阿里云CDN产品已经接入Terraform,可以通过Terraform来实现快速配置。本文介绍如何使用Terraform为CDN域名添加规则引擎配置。
背景信息
HashiCorp Terraform 是一个IT基础架构自动化编排工具,可以用代码来管理维护 IT 资源。Terraform的命令行接口(CLI)提供一种简单机制,用于将配置文件部署到阿里云或其他任意支持的云上,并对其进行版本控制。它编写了描述云资源拓扑的配置文件中的基础结构,例如虚拟机、存储账户和网络接口。
Terraform是一个高度可扩展的工具,通过 Provider 来支持新的基础架构。Terraform能够让您在阿里云上轻松使用 简单模板语言 来定义、预览和部署云基础结构。您可以使用Terraform来创建、修改、删除ECS、VPC、RDS、SLB等多种资源。
阿里云作为中国内地第一家与 Terraform 集成的云厂商,terraform-provider-alicloud目前已经提供了超过 163 个 Resource 和 113 个 Data Source,覆盖计算,存储,网络,负载均衡,CDN,容器服务,中间件,访问控制,数据库等超过35款产品,已经满足了大量大客户的自动化上云需求。
关于Terraform的更多信息,具体请参见什么是Terraform。
前提条件
已完成Terraform的安装与配置,Terraform支持常见的macOS、Windows、Linux操作系统,具体操作请参见在本地安装和配置Terraform。
若本地未安装Terraform,您可以通过Cloud Shell配置Terraform。阿里云Cloud Shell是一款帮助提升运维效率的免费产品,预装了Terraform的组件,并配置好身份凭证(credentials),因此您可直接在Cloud Shell中运行Terraform的命令。具体操作请参见在Cloud Shell中使用Terraform。
示例说明
以下的操作流程以在Cloud Shell中使用Terraform为CDN域名添加规则引擎配置,实现对用户请求URL中URI信息包含“/*/my_path/*”的匹配和过滤。
操作步骤
打开浏览器,访问Cloud Shell的地址https://shell.aliyun.com。
更多Cloud Shell入口及使用请参见使用云命令行。
登录Cloud Shell。
说明建议您使用RAM账号登录,为确保您的阿里云账号的安全,如非必要,避免使用阿里云账号访问云资源。
编写Terraform模板。
Terraform模板可以用于初始化provider和添加resource配置,使用Terraform配置语法编写之后以
.tf后缀保存为资源文件。您可以在Terraform官网的alicloud页面上查看添加和配置阿里云CDN域名的语法规则。
使用vim命令直接编写模板:
shell@Alicloud:~$ vim add_condition_config.tf以下为
.tf文件的示例内容:说明resource参数的可选字段可以在terraform官网文档 Alibaba Cloud Provider CDN产品目录下查找到。
function_name参数的可选字段以及function_arg 的配置方法请参见域名配置功能函数。
# 定义provider是阿里云 provider "alicloud" {} # 为加速域名添加一个规则引擎配置 resource "alicloud_cdn_domain_config" "config" { domain_name = "example.com" function_name = "condition" function_args { arg_name = "rule" arg_value = "{\"match\":{\"logic\":\"and\",\"criteria\":[{\"matchType\":\"uri\",\"matchObject\":\"\",\"matchOperator\":\"contains\",\"matchValue\":[\"/*/my_path/*\"],\"caseSensitive\":true,\"negate\":false}]},\"name\":\"example\",\"status\":\"enable\"}" } }执行terraform init命令初始化配置。
此步骤中,Terraform会自动检测
.tf文件中的provider字段,然后发送请求到Terraform官方GitHub下载最新版本相关资源的模块和插件。若打印如下信息,则表示初始化成功。shell@Alicloud:~$ terraform init Initializing the backend... Initializing provider plugins... The following providers do not have any version constraints in configuration, so the latest version was installed. To prevent automatic upgrades to new major versions that may contain breaking changes, it is recommended to add version = "..." constraints to the corresponding provider blocks in configuration, with the constraint strings suggested below. * provider.alicloud: version = "~> 1.215" Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.执行terraform plan命令预览配置,用于校验配置。
shell@Alicloud:~$ terraform plan Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. alicloud_cdn_domain_config.config: Refreshing state... [id=example.com:condition:344657186060288] ------------------------------------------------------------------------ An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_cdn_domain_config.config will be created + resource "alicloud_cdn_domain_config" "config" { + config_id = (known after apply) + domain_name = "example.com" + function_name = "condition" + id = (known after apply) + status = (known after apply) + function_args { + arg_name = "rule" + arg_value = jsonencode( { + match = { + criteria = [ + { + caseSensitive = true + matchObject = "" + matchOperator = "contains" + matchType = "uri" + matchValue = [ + "/*/my_path/*", ] + negate = false }, ] + logic = "and" } + name = "example" + status = "enable" } ) } } Plan: 1 to add, 0 to change, 0 to destroy. ------------------------------------------------------------------------ Note: You didn't specify an "-out" parameter to save this plan, so Terraform can't guarantee that exactly these actions will be performed if "terraform apply" is subsequently run.执行terraform apply添加CDN加速域名和对应的配置。
运行apply命令后,还需要校对配置,确认无误后输入yes进行二次确认,然后开始执行,接着等待几分钟。
说明参数前面的
+代表新添加的资源,当销毁资源时,参数前面对应的符号会变为-;更改一些参数需要重新部署资源时,该资源前面的符号为-/+;在旧参数和新参数内容之间有→符号标识。shell@Alicloud:~$ terraform apply An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # alicloud_cdn_domain_config.config will be created + resource "alicloud_cdn_domain_config" "config" { + config_id = (known after apply) + domain_name = "example.com" + function_name = "condition" + id = (known after apply) + status = (known after apply) + function_args { + arg_name = "rule" + arg_value = jsonencode( { + match = { + criteria = [ + { + caseSensitive = true + matchObject = "" + matchOperator = "contains" + matchType = "uri" + matchValue = [ + "/*/my_path/*", ] + negate = false }, ] + logic = "and" } + name = "example" + status = "enable" } ) } } Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes alicloud_cdn_domain_config.config: Creating... alicloud_cdn_domain_config.config: Still creating... [10s elapsed] alicloud_cdn_domain_config.config: Still creating... [20s elapsed] alicloud_cdn_domain_config.config: Still creating... [30s elapsed] alicloud_cdn_domain_config.config: Still creating... [40s elapsed] alicloud_cdn_domain_config.config: Still creating... [50s elapsed] alicloud_cdn_domain_config.config: Still creating... [1m0s elapsed]命令执行成功后,将会看到以下命令提示,也可以登录CDN控制台上查看加速域名新添加的配置。
alicloud_cdn_domain_config.config: Creation complete after 1m7s [id=example.com:condition:344661009180672] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
- 本页导读 (1)