如何以不可知论的方式使用Terraform [英] How to use Terraform in a cloud agnostic way

问题描述

我已经看到了许多有关如何使用Terraform启动AWS资源的示例.我还看到了许多声称Terraform与云无关的说法.

I have seen many examples on how to use Terraform to launch AWS resources. I have also seen many claims that Terraform is cloud agnostic.

我还没有看到一个示例，说明如何使用单个tf文件在AWS或Azure中启动具有某些子网，某些实例，某些ELB和一些数据库的VPC.

What I have not seen is an example of how I can launch a VPC with some subnets, some instances, some ELB's, and a few databases in either AWS or Azure using a single tf file.

有人举个例子吗?

推荐答案

Terraform作为工具与云无关(因为它将支持任何公开其API的东西，并具有足够的开发人员支持来为其创建提供者") ，Terraform本身根本不会从本质上抽象出来，除非您有一个很好的用例，否则我会认真考虑这是否是个好主意.

While Terraform as a tool is cloud agnostic (in that it will support anything that exposes its API and has enough developer support to create a "provider" for it), Terraform itself will not natively abstract this at all and I'd seriously consider whether this is a good idea at all unless you have a really good use case.

如果确实需要执行此操作，则需要在将模块用户抽象出云层的基础上构建一堆模块，并只允许他们将云提供程序指定为变量(可以从某些外部进行控制)脚本).

If you did need to do this you would need to build a bunch of modules on top of things that abstracts the cloud layer from the module users and just allow them to specify the cloud provider as a variable (potentially controllable from some outside script).

作为抽象DNS的基本示例，您可能会遇到这样的情况(未经测试):

As a basic example to abstract DNS you might have something like this (untested):

variable "count" = {}

variable "domain_name_record" = {}
variable "domain_name_zone" = {}
variable "domain_name_target" = {}

resource "google_dns_record_set" "frontend" {
  count = "${variable.count}"
  name  = "${var.domain_name_record}.${var.domain_name_zone}"
  type  = "CNAME"
  ttl   = 300

  managed_zone = "${var.domain_name_zone}"

  rrdatas = ["${var.domain_name_target}"]
}

modules/aws/dns/record/main.tf

variable "count" = {}

variable "domain_name_record" = {}
variable "domain_name_zone" = {}
variable "domain_name_target" = {}

data "aws_route53_zone" "selected" {
  count = "${variable.count}"
  name  = "${var.domain_name_zone}"
}

resource "aws_route53_record" "www" {
  count   = "${variable.count}"
  zone_id = "${data.aws_route53_zone.selected.zone_id}"
  name    = "${var.domain_name_record}.${data.aws_route53_zone.selected.name}"
  type    = "CNAME"
  ttl     = "60"
  records = [${var.domain_name_target}]
}

modules/generic/dns/record/main.tf

variable "cloud_provider" = { default = "aws" }

variable "domain_name_record" = {}
variable "domain_name_zone" = {}
variable "domain_name_target" = {}

module "aws_dns_record" {
  source             = "../../aws/dns/record"
  count              = "${var.cloud_provider == "aws" ? 1 : 0}"
  domain_name_record = "${var.domain_name_record}"
  domain_name_zone   = "${var.domain_name_zone}"
  domain_name_target = "${var.domain_name_target}"
}

module "google_dns_record" {
  source             = "../../google/dns/record"
  count              = "${var.cloud_provider == "google" ? 1 : 0}"
  domain_name_record = "${var.domain_name_record}"
  domain_name_zone   = "${var.domain_name_zone}"
  domain_name_target = "${var.domain_name_target}"
}

显然，这将很快变得很复杂，但这确实意味着您可以向其他人公开通用"模块，并允许他们使用您在事物上构建的抽象.在不同云之间没有功能奇偶校验的情况下，您该如何应对是一个完全独立的问题，并且可能最不适合StackOverflow.

Obviously this will get complicated pretty fast but it does mean that you can expose the "generic" module to others and allow them to use the abstractions you are building on things. How you cope with things where there isn't feature parity between different clouds is a whole separate question and probably not best suited for StackOverflow.

这篇关于如何以不可知论的方式使用Terraform的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！