Azure的官方文档:使用 Terraform 在 Azure 中创建带有基础结构的 Linux VM。可以一步一步的编写模板,也可全部COPY至本地,并命名为:terraform_azure.tf(名字可以随便改动,文件后缀名tf不可变)。
View Code
完成 Terraform 脚本:https://docs.microsoft.com/zh-cn/azure/developer/terraform/create-linux-virtual-machine-with-infrastructure#complete-terraform-script
登录到中国区Azure
本文使用Visual Studio Code工具来展示命令及Terraform脚本,也可以直接使用PowerShell窗口。
一:打开VS Code,使用 az cloud set --name AzureChinaCloud 设置登录环境为China Azure。
二:使用 az login 登录
三:如有多个订阅号,可以使用 az account set --subscription "your subscription id" 指定资源所创建的订阅
执行Terraform init, plan, apply命令
第一步:初始化 terraform init
命令
terraform init
输出
PS C:\LBWorkSpace\MyCode\24-Terraform> terraform init Initializing the backend... Initializing provider plugins... - Reusing previous version of hashicorp/tls from the dependency lock file - Reusing previous version of hashicorp/azurerm from the dependency lock file - Reusing previous version of hashicorp/random from the dependency lock file - Using previously-installed hashicorp/tls v3.1.0 - Using previously-installed hashicorp/azurerm v2.56.0 - Using previously-installed hashicorp/random v3.1.0 ╷ │ Warning: Version constraints inside provider configuration blocks are deprecated │ │ on terraform_azure.tf line 5, in provider "azurerm": │ 5: version = "~>2.0" │ │ Terraform 0.13 and earlier allowed provider version constraints inside the provider configuration block, but that is now deprecated and will │ be removed in a future version of Terraform. To silence this warning, move the provider version constraint into the required_providers block. ╵ Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.
第二步:检查并验证模板 terraform plan
命令
terraform plan
输出
PS C:\LBWorkSpace\MyCode\24-Terraform> terraform plan tls_private_key.example_ssh: Refreshing state... [id=4b9fa2d1e40856b8ed19e1978c7713feb660ce9b] azurerm_resource_group.myterraformgroup: Refreshing state... [id=/subscriptions/a9dc7515-7692-4316-9ad4-762f383eec10/resourceGroups/myResourceGroup] ╷ │ Warning: Version constraints inside provider configuration blocks are deprecated │ │ on terraform_azure.tf line 5, in provider "azurerm": │ 5: version = "~>2.0" │ │ Terraform 0.13 and earlier allowed provider version constraints inside the provider configuration block, but that is now deprecated and will be removed in a future version of Terraform. To silence this │ warning, move the provider version constraint into the required_providers block. ╵ ╷ │ Error: "eastus" was not found in the list of supported Azure Locations: "chinaeast,chinanorth,chinanorth2,chinaeast2" │ │ on terraform_azure.tf line 10, in resource "azurerm_resource_group" "myterraformgroup": │ 10: resource "azurerm_resource_group" "myterraformgroup" { │ ╵ ╷ │ Error: Output refers to sensitive values │ │ on terraform_azure.tf line 126: │ 126: output "tls_private_key" { value = tls_private_key.example_ssh.private_key_pem } │ │ Expressions used in outputs can only refer to sensitive values if the sensitive attribute is true. ╵ PS C:\LBWorkSpace\MyCode\24-Terraform>
注意:在检查模板时候有两个错误,是因为copy的terraform模板是创建在global azure的,而当前是在中国区azure,所以需要修改location从eastus到chinaeast或其他。 第二个错误output输出可以暂时注释126行模板即可。修改完成后,再次使用terraform plan命令检查模板,输出结果中会包含模板中将要创建,修改的资源列表。
第三步:构建模板中的资源 terraform apply
命令
terraform apply
输出(apply命令需要在执行前手动输入yes,然后开始真正执行创建资源。当创建完成后,可以看见Apply complete! Resources: 9 added, 0 changed, 0 destroyed.提示消息)
View Code
恭喜!踏入Terraform创建Azure资源大门。
参考资料
“Azure 上的 Terraform”文档: https://docs.microsoft.com/zh-cn/azure/developer/terraform/
使用 Terraform 在 Azure 中创建带有基础结构的 Linux VM: https://docs.microsoft.com/zh-cn/azure/developer/terraform/create-linux-virtual-machine-with-infrastructure#complete-terraform-script
Install Azure CLI on Windows:https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?tabs=azure-powershell
