使用Terraform管理环境实例

TerraformHashiCorp公司提供的一种开源工具,用于安全高效地预览、配置和管理云基础架构和资源,帮助开发者自动化地创建、更新阿里云基础设施资源,并进行版本管理。您可以使用Terraform通过创建环境实例将云资源接入ARMS,实时监控云资源的性能指标,帮助运维团队及时解决问题以及优化系统性能。

前提条件

  • 已安装Terraform,且Terraform版本不低于v0.12.28。您可以通过terraform --version命令查看Terraform版本。

  • 已配置阿里云账号信息。

    • 方式一:添加环境变量,存放身份认证信息。

      export ALICLOUD_ACCESS_KEY="************"
      export ALICLOUD_SECRET_KEY="************"
      export ALICLOUD_REGION="cn-beijing"
    • 方式二:在配置文件的provider中指定身份认证信息。

      provider "alicloud" {
       access_key = "************"
       secret_key = "************"
       region = "cn-beijing"
      }
    说明

    为了提高权限管理的灵活性和安全性,建议您创建名为TerraformRAM用户,并为该RAM用户创建AccessKey并授权。具体操作,请参见创建RAM用户RAM用户授权

  • 已开通Prometheus服务。

创建环境实例

创建容器服务的环境实例

  1. 创建一个工作目录,并在工作目录中创建名为main.tf的配置文件。

    # provider, use alicloud
    provider "alicloud" {
    # access_key = "************"
    # secret_key = "************"
    # region = "cn-beijing"
    }
     
    # 容器服务的环境实例。
    resource "alicloud_arms_environment" "my_ack-env1" {
     environment_name = "容器服务的环境名称1"
     environment_type = "CS"
     environment_sub_type = "ACK"
     bind_resource_id = "容器服务的集群Id"
    }
  2. 执行以下命令,初始化Terraform运行环境。

    terraform init

    预期输出:

    Initializing the backend...
    
    Initializing provider plugins...
    - Checking for available provider plugins...
    - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1...
    ...
    
    You may now begin working with Terraform. Try running "terraform plan" to see
    any changes that are required for your infrastructure. All Terraform commands
    should now work.
    
    If you ever set or change modules or backend configuration for Terraform,
    rerun this command to reinitialize your working directory. If you forget, other
    commands will detect it and remind you to do so if necessary.	
  3. 执行以下命令,生成资源规划。

    terraform plan		

    预期输出:

    Refreshing Terraform state in-memory prior to plan...
    The refreshed state will be used to calculate this plan, but will not be
    persisted to local or remote state storage.
    ...
    Plan: 5 to add, 0 to change, 0 to destroy.
    ...
  4. 执行以下命令,创建实例。

    terraform apply

    预期输出:

    ...
    Do you want to perform these actions?
     Terraform will perform the actions described above.
     Only 'yes' will be accepted to approve.
    
     Enter a value: yes
    ...
    alicloud_arms_environment: Creation complete after 8m26s [id=************]
    
    Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

    提示Enter a value时,请输入yes

  5. 登录ARMS控制台,在接入管理页面的环境列表中,查看是否已成功创建容器服务环境实例。

创建ECS环境实例

  1. 创建一个工作目录,并在工作目录中创建名为main.tf的配置文件。

    #provider, use alicloud
    provider "alicloud" {
     #access_key = "************"
     #secret_key = "************"
     #region = "cn-beijing"
    }
     
    # ECS环境实例。
    resource "alicloud_arms_environment" "my_ecs-env1" {
     environment_name = "ECS环境名1"
     environment_type = "ECS"
     environment_sub_type = "ECS"
     bind_resource_id = "vpcId,如vpc-bp1jxxx"
    }
  2. 执行以下命令,初始化Terraform运行环境。

    terraform init

    预期输出:

    Initializing the backend...
    
    Initializing provider plugins...
    - Checking for available provider plugins...
    - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1...
    ...
    
    You may now begin working with Terraform. Try running "terraform plan" to see
    any changes that are required for your infrastructure. All Terraform commands
    should now work.
    
    If you ever set or change modules or backend configuration for Terraform,
    rerun this command to reinitialize your working directory. If you forget, other
    commands will detect it and remind you to do so if necessary.	
  3. 执行以下命令,生成资源规划。

    terraform plan		

    预期输出:

    Refreshing Terraform state in-memory prior to plan...
    The refreshed state will be used to calculate this plan, but will not be
    persisted to local or remote state storage.
    ...
    Plan: 5 to add, 0 to change, 0 to destroy.
    ...
  4. 执行以下命令,创建实例。

    terraform apply

    预期输出:

    ...
    Do you want to perform these actions?
     Terraform will perform the actions described above.
     Only 'yes' will be accepted to approve.
    
     Enter a value: yes
    ...
    alicloud_arms_environment: Creation complete after 8m26s [id=************]
    
    Apply complete! Resources: 3 added, 0 changed, 0 destroyed.

    提示Enter a value时,请输入yes

  5. 登录ARMS控制台,在接入管理页面的环境列表中,查看是否已成功创建ECS环境实例。

创建云服务环境实例

  1. 创建一个工作目录,并在工作目录中创建名为main.tf的配置文件。

    #provider, use alicloud
    provider "alicloud" {
     #access_key = "************"
     #secret_key = "************"
     #region = "cn-beijing"
    }
     
    # 云服务环境实例。
    resource "alicloud_arms_environment" "my_cloud-env1" {
     environment_name = "云服务环境名1"
     environment_type = "Cloud"
     environment_sub_type = "Cloud"
     bind_resource_id = "云服务实例的regionId,如cn-hangzhou"
    }
  2. 执行以下命令,初始化Terraform运行环境。

    terraform init

    预期输出:

    Initializing the backend...
    
    Initializing provider plugins...
    - Checking for available provider plugins...
    - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1...
    ...
    
    You may now begin working with Terraform. Try running "terraform plan" to see
    any changes that are required for your infrastructure. All Terraform commands
    should now work.
    
    If you ever set or change modules or backend configuration for Terraform,
    rerun this command to reinitialize your working directory. If you forget, other
    commands will detect it and remind you to do so if necessary.	
  3. 执行以下命令,生成资源规划。

    terraform plan		

    预期输出:

    Refreshing Terraform state in-memory prior to plan...
    The refreshed state will be used to calculate this plan, but will not be
    persisted to local or remote state storage.
    ...
    Plan: 5 to add, 0 to change, 0 to destroy.
    ...
  4. 执行以下命令,创建实例。

    terraform apply

    预期输出:

    ...
    Do you want to perform these actions?
     Terraform will perform the actions described above.
     Only 'yes' will be accepted to approve.
    
     Enter a value: yes
    ...
    alicloud_arms_environment: Creation complete after 8m26s [id=************]
    
    Apply complete! Resources: 4 added, 0 changed, 0 destroyed.

    提示Enter a value时,请输入yes

  5. 登录ARMS控制台,在接入管理页面的环境列表中,查看是否已成功创建云服务环境实例。

删除环境实例

  1. 执行以下命令,删除通过Terraform创建的集群。

    terraform destroy

    预期输出:

    ...
    Do you really want to destroy all resources?
     Terraform will destroy all your managed infrastructure, as shown above.
     There is no undo. Only 'yes' will be accepted to confirm.
    
     Enter a value: yes
    ...
    Destroy complete! Resources: 1 destroyed.

    提示Enter a value时,请输入yes

  2. 登录ARMS控制台,在接入管理页面的实例列表中,查看是否已成功删除对应的环境实例。