如何使用 Terraform 在现有 VPC 中启动 EC [英] How to launch ECs in an existing VPC using Terraform
问题描述
我需要在现有的 AWS VPC 中使用 Terraform 创建几个新的 EC2、RDS 等.以及现有的子网、安全组、iam 等.它们不是由 Terraform 创建的.它是手动创建的.
I need to create several new EC2, RDS, etc.using Terraform, in an existing AWS VPC. and the existing subnet, security group, iam, etc. they are not created by Terraform. it is created manually.
我听说正确的方法是使用 terraform import (正确吗?).为了测试 terraform 导入的工作原理,我首先测试了如何导入现有的 EC2 而不是现有的 VPC,因为我不想意外更改现有 VPC 中的任何内容.
I heard the right way is to use terraform import (it is correct?). To test how terraform import works, I first tested how to import an existing EC2 in stead of an existing VPC, Because I do not want to accidentally change anything In an exist VPC.
运行前
terraform import aws_instance.example i-XXXXXXXXXX
看来我需要在我的 ec2.tf 文件中创建一个非常详细的 EC2 资源,例如:
It looks like I need to create a very detailed EC2 resource in my ec2.tf file, such as:
resource "aws_instance" "example" {
iam_instance_profile = XXXXXXXXXX
instance_type = XXXXXXX
ami = XXXXXXX
tags {
Name = XXXXX
Department = XXXX
....
}
}
如果我只是写:
resource "aws_instance" "example" {
}
这表明我错过了 ami 和实例类型,
it showed I missed ami and instance type,
如果我写:
resource "aws_instance" "example" {
instance_type = XXXXXXX
ami = XXXXXXX
}
然后运行terraform apply"将我现有 EC2 的标签更改为空,将 iam 配置文件更改为空.
then running "terraform apply" will change tags of my existing EC2 to nothing, change iam profile to nothing.
我还没有尝试过如何导入现有的vpc、子网、安全组.恐怕我一试,就得放很多现有的vpc、子网、安全组等信息,我的系统比较复杂.
I have not tried how to import existing vpc, subnet, security group yet. I am afraid if I try, I have to put a lot of information of the existing vpc, subnet, security group, etc. my system is complex.
是否需要在我的 terraform 代码中指出这么多细节?有没有办法让我只是简单地指出现有东西的id,比如vpc的id,我的新东西将基于现有的id创建?某事喜欢:
is it expected that I need to indicate so many details in my terraform code? isn't there a way so that I just simply indicate the id of existing stuff like vpc's id, and my new stuff will be created based on the existing id? sth. like:
data "aws_subnet" "public" {
id = XXXXXXX
}
resource "aws_instance" "example" {
instance_type = "t2.micro"
ami = "${var.master_ami}"
......
subnet_id = "${aws_subnet.public.id}"
}
推荐答案
您可以在导入过程中将资源主体留空,但您需要在导入后返回并填写具体详细信息.您可以使用 terraform show 命令查看导入的资源,并填写所有资源详细信息,因此当您尝试运行 terraform plan 时,它应该显示不需要更改.
You can leave the body of the resource blank during the import, but you'll need to go back in and fill in the specific details once it's been imported. You can look at the imported resource with the terraform show command, and fill in all of the resource details, so when you try to run terraform plan it should show no changes needed.
但是,要回答您的问题,是的,您可以使用现有资源而无需导入它们.只需创建一个变量文件,其中包含新资源所需的现有资源 ID,然后您可以引用所需的资源.
But, to answer your question, yes you can use your existing resources without having to import them. Just create a variables file that holds your existing resource ids that you need for your new resources, and then you can then reference the ones you need.
因此,您可以拥有一个 .vars 文件,其中包含以下内容:
So you could have a .vars file with something like:
variable "ami_id" {
description = "AMI ID"
default = "ami-xxxxxxxx"
}
variable "subnet_prv1" {
description = "Private Subnet 1"
default = "subnet-xxxxxx"
}
然后在你的 main.tf 中创建资源:
Then in your main.tf to create the resource:
resource "aws_instance" "example" {
instance_type = "t2.micro"
ami = "${var.ami_id}"
......
subnet_id = "${var.subnet_prv1}"
}
只是一种解决方法.还有其他内容,您可以在 用于变量的 terraform 文档
Just one way to go about it. There are others, which you can read up on in the terraform docs for variables
这篇关于如何使用 Terraform 在现有 VPC 中启动 EC的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
