使用 Terraform 管理已有的集群

本文主要介绍使用 Terraform 管理已有的非 Terraform 创建的集群。

前提条件

• 已通过控制台或调用 API 创建了容器服务集群。详细操作，请参见 创建集群、CreateCluster。
• 已安装 Terraform。详细操作，请参见 准备工作。

操作步骤

1. 创建一个文件夹，并在该文件夹中创建名为main.tf的配置文件。

   terraform {
     required_providers {
       volcengine = {
         source = "volcengine/volcengine"
         version = "0.0.140"  # version 信息请从 Terraform 官网（https://registry.terraform.io/providers/volcengine/volcengine/latest）获取。
       }
     }
   }
   
   provider "volcengine" {
     access_key = "**********" # 火山引擎账号的 Access Key ID。
     secret_key = "**********" # 火山引擎账号的 Secret Access Key。
     region = "cn-beijing" # 容器服务业务所在的地域。
   }
   
   resource "volcengine_vke_cluster" "vke-tf-test" {
   }
   

2. 初始化 Terraform 运行环境。

   terraform init
   

   预期执行结果如下所示。

   Initializing the backend...
   
   Initializing provider plugins...
   - Finding volcengine/volcengine versions matching "0.0.140"...
   - Installing volcengine/volcengine v0.0.140...
   
   ...
   
   Terraform has been successfully initialized!
   
   You may now begin working with Terraform. Try running "terraform plan" to see
   any changes that are required for your infrastructure. All Terraform commands
   should now work.
   
   If you ever set or change modules or backend configuration for Terraform,
   rerun this command to reinitialize your working directory. If you forget, other
   commands will detect it and remind you to do so if necessary.
   

3. 导入集群资源。

   terraform import volcengine_vke_cluster.vke-tf-test ccdk7omvqtofl********
   

   说明

   ccdk7omvqtofl******** 为待导入集群的 ID，可在容器服务控制台的集群 基本信息 页面获取。

   预期执行结果如下所示。

   volcengine_vke_cluster.vke-tf-test: Importing from ID "..."...
   volcengine_vke_cluster.vke-tf-test: Import prepared!
     Prepared volcengine_vke_cluster for import
   volcengine_vke_cluster.vke-tf-test: Refreshing state... [id=...]
   
   Import successful!
   
   The resources that were imported are shown above. These resources are now in
   your Terraform state and will henceforth be managed by Terraform.
   

   在terraform.tfstate文件中会存储导入集群的相关信息，示例如下所示：

   {
     "version": 4,
     "terraform_version": "1.2.9",
     "serial": 1,
     "outputs": {},
     "resources": [
       {
         "mode": "managed",
         "type": "volcengine_vke_cluster",
         "name": "vke-tf-test",
   ...
       }
     ]
   }
   

4. 根据terraform.tfstate文件，补充main.tf中必填字段及需匹配字段。
   代码片段如下所示，详细的必填字段，请参见 Terraform 官网 Provider 文档。

   resource "volcengine_vke_cluster" "vke-tf-test" {
     name                = "***"
     cluster_config {
       subnet_ids = [
                         "subnet-rrmacce22z9c***********",
                         "subnet-rrmacgc4b37k***********"
                    ]
       }
     pods_config {
       pod_network_mode = "VpcCniShared"
       vpc_cni_config {
         subnet_ids = [
                         "subnet-rrmacce22z9***********",
                         "subnet-rrmacgc4b37***********"
                    ]
       }
     }
     services_config {
       service_cidrsv4 = ["192.168.**.0/**"]
     }
   }	
   

5. 进行资源规划。

   terraform plan
   

   预期执行结果如下所示。

   ...
   No changes. Your infrastructure matches the configuration.
   
   Terraform has compared your real infrastructure against your configuration and found no
   differences, so no changes are needed.