You need to enable JavaScript to run this app.
导航
Terraform
  • 文档首页
    • /
  • Terraform

安装Terraform

最近更新时间2024.01.22 16:51:51

首次发布时间2022.05.17 12:06:30

我的收藏

本文介绍Terraform的安装配置,并以创建一个火山引擎VPC为例介绍如何使用Terraform。

步骤一:安装Terraform

Terraform是以二进制可执行文件发布,您只需下载Terraform,并将Terraform可执行文件所在目录添加到系统环境变量PATH中即可。

  1. 登录Terraform官网或进入下载页,建议使用0.13.x或者更高的版本,下载对应操作系统的安装包。

  2. 解压安装包,并将terraform可执行文件所在目录添加到系统环境变量PATH中。

  3. 在命令行中执行如下命令验证配置路径是否正确
    terraform
    回显如下则说明配置正确,Terraform可以正常运行。

    Usage: terraform [-version] [-help] <command> [args]

....

步骤二:初始化使用环境

  1. Terraform支持编排火山引擎上的多种云资源(支持的云服务),使用Terraform管理火山引擎的云资源前,您需要获取AK/SK,参考 访问密钥

  2. 在任意目录下创建一个文本文件,命名为main.tf

  3. 编辑main.tf文件,设置Provider信息,version信息请从Terraform官网获取,添加内容如下:

    terraform {
  required_providers {
    volcengine = {
      source = "volcengine/volcengine"
      version = "0.0.129"
    }
  }
}

  4. 继续编辑main.tf文件,添加访问凭证信息。您可以使用以下两种方式设置访问凭证信息:

    1. 方式一:静态凭证(Static credentials) ,即在Terraform配置文件中添加AK/SK信息,假如您使用账号的角色扮演模式,也可以添加SessionToken,添加内容如下:

      provider "volcengine" {
  access_key = "AK**************"
  secret_key = "****************"
  region = "cn-beijing"
}

      • access_key:必填,密钥ID,即AK。查询方法请参见访问密钥

      • secret_key:必填,访问密钥,即SK。查询方法请参见访问密钥

      • region:必填,区域,即需要创建管理哪个区域的资源。您可以在这里查询支持的区域。

      • session_token:选填,角色扮演的安全令牌,如果使用角色扮演,授权后可以通过这里获取。

    2. 方式二:环境变量(Environment variables) 。您可以将如下信息添加到环境变量中进行认证鉴权:

      export VOLCENGINE_ACCESS_KEY=AK**************
export VOLCENGINE_SECRET_KEY=****************
export VOLCENGINE_REGION=cn-beijing

      • VOLCENGINE_ACCESS_KEY:必填,密钥ID,即AK。查询方法请参见访问密钥

      • VOLCENGINE_SECRET_KEY:必填,访问密钥,即SK。查询方法请参见访问密钥

      • VOLCENGINE_REGION:必填,区域,即需要创建管理哪个区域的资源。您可以在这里查询火山支持的区域

      • VOLCENGINE_SESSION_TOKEN:选填,角色扮演的安全令牌,如果使用角色扮演,授权后可以通过这里获取

步骤三:使用Terraform创建火山引擎VPC

下面以创建一个火山引擎VPC为例为您介绍如何使用Terraform。

  1. 继续编辑初始化使用环境步骤中完成的main.tf文件,在文件中添加如下配置,配置火山引擎Provider并创建一个VPC,添加内容如下:

    #Create vpc
resource "volcengine_vpc" "this" {
  vpc_name = "tf-test-1"
  cidr_block = "172.16.0.0/16"
}

  2. 进入main.tf所在目录,执行如下命令初始化。
    terraform init

    说明

    使用本命令安装provider volcengine时,由于Provider Release 版本存放在海外服务器,安装可能会失败,火山引擎还为您提供了其他三种安装方式,请参考如何快速安装terraform-provider-volcengine?

    回显如下,请注意,首次执行时会下载volcengine Provider并安装。

    Initializing the backend...

Initializing provider plugins...

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

  3. 执行如下命令,查看执行计划。
    terraform plan
    回显如下,显示待创建的资源。

    An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # VOLCENGINE_vpc.foo will be created
  + resource "VOLCENGINE_vpc" "foo" {
      + account_id            = (known after apply)
      + associate_cens        = (known after apply)
      + auxiliary_cidr_blocks = (known after apply)
      + cidr_block            = "172.16.0.0/16"
      + creation_time         = (known after apply)
      + id                    = (known after apply)
      + nat_gateway_ids       = (known after apply)
      + route_table_ids       = (known after apply)
      + security_group_ids    = (known after apply)
      + status                = (known after apply)
      + subnet_ids            = (known after apply)
      + update_time           = (known after apply)
      + vpc_id                = (known after apply)
      + vpc_name              = "tf-test-2"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

  4. 执行如下命令,创建资源。
    terraform apply
    根据提示输入yes,回显如下,可以看到名为terraform_vpc的VPC已经创建,您也可以登录火山引擎私有网络控制台查看资源是否已经创建。

    An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # VOLCENGINE_vpc.foo will be created
  + resource "VOLCENGINE_vpc" "foo" {
      + account_id            = (known after apply)
      + associate_cens        = (known after apply)
      + auxiliary_cidr_blocks = (known after apply)
      + cidr_block            = "172.16.0.0/16"
      + creation_time         = (known after apply)
      + id                    = (known after apply)
      + nat_gateway_ids       = (known after apply)
      + route_table_ids       = (known after apply)
      + security_group_ids    = (known after apply)
      + status                = (known after apply)
      + subnet_ids            = (known after apply)
      + update_time           = (known after apply)
      + vpc_id                = (known after apply)
      + vpc_name              = "tf-test-2"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

VOLCENGINE_vpc.foo: Creating...
VOLCENGINE_vpc.foo: Creation complete after 2s [id=vpc-13f4ryf7v2cxs3n6nu5ho4l2u]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.