配置开发环境
Vscode 安装 terraform 插件,打开插件,搜索 terraform,安装如下图所示插件即可
Terraform 配置语法
Terraform 的配置文件都是以 .tf 为后缀
Terraform 支持两种模式 HCL,JSON
简单介绍一下 HCL,HCL 是声明式语言,因此对资源和变量的引入不依赖于定义的顺序,通常 tf 文件包含provider,resource 和 datasource
Provider
官网文档
Terraform 通过 provider 管理基础设施,使用 provider 与云供应厂商和其他类型资源的 API 进行交互;
每个 provider 都包含相关的 资源(resource) 和数据源 (datasource)
我们本次入门为了方便理解和快速部署,使用 docker 进行演示
docker provider docs
每个 Terraform 模块必须声明它需要哪些 provider, 以便 Terraform 可以安装和使用。
提供者要求在一个 required_providers 块中声明。
配置 provider,关键字 provider
如果是使用云平台的配置,还可以配置多个相同名称的 provider,使用 alias 进行区分
Resource
Resource 来自于 provider,是Terraform 中最重要的元素,每个资源块描述一个或多个基础对象,比如镜像、网络、存储卷等等
资源名称必须以字母或下划线开头,并且只能包含字母、数字、下划线和破折号
示例:
我们本次演示使用服务器本地 docker 环境进行演示
docker provider docs
使用Terraform 运行 nginx容器
创建 nginx数据目录
mkdir -p /data/nginx_home
echo 123 > /data/nginx_home/index.html
TF操作步骤:
1.初始化安装Terraform
2.定义nginx 容器的资源tf文件
定义provider(main.tf)
terraform {
required_providers {
docker = {
source = "kreuzwerker/docker"
version = "~> 2.13.0"
}
}
}
provider "docker" {}
定义docker镜像(nginx.tf)
resource "docker_image" "nginx" {
name = "nginx:latest"
keep_locally = true //资源销毁后不会删除本地镜像
}
resource "docker_container" "nginx" {
image = docker_image.nginx.name
name = "nginx_test"
ports {
internal = 80
external = 8000
}
volumes{
container_path = "/usr/share/nginx/html"
host_path = "/data/nginx_home"
}
}
3.terraform init 初始化
4.terraform plan 预览
root@tf:~/nginx-tf# terraform plan
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# docker_container.nginx will be created
+ resource "docker_container" "nginx" {
+ attach = false
+ bridge = (known after apply)
+ command = (known after apply)
+ container_logs = (known after apply)
+ entrypoint = (known after apply)
+ env = (known after apply)
+ exit_code = (known after apply)
+ gateway = (known after apply)
+ hostname = (known after apply)
+ id = (known after apply)
+ image = "nginx:latest"
+ init = (known after apply)
+ ip_address = (known after apply)
+ ip_prefix_length = (known after apply)
+ ipc_mode = (known after apply)
+ log_driver = "json-file"
+ logs = false
+ must_run = true
+ name = "nginx_test"
+ network_data = (known after apply)
+ read_only = false
+ remove_volumes = true
+ restart = "no"
+ rm = false
+ security_opts = (known after apply)
+ shm_size = (known after apply)
+ start = true
+ stdin_open = false
+ tty = false
+ healthcheck {
+ interval = (known after apply)
+ retries = (known after apply)
+ start_period = (known after apply)
+ test = (known after apply)
+ timeout = (known after apply)
}
+ labels {
+ label = (known after apply)
+ value = (known after apply)
}
+ ports {
+ external = 80
+ internal = 80
+ ip = "0.0.0.0"
+ protocol = "tcp"
}
+ volumes {
+ container_path = "/usr/share/nginx/html"
+ host_path = "/data/nginx_home"
}
}
# docker_image.nginx will be created
+ resource "docker_image" "nginx" {
+ id = (known after apply)
+ keep_locally = true
+ latest = (known after apply)
+ name = "nginx:latest"
+ output = (known after apply)
+ repo_digest = (known after apply)
}
Plan: 2 to add, 0 to change, 0 to destroy.
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform
apply" now.
5.terraform apply 部署
root@tf:~/nginx-tf# terraform apply
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# docker_container.nginx will be created
+ resource "docker_container" "nginx" {
+ attach = false
+ bridge = (known after apply)
+ command = (known after apply)
+ container_logs = (known after apply)
+ entrypoint = (known after apply)
+ env = (known after apply)
+ exit_code = (known after apply)
+ gateway = (known after apply)
+ hostname = (known after apply)
+ id = (known after apply)
+ image = "nginx:latest"
+ init = (known after apply)
+ ip_address = (known after apply)
+ ip_prefix_length = (known after apply)
+ ipc_mode = (known after apply)
+ log_driver = "json-file"
+ logs = false
+ must_run = true
+ name = "nginx_test"
+ network_data = (known after apply)
+ read_only = false
+ remove_volumes = true
+ restart = "no"
+ rm = false
+ security_opts = (known after apply)
+ shm_size = (known after apply)
+ start = true
+ stdin_open = false
+ tty = false
+ healthcheck {
+ interval = (known after apply)
+ retries = (known after apply)
+ start_period = (known after apply)
+ test = (known after apply)
+ timeout = (known after apply)
}
+ labels {
+ label = (known after apply)
+ value = (known after apply)
}
+ ports {
+ external = 8000
+ internal = 80
+ ip = "0.0.0.0"
+ protocol = "tcp"
}
+ volumes {
+ container_path = "/usr/share/nginx/html"
+ host_path = "/data/nginx_home"
}
}
# docker_image.nginx will be created
+ resource "docker_image" "nginx" {
+ id = (known after apply)
+ keep_locally = true
+ latest = (known after apply)
+ name = "nginx:latest"
+ output = (known after apply)
+ repo_digest = (known after apply)
}
Plan: 2 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
docker_image.nginx: Creating...
docker_image.nginx: Still creating... [10s elapsed]
docker_image.nginx: Still creating... [20s elapsed]
docker_image.nginx: Still creating... [30s elapsed]
docker_image.nginx: Creation complete after 39s [id=sha256:12766a6745eea133de9fdcd03ff720fa971fdaf21113d4bc72b417c123b15619nginx:latest]
docker_container.nginx: Creating...
docker_container.nginx: Creation complete after 1s [id=1cb955e261d45f2501521e51c15abee7afd37a909cd4226ba3c4857bf354a175]
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
6.docker ps 验证
root@tf:~/nginx-tf# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1cb955e261d4 nginx:latest "/docker-entrypoint.…" About a minute ago Up About a minute 0.0.0.0:80->80/tcp nginx_test
