Terraform
1 Install Terraform
1.1 Amazon Linux
Install yum-config-manager to manage your repositories.
$ sudo yum install -y yum-utils
Use yum-config-manager to add the official HashiCorp Linux repository.
$ sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo
Install Terraform from the new repository.
$ sudo yum -y install terraform
1.2 Verify the installation
[root@ip-172-31-24-108 ~]# terraform -version
Terraform v1.8.5
on linux_amd64
1.3 Enable tab completion
bash
touch ~/.bashrc
Then install the autocomplete package.
terraform -install-autocomplete
2 Quick start tutorial
2.1 install Docker Engine
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo systemctl start docker
sudo docker run hello-world
2.2
Create a directory named learn-terraform-docker-container.
$ mkdir learn-terraform-docker-container
This working directory houses the configuration files that you write to describe the infrastructure you want Terraform to create and manage. When you initialize and apply the configuration here, Terraform uses this directory to store required plugins, modules (pre-written configurations), and information about the real infrastructure it created.
Navigate into the working directory.
$ cd learn-terraform-docker-container
In the working directory, create a file called main.tf and paste the following Terraform configuration into it.
terraform {
required_providers {
docker = {
source = "kreuzwerker/docker"
version = "~> 3.0.1"
}
}
}
provider "docker" {}
resource "docker_image" "nginx" {
name = "nginx"
keep_locally = false
}
resource "docker_container" "nginx" {
image = docker_image.nginx.image_id
name = "tutorial"
ports {
internal = 80
external = 8000
}
}
Initialize the project, which downloads a plugin called a provider that lets Terraform interact with Docker.
$ terraform init
Provision the NGINX server container with apply. When Terraform asks you to confirm type yes and press ENTER.
$ terraform plan
$ terraform apply
Verify the existence of the NGINX container by visiting localhost:8000 in your web browser or running docker ps to see the container.
$ docker ps
To stop the container, run terraform destroy.
$ terraform destroy
You've now provisioned and destroyed an NGINX webserver with Terraform.
3 build
3.1 Prerequisites
To follow this tutorial you will need:
- The Terraform CLI (1.2.0+) installed.
- The AWS CLI installed. Install or update to the latest version of the AWS CLI - AWS Command Line Interface (amazon.com)
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
# aws --version
aws-cli/2.16.7 Python/3.11.8 Linux/6.1.92-99.174.amzn2023.x86_64 exe/x86_64.amzn.2023
- AWS account and associated credentials that allow you to create resources.
To use your IAM credentials to authenticate the Terraform AWS provider, set the AWS_ACCESS_KEY_ID environment variable.
$ export AWS_ACCESS_KEY_ID=
Now, set your secret key.
$ export AWS_SECRET_ACCESS_KEY=
3.2 Write configuration
Each Terraform configuration must be in its own working directory. Create a directory for your configuration.
$ mkdir learn-terraform-aws-instance
Change into the directory.
$ cd learn-terraform-aws-instance
Create a file to define your infrastructure.
$ touch main.tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.16"
}
}
required_version = ">= 1.2.0"
}
provider "aws" {
region = "us-east-1"
}
resource "aws_instance" "app_server-1" {
ami = "ami-08a0d1e16fc3f61ea"
instance_type = "t2.micro"
availability_zone = "us-east-1b"
vpc_security_group_ids = ["sg-052590e460117f9ad"]
key_name = "key-0505485572be88125"
tags = {
Name = "ansible-mem-1"
}
}
resource "aws_instance" "app_server-2" {
ami = "ami-08a0d1e16fc3f61ea"
instance_type = "t2.micro"
availability_zone = "us-east-1b"
vpc_security_group_ids = ["sg-052590e460117f9ad"]
key_name = "key-0505485572be88125"
tags = {
Name = "ansible-mem-2"
}
}
3.3 Initialize the directory
When you create a new configuration — or check out an existing configuration from version control — you need to initialize the directory with terraform init.
$ terraform init
3.4 Format and validate the configuration
We recommend using consistent formatting in all of your configuration files. The terraform fmt command automatically updates configurations in the current directory for readability and consistency.
$ terraform fmt
$ terraform validate
Success! The configuration is valid.
3.5 Create infrastructure
$ terraform plan
$ terraform apply
3.6 Inspect state
When you applied your configuration, Terraform wrote data into a file called terraform.tfstate
$ terraform show
3.7 Manually Managing State
Terraform has a built-in command called terraform state for advanced state management. Use the list subcommand to list of the resources in your project's state.
$ terraform state list
aws_instance.app_server
4 Change infrastructure
4.1 Configuration
修改main.tf
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.16"
}
}
required_version = ">= 1.2.0"
}
provider "aws" {
region = "us-east-1"
}
resource "aws_instance" "app_server-1" {
ami = "ami-08a0d1e16fc3f61ea"
instance_type = "t2.micro"
availability_zone = "us-east-1b"
vpc_security_group_ids = ["sg-052590e460117f9ad"]
+ key_name = "Ansible"
tags = {
Name = "ansible-mem-1"
}
}
resource "aws_instance" "app_server-2" {
ami = "ami-08a0d1e16fc3f61ea"
instance_type = "t2.micro"
availability_zone = "us-east-1b"
vpc_security_group_ids = ["sg-052590e460117f9ad"]
+ key_name = "Ansible"
tags = {
Name = "ansible-mem-2"
}
}
4.2 Apply Changes
$ terraform apply
5 Destroy infrastructure
$ terraform destroy