文档

网络管理

更新时间:

本文介绍如何使用Terraform申请、修改和释放RDS PostgreSQL实例的外网地址,以及查询和切换交换机。

前提条件

  • 已创建RDS PostgreSQL实例,详情请参见创建RDS PostgreSQL实例

  • 实例状态为运行中,您可以通过如下两种方式查看:

    • 参见查询实例详情查看参数status,如果取值为Runing则表示实例状态为运行中。

    • 前往RDS管理控制台,切换到目标地域,找到指定实例后,查看实例状态。

申请外网地址

  1. 在terraform.tf文件中增加resource "alicloud_db_connection" "extranet" {}配置项,具体配置如下:

    ...
    resource "alicloud_db_connection" "extranet" {
      instance_id = alicloud_db_instance.instance.id
      port  = "5432"
    }
  2. 运行terraform apply

    出现如下配置信息后,确认配置信息并输入yes,申请RDS PostgreSQL实例的外网地址。

    alicloud_db_instance.instance: Refreshing state... [id=pgm-****]
    
    Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
    following symbols:
      + create
    
    Terraform will perform the following actions:
    
      # alicloud_db_connection.extranet will be created
      + resource "alicloud_db_connection" "extranet" {
          + babelfish_port    = (known after apply)
          + connection_prefix = (known after apply)
          + connection_string = (known after apply)
          + id                = (known after apply)
          + instance_id       = "pgm-****"
          + ip_address        = (known after apply)
          + port              = "5432"
        }
    
    Plan: 1 to add, 0 to change, 0 to destroy.
    
    Do you want to perform these actions?
      Terraform will perform the actions described above.
      Only 'yes' will be accepted to approve.
    
      Enter a value:

    出现类似如下日志时,表示申请成功。

    alicloud_db_connection.extranet: Creating...
    alicloud_db_connection.extranet: Still creating... [10s elapsed]
    alicloud_db_connection.extranet: Creation complete after 11s [id=pgm-****:pgm-****]
    
    Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
  3. 查看结果。

    • 运行terraform show查看RDS PostgreSQL实例外网地址。

      # alicloud_db_connection.extranet:
      resource "alicloud_db_connection" "extranet" {
          connection_prefix = "pgm-****"
          connection_string = "pgm-****.pg.rds.aliyuncs.com"
          id                = "pgm-****:pgm-****"
          instance_id       = "pgm-****"
          ip_address        = "47.118.XX.XX"
          port              = "5432"
      }
      
      # alicloud_db_instance.instance:
      resource "alicloud_db_instance" "instance" {
          client_ca_enabled          = 0
          client_crl_enabled         = 0
          connection_string          = "pgm-****.pg.rds.aliyuncs.com"
          connection_string_prefix   = "pgm-****"
          db_instance_storage_type   = "cloud_essd"
          db_time_zone               = "Asia/Shanghai"
          deletion_protection        = false
          engine                     = "PostgreSQL"
          engine_version             = "13.0"
          force_restart              = false
          ha_config                  = "Auto"
          id                         = "pgm-****"
          instance_charge_type       = "Postpaid"
          instance_name              = "terraformtest"
          instance_storage           = 50
          instance_type              = "pg.n2.2c.2m"
          maintain_time              = "05:00Z-06:00Z"
          monitoring_period          = 300
          period                     = 0
          port                       = "5432"
          private_ip_address         = "172.16.XX.XX"
          resource_group_id          = "rg-****"
          security_group_ids         = []
          security_ip_mode           = "normal"
          security_ips               = [
              "127.0.0.1",
          ]
          sql_collector_config_value = 30
          sql_collector_status       = "Disabled"
          storage_auto_scale         = "Enable"
          storage_threshold          = 30
          storage_upper_bound        = 100
          target_minor_version       = "rds_postgres_1300_20220830"
          tcp_connection_type        = "SHORT"
          vpc_id                     = "vpc-****"
          vswitch_id                 = "vsw-"
          zone_id                    = "cn-hangzhou-j"
      
          pg_hba_conf {
              address     = "127.0.0.1"
              database    = "all"
              method      = "md5"
              priority_id = 1
              type        = "host"
              user        = "all"
          }
      }
    • 登录RDS控制台查看RDS PostgreSQL实例的外网连接地址。外网地址

修改外网地址

以修改RDS PostgreSQL实例外网地址的前缀改为pgtest为例。

  1. 在terraform.tf文件的resource "alicloud_db_connection" "extranet" {}中增加connection_prefix配置项,具体配置如下:

    ...
    resource "alicloud_db_connection" "extranet" {
    ...
      connection_prefix = "pgtest"
    }
  2. 运行terraform apply

    出现如下配置信息后,确认配置信息并输入yes,修改RDS PostgreSQL实例的外网地址。

    alicloud_db_instance.instance: Refreshing state... [id=pgm-****]
    alicloud_db_connection.extranet: Refreshing state... [id=pgm-****:pgm-bp143e6726f28lnatf]
    
    Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
    following symbols:
    -/+ destroy and then create replacement
    
    Terraform will perform the following actions:
    
      # alicloud_db_connection.extranet must be replaced
    -/+ resource "alicloud_db_connection" "extranet" {
          + babelfish_port    = (known after apply)
          ~ connection_prefix = "pgm-****" -> "pgtest" # forces replacement
          ~ connection_string = "pgm-****.pg.rds.aliyuncs.com" -> (known after apply)
          ~ id                = "pgm-****:pgm-****" -> (known after apply)
          ~ ip_address        = "47.118.XX.XX" -> (known after apply)
            # (2 unchanged attributes hidden)
        }
    
    Plan: 1 to add, 0 to change, 1 to destroy.
    
    Do you want to perform these actions?
      Terraform will perform the actions described above.
      Only 'yes' will be accepted to approve.
    
      Enter a value:

    出现类似如下日志时,表示修改成功。

    alicloud_db_connection.extranet: Destroying... [id=pgm-****:pgm-****]
    alicloud_db_connection.extranet: Destruction complete after 1s
    alicloud_db_connection.extranet: Creating...
    alicloud_db_connection.extranet: Still creating... [10s elapsed]
    alicloud_db_connection.extranet: Creation complete after 15s [id=pgm-****:pgtest]
    
    Apply complete! Resources: 1 added, 0 changed, 1 destroyed.
  3. 查看结果。

    • 运行terraform show查看RDS PostgreSQL实例外网地址。

      # alicloud_db_connection.extranet:
      resource "alicloud_db_connection" "extranet" {
          connection_prefix = "pgtest"
          connection_string = "pgtest.pg.rds.aliyuncs.com"
          id                = "pgm-****:pgtest"
          instance_id       = "pgm-****"
          ip_address        = "47.118.XX.XX"
          port              = "5432"
      }
      
      # alicloud_db_instance.instance:
      resource "alicloud_db_instance" "instance" {
          client_ca_enabled          = 0
          client_crl_enabled         = 0
          connection_string          = "pgm-****.pg.rds.aliyuncs.com"
          connection_string_prefix   = "pgm-****"
          db_instance_storage_type   = "cloud_essd"
          db_time_zone               = "Asia/Shanghai"
          deletion_protection        = false
          engine                     = "PostgreSQL"
          engine_version             = "13.0"
          force_restart              = false
          ha_config                  = "Auto"
          id                         = "pgm-****"
          instance_charge_type       = "Postpaid"
          instance_name              = "terraformtest"
          instance_storage           = 50
          instance_type              = "pg.n2.2c.2m"
          maintain_time              = "05:00Z-06:00Z"
          monitoring_period          = 300
          period                     = 0
          port                       = "5432"
          private_ip_address         = "172.16.XX.XX"
          resource_group_id          = "rg-****"
          security_group_ids         = []
          security_ip_mode           = "normal"
          security_ips               = [
              "127.0.0.1",
          ]
          sql_collector_config_value = 30
          sql_collector_status       = "Disabled"
          storage_auto_scale         = "Enable"
          storage_threshold          = 30
          storage_upper_bound        = 100
          target_minor_version       = "rds_postgres_1300_20220830"
          tcp_connection_type        = "SHORT"
          vpc_id                     = "vpc-****"
          vswitch_id                 = "vsw-****"
          zone_id                    = "cn-hangzhou-j"
      
          pg_hba_conf {
              address     = "127.0.0.1"
              database    = "all"
              method      = "md5"
              priority_id = 1
              type        = "host"
              user        = "all"
          }
      }
    • 登录RDS控制台查看RDS PostgreSQL实例的外网连接地址。外网连接地址改后

释放外网地址

  1. 在terraform.tf文件中,删除resource "alicloud_db_connection" "extranet" {}配置项的内容,例如,删除如下信息:

    ...
    resource "alicloud_db_connection" "extranet" {
      instance_id = alicloud_db_instance.instance.id
      port  = "5432"
      connection_prefix = "pgtest"
    }
  2. 运行terraform apply

    出现如下配置信息后,确认配置信息并输入yes,开始释放RDS PostgreSQL实例的外网地址。

    alicloud_db_connection.extranet: Refreshing state... [id=pgm-****:pgtest]
    alicloud_db_instance.instance: Refreshing state... [id=pgm-****]
    
    Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
    following symbols:
      - destroy
    
    Terraform will perform the following actions:
    
      # alicloud_db_connection.extranet will be destroyed
      # (because alicloud_db_connection.extranet is not in configuration)
      - resource "alicloud_db_connection" "extranet" {
          - connection_prefix = "pgtest" -> null
          - connection_string = "pgtest.pg.rds.aliyuncs.com" -> null
          - id                = "pgm-****:pgtest" -> null
          - instance_id       = "pgm-****" -> null
          - ip_address        = "47.118.XX.XX" -> null
          - port              = "5432" -> null
        }
    
    Plan: 0 to add, 0 to change, 1 to destroy.
    
    Do you want to perform these actions?
      Terraform will perform the actions described above.
      Only 'yes' will be accepted to approve.
    
      Enter a value:

    出现类似如下日志时,表示释放外网地址成功。

    alicloud_db_connection.extranet: Destroying... [id=pgm-****:pgtest]
    alicloud_db_connection.extranet: Destruction complete after 1s
    
    Apply complete! Resources: 0 added, 0 changed, 1 destroyed.
  3. 查看结果。

    • 运行terraform show查看RDS PostgreSQL实例外网地址。

      # alicloud_db_instance.instance:
      resource "alicloud_db_instance" "instance" {
          client_ca_enabled          = 0
          client_crl_enabled         = 0
          connection_string          = "pgm-****.pg.rds.aliyuncs.com"
          connection_string_prefix   = "pgm-****"
          db_instance_storage_type   = "cloud_essd"
          db_time_zone               = "Asia/Shanghai"
          deletion_protection        = false
          engine                     = "PostgreSQL"
          engine_version             = "13.0"
          force_restart              = false
          ha_config                  = "Auto"
          id                         = "pgm-****"
          instance_charge_type       = "Postpaid"
          instance_name              = "terraformtest"
          instance_storage           = 50
          instance_type              = "pg.n2.2c.2m"
          maintain_time              = "05:00Z-06:00Z"
          monitoring_period          = 300
          period                     = 0
          port                       = "5432"
          private_ip_address         = "172.16.XX.XX"
          resource_group_id          = "rg-****"
          security_group_ids         = []
          security_ip_mode           = "normal"
          security_ips               = [
              "127.0.0.1",
          ]
          sql_collector_config_value = 30
          sql_collector_status       = "Disabled"
          storage_auto_scale         = "Enable"
          storage_threshold          = 30
          storage_upper_bound        = 100
          target_minor_version       = "rds_postgres_1300_20220830"
          tcp_connection_type        = "SHORT"
          vpc_id                     = "vpc-****"
          vswitch_id                 = "vsw-****"
          zone_id                    = "cn-hangzhou-j"
      
          pg_hba_conf {
              address     = "127.0.0.1"
              database    = "all"
              method      = "md5"
              priority_id = 1
              type        = "host"
              user        = "all"
          }
      }
    • 登录RDS控制台查看RDS PostgreSQL实例的外网连接地址已释放。已释放外网地址

查询交换机详情

  1. 在terraform.tf文件中增加data "alicloud_vswitches" "instance" {}配置项,具体配置如下:

    ...
    data "alicloud_vswitches" "instance" {
      vpc_id            = alicloud_vpc.main.id
    }
  2. 运行terraform apply查询RDS PostgreSQL实例的交换机详情。

    出现类似如下日志时,表示查询成功。

    data.alicloud_vswitches.instance: Reading...
    alicloud_db_instance.instance: Refreshing state... [id=pgm-****]
    data.alicloud_vswitches.instance: Read complete after 1s [id=44344****]
    
    No changes. Your infrastructure matches the configuration.
    
    Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are
    needed.
    
    Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
  3. 运行terraform show查看结果。

    # data.alicloud_vswitches.instance:
    data "alicloud_vswitches" "instance" {
        id        = "246547****"
        ids       = [
            "vsw-****",
            "vsw-****",
        ]
        names     = [
            "test",
            "",
        ]
        vpc_id    = "vpc-****"
        vswitches = [
            {
                available_ip_address_count = 252
                cidr_block                 = "10.1.0.0/24"
                creation_time              = "2022-09-13T01:57:56Z"
                description                = ""
                id                         = "vsw-****"
                is_default                 = false
                name                       = "test"
                resource_group_id          = "rg-****"
                route_table_id             = "vtb-****"
                status                     = "Available"
                tags                       = {}
                vpc_id                     = "vpc-****"
                vswitch_id                 = "vsw-****"
                vswitch_name               = "test"
                zone_id                    = "cn-hangzhou-b"
            },
            {
                available_ip_address_count = 237
                cidr_block                 = "10.2.0.0/24"
                creation_time              = "2022-09-07T06:18:47Z"
                description                = ""
                id                         = "vsw-****"
                is_default                 = false
                name                       = ""
                resource_group_id          = "rg-****"
                route_table_id             = "vtb-****"
                status                     = "Available"
                tags                       = {}
                vpc_id                     = "vpc-****"
                vswitch_id                 = "vsw-****"
                vswitch_name               = ""
                zone_id                    = "cn-hangzhou-b"
            },
        ]
    }

切换交换机

以切换交换机切换为vsw-****为例。

重要

切换交换机的操作会删除原有RDS PostgreSQL实例,创建新的RDS PostgreSQL实例,实例内数据将不会继承,请谨慎操作。

  1. 修改terraform.tf文件中resource "alicloud_db_instance" "instance" {}的配置项vswitch_id,具体配置如下:

    ...
    resource "alicloud_db_instance" "instance" {
    ...
      vswitch_id       = "vsw-****"
    }
  2. 运行terraform apply

    出现如下配置信息后,确认配置信息并输入yes,开始切换交换机。

    alicloud_db_instance.instance: Refreshing state... [id=pgm-****]
    
    Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
    following symbols:
    -/+ destroy and then create replacement
    
    Terraform will perform the following actions:
    
      # alicloud_db_instance.instance must be replaced
    -/+ resource "alicloud_db_instance" "instance" {
          + acl                        = (known after apply)
          + auto_upgrade_minor_version = (known after apply)
          + babelfish_port             = (known after apply)
          + ca_type                    = (known after apply)
          - client_ca_enabled          = 0 -> null
          - client_crl_enabled         = 0 -> null
          ~ connection_string          = "pgm-****.pg.rds.aliyuncs.com" -> (known after apply)
          ~ connection_string_prefix   = "pgm-****" -> (known after apply)
          ~ db_instance_storage_type   = "cloud_essd" -> (known after apply)
          + db_is_ignore_case          = (known after apply)
          ~ db_time_zone               = "Asia/Shanghai" -> (known after apply)
          ~ ha_config                  = "Auto" -> (known after apply)
          ~ id                         = "pgm-****" -> (known after apply)
          ~ monitoring_period          = 300 -> (known after apply)
          - period                     = 0 -> null
          ~ port                       = "5432" -> (known after apply)
          ~ private_ip_address         = "172.16.XX.XX" -> (known after apply)
          + replication_acl            = (known after apply)
          + security_group_id          = (known after apply)
          ~ security_group_ids         = [] -> (known after apply)
          ~ security_ips               = [
              - "127.0.0.1",
            ] -> (known after apply)
          + server_cert                = (known after apply)
          + server_key                 = (known after apply)
          ~ sql_collector_status       = "Disabled" -> (known after apply)
          + ssl_action                 = (known after apply)
          + ssl_status                 = (known after apply)
          ~ target_minor_version       = "rds_postgres_1300_20220830" -> (known after apply)
          ~ vpc_id                     = "vpc-****" -> (known after apply)
          ~ vswitch_id                 = "vsw-****" -> "vsw-****" # forces replacement
          ~ zone_id                    = "cn-hangzhou-j" -> (known after apply)
          + zone_id_slave_a            = (known after apply)
            # (16 unchanged attributes hidden)
    
          + babelfish_config {
              + babelfish_enabled    = (known after apply)
              + master_user_password = (known after apply)
              + master_username      = (known after apply)
              + migration_mode       = (known after apply)
            }
    
          + parameters {
              + name  = (known after apply)
              + value = (known after apply)
            }
    
            # (1 unchanged block hidden)
        }
    
    Plan: 1 to add, 0 to change, 1 to destroy.
    
    Do you want to perform these actions?
      Terraform will perform the actions described above.
      Only 'yes' will be accepted to approve.
    
      Enter a value:

    出现类似如下日志时,表示切换成功。

    alicloud_db_instance.instance: Destroying... [id=pgm-****]
    alicloud_db_instance.instance: Still destroying... [id=pgm-****, 10s elapsed]
    alicloud_db_instance.instance: Still destroying... [id=pgm-****, 20s elapsed]
    alicloud_db_instance.instance: Still destroying... [id=pgm-****, 30s elapsed]
    alicloud_db_instance.instance: Destruction complete after 31s
    alicloud_db_instance.instance: Creating...
    alicloud_db_instance.instance: Still creating... [10s elapsed]
    alicloud_db_instance.instance: Still creating... [20s elapsed]
    ...
    alicloud_db_instance.instance: Still creating... [10m58s elapsed]
    alicloud_db_instance.instance: Creation complete after 11m1s [id=pgm-****]
    
    Apply complete! Resources: 1 added, 0 changed, 1 destroyed.
  3. 查看结果。

    • 运行terraform show查看RDS PostgreSQL实例交换机信息。

      # alicloud_db_instance.instance:
      resource "alicloud_db_instance" "instance" {
          client_ca_enabled          = 0
          client_crl_enabled         = 0
          connection_string          = "pgm-****.pg.rds.aliyuncs.com"
          connection_string_prefix   = "pgm-****"
          db_instance_storage_type   = "cloud_essd"
          db_time_zone               = "Asia/Shanghai"
          deletion_protection        = false
          engine                     = "PostgreSQL"
          engine_version             = "13.0"
          force_restart              = false
          ha_config                  = "Auto"
          id                         = "pgm-****"
          instance_charge_type       = "Postpaid"
          instance_name              = "terraformtest"
          instance_storage           = 50
          instance_type              = "pg.n2.2c.2m"
          maintain_time              = "05:00Z-06:00Z"
          monitoring_period          = 300
          period                     = 0
          port                       = "5432"
          private_ip_address         = "192.168.XX.XX"
          resource_group_id          = "rg-****"
          security_group_ids         = []
          security_ip_mode           = "normal"
          security_ips               = [
              "127.0.0.1",
          ]
          sql_collector_config_value = 30
          sql_collector_status       = "Disabled"
          storage_auto_scale         = "Enable"
          storage_threshold          = 30
          storage_upper_bound        = 100
          target_minor_version       = "rds_postgres_1300_20220830"
          tcp_connection_type        = "SHORT"
          vpc_id                     = "vpc-****"
          vswitch_id                 = "vsw-****"
          zone_id                    = "cn-hangzhou-j"
      
          pg_hba_conf {
              address     = "127.0.0.1"
              database    = "all"
              method      = "md5"
              priority_id = 1
              type        = "host"
              user        = "all"
          }
      }
    • 登录RDS控制台查看RDS PostgreSQL实例的交换机信息。交换机新