Terraform是HashiCorp公司提供的一種開源工具,用於安全高效地預覽、配置和管理雲基礎架構和資源,協助開發人員自動化地建立、更新阿里雲基礎設施資源,並進行版本管理。您可以使用Terraform通過建立環境執行個體將雲資源接入ARMS,即時監控雲資源的效能指標,協助營運團隊及時解決問題以及最佳化系統效能。
前提條件
已安裝Terraform,且Terraform版本不低於v0.12.28。您可以通過
terraform --version命令查看Terraform版本。方式一:在Cloud Shell中使用Terraform。具體操作,請參見Cloud Shell。Cloud Shell預設安裝配置了Terraform和阿里雲帳號資訊,無需任何額外配置。
方式二:本地安裝Terraform。具體操作,請參見在本地安裝和配置Terraform。
說明Resource Orchestration Service服務為Terraform提供了託管的能力,您可以建立Terraform類型的模板,定義阿里雲、AWS或Azure資源,配置資源參數和資源間的依賴關係。更多資訊,請參見建立Terraform類型模板、建立Terraform類型資源棧。
已配置阿里雲帳號資訊。
方式一:添加環境變數,存放身份認證資訊。
export ALICLOUD_ACCESS_KEY="************" export ALICLOUD_SECRET_KEY="************" export ALICLOUD_REGION="cn-beijing"方式二:在設定檔的
provider中指定身份認證資訊。provider "alicloud" { access_key = "************" secret_key = "************" region = "cn-beijing" }
已開通Prometheus服務。
建立環境執行個體
建立Container Service的環境執行個體
建立一個工作目錄,並在工作目錄中建立名為
main.tf的設定檔。# provider, use alicloud provider "alicloud" { # access_key = "************" # secret_key = "************" # region = "cn-beijing" } # Container Service的環境執行個體。 resource "alicloud_arms_environment" "my_ack-env1" { environment_name = "Container Service的環境名稱1" environment_type = "CS" environment_sub_type = "ACK" bind_resource_id = "Container Service的叢集Id" }執行以下命令,初始化Terraform運行環境。
terraform init預期輸出:
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1... ... You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.執行以下命令,產生資源規劃。
terraform plan預期輸出:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ... Plan: 5 to add, 0 to change, 0 to destroy. ...執行以下命令,建立執行個體。
terraform apply預期輸出:
... Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes ... alicloud_arms_environment: Creation complete after 8m26s [id=************] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.提示
Enter a value時,請輸入yes。登入ARMS控制台,在接入管理頁面的環境列表中,查看是否已成功建立Container Service環境執行個體。
建立ECS環境執行個體
建立一個工作目錄,並在工作目錄中建立名為
main.tf的設定檔。#provider, use alicloud provider "alicloud" { #access_key = "************" #secret_key = "************" #region = "cn-beijing" } # ECS環境執行個體。 resource "alicloud_arms_environment" "my_ecs-env1" { environment_name = "ECS環境名1" environment_type = "ECS" environment_sub_type = "ECS" bind_resource_id = "vpcId,如vpc-bp1jxxx" }執行以下命令,初始化Terraform運行環境。
terraform init預期輸出:
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1... ... You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.執行以下命令,產生資源規劃。
terraform plan預期輸出:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ... Plan: 5 to add, 0 to change, 0 to destroy. ...執行以下命令,建立執行個體。
terraform apply預期輸出:
... Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes ... alicloud_arms_environment: Creation complete after 8m26s [id=************] Apply complete! Resources: 3 added, 0 changed, 0 destroyed.提示
Enter a value時,請輸入yes。登入ARMS控制台,在接入管理頁面的環境列表中,查看是否已成功建立ECS環境執行個體。
建立雲端服務環境執行個體
建立一個工作目錄,並在工作目錄中建立名為
main.tf的設定檔。#provider, use alicloud provider "alicloud" { #access_key = "************" #secret_key = "************" #region = "cn-beijing" } # 雲端服務環境執行個體。 resource "alicloud_arms_environment" "my_cloud-env1" { environment_name = "雲端服務環境名1" environment_type = "Cloud" environment_sub_type = "Cloud" bind_resource_id = "雲端服務執行個體的regionId,如cn-hangzhou" }執行以下命令,初始化Terraform運行環境。
terraform init預期輸出:
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1... ... You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.執行以下命令,產生資源規劃。
terraform plan預期輸出:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ... Plan: 5 to add, 0 to change, 0 to destroy. ...執行以下命令,建立執行個體。
terraform apply預期輸出:
... Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes ... alicloud_arms_environment: Creation complete after 8m26s [id=************] Apply complete! Resources: 4 added, 0 changed, 0 destroyed.提示
Enter a value時,請輸入yes。登入ARMS控制台,在接入管理頁面的環境列表中,查看是否已成功建立雲端服務環境執行個體。
刪除環境執行個體
執行以下命令,刪除通過Terraform建立的叢集。
terraform destroy預期輸出:
... Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value: yes ... Destroy complete! Resources: 1 destroyed.提示
Enter a value時,請輸入yes。登入ARMS控制台,在接入管理頁面的執行個體列表中,查看是否已成功刪除對應的環境執行個體。