如何使用Terraform在现有VPC中启动EC [英] How to launch ECs in an existing VPC using Terraform

问题描述

我需要在现有的AWS VPC中使用Terraform创建多个新的EC2，RDS等.以及现有子网，安全组，IAM等.它们不是由Terraform创建的.它是手动创建的.

I need to create several new EC2, RDS, etc.using Terraform, in an existing AWS VPC. and the existing subnet, security group, iam, etc. they are not created by Terraform. it is created manually.

我听说正确的方法是使用Terraform导入(对吗?).为了测试terraform导入的工作方式，我首先测试了如何导入现有EC2而不是现有VPC，因为我不想意外更改现有VPC中的任何内容.

I heard the right way is to use terraform import (it is correct?). To test how terraform import works, I first tested how to import an existing EC2 in stead of an existing VPC, Because I do not want to accidentally change anything In an exist VPC.

运行之前

terraform import aws_instance.example i-XXXXXXXXXX

似乎我需要在ec2.tf文件中创建一个非常详细的EC2资源，例如:

It looks like I need to create a very detailed EC2 resource in my ec2.tf file, such as:

resource "aws_instance" "example" {
  iam_instance_profile = XXXXXXXXXX
  instance_type = XXXXXXX
  ami = XXXXXXX
  tags {
    Name = XXXXX
    Department = XXXX
    ....
  }
} 

如果我只是写:

resource "aws_instance" "example" {
}

它表明我错过了ami和实例类型，

it showed I missed ami and instance type,

如果我写:

resource "aws_instance" "example" {
  instance_type = XXXXXXX
  ami = XXXXXXX
}

然后运行"terraform apply" 会将现有EC2的标签更改为空，将iam配置文件更改为空.

then running "terraform apply" will change tags of my existing EC2 to nothing, change iam profile to nothing.

我还没有尝试过如何导入现有的vpc，子网，安全组.恐怕如果尝试，我必须放入许多有关现有vpc，子网，安全组等的信息.我的系统很复杂.

I have not tried how to import existing vpc, subnet, security group yet. I am afraid if I try, I have to put a lot of information of the existing vpc, subnet, security group, etc. my system is complex.

是否期望我需要在terraform代码中指出这么多细节?有没有办法让我只是简单地指出现有材料的ID(例如vpc的ID)，然后根据现有ID创建我的新材料?某事像:

is it expected that I need to indicate so many details in my terraform code? isn't there a way so that I just simply indicate the id of existing stuff like vpc's id, and my new stuff will be created based on the existing id? sth. like:

data "aws_subnet" "public" {
    id = XXXXXXX
}

resource "aws_instance" "example" {
  instance_type = "t2.micro"
  ami = "${var.master_ami}"
  ......
  subnet_id = "${aws_subnet.public.id}"
}

推荐答案

在导入过程中，您可以将资源主体保留为空白，但是一旦导入，则需要重新输入并填写特定的详细信息.您可以使用terraform show命令查看导入的资源，并填写所有资源详细信息，因此，当您尝试运行terraform plan时，它应该不显示任何更改.

You can leave the body of the resource blank during the import, but you'll need to go back in and fill in the specific details once it's been imported. You can look at the imported resource with the terraform show command, and fill in all of the resource details, so when you try to run terraform plan it should show no changes needed.

但是，要回答您的问题，是的，您可以使用现有资源而不必导入它们.只需创建一个变量文件，其中包含新资源所需的现有资源ID，然后可以引用所需的ID.

But, to answer your question, yes you can use your existing resources without having to import them. Just create a variables file that holds your existing resource ids that you need for your new resources, and then you can then reference the ones you need.

所以您可以拥有一个.vars文件，其内容如下:

So you could have a .vars file with something like:

variable "ami_id" {
  description = "AMI ID"
  default = "ami-xxxxxxxx"
}

variable "subnet_prv1" {
  description = "Private Subnet 1"
  default = "subnet-xxxxxx"
}

然后在main.tf中创建资源:

Then in your main.tf to create the resource:

resource "aws_instance" "example" {
   instance_type = "t2.micro"
   ami = "${var.ami_id}"
   ......
   subnet_id = "${var.subnet_prv1}"
}

只是一种解决方法.还有其他一些内容，您可以在有关变量的terraform文档中阅读

Just one way to go about it. There are others, which you can read up on in the terraform docs for variables

这篇关于如何使用Terraform在现有VPC中启动EC的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！