All Products
Search

This Product

    Container Service for Kubernetes:Use Terraform to manage existing clusters

    Document Center

    Container Service for Kubernetes:Use Terraform to manage existing clusters

    Last Updated:Jul 20, 2023

    Terraform allows you to import and manage existing Container Service for Kubernetes (ACK) resources, such as clusters and node pools. This topic describes how to use Terraform to manage existing ACK managed clusters.

    Prerequisites

    • An ACK managed cluster is created. The cluster contains a node pool that consists of two nodes. For more information, see Use Terraform to create an ACK managed cluster.

    • Terraform is installed.

      Note

      You must install Terraform 0.12.28 or later. You can run the terraform --version command to query the Terraform version.

      • By default, Cloud Shell is preinstalled with Terraform and configured with your account information. You do not need to modify the configurations.

      • If you do not use Cloud Shell, you can directly install Terraform. For more information, see Install and configure Terraform in the local PC.

    • Your account information is configured. You can specify identity information in environment variables. 

      export ALICLOUD_ACCESS_KEY="************"
export ALICLOUD_SECRET_KEY="************"
export ALICLOUD_REGION="cn-beijing"
      Note

      To improve the flexibility and security of permission management, we recommend that you create a Resource Access Management (RAM) user named Terraform. Then, create an AccessKey pair for the RAM user and grant permissions to the RAM user. For more information, see Create a RAM user and Grant permissions to the RAM user.

    Procedure

    1. Create a working directory and a file named main.tf in the directory. 

      provider "alicloud" {
}

    2. Run the following command to initialize the environment for Terraform: 

      terraform init

      Expected output:

      Initializing the backend...

Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1...
...

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

    3. Import the cluster.

      1. Add the cluster resources to the main.tf file. 

        # The ACK managed cluster. 
resource "alicloud_cs_managed_kubernetes" "default" {
}

      2. Run the following command to import the cluster.

        Replace <Cluster-ID> with the ID of the cluster that you want to import. 

        terraform import alicloud_cs_managed_kubernetes.default <Cluster-ID>

        Expected output:

        alicloud_cs_managed_kubernetes.default: Importing from ID "c338cf0f4496a4dc1936a9e314162****"...
alicloud_cs_managed_kubernetes.default: Import complete!
  Imported alicloud_cs_managed_kubernetes
alicloud_cs_managed_kubernetes.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

        The following cluster information is included in the terraform.tfstate file:

        {
      "mode": "managed",
      "type": "alicloud_cs_managed_kubernetes",
      "name": "default",
      "provider": "provider.alicloud",
      "instances": [
        {
          "mode": "managed",
          "type": "alicloud_cs_managed_kubernetes",
          "name": "default",
          "provider": "provider.alicloud",
          "instances": [
             ........
          ]
        }
      ]
    }

      3. Configure the required fields in the main.tf file based on the information in the terraform.tfstate file. 

        provider "alicloud" {
}

# The virtual private cloud (VPC). 
resource "alicloud_cs_managed_kubernetes" "default" {
  # Configure the required fields. 
  worker_vswitch_ids = [
    .....
  ]
  ......
}

      4. Run the following command to query the differences between the local resources and remote resources: 

        terraform plan

        Expected output:

        Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

alicloud_cs_managed_kubernetes.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

    4. Import the node pool.

      1. Run the following commands to import the node pool.

        Replace <Cluster-ID> with the cluster ID that you specified in the previous step. Replace <Nodepool-ID> with the ID of the node pool that you want to import. Separate the cluster ID and node pool ID with a colon (:). 

        terraform import alicloud_cs_kubernetes_node_pool.default <Cluster-ID>:<Nodepool-ID>

        Expected output:

        alicloud_cs_kubernetes_node_pool.default: Importing from ID "c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****"...
alicloud_cs_kubernetes_node_pool.default: Import complete!
  Imported alicloud_cs_kubernetes_node_pool
alicloud_cs_kubernetes_node_pool.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

        The following node pool information is included in the terraform.tfstate file:

        .....
"resources": [
    {
      "mode": "managed",
      "type": "alicloud_cs_kubernetes_node_pool",
      "name": "default",
      "provider": "provider.alicloud",
      "instances": [
        .....
      ]
    }
  ]

      2. Configure the required fields in the main.tf file based on the information in the terraform.tfstate file. 

        provider "alicloud" {
}

# The node pool. 
resource "alicloud_cs_kubernetes_node_pool" "default" {
  # The name of the node pool. 
  name           = ....
  # The instance types that are used by the node pool. 
  instance_types =  ....
  .....
}

      3. Run the following command to query the differences between the local resources and remote resources: 

        terraform plan

        Expected output:

        Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

alicloud_cs_kubernetes_node_pool.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****]
alicloud_cs_managed_kubernetes.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

      You can manage the cluster and node pool by using the main.tf file after the cluster is imported.

    5. Check whether the node pool can be scaled out as normal

      1. Check whether the node pool can be scaled out as normal by using the main.tf file.

        For example, modify the main.tf file to increase the number of nodes in the node pool by one:

        ......

# The ACK managed cluster. 
resource "alicloud_cs_kubernetes_node_pool" "default" {
  .....
  # The expected number of nodes in the node pool is three. 
  desired_size = 3
}

.....

      2. Run the following command to scale out the node pool: 

        terraform apply

        Expected output:

        alicloud_cs_kubernetes_node_pool.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****]

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # alicloud_cs_kubernetes_node_pool.default will be updated in-place
  ~ resource "alicloud_cs_kubernetes_node_pool" "default" {
        .....
      ~ desired_size               = 2 -> 3
        .....
    }

Plan: 0 to add, 1 to change, 0 to destroy.

        Enter yes when the scale-out prompt appears and wait for the scale-out activity to complete. 

        .....
alicloud_cs_kubernetes_node_pool.default: Still modifying... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****, 2m30s elapsed]
alicloud_cs_kubernetes_node_pool.default: Still modifying... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****, 2m40s elapsed]
alicloud_cs_kubernetes_node_pool.default: Still modifying... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****, 2m50s elapsed]
alicloud_cs_kubernetes_node_pool.default: Modifications complete after 2m53s [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

      Go to the Node Pools page of the Container Service for Kubernetes (ACK) console. You can find that one node is added to the node pool.