You can use Terraform to manage the exporters of the integration center and remote write resources in Managed Service for Prometheus. This topic describes how to use Terraform to manage remote write configurations.
Prerequisites
A Prometheus instance for Container Service or ECS is created. For more information, see Use Terraform to manage Prometheus instances.
Terraform is installed.
By default, Cloud Shell is preinstalled with Terraform and configured with your account information. You do not need to modify the configurations.
If you do not use Cloud Shell, you can directly install Terraform. For more information, see Install and configure Terraform.
NoteYou must install Terraform V0.12.28 or later. You can run the
terraform --versioncommand to query the Terraform version.While Resource Orchestration Service (ROS) is a native infrastructure-as-code (IaC) service provided by Alibaba Cloud, it also supports the integration of Terraform templates. By using Terraform with ROS, you can define and manage resources in Alibaba Cloud, Amazon Web Services (AWS), or Microsoft Azure, specify resource parameters, and configure dependency relationships for the resources. For more information, see Create a Terraform template and Create a Terraform stack.
Your Alibaba Cloud account information is configured. You can use one of the following methods to configure Alibaba Cloud account information:
NoteTo improve the flexibility and security of permission management, we recommend that you create a Resource Access Management (RAM) user named Terraform. Then, create an AccessKey pair for the RAM user and grant permissions to the RAM user. For more information, see Create a RAM user and Grant permissions to a RAM user.
Method 1: Add environment variables to store authentication information.
export ALICLOUD_ACCESS_KEY="************" export ALICLOUD_SECRET_KEY="************" export ALICLOUD_REGION="cn-beijing"NoteSpecify the
export ALICLOUD_REGIONparameter based on your business requirements.Method 2: Specify identity information in the provider section of the configuration file.
provider "alicloud" { access_key = "************" secret_key = "************" region = "cn-beijing" }NoteSpecify the value of the
export ALICLOUD_REGIONparameter based on your business requirements.
Create a remote write configuration for the Prometheus instance
Create a working directory and a file named main.tf in the directory.
provider "alicloud" { }Run the following command to initialize the runtime environment for Terraform:
terraform initExpected output:
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1... ... You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.Import remote write resources.
Add the remote write resources to the main.tf file.
# The remote write configuration of the Prometheus instance. resource "alicloud_arms_remote_write" "myRemoteWrite1" { cluster_id = "c77e1106f429e4b46b0ee1720c*****" # The ID of the Prometheus instance. remote_write_yaml = <<-EOT remote_write: - name: ArmsRemoteWrite1 url: http://47.96.XX.XX:8080/prometheus/xxx/yyy/cn-hangzhou/api/v3/write basic_auth: {username: 666, password: '******'} write_relabel_configs: - source_labels: [instance_id] separator: ; regex: si-6e2ca86444db4e5***** replacement: $1 action: keep EOTRun the following command to create an execution plan:
terraform planExpected output:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_arms_remote_write.ack-rw1 will be created + resource "alicloud_arms_remote_write" "ack-rw1" { + cluster_id = "c77e1106f429e4b46b0ee1720c*****" + id = (known after apply) + remote_write_name = (known after apply) + remote_write_yaml = <<-EOT remote_write: - name: ArmsRemoteWrite1 url: http://xx.xx.xx.xx:8080/prometheus/xxx/yyy/cn-hangzhou/api/v3/write basic_auth: {username: 666, password: '******'} write_relabel_configs: - source_labels: [instance_id] separator: ; regex: si-6e2ca86444db4e5***** replacement: $1 action: keep EOT } Plan: 1 to add, 0 to change, 0 to destroy.Run the following command to create a remote write configuration:
terraform applyExpected output:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_arms_remote_write.ack-rw1 will be created + resource "alicloud_arms_remote_write" "ack-rw1" { + cluster_id = "c77e1106f429e4b46b0ee1720c9*****" + id = (known after apply) + remote_write_name = (known after apply) + remote_write_yaml = <<-EOT remote_write: - name: ArmsRemoteWrite1 url: http://xx.xx.xx.xx:8080/prometheus/xxx/yyy/cn-hangzhou/api/v3/write basic_auth: {username: 666, password: '******'} write_relabel_configs: - source_labels: [instance_id] separator: ; regex: si-6e2ca86444db4e5***** replacement: $1 action: keep EOT } Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yesIf
yesis returned, the remote write configuration of the current Prometheus instance is created.
Check the result
You can log on to the Managed Service for Prometheus console and view the remote write configuration on the Integration Center page of the Prometheus instance. To view the remote write configuration on the Integration Center page, perform the following steps:
Log on to the Managed Service for Prometheus console.
In the left-side navigation pane, click Instances.
Click the name of the Prometheus instance instance that you want to manage to go to the Integration Center page.
Click custom in the Installed section. In the panel that appears, click the Remote Write tab to view the created remote write configuration.
Delete the remote write configuration from the Prometheus instance
Procedure
You can run the following command to delete the remote write configuration from the Prometheus instance that is created by using Terraform:
terraform destroyExpected output:
...
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
...
Destroy complete! Resources: 1 destroyed.Check the result
You can log on to the Managed Service for Prometheus console. On the Integration Center page of the Prometheus instance, check whether the remote write configuration is deleted.
Log on to the Managed Service for Prometheus console.
In the left-side navigation pane, click Instances.
Click the name of the Prometheus instance instance that you want to manage to go to the Integration Center page.
Click custom in the Installed section. In the panel that appears, click the Remote Write tab. If the remote write configuration does not exist, it is deleted.