Terraform
HelloTerraform_AWS
aws cli 설치
aws cli version2로 접속하여 자신의 운영체제에 맞는 파일을 다운하고 실행
aws_cli_version2_Windows.exe 설치링크
aws iam 계정 생성
테라폼을 이용하여 인프라 자동화룰 구축할 계정을 만듭니다
사용자 추가할시 꼭! 액세스 키를 체크하셔야합니다.
권한은 상황에 맞게 주셔야하는데 실습의 편의성을 위해서 관리자 권한을 주도록 하겠습니다.
.csv 다운로드 클릭을 하시거나 액세스키ID,비밀 액세스 키를 저장혹은 기억을 하셔야합니다.
테라폼에서 aws 자동화를 위한 설정에 꼭 필요합니다.
윈도우에서 aws 환경설정
$ aws configure
[OUTPUT]
AWS Access Key ID [None]: [INPUT]
AWS Secret Access Key [None]: [INPUT]
Default region name [None]: [원하는 리전] ap-northeast-2
Default output format [None]: [원하는 형식] json아까 다운받은 파일의 내용또는 복사한 값들을 위 설정에 맞게 집어 넣습니다.
Visual Studio Code를 테라폼 추가도구
vsCode를 설치한후 플러그인에서 HashiCorp Terraform 을 설치해줍니다. 테라폼 작업에 용이합니다.
HelloTf
리전 선택과 인스턴스 생성 자동화
01_main.tf 파일을 생성하여 provider를 이용하여 aws를 이용함을 명시하고 리전을 정해줍니다.
provider "aws" {
region = "ap-northeast-2"
}
$ terraform init <-- 테라폼에 init 명령어를 실행시켜 해당 폴더를 테라폼 작업공간으로 만듭니다
resource "aws_instance" "AmazonLinux2AMI" {
ami = "ami-0e4a9ad2eb120e054"
instance_type = "t2.small"
user_data = << eof
#! /bin/bash
sudo su -
yum insatll -y httpd
cat > /var/www/html/index.html << end
<h1>Terraform-WEB-1<h1>
end
systemctl start httpd
eof
tags = {
Name = "aws-ubuntu-1"
}
}
$ terraform plan <-- 테라폼의 계획을 수립합니다 명령어를 입력시 만들어진 인스턴스의 계획(정보)이 나옵니다.
[OUTPUT]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_instance.ubuntu will be created
+ resource "aws_instance" "ubuntu" {
+ ami = "ami-04876f29fd3a5e8ba"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ disable_api_termination = (known after apply)
+ ebs_optimized = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.small"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = (known after apply)
+ monitoring = (known after apply)
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tags = {
+ "Name" = "aws-ubuntu-1"
}
+ tags_all = {
+ "Name" = "aws-ubuntu-1"
}
+ tenancy = (known after apply)
+ user_data = "b146822849a2c6382e335bbc93475838ef024619"
+ user_data_base64 = (known after apply)
+ vpc_security_group_ids = (known after apply)
+ capacity_reservation_specification {
+ capacity_reservation_preference = (known after apply)
+ capacity_reservation_target {
+ capacity_reservation_id = (known after apply)
}
}
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ enclave_options {
+ enabled = (known after apply)
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}
+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
}
+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_interface_id = (known after apply)
}
+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.plan이 정상적으로 수립이 되었다면
$ terraform apply # 명령어를 실행시켜 aws cloud에서 실행시킵니다.자동화 코드 실행 결과
$ aws ec2 describe-instances --instance-ids [apply 후 id 출력된 값] # aws에 생성된 인스턴스 정보 출력{
"Reservations": [
{
"Groups": [],
"Instances": [
{
"AmiLaunchIndex": 0,
"ImageId": "ami-0e4a9ad2eb120e054",
"InstanceId": "i-0af95c7cbf7f7be0d",
"InstanceType": "t2.small",
"LaunchTime": "2021-10-14T15:37:26+00:00",
"Monitoring": {
"State": "disabled"
},
"Placement": {
"AvailabilityZone": "ap-northeast-2a",
"GroupName": "",
"Tenancy": "default"
},
"PrivateDnsName": "ip-172-31-13-82.ap-northeast-2.compute.internal",
"PrivateIpAddress": "172.31.13.82",
"ProductCodes": [],
"PublicDnsName": "ec2-54-180-134-182.ap-northeast-2.compute.amazonaws.com",
"PublicIpAddress": "54.180.134.182",
"State": {
"Code": 16,
"Name": "running"
},
"StateTransitionReason": "",
"SubnetId": "subnet-08806268d77de4852",
"VpcId": "vpc-0678db9b8dbfe52e8",
"Architecture": "x86_64",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda1",
"Ebs": {
"AttachTime": "2021-10-14T15:37:27+00:00",
"DeleteOnTermination": true,
"Status": "attached",
"VolumeId": "vol-0ce6fa23a3c6dc67f"
}
}
],
"ClientToken": "904CAE81-9528-4D15-835C-309C5C923215",
"EbsOptimized": false,
"EnaSupport": true,
"Hypervisor": "xen",
"NetworkInterfaces": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-54-180-134-182.ap-northeast-2.compute.amazonaws.com",
"PublicIp": "54.180.134.182"
},
"Attachment": {
"AttachTime": "2021-10-14T15:37:26+00:00",
"AttachmentId": "eni-attach-0c1dd24a4e936159a",
"DeleteOnTermination": true,
"DeviceIndex": 0,
"Status": "attached",
"NetworkCardIndex": 0
},
"Description": "",
"Groups": [
{
"GroupName": "default",
"GroupId": "sg-08edec9b9904ed85f"
}
],
"Ipv6Addresses": [],
"MacAddress": "02:30:23:ce:3a:b6",
"NetworkInterfaceId": "eni-0112fb62baed2cb2b",
"OwnerId": "701558900840",
"PrivateDnsName": "ip-172-31-13-82.ap-northeast-2.compute.internal",
"PrivateIpAddress": "172.31.13.82",
"PrivateIpAddresses": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-54-180-134-182.ap-northeast-2.compute.amazonaws.com",
"PublicIp": "54.180.134.182"
},
"Primary": true,
"PrivateDnsName": "ip-172-31-13-82.ap-northeast-2.compute.internal",
"PrivateIpAddress": "172.31.13.82"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet-08806268d77de4852",
"VpcId": "vpc-0678db9b8dbfe52e8",
"InterfaceType": "interface"
}
],
"RootDeviceName": "/dev/sda1",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupName": "default",
"GroupId": "sg-08edec9b9904ed85f"
}
],
"SourceDestCheck": true,
"Tags": [
{
"Key": "Name",
"Value": "aws-ubuntu-1"
}
],
"VirtualizationType": "hvm",
"CpuOptions": {
"CoreCount": 1,
"ThreadsPerCore": 1
},
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"HibernationOptions": {
"Configured": false
},
"MetadataOptions": {
"State": "applied",
"HttpTokens": "optional",
"HttpPutResponseHopLimit": 1,
"HttpEndpoint": "enabled",
"HttpProtocolIpv6": "disabled"
},
"EnclaveOptions": {
"Enabled": false
}
}
],
"OwnerId": "701558900840",
"ReservationId": "r-04d0cfba1ebfa17e4"
}
]
}에러
# 에러 구문
user_data = << EOF
#! /bin/bash
sudo su -
yum insatll -y httpd
cat > /var/www/html/index.html << end
<h1>Terraform-WEB-1<h1>
end
systemctl start httpd
EOF
# ====================
# 정상 작동 구문
user_data = <<-EOF
#! /bin/bash
sudo su -
yum insatll -y httpd
cat > /var/www/html/index.html << end
<h1>Terraform-WEB-1<h1>
end
systemctl start httpd
EOF자동화 코드의 구문을 상세히 신경써야합니다.
순서 - vpc --> subnet --> ?
함바라기