阿里云CDN产品已经接入Terraform,可以通过Terraform来实现快速配置。本文介绍如何使用Terraform添加CDN域名,并且为域名添加功能配置。
前提条件
- 已完成Terraform的安装与配置,Terraform支持常见的macOS、Windows、Linux操作系统,具体操作请参见在本地安装和配置Terraform。
- 若本地未安装Terraform,您可以通过Cloud Shell配置Terraform。阿里云Cloud Shell是一款帮助提升运维效率的免费产品,预装了Terraform的组件,并配置好身份凭证(credentials),因此您可直接在Cloud Shell中运行Terraform的命令。具体操作请参见在Cloud Shell中使用Terraform。
操作步骤
说明 以下的操作流程以在Cloud Shell中使用Terraform添加并配置CDN域名进行演示。
- 打开浏览器,访问Cloud Shell的地址https://shell.aliyun.com。
更多Cloud Shell入口及使用请参见使用云命令行。
- 登录Cloud Shell。
- 编写Terraform模板。
Terraform模板可以用于初始化provider和添加resource配置,使用Terraform配置语法编写之后以 .tf 后缀保存为资源文件。
您可以在Terraform官网的alicloud页面上查看添加和配置阿里云CDN域名的语法规则。
使用vim命令直接编写模板:shell@Alicloud:~$ vim provider.tf以下为provider.tf文件的示例内容:# 定义provider是阿里云 provider "alicloud" {} # 添加一个加速域名 resource "alicloud_cdn_domain_new" "domain" { domain_name = "yourcdndomain.example.com" cdn_type = "download" scope = "overseas" sources { content = "172.16.0.1" type = "ipaddr" priority = "20" port = 80 weight = "15" } } # 为加速域名配置一个访问IP白名单 resource "alicloud_cdn_domain_config" "config" { domain_name = alicloud_cdn_domain_new.domain.domain_name function_name = "ip_allow_list_set" function_args { arg_name = "ip_list" arg_value = "192.168.0.1" } } - 执行terraform init命令初始化配置。此步骤中,Terraform会自动检测 .tf 文件中的provider字段,然后发送请求到Terraform官方GitHub下载最新版本相关资源的模块和插件。若打印如下信息,则表示初始化成功。
* provider.alicloud: version = "~> 1.171" Terraform has been successfully initialized! - 执行terraform plan命令预览配置,用于校验配置。
shell@Alicloud:~$ terraform plan Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ------------------------------------------------------------------------ An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_cdn_domain_config.config will be created + resource "alicloud_cdn_domain_config" "config" { + config_id = (known after apply) + domain_name = "yourcdndomain.example.com" + function_name = "ip_allow_list_set" + id = (known after apply) + status = (known after apply) + function_args { + arg_name = "ip_list" + arg_value = "192.168.0.1" } } # alicloud_cdn_domain_new.domain will be created + resource "alicloud_cdn_domain_new" "domain" { + cdn_type = "download" + cname = (known after apply) + domain_name = "yourcdndomain.example.cn" + id = (known after apply) + resource_group_id = (known after apply) + scope = "overseas" + certificate_config { + cert_name = (known after apply) + cert_type = (known after apply) + force_set = (known after apply) + private_key = (sensitive value) + server_certificate = (sensitive value) + server_certificate_status = (known after apply) } + sources { + content = "172.16.0.1" + port = 80 + priority = 20 + type = "ipaddr" } } Plan: 2 to add, 0 to change, 0 to destroy. - 执行terraform apply添加CDN加速域名和对应的配置。
运行apply命令以后,还需要校对配置,确认无误后输入yes二次确认,然后就开始执行,接着等待几分钟。
说明 参数前面的+代表新添加的资源,当销毁资源时,参数前面对应的符号会变为-;更改一些参数需要重新部署资源时,该资源前面的符号为-/+;在旧参数和新参数内容之间有→符号标识。shell@Alicloud:~$ terraform apply An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_cdn_domain_config.config will be created + resource "alicloud_cdn_domain_config" "config" { + config_id = (known after apply) + domain_name = "yourcdndomain.example.com" + function_name = "ip_allow_list_set" + id = (known after apply) + status = (known after apply) + function_args { + arg_name = "ip_list" + arg_value = "192.168.0.1" } } # alicloud_cdn_domain_new.domain will be created + resource "alicloud_cdn_domain_new" "domain" { + cdn_type = "download" + cname = (known after apply) + domain_name = "yourcdndomain.example.com" + id = (known after apply) + resource_group_id = (known after apply) + scope = "overseas" + certificate_config { + cert_name = (known after apply) + cert_type = (known after apply) + force_set = (known after apply) + private_key = (sensitive value) + server_certificate = (sensitive value) + server_certificate_status = (known after apply) } + sources { + content = "172.16.0.1" + port = 80 + priority = 20 + type = "ipaddr" } } Plan: 2 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes alicloud_cdn_domain_new.domain: Creating... alicloud_cdn_domain_new.domain: Still creating... [10s elapsed] alicloud_cdn_domain_new.domain: Still creating... [20s elapsed] alicloud_cdn_domain_new.domain: Still creating... [30s elapsed] alicloud_cdn_domain_new.domain: Still creating... [40s elapsed] - 命令执行成功之后,将会看到以下的命令提示,也可以登录CDN控制台上查看已经添加的加速域名及其配置。
alicloud_cdn_domain_new.domain: Still creating... [7m10s elapsed] alicloud_cdn_domain_new.domain: Still creating... [7m20s elapsed] alicloud_cdn_domain_new.domain: Creation complete after 7m24s [id=yourcdndomain.example.com] alicloud_cdn_domain_config.config: Creating... alicloud_cdn_domain_config.config: Still creating... [10s elapsed] alicloud_cdn_domain_config.config: Still creating... [20s elapsed] alicloud_cdn_domain_config.config: Still creating... [30s elapsed] alicloud_cdn_domain_config.config: Creation complete after 36s [id=yourcdndomain.example.com:ip_allow_list_set:238025248620544] Apply complete! Resources: 2 added, 0 changed, 0 destroyed. shell@Alicloud:~$