Terraform支持导入和管理ACK的存量资源,例如集群、节点池等。本文介绍如何通过Terraform管理存量ACK托管版集群。
前提条件
- 已创建ACK托管版集群,其中包含一个有两个节点的节点池。具体操作,请参见使用Terraform创建ACK托管版集群。
-
已安装Terraform。
说明
请确认Terraform版本不低于v0.12.28,可通过terraform –version命令查看Terraform版本。
-
Cloud Shell默认安装配置了Terraform和阿里云账号信息,无需任何额外配置。
-
如果您不使用Cloud Shell,关于安装Terraform的方式,请参见在本地安装和配置Terraform。
-
-
配置阿里云账号信息。
创建环境变量,用于存放身份认证信息。
export ALICLOUD_ACCESS_KEY="************" #替换为阿里云账号的AK信息。 export ALICLOUD_SECRET_KEY="************" #替换为阿里云账号的SK信息。 export ALICLOUD_REGION="cn-beijing" #替换为您集群所在的地域。说明
为提高权限管理的灵活性和安全性,建议您创建名为Terraform的RAM用户,并为该RAM用户创建AccessKey和授权。具体操作,请参见创建RAM用户和为RAM用户授权。
操作步骤
- 创建一个工作目录,并在工作目录中创建名为main.tf的配置文件。
provider "alicloud" { } - 执行以下命令初始化Terraform运行环境。
terraform init预期输出:
Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "alicloud" (hashicorp/alicloud) 1.90.1... ... You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. - 导入集群。
- 将集群的资源添加到main.tf文件中。
# Kubernetes托管版。 resource "alicloud_cs_managed_kubernetes" "default" { } - 执行以下命令,导入集群。其中,
为待导入集群的ID。terraform import alicloud_cs_managed_kubernetes.default预期输出:
alicloud_cs_managed_kubernetes.default: Importing from ID "c338cf0f4496a4dc1936a9e314162****"... alicloud_cs_managed_kubernetes.default: Import complete! Imported alicloud_cs_managed_kubernetes alicloud_cs_managed_kubernetes.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****] Import successful! The resources that were imported are shown above. These resources are now in your Terraform state and will henceforth be managed by Terraform.此时,在terraform.tfstate文件中会显示如下导入的集群信息:
{ "mode": "managed", "type": "alicloud_cs_managed_kubernetes", "name": "default", "provider": "provider.alicloud", "instances": [ { "mode": "managed", "type": "alicloud_cs_managed_kubernetes", "name": "default", "provider": "provider.alicloud", "instances": [ ........ ] } ] } - 根据terraform.tfstate文件的内容,补充main.tf的必填字段。
provider "alicloud" { } # 专有网络。 resource "alicloud_cs_managed_kubernetes" "default" { # 补充必填字段。 worker_vswitch_ids = [ ..... ] ...... } - 执行以下命令查看本地资源和远端的差异。
terraform plan预期输出:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. alicloud_cs_managed_kubernetes.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****] ------------------------------------------------------------------------ No changes. Infrastructure is up-to-date. This means that Terraform did not detect any differences between your configuration and real physical resources that exist. As a result, no actions need to be performed.
- 将集群的资源添加到main.tf文件中。
- 导入节点池。
- 执行以下命令,导入节点池。其中,
为待导入集群的ID,此处为上一步中导入集群的ID,为待导入节点池的ID,两者通过半角冒号”:“分隔。terraform import alicloud_cs_kubernetes_node_pool.default :预期输出:
alicloud_cs_kubernetes_node_pool.default: Importing from ID "c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****"... alicloud_cs_kubernetes_node_pool.default: Import complete! Imported alicloud_cs_kubernetes_node_pool alicloud_cs_kubernetes_node_pool.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****] Import successful! The resources that were imported are shown above. These resources are now in your Terraform state and will henceforth be managed by Terraform.此时,在terraform.tfstate文件中会显示如下导入的节点池信息:
..... "resources": [ { "mode": "managed", "type": "alicloud_cs_kubernetes_node_pool", "name": "default", "provider": "provider.alicloud", "instances": [ ..... ] } ] - 根据terraform.tfstate文件的内容,补充main.tf的必填字段。
provider "alicloud" { } # 节点池。 resource "alicloud_cs_kubernetes_node_pool" "default" { # 节点池的名称。 name = .... # 节点池的实例类型。 instance_types = .... ..... } - 执行以下命令查看本地资源和远端的差异。
terraform plan预期输出:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. alicloud_cs_kubernetes_node_pool.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****] alicloud_cs_managed_kubernetes.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****] ------------------------------------------------------------------------ No changes. Infrastructure is up-to-date. This means that Terraform did not detect any differences between your configuration and real physical resources that exist. As a result, no actions need to be performed.
集群导入完成后,您就可以通过main.tf文件对集群或节点池进行操作。
- 执行以下命令,导入节点池。其中,
- 验证节点池的扩容操作。
- 通过main.tf验证节点池的扩容操作。比如给刚导入的节点池扩容1个节点,需要将main.tf文件修改为:
......# Kubernetes托管版。resource "alicloud_cs_kubernetes_node_pool" "default" { ..... # 节点池期望节点数为3。 desired_size = 3}..... - 执行以下命令,完成创建操作。
terraform apply预期输出:
alicloud_cs_kubernetes_node_pool.default: Refreshing state... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****] An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # alicloud_cs_kubernetes_node_pool.default will be updated in-place ~ resource "alicloud_cs_kubernetes_node_pool" "default" { ..... ~ desired_size = 2 -> 3 ..... } Plan: 0 to add, 1 to change, 0 to destroy.提示是否执行变更,输入yes,等待变更结束。
..... alicloud_cs_kubernetes_node_pool.default: Still modifying... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****, 2m30s elapsed] alicloud_cs_kubernetes_node_pool.default: Still modifying... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****, 2m40s elapsed] alicloud_cs_kubernetes_node_pool.default: Still modifying... [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****, 2m50s elapsed] alicloud_cs_kubernetes_node_pool.default: Modifications complete after 2m53s [id=c338cf0f4496a4dc1936a9e314162****:np0f8f2193384045d4aa503c3d24ca****] Apply complete! Resources: 0 added, 1 changed, 0 destroyed.
您可以登录容器服务管理控制台的节点池列表页面,查看到节点池中已成功扩容一个节点。
- 通过main.tf验证节点池的扩容操作。比如给刚导入的节点池扩容1个节点,需要将main.tf文件修改为:
内容没看懂? 不太想学习?想快速解决? 有偿解决: 联系专家
阿里云企业补贴进行中: 马上申请
腾讯云限时活动1折起,即将结束: 马上收藏
同尘科技为腾讯云授权服务中心。
购买腾讯云产品享受折上折,更有现金返利:同意关联,立享优惠
转转请注明出处:https://www.yunxiaoer.com/158166.html