本文介绍使用 Terraform 执行 ECS Instance 创建、更新、删除操作。
Terraform的设计目标为Infrastructure as Code,这里的Infrastructure是一个非常抽象的东西,可以认为是数据中心的一切抽象,如二层网络、交换机(子网)、路由器、虚拟机、负载均衡、防火墙、数据库等等。
预计实验时间:20分钟
级别:初级
相关产品:ECS
受众: 通用
参考文档:Terraform官方文档
参考文档:Terraform - Install Terraform
brew tap hashicorp/tap brew install hashicorp/tap/terraform
terraform init
Terraform v1.2.7
on darwin_arm64
+ provider registry.terraform.io/volcengine/volcengine v0.0.24
Your version of Terraform is out of date! The latest version
is 1.2.9. You can update by downloading from https://www.terraform.io/downloads.html
vim main.tf # Configure the Volcengine Provider provider "volcengine" { access_key = "AKLTZDBiMjVmZWQ3NjYzNDdxxxxxxxxxxxxxxxxxxxxxxxxxx" secret_key = "TkdNNVlUQTRaamRtWXpNxxxxxxxxxxxxxxxxxxxxxxxxxx==" region = "cn-beijing" } # Provider Version terraform { required_providers { volcengine = { source = "volcengine/volcengine" version = "= 0.0.24" } } } terraform init Initializing the backend... Initializing provider plugins... - Reusing previous version of volcengine/volcengine from the dependency lock file - Using previously-installed volcengine/volcengine v0.0.24 Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.
vim ECSInstance.tf # Create vpc resource "volcengine_vpc" "foo" { vpc_name = "tf-test-1" cidr_block = "172.16.0.0/16" } # Create subnet resource "volcengine_subnet" "foo1" { subnet_name = "subnet-tf-test-1" cidr_block = "172.16.1.0/24" zone_id = "cn-beijing-a" vpc_id = volcengine_vpc.foo.id } # Create security group resource "volcengine_security_group" "foo1" { depends_on = [volcengine_subnet.foo1] vpc_id = volcengine_vpc.foo.id } # Create ECS Instance resource "volcengine_ecs_instance" "default" { # 创建多个ECS实例,并按照xxx-1,xxx-2,xxx-3命名 # count = 3 # instance_name = "first-tf-ecs-${count.index+1}" instance_name = "John-tf-test-1" image_id = "image-aagd56zrw2jtdro3bnrl" instance_type = "ecs.g2i.large" description = "John-tf-test-description-1" password = "93f0cb0614Aab12" instance_charge_type = "PostPaid" system_volume_type = "ESSD_PL0" system_volume_size = 40 subnet_id = volcengine_subnet.foo1.id security_group_ids = [volcengine_security_group.foo1.id] data_volumes { volume_type = "ESSD_PL0" size = 100 delete_with_instance = true } deployment_set_id = "" # secondary_network_interfaces { # subnet_id = volcengine_subnet.foo1.id # security_group_ids = [volcengine_security_group.foo1.id] # } }
terraform plan Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # volcengine_ecs_instance.default will be created + resource "volcengine_ecs_instance" "default" { + cpus = (known after apply) + created_at = (known after apply) + description = "John-tf-test-description-1" + gpu_devices = (known after apply) + host_name = (known after apply) + id = (known after apply) + image_id = "image-aagd56zrw2jtdro3bnrl" + instance_charge_type = "PostPaid" + instance_id = (known after apply) + instance_name = "John-tf-test-1" + instance_type = "ecs.g2i.large" + is_gpu = (known after apply) + key_pair_id = (known after apply) + key_pair_name = (known after apply) + memory_size = (known after apply) + network_interface_id = (known after apply) + os_name = (known after apply) + os_type = (known after apply) + password = (sensitive value) + primary_ip_address = (known after apply) + security_enhancement_strategy = "Active" + security_group_ids = (known after apply) + status = (known after apply) + stopped_mode = (known after apply) + subnet_id = (known after apply) + system_volume_id = (known after apply) + system_volume_size = 40 + system_volume_type = "ESSD_PL0" + updated_at = (known after apply) + user_data = (known after apply) + vpc_id = (known after apply) + zone_id = (known after apply) + data_volumes { + delete_with_instance = true + size = 100 + volume_type = "ESSD_PL0" } } # volcengine_security_group.foo1 will be created + resource "volcengine_security_group" "foo1" { + creation_time = (known after apply) + id = (known after apply) + security_group_name = (known after apply) + status = (known after apply) + vpc_id = (known after apply) } # volcengine_subnet.foo1 will be created + resource "volcengine_subnet" "foo1" { + cidr_block = "172.16.1.0/24" + creation_time = (known after apply) + id = (known after apply) + status = (known after apply) + subnet_name = "subnet-tf-test-1" + vpc_id = (known after apply) + zone_id = "cn-beijing-a" } # volcengine_vpc.foo will be created + resource "volcengine_vpc" "foo" { + account_id = (known after apply) + associate_cens = (known after apply) + auxiliary_cidr_blocks = (known after apply) + cidr_block = "172.16.0.0/16" + creation_time = (known after apply) + id = (known after apply) + nat_gateway_ids = (known after apply) + route_table_ids = (known after apply) + security_group_ids = (known after apply) + status = (known after apply) + subnet_ids = (known after apply) + update_time = (known after apply) + vpc_id = (known after apply) + vpc_name = "tf-test-1" } Plan: 4 to add, 0 to change, 0 to destroy.
terraform apply Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # volcengine_ecs_instance.default will be created + resource "volcengine_ecs_instance" "default" { + cpus = (known after apply) + created_at = (known after apply) + description = "John-tf-test-description-1" + gpu_devices = (known after apply) + host_name = (known after apply) + id = (known after apply) + image_id = "image-aagd56zrw2jtdro3bnrl" + instance_charge_type = "PostPaid" + instance_id = (known after apply) + instance_name = "John-tf-test-1" + instance_type = "ecs.g2i.large" + is_gpu = (known after apply) + key_pair_id = (known after apply) + key_pair_name = (known after apply) + memory_size = (known after apply) + network_interface_id = (known after apply) + os_name = (known after apply) + os_type = (known after apply) + password = (sensitive value) + primary_ip_address = (known after apply) + security_enhancement_strategy = "Active" + security_group_ids = (known after apply) + status = (known after apply) + stopped_mode = (known after apply) + subnet_id = (known after apply) + system_volume_id = (known after apply) + system_volume_size = 40 + system_volume_type = "ESSD_PL0" + updated_at = (known after apply) + user_data = (known after apply) + vpc_id = (known after apply) + zone_id = (known after apply) + data_volumes { + delete_with_instance = true + size = 100 + volume_type = "ESSD_PL0" } } # volcengine_security_group.foo1 will be created + resource "volcengine_security_group" "foo1" { + creation_time = (known after apply) + id = (known after apply) + security_group_name = (known after apply) + status = (known after apply) + vpc_id = (known after apply) } # volcengine_subnet.foo1 will be created + resource "volcengine_subnet" "foo1" { + cidr_block = "172.16.1.0/24" + creation_time = (known after apply) + id = (known after apply) + status = (known after apply) + subnet_name = "subnet-tf-test-1" + vpc_id = (known after apply) + zone_id = "cn-beijing-a" } # volcengine_vpc.foo will be created + resource "volcengine_vpc" "foo" { + account_id = (known after apply) + associate_cens = (known after apply) + auxiliary_cidr_blocks = (known after apply) + cidr_block = "172.16.0.0/16" + creation_time = (known after apply) + id = (known after apply) + nat_gateway_ids = (known after apply) + route_table_ids = (known after apply) + security_group_ids = (known after apply) + status = (known after apply) + subnet_ids = (known after apply) + update_time = (known after apply) + vpc_id = (known after apply) + vpc_name = "tf-test-1" } Plan: 4 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes volcengine_vpc.foo: Creating... volcengine_vpc.foo: Creation complete after 1s [id=vpc-mixkg6tbfrpc5smt1aqu3orx] volcengine_subnet.foo1: Creating... volcengine_subnet.foo1: Creation complete after 2s [id=subnet-13f3v74hamcxs3n6nu4ogyxfd] volcengine_security_group.foo1: Creating... volcengine_security_group.foo1: Creation complete after 2s [id=sg-mixkh4cucpa85smt1b7h1ro8] volcengine_ecs_instance.default: Creating... volcengine_ecs_instance.default: Still creating... [10s elapsed] volcengine_ecs_instance.default: Still creating... [20s elapsed] volcengine_ecs_instance.default: Creation complete after 22s [id=i-ybxhufjjxgijuv5fhs4j] Apply complete! Resources: 4 added, 0 changed, 0 destroyed.
terraform show # volcengine_ecs_instance.default: resource "volcengine_ecs_instance" "default" { cpus = 2 created_at = "2022-09-14T16:45:11+08:00" description = "John-tf-test-description-1" gpu_devices = [] id = "i-ybxhufjjxgijuv5fhs4j" image_id = "image-aagd56zrw2jtdro3bnrl" instance_charge_type = "PostPaid" instance_id = "i-ybxhufjjxgijuv5fhs4j" instance_name = "John-tf-test-1" instance_type = "ecs.g2i.large" is_gpu = false memory_size = 8192 network_interface_id = "eni-13f3v7o7lqwow3n6nu4bkhdxm" os_name = "CentOS 7.9 64位" os_type = "Linux" password = (sensitive value) primary_ip_address = "172.16.1.128" security_enhancement_strategy = "Active" security_group_ids = [ "sg-mixkh4cucpa85smt1b7h1ro8", ] status = "RUNNING" stopped_mode = "NotApplicable" subnet_id = "subnet-13f3v74hamcxs3n6nu4ogyxfd" system_volume_id = "vol-haztkzciifjrfns0kk7y" system_volume_size = 40 system_volume_type = "ESSD_PL0" updated_at = "2022-09-14T16:45:23+08:00" vpc_id = "vpc-mixkg6tbfrpc5smt1aqu3orx" zone_id = "cn-beijing-a" data_volumes { delete_with_instance = true size = 100 volume_type = "ESSD_PL0" } } # volcengine_security_group.foo1: resource "volcengine_security_group" "foo1" { creation_time = "2022-09-14T16:45:08+08:00" id = "sg-mixkh4cucpa85smt1b7h1ro8" security_group_name = "sg-mixkh4cucpa85smt1b7h1ro8" status = "Available" vpc_id = "vpc-mixkg6tbfrpc5smt1aqu3orx" } # volcengine_subnet.foo1: resource "volcengine_subnet" "foo1" { cidr_block = "172.16.1.0/24" creation_time = "2022-09-14T16:45:06+08:00" id = "subnet-13f3v74hamcxs3n6nu4ogyxfd" status = "Available" subnet_name = "subnet-tf-test-1" vpc_id = "vpc-mixkg6tbfrpc5smt1aqu3orx" zone_id = "cn-beijing-a" } # volcengine_vpc.foo: resource "volcengine_vpc" "foo" { account_id = "2100169010" associate_cens = [] auxiliary_cidr_blocks = [] cidr_block = "172.16.0.0/16" creation_time = "2022-09-14T16:45:04+08:00" id = "vpc-mixkg6tbfrpc5smt1aqu3orx" nat_gateway_ids = [] route_table_ids = [ "vtb-mixkg8scjtog5smt1a4gohib", ] security_group_ids = [ "sg-mixkgcqerxmo5smt1avtobaf", ] status = "Available" subnet_ids = [] update_time = "2022-09-14T16:45:05+08:00" vpc_id = "vpc-mixkg6tbfrpc5smt1aqu3orx" vpc_name = "tf-test-1" }
terraform destroy volcengine_vpc.foo: Refreshing state... [id=vpc-mixkg6tbfrpc5smt1aqu3orx] volcengine_subnet.foo1: Refreshing state... [id=subnet-13f3v74hamcxs3n6nu4ogyxfd] volcengine_security_group.foo1: Refreshing state... [id=sg-mixkh4cucpa85smt1b7h1ro8] volcengine_ecs_instance.default: Refreshing state... [id=i-ybxhufjjxgijuv5fhs4j] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: # volcengine_ecs_instance.default will be destroyed - resource "volcengine_ecs_instance" "default" { - cpus = 2 -> null - created_at = "2022-09-14T16:45:11+08:00" -> null - description = "John-tf-test-description-1" -> null - gpu_devices = [] -> null - id = "i-ybxhufjjxgijuv5fhs4j" -> null - image_id = "image-aagd56zrw2jtdro3bnrl" -> null - instance_charge_type = "PostPaid" -> null - instance_id = "i-ybxhufjjxgijuv5fhs4j" -> null - instance_name = "John-tf-test-1" -> null - instance_type = "ecs.g2i.large" -> null - is_gpu = false -> null - memory_size = 8192 -> null - network_interface_id = "eni-13f3v7o7lqwow3n6nu4bkhdxm" -> null - os_name = "CentOS 7.9 64位" -> null - os_type = "Linux" -> null - password = (sensitive value) - primary_ip_address = "172.16.1.128" -> null - security_enhancement_strategy = "Active" -> null - security_group_ids = [ - "sg-mixkh4cucpa85smt1b7h1ro8", ] -> null - status = "RUNNING" -> null - stopped_mode = "NotApplicable" -> null - subnet_id = "subnet-13f3v74hamcxs3n6nu4ogyxfd" -> null - system_volume_id = "vol-haztkzciifjrfns0kk7y" -> null - system_volume_size = 40 -> null - system_volume_type = "ESSD_PL0" -> null - updated_at = "2022-09-14T16:45:23+08:00" -> null - vpc_id = "vpc-mixkg6tbfrpc5smt1aqu3orx" -> null - zone_id = "cn-beijing-a" -> null - data_volumes { - delete_with_instance = true -> null - size = 100 -> null - volume_type = "ESSD_PL0" -> null } } # volcengine_security_group.foo1 will be destroyed - resource "volcengine_security_group" "foo1" { - creation_time = "2022-09-14T16:45:08+08:00" -> null - id = "sg-mixkh4cucpa85smt1b7h1ro8" -> null - security_group_name = "sg-mixkh4cucpa85smt1b7h1ro8" -> null - status = "Available" -> null - vpc_id = "vpc-mixkg6tbfrpc5smt1aqu3orx" -> null } # volcengine_subnet.foo1 will be destroyed - resource "volcengine_subnet" "foo1" { - cidr_block = "172.16.1.0/24" -> null - creation_time = "2022-09-14T16:45:06+08:00" -> null - id = "subnet-13f3v74hamcxs3n6nu4ogyxfd" -> null - status = "Available" -> null - subnet_name = "subnet-tf-test-1" -> null - vpc_id = "vpc-mixkg6tbfrpc5smt1aqu3orx" -> null - zone_id = "cn-beijing-a" -> null } # volcengine_vpc.foo will be destroyed - resource "volcengine_vpc" "foo" { - account_id = "2100169010" -> null - associate_cens = [] -> null - auxiliary_cidr_blocks = [] -> null - cidr_block = "172.16.0.0/16" -> null - creation_time = "2022-09-14T16:45:04+08:00" -> null - dns_servers = [] -> null - id = "vpc-mixkg6tbfrpc5smt1aqu3orx" -> null - nat_gateway_ids = [] -> null - route_table_ids = [ - "vtb-mixkg8scjtog5smt1a4gohib", ] -> null - security_group_ids = [ - "sg-mixkgcqerxmo5smt1avtobaf", - "sg-mixkh4cucpa85smt1b7h1ro8", ] -> null - status = "Available" -> null - subnet_ids = [ - "subnet-13f3v74hamcxs3n6nu4ogyxfd", ] -> null - update_time = "2022-09-14T16:45:08+08:00" -> null - vpc_id = "vpc-mixkg6tbfrpc5smt1aqu3orx" -> null - vpc_name = "tf-test-1" -> null } Plan: 0 to add, 0 to change, 4 to destroy. Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value: yes volcengine_ecs_instance.default: Destroying... [id=i-ybxhufjjxgijuv5fhs4j] volcengine_ecs_instance.default: Destruction complete after 1s volcengine_security_group.foo1: Destroying... [id=sg-mixkh4cucpa85smt1b7h1ro8] volcengine_security_group.foo1: Destruction complete after 4s volcengine_subnet.foo1: Destroying... [id=subnet-13f3v74hamcxs3n6nu4ogyxfd] volcengine_subnet.foo1: Destruction complete after 1s volcengine_vpc.foo: Destroying... [id=vpc-mixkg6tbfrpc5smt1aqu3orx] volcengine_vpc.foo: Destruction complete after 0s Destroy complete! Resources: 4 destroyed.