Terraform系列三腾讯云CVM中的玩法腾讯云devops

背景：紧接：Terraform系列一腾讯云CVM相关简单创建，Terraform系列二腾讯云CVM进一步相关玩法。cvm创建完成,准备初始化一下系统，挂载一下数据盘，在cvm中安装一些软件，做一些简单的配置！
Terraform系列三腾讯云CVM中的玩法 1. Terraform output 我们通过terraform创建了cvm相关资源,我们该如何获取cvm的相关信息呢？前面我都是登陆控制台后台查看的。我能不能通过terraform获取相关的我需要的信息输出呢？可以的！这里顺路提一下output......
1. 首先拿一个简单的例子来演示一下：
我需要打印出cvm_almalinux cvm云主机的区域，id ，名称，公网ip相关信息。这样我就可以获取公网ip信息，不用去控制台查找ip信息，可以直接登陆服务器了。
1. cat output.tf

output "cvm_az" { value = "https://www.it610.com/article/${tencentcloud_instance.cvm_almalinux.availability_zone}" } output "cvm_id" { value = "https://www.it610.com/article/${tencentcloud_instance.cvm_almalinux.id}" } output "cvm_name" { value = "https://www.it610.com/article/${tencentcloud_instance.cvm_almalinux.instance_name}" } output "cvm_public_ip" { value = "https://www.it610.com/article/${tencentcloud_eip.cvm_almalinux_eip.public_ip}" }

2. terraform apply and terraform out

文章图片

这样我们就可以获取到服务器的公网ip了，可以至今ssh登陆服务器！当然了这里只是抛砖引玉。你可以通过output输出各种资源相关的信息-你所需要的！
3. terraform output 其他的用法从腾讯云的腾讯云Terraform应用指南学到的

[root@zhangpeng terraform]# terraform output cvm_id "ins-hsakr7ah"

同理也可以打印其他相关信息.了解一个命令的最好方法还是通过--hlep看文档

[root@zhangpeng terraform]# terraform output --help Usage: terraform [global options] output [options] [NAME]Reads an output variable from a Terraform state file and prints the value. With no additional arguments, output will display all the outputs for the root module.If NAME is not specified, all outputs are printed.Options:-state=pathPath to the state file to read. Defaults to "terraform.tfstate".-no-colorIf specified, output won't contain any color.-jsonIf specified, machine readable output will be printed in JSON format.-rawFor value types that can be automatically converted to a string, will print the raw string directly, rather than a human-oriented representation of the value.

竟然可以json输出？体验一下！

[root@zhangpeng terraform]# terraform output -json { "cvm_az": { "sensitive": false, "type": "string", "value": "ap-beijing-2" }, "cvm_id": { "sensitive": false, "type": "string", "value": "ins-hsxxxx" }, "cvm_name": { "sensitive": false, "type": "string", "value": "cvm-almalinux" }, "cvm_public_ip": { "sensitive": false, "type": "string", "value": "xxx.xxx.xxx.xxx" } }

更多的用法以后慢慢区发现了。这只是获取公网ip引申出来的！
2. 如何通过terraform给cvm运行shell 1. 格式化vdb并挂载到data目录
1. 创建格式化tf配置文件 cat mkfs.tf

resource "null_resource" "connect_private" { connection { host= "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" type= "ssh" user= "root" }# set hostname provisioner "remote-exec" { inline = [ "sudo mkfs -t ext4 /dev/vdb", "sudo mkdir /data", "sudo mount /dev/vdb /data" ] } }

2. terraform plan and terraform init --upgrade

[root@zhangpeng terraform]# terraform plan

恩？提示我要uprade？什么鬼先执行一下！目测是要安装一个null的组件好吧......

[root@zhangpeng terraform]# terraform init --upgrade

文章图片

3. terraform apply

[root@zhangpeng terraform]# terraform apply

文章图片

我以为我设置免密不用设置私钥或者密码就可以的.....这是不对的。设置一下私钥再走一遍！
4.正确的方式---特别强调 【Terraform系列三腾讯云CVM中的玩法】cat mkfs.tf

resource "null_resource" "connect_private" { connection { host= "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" type= "ssh" user= "root" private_key = "${file("~/.ssh/id_rsa")}" }# set hostname provisioner "remote-exec" { inline = [ "sudo mkfs -t ext4 /dev/vdb", "sudo mkdir /data", "sudo mount /dev/vdb /data" ] } }

注：增加了private_key配置
terraform plan and terraform apply

文章图片

ssh登陆服务器查看验证：

[root@cvm-almalinux /]# lsblk

文章图片

ok 格式化硬盘的任务就算是成功了!当然了也可以在remote-exec中将配置写入fstab防止服务器重启失效！
2.安装一个软件，比如nginx？
1. 创建nginx.tf配置文件 cat nginx.tf

resource "null_resource" "connect_private_nginx" { connection { host= "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" type= "ssh" user= "root" private_key = "${file("~/.ssh/id_rsa")}" }# set hostname provisioner "remote-exec" { inline = [ "sudo yum update -y", "sudo yum install nginx -y", "sudo systemctl start nginx" ] } }

2. terraform plan and terraform apply

文章图片

install 滚动条一直0怎么会事情.......登陆服务器查看一下

文章图片

调用的是一个platform-python安装软件没有仔细区看接着等待ing.....

文章图片

连接不到yum源？突然就想到了防火墙......
果不其然，出口默认都是deny拒绝！

文章图片

修改安全组配置文件如下：

[root@zhangpeng terraform]# cat security_group.tf resource "tencentcloud_security_group" "sg_bj" { name = "sg-bj" }resource "tencentcloud_security_group_rule" "sg_bj_1" { security_group_id = "${tencentcloud_security_group.sg_bj.id}" type = "ingress" cidr_ip = "0.0.0.0/0" ip_protocol = "tcp" port_range = "22,80" policy = "accept" } resource "tencentcloud_security_group_rule" "sg_bj_2" { security_group_id = "${tencentcloud_security_group.sg_bj.id}" type = "egress" cidr_ip = "0.0.0.0/0" ip_protocol = "tcp" policy = "accept" }

继续terrafrom plan terraform apply

文章图片

文章图片

进度条可以走了总算！等待任务结束

文章图片

访问公网Ip nginx正常访问成功！

文章图片

3.其他的方式？
不想讲脚本写在tf文件里面，我可不可以写一个shell脚本，然后用remote-exec去运行呢？可以的！安装一个httpd如下：
1. 编写install-http.sh脚本 install-httpd.sh

[root@k8s-master-01 terraform]# cat install-httpd.sh #!/bin/bash systemctl stop nginx yum install -y httpd systemctl start httpd

注：主机名变了....放假回家拿另外服务器跑的。嗯id_isa也搞了过来！前面安装过nginx了不做复杂设置，先把！nginx停止了！
2. 编写httpd.tf httpd.tf

resource "null_resource" "connect_private_httpd" { provisioner "file" { source = "install-httpd.sh" destination = "/tmp/install-httpd.sh" } # set hostname provisioner "remote-exec" { inline = [ "chmod +x /tmp/install-httpd.sh && sh /tmp/install-httpd.sh" ] } connection { host= "${tencentcloud_eip.cvm_almalinux_eip.public_ip}" type= "ssh" user= "root" private_key = "${file("~/.ssh/id_rsa")}" } }

3. terraform plain and terraform apply