如何以与云无关的方式使用 Terraform [英] How to use Terraform in a cloud agnostic way

问题描述

我看过很多关于如何使用 Terraform 启动 AWS 资源的示例.我还看到许多声称 Terraform 与云无关的说法.

I have seen many examples on how to use Terraform to launch AWS resources. I have also seen many claims that Terraform is cloud agnostic.

我还没有看到一个示例，说明如何使用单个 tf 文件在 AWS 或 Azure 中启动带有一些子网、一些实例、一些 ELB 和一些数据库的 VPC.

What I have not seen is an example of how I can launch a VPC with some subnets, some instances, some ELB's, and a few databases in either AWS or Azure using a single tf file.

有没有人有这样的例子?

Does any one have an example of that?

推荐答案

虽然 Terraform 作为一种工具与云无关(因为它将支持任何公开其 API 的东西，并且有足够的开发人员支持来为其创建提供者")，Terraform 本身根本不会对它进行本机抽象，除非您有一个非常好的用例，否则我会认真考虑这是否是一个好主意.

While Terraform as a tool is cloud agnostic (in that it will support anything that exposes its API and has enough developer support to create a "provider" for it), Terraform itself will not natively abstract this at all and I'd seriously consider whether this is a good idea at all unless you have a really good use case.

如果确实需要这样做，则需要在从模块用户抽象云层的事物之上构建一堆模块，并允许他们将云提供商指定为变量(可能可以从外部进行控制)脚本).

If you did need to do this you would need to build a bunch of modules on top of things that abstracts the cloud layer from the module users and just allow them to specify the cloud provider as a variable (potentially controllable from some outside script).

作为抽象 DNS 的基本示例，您可能有这样的内容(未经测试):

As a basic example to abstract DNS you might have something like this (untested):

variable "count" = {}

variable "domain_name_record" = {}
variable "domain_name_zone" = {}
variable "domain_name_target" = {}

resource "google_dns_record_set" "frontend" {
  count = "${variable.count}"
  name  = "${var.domain_name_record}.${var.domain_name_zone}"
  type  = "CNAME"
  ttl   = 300

  managed_zone = "${var.domain_name_zone}"

  rrdatas = ["${var.domain_name_target}"]
}

modules/aws/dns/record/main.tf

variable "count" = {}

variable "domain_name_record" = {}
variable "domain_name_zone" = {}
variable "domain_name_target" = {}

data "aws_route53_zone" "selected" {
  count = "${variable.count}"
  name  = "${var.domain_name_zone}"
}

resource "aws_route53_record" "www" {
  count   = "${variable.count}"
  zone_id = "${data.aws_route53_zone.selected.zone_id}"
  name    = "${var.domain_name_record}.${data.aws_route53_zone.selected.name}"
  type    = "CNAME"
  ttl     = "60"
  records = [${var.domain_name_target}]
}

modules/generic/dns/record/main.tf

variable "cloud_provider" = { default = "aws" }

variable "domain_name_record" = {}
variable "domain_name_zone" = {}
variable "domain_name_target" = {}

module "aws_dns_record" {
  source             = "../../aws/dns/record"
  count              = "${var.cloud_provider == "aws" ? 1 : 0}"
  domain_name_record = "${var.domain_name_record}"
  domain_name_zone   = "${var.domain_name_zone}"
  domain_name_target = "${var.domain_name_target}"
}

module "google_dns_record" {
  source             = "../../google/dns/record"
  count              = "${var.cloud_provider == "google" ? 1 : 0}"
  domain_name_record = "${var.domain_name_record}"
  domain_name_zone   = "${var.domain_name_zone}"
  domain_name_target = "${var.domain_name_target}"
}

显然这会很快变得复杂，但这确实意味着您可以将通用"模块公开给其他人，并允许他们使用您在事物上构建的抽象.您如何处理不同云之间没有特征奇偶校验的事情是一个完全不同的问题，可能不适合 StackOverflow.

Obviously this will get complicated pretty fast but it does mean that you can expose the "generic" module to others and allow them to use the abstractions you are building on things. How you cope with things where there isn't feature parity between different clouds is a whole separate question and probably not best suited for StackOverflow.

这篇关于如何以与云无关的方式使用 Terraform的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！