Terraform overview
Provision and manage ACK clusters as code with Terraform for repeatable, version-controlled infrastructure.
Key concepts
Resources and data sources
Terraform uses two object types to manage cloud infrastructure:
-
Resources — objects that Terraform creates and manages. Each resource block defines one infrastructure object, such as an ACK cluster or node pool.
-
Data sources — read-only queries that retrieve attributes of resources created outside the current configuration.
Example:
### Data sources
# List instance types with 2 vCPUs and 4 GB of memory.
# Reference: https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/data-sources/instance_types
data "alicloud_instance_types" "c2g4" {
cpu_core_count = 2
memory_size = 4
}
### Resources
# Create a Server Load Balancer (SLB) instance.
# Reference: https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/instance
resource "alicloud_slb" "default" {
name = var.name
specification = "slb.s2.small"
vswitch_id = alicloud_vswitch.default.id
}
See Use ACK with Terraform for the complete list.
Plugins
Terraform has two categories of plug-ins:
-
Terraform CLI — the command-line tool to plan, apply, and destroy configurations.
-
Terraform providers — plug-ins that translate Terraform configuration into API calls for a specific cloud, published on the Terraform Registry.
Alibaba Cloud is the first cloud provider in China to integrate Terraform. The Alibaba Cloud provider (terraform-provider-alicloud) supports 163 resources and 113 data sources across 35 services, including computing, storage, networking, load balancing, CDN, middleware, access control, and databases.
To set up the Alibaba Cloud provider, see Install and configure Terraform in the local PC or Use Terraform in Cloud Shell.
Why use Terraform for ACK
Terraform offers several advantages over managing ACK clusters directly through the console, CLI, or API.
-
Multi-cloud deployments — manage infrastructure across Alibaba Cloud, other clouds, and on-premises data centers with one toolchain and configuration language.
-
Automated, repeatable provisioning — define cluster configuration once and apply it consistently across development, staging, and production, eliminating configuration drift.
-
Infrastructure as code — store cluster configuration in version control alongside application code. Track changes, review modifications in pull requests, and roll back when needed.
-
Reduced costs — spin up dev and test environments on demand and tear them down when idle. Evaluate cost impact before applying changes.
Use ACK with Terraform
ACK supports the following Terraform resources and data sources.
Resources
| Resource | Description |
|---|---|
| alicloud_cs_managed_kubernetes | Manages ACK managed clusters |
| alicloud_cs_kubernetes | Manages ACK dedicated clusters |
| alicloud_cs_serverless_kubernetes | Manages ACK Serverless clusters |
| alicloud_cs_edge_kubernetes | Manages ACK edge clusters |
| alicloud_cs_kubernetes_node_pool | Manages node pools |
| alicloud_cs_kubernetes_permissions | Manages Role-Based Access Control (RBAC) permissions |
| alicloud_cs_kubernetes_addon | Manages cluster add-ons |
Data sources
| Data source | Description |
|---|---|
| alicloud_ack_service | Activates ACK |
| alicloud_cs_managed_kubernetes_clusters | Lists all ACK managed clusters |
| alicloud_cs_kubernetes_clusters | Lists all ACK dedicated clusters |
| alicloud_cs_serverless_kubernetes_clusters | Lists all ACK Serverless clusters |
| alicloud_cs_edge_kubernetes_clusters | Lists all ACK edge clusters |
| alicloud_cs_kubernetes_permissions | Lists permissions for specified Resource Access Management (RAM) users |
| alicloud_cs_kubernetes_addon_metadata | Lists cluster add-on metadata |
| alicloud_cs_kubernetes_addons | Lists available cluster add-ons |
| alicloud_cs_kubernetes_version | Lists available Kubernetes versions |
Keep cluster infrastructure (VPC, node pools, RBAC) in a separate Terraform project from Kubernetes workloads (Deployments, Services). They have different change cadences and are typically owned by different teams.