通过Terraform配置和管理RDS Custom-阿里云帮助中心

Terraform是一种开源工具，用于安全高效地预览、配置和管理云基础架构和资源。本文为您演示如何通过Terraform创建RDS Custom实例。

支持资源列表

支持Terraform编排和使用的RDS Custom资源清单如下，更多信息请参见RDS。如果您还不了解Terraform，请参见Terraform产品介绍。

RDS Custom资源	说明	使用示例
alicloud_rds_custom	管理RDS Custom实例资源。	创建RDS Custom实例停止RDS Custom实例升降配RDS Custom实例启动RDS Custom实例退订RDS Custom实例
alicloud_rds_custom_deployment_set	管理RDS Custom部署集资源。	创建RDS Custom部署集删除RDS Custom部署集

配置权限

使用Terraform，您需要一个阿里云账号和账号的访问密钥（AccessKey）。为确保您的阿里云账号及云资源使用安全，如非必要应避免直接使用阿里云主账号来访问云数据库RDS。建议您创建一个RAM用户，获取该用户的AccessKey，并向其授予相应权限。

创建RAM用户：
1. 访问RAM用户列表，单击创建用户。
2. 设置登录名称为rds-test-operator，选择访问方式为使用永久 AccessKey 访问。
3. 单击确定，创建RAM用户并保存AccessKey ID与AccessKey Secret信息。
完成授权：
1. 访问RAM用户列表，单击目标RAM用户操作列的添加权限。
2. 为该RAM用户添加如下权限。
  - AliyunRDSFullAccess：管理云数据库服务（RDS）的权限。
  - AliyunECSFullAccess：管理云服务器服务（ECS）的权限。
  - AliyunBSSOrderAccess：在费用中心（BSS）查看订单、支付订单及取消订单的权限。
  - AliyunVPCFullAccess：具有VPC的完全控制权限。
  - AliyunCloudShellFullAccess：管理云命令行（cloudshell）的权限。
  说明
  本文以使用阿里云Cloud Shell创建RDS Custom实例为例，您也可以按需选择权限策略或进行自定义策略，更多信息请参见创建自定义权限策略。
单击确认新增授权，完成授权操作。

操作步骤

准备Terraform运行环境

您可以选择以下任意方式来使用Terraform，本文以阿里云Cloud Shell为例。

Cloud Shell：阿里云Cloud Shell中预装了Terraform的组件，并已配置好身份凭证，您可直接在Cloud Shell中运行Terraform的命令。适用于低成本、快速、便捷地访问和使用Terraform的场景。
在Terraform Explorer中使用Terraform：阿里云提供了Terraform的在线运行环境，您无需安装Terraform，登录后即可在线使用和体验Terraform。适用于零成本、快速、便捷地体验和调试Terraform的场景。
在本地安装和配置Terraform：适用于网络连接较差或需要自定义开发环境的场景。

编写并运行模板

Terraform通过命令实现对Terraform模板中所定义的资源进行创建、修改、查看和删除。本文以创建RDS Custom实例为例进行说明。

登录Cloud Shell。

编写Terraform模板，命名为main.tf，并增加如下信息。

您可以使用vim命令直接编写模板，如果开通了OSS存储，您可以直接将配置模板上传到为Cloud Shell创建的bucket中。

main.tf内容

variable "name" {
  default = "terraform-example"
}

provider "alicloud" {
  region = "cn-chengdu"
}

variable "example_zone_id" {
  default = "cn-chengdu-b"
}

data "alicloud_resource_manager_resource_groups" "default" {}

data "alicloud_vpcs" "default" {
}
data "alicloud_vswitches" "default" {
  vpc_id  = data.alicloud_vpcs.default.ids.0
  zone_id = var.example_zone_id
}

resource "alicloud_vpc" "vpcId" {
  cidr_block = "172.16.0.0/12"
}

resource "alicloud_vswitch" "vSwitchId" {
  vpc_id       = alicloud_vpc.vpcId.id
  cidr_block   = "172.16.5.0/24"
  zone_id      = var.example_zone_id
  vswitch_name = format("%s1", var.name)
}

resource "alicloud_security_group" "securityGroupId" {
  vpc_id = alicloud_vpc.vpcId.id
}


resource "alicloud_ecs_key_pair" "KeyPairName" {
  key_pair_name = format("%s6", var.name)
}

resource "alicloud_rds_custom" "default" {
  data_disk {
    category          = "cloud_essd"
    size              = "50"
    performance_level = "PL1"
  }

  host_name         = "1731641300"
  description       = var.name
  instance_type     = "mysql.x2.xlarge.6cm"
  password          = "example@12356"
  amount            = "1"
  io_optimized      = "optimized"
  resource_group_id = data.alicloud_resource_manager_resource_groups.default.ids.0
  status            = "Running"
  system_disk {
    category = "cloud_essd"
    size     = "40"
  }

  auto_pay                   = "true"
  security_group_ids = [
    alicloud_security_group.securityGroupId.id
  ]
  instance_charge_type          = "Prepaid"
  vswitch_id                    = alicloud_vswitch.vSwitchId.id
  key_pair_name                 = alicloud_ecs_key_pair.KeyPairName.key_pair_name
  zone_id                       = var.example_zone_id
  auto_renew                    = "false"
  period                        = "1"
  image_id                      = "aliyun_2_1903_x64_20G_alibase_20240628.vhd"
  security_enhancement_strategy = "Active"
  period_unit                   = "Month"
}

本文以成都地域为例，在运行之前您需要添加对应环境变量。
```
export ALICLOUD_REGION="cn-chengdu" 
```
执行terraform init命令初始化配置。
当返回结果中出现Terraform has been successfully initialized!时，表示初始化已成功完成。

执行terraform plan命令预览配置。

预览结果

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

data.alicloud_resource_manager_resource_groups.default: Refreshing state...
data.alicloud_vpcs.default: Refreshing state...
data.alicloud_vswitches.default: Refreshing state...

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # alicloud_ecs_key_pair.KeyPairName will be created
  + resource "alicloud_ecs_key_pair" "KeyPairName" {
      + create_time       = (known after apply)
      + finger_print      = (known after apply)
      + id                = (known after apply)
      + key_name          = (known after apply)
      + key_pair_name     = "terraform-example6"
      + resource_group_id = (known after apply)
    }

  # alicloud_rds_custom.default will be created
  + resource "alicloud_rds_custom" "default" {
      + amount                        = 1
      + auto_pay                      = true
      + auto_renew                    = false
      + description                   = "terraform-example"
      + host_name                     = "1731641300"
      + id                            = (known after apply)
      + image_id                      = "aliyun_2_1903_x64_20G_alibase_20240628.vhd"
      + instance_charge_type          = "Prepaid"
      + instance_type                 = "mysql.x2.xlarge.6cm"
      + io_optimized                  = "optimized"
      + key_pair_name                 = "terraform-example6"
      + password                      = "example@12356"
      + period                        = 1
      + period_unit                   = "Month"
      + region_id                     = (known after apply)
      + resource_group_id             = "rg-acfmxwnpshr****"
      + security_enhancement_strategy = "Active"
      + security_group_ids            = (known after apply)
      + status                        = "Running"
      + vswitch_id                    = (known after apply)
      + zone_id                       = "cn-chengdu-b"

      + data_disk {
          + category          = "cloud_essd"
          + performance_level = "PL1"
          + size              = 50
        }

      + system_disk {
          + category = "cloud_essd"
          + size     = "40"
        }
    }

  # alicloud_security_group.securityGroupId will be created
  + resource "alicloud_security_group" "securityGroupId" {
      + create_time         = (known after apply)
      + id                  = (known after apply)
      + inner_access        = (known after apply)
      + inner_access_policy = (known after apply)
      + name                = (known after apply)
      + security_group_name = (known after apply)
      + security_group_type = (known after apply)
      + vpc_id              = (known after apply)
    }

  # alicloud_vpc.vpcId will be created
  + resource "alicloud_vpc" "vpcId" {
      + cidr_block            = "172.16.0.0/12"
      + create_time           = (known after apply)
      + dns_hostname_status   = (known after apply)
      + id                    = (known after apply)
      + ipv6_cidr_block       = (known after apply)
      + ipv6_cidr_blocks      = (known after apply)
      + name                  = (known after apply)
      + region_id             = (known after apply)
      + resource_group_id     = (known after apply)
      + route_table_id        = (known after apply)
      + router_id             = (known after apply)
      + router_table_id       = (known after apply)
      + secondary_cidr_blocks = (known after apply)
      + status                = (known after apply)
      + user_cidrs            = (known after apply)
      + vpc_name              = (known after apply)
    }

  # alicloud_vswitch.vSwitchId will be created
  + resource "alicloud_vswitch" "vSwitchId" {
      + availability_zone    = (known after apply)
      + cidr_block           = "172.16.5.0/24"
      + create_time          = (known after apply)
      + id                   = (known after apply)
      + ipv6_cidr_block      = (known after apply)
      + ipv6_cidr_block_mask = (known after apply)
      + name                 = (known after apply)
      + status               = (known after apply)
      + vpc_id               = (known after apply)
      + vswitch_name         = "terraform-example1"
      + zone_id              = "cn-chengdu-b"
    }

Plan: 5 to add, 0 to change, 0 to destroy.

执行terraform apply根据模板配置创建RDS Custom实例。

当出现如下内容时，输入yes继续创建。

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value:

当出现Apply complete!时，表示创建成功。

......
alicloud_rds_custom.default: Still creating... [3m0s elapsed]
alicloud_rds_custom.default: Creation complete after 3m6s [id=rc-r9b0jievjz3u18s6****]

Apply complete! Resources: 5 added, 0 changed, 0 destroyed.

查看结果。
登录RDS管理控制台，在左侧导航栏单击RDS Custom > Custom实例列表，然后在上方选择地域，查看已创建的RDS Custom实例。

清理资源

当您不再需要上述通过Terraform创建或管理的资源时，请执行以下操作以释放资源。

停止RDS Custom实例。
执行如下命令，清理所有资源。关于terraform destroy的更多信息，请参见Terraform常用命令。
```
terraform destroy
```
当出现如下内容时，输入yes继续清理。
```
Do you really want to destroy all resources?
  Terraform will destroy all your managed infrastructure, as shown above.
  There is no undo. Only 'yes' will be accepted to confirm.

  Enter a value: 
```
当出现Destroy complete! 时，表示资源清理成功。

附录：Terraform示例

以上文中所创建的RDS Custom实例为例，通过修改main.tf文件的内容来管理RDS Custom实例。

重要

修改了main.tf文件的内容后，需要按照上文步骤依次执行terraform plan和terraform apply使配置生效。
实例配置生效后，可以在RDS管理控制台的RDS Custom中查看相应的变更。

停止RDS Custom实例

修改上文main.tf文件中resource "alicloud_rds_custom" "default" {}的status配置项，具体配置如下：

...
resource "alicloud_rds_custom" "default" {
...
  status            = "Stopped"
}

完整main.tf文件示例：

variable "name" {
  default = "terraform-example"
}

provider "alicloud" {
  region = "cn-chengdu"
}

variable "example_zone_id" {
  default = "cn-chengdu-b"
}

data "alicloud_resource_manager_resource_groups" "default" {}

data "alicloud_vpcs" "default" {
}
data "alicloud_vswitches" "default" {
  vpc_id  = data.alicloud_vpcs.default.ids.0
  zone_id = var.example_zone_id
}

resource "alicloud_vpc" "vpcId" {
  cidr_block = "172.16.0.0/12"
}

resource "alicloud_vswitch" "vSwitchId" {
  vpc_id       = alicloud_vpc.vpcId.id
  cidr_block   = "172.16.5.0/24"
  zone_id      = var.example_zone_id
  vswitch_name = format("%s1", var.name)
}

resource "alicloud_security_group" "securityGroupId" {
  vpc_id = alicloud_vpc.vpcId.id
}


resource "alicloud_ecs_key_pair" "KeyPairName" {
  key_pair_name = format("%s6", var.name)
}

resource "alicloud_rds_custom" "default" {
  data_disk {
    category          = "cloud_essd"
    size              = "50"
    performance_level = "PL1"
  }

  host_name         = "1731641300"
  description       = var.name
  instance_type     = "mysql.x2.xlarge.6cm"
  password          = "example@12356"
  amount            = "1"
  io_optimized      = "optimized"
  resource_group_id = data.alicloud_resource_manager_resource_groups.default.ids.0
  status            = "Stopped"
  system_disk {
    category = "cloud_essd"
    size     = "40"
  }

  auto_pay                   = "true"
  security_group_ids = [
    alicloud_security_group.securityGroupId.id
  ]
  instance_charge_type          = "Prepaid"
  vswitch_id                    = alicloud_vswitch.vSwitchId.id
  key_pair_name                 = alicloud_ecs_key_pair.KeyPairName.key_pair_name
  zone_id                       = var.example_zone_id
  auto_renew                    = "false"
  period                        = "1"
  image_id                      = "aliyun_2_1903_x64_20G_alibase_20240628.vhd"
  security_enhancement_strategy = "Active"
  period_unit                   = "Month"
}

升降配RDS Custom实例

以将实例规格由mysql.x2.xlarge.6cm升级到mysql.x4.xlarge.6cm为例。

修改上文main.tf文件中resource "alicloud_rds_custom" "default" {}中的instance_type配置项，并增加direction配置项，具体配置如下：

...
resource "alicloud_rds_custom" "default" {
...
  instance_type     = "mysql.x4.xlarge.6cm"
  direction         = "Up"
}

完整main.tf文件示例：

variable "name" {
  default = "terraform-example"
}

provider "alicloud" {
  region = "cn-chengdu"
}

variable "example_zone_id" {
  default = "cn-chengdu-b"
}

data "alicloud_resource_manager_resource_groups" "default" {}

data "alicloud_vpcs" "default" {
}
data "alicloud_vswitches" "default" {
  vpc_id  = data.alicloud_vpcs.default.ids.0
  zone_id = var.example_zone_id
}

resource "alicloud_vpc" "vpcId" {
  cidr_block = "172.16.0.0/12"
}

resource "alicloud_vswitch" "vSwitchId" {
  vpc_id       = alicloud_vpc.vpcId.id
  cidr_block   = "172.16.5.0/24"
  zone_id      = var.example_zone_id
  vswitch_name = format("%s1", var.name)
}

resource "alicloud_security_group" "securityGroupId" {
  vpc_id = alicloud_vpc.vpcId.id
}


resource "alicloud_ecs_key_pair" "KeyPairName" {
  key_pair_name = format("%s6", var.name)
}

resource "alicloud_rds_custom" "default" {
  data_disk {
    category          = "cloud_essd"
    size              = "50"
    performance_level = "PL1"
  }

  host_name         = "1731641300"
  description       = var.name
  instance_type     = "mysql.x4.xlarge.6cm"
  direction         = "Up"
  password          = "example@12356"
  amount            = "1"
  io_optimized      = "optimized"
  resource_group_id = data.alicloud_resource_manager_resource_groups.default.ids.0
  status            = "Stopped"
  system_disk {
    category = "cloud_essd"
    size     = "40"
  }

  auto_pay                   = "true"
  security_group_ids = [
    alicloud_security_group.securityGroupId.id
  ]
  instance_charge_type          = "Prepaid"
  vswitch_id                    = alicloud_vswitch.vSwitchId.id
  key_pair_name                 = alicloud_ecs_key_pair.KeyPairName.key_pair_name
  zone_id                       = var.example_zone_id
  auto_renew                    = "false"
  period                        = "1"
  image_id                      = "aliyun_2_1903_x64_20G_alibase_20240628.vhd"
  security_enhancement_strategy = "Active"
  period_unit                   = "Month"
}

启动RDS Custom实例

修改上文main.tf文件中resource "alicloud_rds_custom" "default" {}的status配置项，具体配置如下：

...
resource "alicloud_rds_custom" "default" {
...
  status            = "Running"
}

完整main.tf文件示例：

variable "name" {
  default = "terraform-example"
}

provider "alicloud" {
  region = "cn-chengdu"
}

variable "example_zone_id" {
  default = "cn-chengdu-b"
}

data "alicloud_resource_manager_resource_groups" "default" {}

data "alicloud_vpcs" "default" {
}
data "alicloud_vswitches" "default" {
  vpc_id  = data.alicloud_vpcs.default.ids.0
  zone_id = var.example_zone_id
}

resource "alicloud_vpc" "vpcId" {
  cidr_block = "172.16.0.0/12"
}

resource "alicloud_vswitch" "vSwitchId" {
  vpc_id       = alicloud_vpc.vpcId.id
  cidr_block   = "172.16.5.0/24"
  zone_id      = var.example_zone_id
  vswitch_name = format("%s1", var.name)
}

resource "alicloud_security_group" "securityGroupId" {
  vpc_id = alicloud_vpc.vpcId.id
}


resource "alicloud_ecs_key_pair" "KeyPairName" {
  key_pair_name = format("%s6", var.name)
}

resource "alicloud_rds_custom" "default" {
  data_disk {
    category          = "cloud_essd"
    size              = "50"
    performance_level = "PL1"
  }

  host_name         = "1731641300"
  description       = var.name
  instance_type     = "mysql.x4.xlarge.6cm"
  direction         = "Up"
  password          = "example@12356"
  amount            = "1"
  io_optimized      = "optimized"
  resource_group_id = data.alicloud_resource_manager_resource_groups.default.ids.0
  status            = "Running"
  system_disk {
    category = "cloud_essd"
    size     = "40"
  }

  auto_pay                   = "true"
  security_group_ids = [
    alicloud_security_group.securityGroupId.id
  ]
  instance_charge_type          = "Prepaid"
  vswitch_id                    = alicloud_vswitch.vSwitchId.id
  key_pair_name                 = alicloud_ecs_key_pair.KeyPairName.key_pair_name
  zone_id                       = var.example_zone_id
  auto_renew                    = "false"
  period                        = "1"
  image_id                      = "aliyun_2_1903_x64_20G_alibase_20240628.vhd"
  security_enhancement_strategy = "Active"
  period_unit                   = "Month"
}

退订RDS Custom实例

通过执行terraform destroy命令，可以清除所有由上述main.tf文件所创建的RDS Custom实例及其他资源。

停止RDS Custom实例。
执行如下命令，清理所有资源。关于terraform destroy的更多信息，请参见Terraform常用命令。
```
terraform destroy
```
当出现如下内容时，输入yes继续清理。
```
Do you really want to destroy all resources?
  Terraform will destroy all your managed infrastructure, as shown above.
  There is no undo. Only 'yes' will be accepted to confirm.

  Enter a value: 
```
当出现Destroy complete! 时，表示资源清理成功。

创建RDS Custom部署集

在上文main.tf文件中，删除所有配置项，增加resource "alicloud_rds_custom_deployment_set" "default" {}配置项，示例如下。

resource "alicloud_rds_custom_deployment_set" "default" {
  custom_deployment_set_name            = "deployment_test_01"
  description                           = "2025-03-10 13:40:42"
  on_unable_to_redeploy_failed_instance = "CancelMembershipAndStart"
  strategy                              = "Availability"
}

完整main.tf文件示例：

provider "alicloud" {
  region = "cn-chengdu"
}

resource "alicloud_rds_custom_deployment_set" "default" {
  custom_deployment_set_name            = "deployment_test_01"
  description                           = "2025-03-10 13:40:42"
  on_unable_to_redeploy_failed_instance = "CancelMembershipAndStart"
  strategy                              = "Availability"
}

删除RDS Custom部署集

通过执行terraform destroy命令，可以清除所有由上述main.tf文件所创建的资源。关于terraform destroy的更多信息，请参见Terraform常用命令。

terraform destroy

当出现如下内容时，输入yes继续清理。

Do you really want to destroy all resources?
  Terraform will destroy all your managed infrastructure, as shown above.
  There is no undo. Only 'yes' will be accepted to confirm.

  Enter a value:

当出现Destroy complete! 时，表示资源清理成功。