Terraform之申请AWS的EC2

目录结构

├── cloud_init.sh  # 开机执行脚本 
├── instance.tf    # 申请资源的主机
├── main.tf        # 主配置文件
├── output.tf      # 输出变量
├── start.sh       # terraform 命令 
└── variables.tf   # 输入变量

variables.tf

输入变量一个AWS 账号的基础信息

variable "region" {
  type        = string
  description = "请输入创建的region"
}

variable "region_az" {
  type        = string
  description = "请输入创建资源所在的AZ"
}

variable "instance_type" {
  type        = string
  default     = "t3.nano"
  #default     = "m5.large"
  description = "请输入创建的实例类型"
}

variable "tag_name" {
  type        = string
  description = "请输入机器的名字"
}

variable "tag_project" {
  type        = string
  description = "请输入计费的tag标签"
}

variable "storage_number" {
  type        = string
  default     = 1
  description = "请输入要创建的硬盘数量"
}

variable "key_name" {
  type        = string
  default     = "xxx"
  description = "请输入连接服务器使用的ssh名字"
}

variable "iams" {
  type    = map
  default = {
    "us-east-2" = "ami-xxx"
    "ap-northeast-1" = "ami-xxx"
  }
}

variable "vpcs" {
  type    = map
  default = {
    "us-east-2" = "vpc-xxx"
    "ap-northeast-1" = "vpc-xxx"
  }
}

variable "subnetes" {
  type    = map
  default = {
    "us-east-2a" = "subnet-xxx"
    "us-east-2b" = "subnet-xxx"
    "us-east-2c" = "subnet-xxx"
    "ap-northeast-1a" = "subnet-xxx"
    "ap-northeast-1c" = "subnet-xxx"
    "ap-northeast-1d" = "subnet-xxx"
  }
}

variable "storage_dev" {
  type    = map
  default = {
    "0" = "/dev/sdh"
    "1" = "/dev/sdi"
    "2" = "/dev/sdj"
    "3" = "/dev/sdk"
    "4" = "/dev/sdl"
  }
}

main.tf

主配置文件,声明使用的认证信息

provider "aws" {
  region                  = var.region
  shared_credentials_file = "/opt/terraform/aws/.creds/xxxx"
}

instance.tf

实例配置文件, 声明需要在AWS上创建的资源

resource "aws_instance" "this_ec2" {
  ami               = var.iams[var.region]
  instance_type     = var.instance_type
  subnet_id         = var.subnetes[var.region_az]
  availability_zone = var.region_az
  key_name          = var.key_name
  user_data = "${file("cloud_init.sh")}"
  tags = {
    Name    = var.tag_name
    Project = var.tag_project 
  }
  volume_tags = {
    Name    = var.tag_name
    Project = var.tag_project
  }
}


resource "aws_ebs_volume" "this_ebs" {
  count = var.storage_number

  availability_zone = var.region_az
  size              = 10
  tags = {
    Name = "${var.tag_name}-disk-${count.index}"
    Project = var.tag_project
  }
}

resource "aws_volume_attachment" "instance_att_sdb" {
  count = var.storage_number

  device_name = var.storage_dev[count.index]
  instance_id = "${aws_instance.this_ec2.id}"
  volume_id   = "${aws_ebs_volume.this_ebs[count.index].id}"
}

resource "aws_eip" "this_elb" {
  instance = "${aws_instance.this_ec2.id}"
  vpc      = true
}

output.tf

输出的参数，后面自动添加cmdb、jumpserver 等工具使用

output "tag_name" {
  value = var.tag_name
}

output "instance_ip_addr" {
  value       = aws_instance.this_ec2.private_ip
}

output "instance_eip" {
  value       = aws_instance.this_ec2.public_ip
}

使用方法

1	terraform apply -var="region=us-east-2" -var="region_az=us-east-2a" -var="instance_type=m5.large" -var="tag_name=test" -var="tag_project=test" -var="storage_number=2"

参数说明：
region: EC2 所在的region
region-az: EC2 所在的AZ
instance_type: EC2 的实例类型
tag_name: EC2 的tag Key=Name
tag_project: EC2 的tag Key=Project
storage_number: EC2 附加的硬盘，最多附加五块

```

开始拆一下
instance.tf
这里面有四个动作，申请EC2,申请EBS，EC2与EBS绑定，申请EIP与EC2 绑定。好像没啥好说的，写完之后发现好简单。每个方法在官网后面有个output，可以通过定义的方法名.output 的值取到输出的值

emm.. 没啥好讲的，就是这么简单，tf 的难点在于规划，如何把账户，秘钥，配置，脚本，做好规划。这个需要折腾一下。