为客户帐户配置Terraform(工作区，模块等)最佳实践? [英] Provisioning customer accounts with Terraform (workspaces, Modules, ?) Best Practice?

问题描述

我需要在AWS中创建和管理多个客户环境，并且希望利用Terraform部署所有必要的资源.除了用于访问其中一台服务器的URL外，每个客户环境都基本相同.

I have the need to create and manage multiple customer environments in AWS and I'm wanting to leverage Terraform to deploy all of the necessary resources. Each customer environment is basically the same with the exception of the URL they use to access one of the servers.

我整理了一个Terraform配置，该配置可为给定客户部署所有资源.但是...如何采用相同的配置并将其应用到下一个客户，而无需复制整个Terraform目录并为每个客户复制该目录. (我可以有100个)

I have put together a Terraform configuration that deploys all of the resources for a given customer. BUT... How do I take that same configuration and apply it to the next customer without copying the entire Terraform directory and duplicating that for every customer. (I could have 100's of these)

我听说过工作空间和模块，或两者兼而有之.有没有人看到关于这方面的最佳实践文章?

I've heard workspaces and modules or both. Anyone seen a best-practice article out there on this?

Thx

推荐答案

您应调制您的代码，那么您可以轻松地(从git存储库中)重复使用该模块以及用于该客户的不同变量.在这种情况下，对于每个客户，您最终只会得到一个配置主模块的文件.

You should modulerize your code, then you can easily reuse that module(from a git repository) with different variables to be used for that customer. In this case for each customer, you will end up with only a file that configures the main module.

每个客户都有一个目录，带有一个terraform文件，该文件可加载并配置模块.如果在该目录中使用terraform apply，则状态也将在该目录中.为了确保您的团队也可以部署和进行更改，建议使用后端，例如S3，因此状态将被写入此处.请注意，您必须在每个客户的各自目录中配置一个后端.确保每个客户的后端都不会冲突(例如，在S3中使用其他路径).

Have one directory for each customer, with a terraform file that loads up the module(s) and configures it. If you use terraform apply in that directory then the state will also be in that directory. To make sure your team can also deploy and make changes it is suggested to use a backend such as S3, so the state will be written there. Note that you have to configure a backend for each customer in their respective directory. Make sure the backend for each customer don't clash(For example use a different path in S3).

尼基·瓦特(Nicki Watt)对此做了很好的介绍.您可以在此处观看视频，并在

Nicki Watt gave a good presentation on this. You can view the video here and slides at here.

这篇关于为客户帐户配置Terraform(工作区，模块等)最佳实践?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！