Terraform
更改基础设施
在之前的教程中,您使用 Terraform 创建了您的第一个基础设施:一个资源组。现在,您将通过定义引用您的资源组的附加资源以及向您的资源组添加标签来修改您的配置。
创建新资源
在您的 main.tf 文件中,添加下面的资源块以创建虚拟网络 (VNet)。
main.tf
# Create a virtual network
resource "azurerm_virtual_network" "vnet" {
name = "myTFVnet"
address_space = ["10.0.0.0/16"]
location = "westus2"
resource_group_name = azurerm_resource_group.rg.name
}
要创建一个新的 Azure VNet,您需要指定包含 VNet 的资源组的名称。通过引用资源组,您在资源之间建立依赖关系。Terraform 通过为您的配置构建依赖关系图来确保以正确的顺序创建资源。
应用您的更改
更改配置后,再次运行 terraform apply,以查看 Terraform 将如何将此更改应用于您的基础设施。回复 yes 以确认更改。
$ terraform apply
azurerm_resource_group.rg: Refreshing state... [id=/subscriptions/c9ed8610-47a3-4107-a2b2-a322114dfb29/resourceGroups/myTFResourceGroup]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# azurerm_virtual_network.vnet will be created
+ resource "azurerm_virtual_network" "vnet" {
+ address_space = [
+ "10.0.0.0/16",
]
+ guid = (known after apply)
+ id = (known after apply)
+ location = "westus2"
+ name = "myTFVnet"
+ resource_group_name = "myTFResourceGroup"
+ subnet = (known after apply)
+ vm_protection_enabled = false
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
azurerm_virtual_network.vnet: Creating...
azurerm_virtual_network.vnet: Creation complete after 6s [id=/subscriptions/c9ed8610-47a3-4107-a2b2-a322114dfb29/resourceGroups/myTFResourceGroup/providers/Microsoft.Network/virtualNetworks/myTFVnet]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Terraform 通过比较您在配置中描述的期望状态与保存在本地 terraform.tfstate 文件或远程状态后端中的当前状态来构建执行计划(具体取决于您的配置)。
修改现有资源
除了创建新资源之外,Terraform 还可以修改现有资源。
打开您的 main.tf 文件。更新您的配置中的 azurerm_resource_group 资源,方法是添加如下所示的标签块
main.tf
resource "azurerm_resource_group" "rg" {
name = "myTFResourceGroup"
location = "westus2"
tags = {
Environment = "Terraform Getting Started"
Team = "DevOps"
}
}
应用你的更改
运行 terraform apply 来修改你的基础设施。回复 yes 到提示以确认操作。
$ terraform apply
azurerm_resource_group.rg: Refreshing state... [id=/subscriptions/c9ed8610-47a3-4107-a2b2-a322114dfb29/resourceGroups/myTFResourceGroup]
azurerm_virtual_network.vnet: Refreshing state... [id=/subscriptions/c9ed8610-47a3-4107-a2b2-a322114dfb29/resourceGroups/myTFResourceGroup]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# azurerm_resource_group.rg will be updated in-place
~ resource "azurerm_resource_group" "rg" {
id = "/subscriptions/c9ed8610-47a3-4107-a2b2-a322114dfb29/resourceGroups/myTFResourceGroup"
name = "myTFResourceGroup"
~ tags = {
+ "Environment" = "Terraform Getting Started"
+ "Team" = "DevOps"
}
# (1 unchanged attribute hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
azurerm_resource_group.rg: Modifying... [id=/subscriptions/c9ed8610-47a3-4107-a2b2-a322114dfb29/resourceGroups/myTFResourceGroup]
azurerm_resource_group.rg: Modifications complete after 1s [id=/subscriptions/c9ed8610-47a3-4107-a2b2-a322114dfb29/resourceGroups/myTFResourceGroup]
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.
前缀 ~ 表示 Terraform 将会就地更新资源。
查看状态更新
使用 terraform show 再次查看与此资源组关联的新值。
$ terraform show
# azurerm_resource_group.rg:
resource "azurerm_resource_group" "rg" {
id = "/subscriptions/c9ed8610-47a3-4107-a2b2-a322114dfb29/resourceGroups/myTFResourceGroup"
location = "westus2"
name = "myTFResourceGroup"
tags = {
"Environment" = "Terraform Getting Started"
i "Team" = "DevOps"
}
}
##...
运行 terraform state list 以获取工作区中管理的资源的更新列表。
$ terraform state list
azurerm_resource_group.rg
azurerm_virtual_network.vnet