【Azure 环境】在Windows系统中 使用Terraform创建中国区Azure资源步骤(入门级) - LuBu0505/My-Code GitHub Wiki
Terraform(全称:Hashicorp Terraform )是一种开源工具,用于预配和管理云基础结构。 它将基础结构编入描述云资源拓扑的配置文件中。 这些资源包括虚拟机、存储帐户和网络接口等。
本文介绍在Windows系统中,如何安装Terraform,并且根据Azure的示例模板创建,在中国区创建一个虚拟机(VM)的入门级教程。
安装Terraform
Terraform的Windows版本为一个.exe文件,下载后把放置在自定义的文件夹中,最后配置号系统的PATH即可。
- 下载Terraform(https://www.terraform.io/downloads.html),根据情况选择Windows 32-bit版 或 64-bit版
- 解压文件,复制到目标文件夹中,如:C:\LBWorkSpace\tool
- 配置系统PATH路径
- 打开CMD,使用Terraform --version测试
准备创建VM的Terraform模板
准备Terraform模板,参考Azure的官方文档:使用 Terraform 在 Azure 中创建带有基础结构的 Linux VM。可以一步一步的编写模板,也可全部COPY至本地,并命名为:terraform_azure.tf(名字可以随便改动,文件后缀名tf不可变)。
1 # Configure the Microsoft Azure Provider
2 provider "azurerm" {
3 # The "feature" block is required for AzureRM provider 2.x.
4 # If you're using version 1.x, the "features" block is not allowed.
5 version = "~>2.0"
6 features {}
7 }
8
9 # Create a resource group if it doesn't exist
10 resource "azurerm_resource_group" "myterraformgroup" {
11 name = "myResourceGroup"
12 location = "chinaeast"
13
14 tags = {
15 environment = "Terraform Demo"
16 }
17 }
18
19 # Create virtual network
20 resource "azurerm_virtual_network" "myterraformnetwork" {
21 name = "myVnet"
22 address_space = ["10.0.0.0/16"]
23 location = "chinaeast"
24 resource_group_name = azurerm_resource_group.myterraformgroup.name
25
26 tags = {
27 environment = "Terraform Demo"
28 }
29 }
30
31 # Create subnet
32 resource "azurerm_subnet" "myterraformsubnet" {
33 name = "mySubnet"
34 resource_group_name = azurerm_resource_group.myterraformgroup.name
35 virtual_network_name = azurerm_virtual_network.myterraformnetwork.name
36 address_prefixes = ["10.0.1.0/24"]
37 }
38
39 # Create public IPs
40 resource "azurerm_public_ip" "myterraformpublicip" {
41 name = "myPublicIP"
42 location = "chinaeast"
43 resource_group_name = azurerm_resource_group.myterraformgroup.name
44 allocation_method = "Dynamic"
45
46 tags = {
47 environment = "Terraform Demo"
48 }
49 }
50
51 # Create Network Security Group and rule
52 resource "azurerm_network_security_group" "myterraformnsg" {
53 name = "myNetworkSecurityGroup"
54 location = "chinaeast"
55 resource_group_name = azurerm_resource_group.myterraformgroup.name
56
57 security_rule {
58 name = "SSH"
59 priority = 1001
60 direction = "Inbound"
61 access = "Allow"
62 protocol = "Tcp"
63 source_port_range = "*"
64 destination_port_range = "22"
65 source_address_prefix = "*"
66 destination_address_prefix = "*"
67 }
68
69 tags = {
70 environment = "Terraform Demo"
71 }
72 }
73
74 # Create network interface
75 resource "azurerm_network_interface" "myterraformnic" {
76 name = "myNIC"
77 location = "chinaeast"
78 resource_group_name = azurerm_resource_group.myterraformgroup.name
79
80 ip_configuration {
81 name = "myNicConfiguration"
82 subnet_id = azurerm_subnet.myterraformsubnet.id
83 private_ip_address_allocation = "Dynamic"
84 public_ip_address_id = azurerm_public_ip.myterraformpublicip.id
85 }
86
87 tags = {
88 environment = "Terraform Demo"
89 }
90 }
91
92 # Connect the security group to the network interface
93 resource "azurerm_network_interface_security_group_association" "example" {
94 network_interface_id = azurerm_network_interface.myterraformnic.id
95 network_security_group_id = azurerm_network_security_group.myterraformnsg.id
96 }
97
98 # Generate random text for a unique storage account name
99 resource "random_id" "randomId" {
100 keepers = {
101 # Generate a new ID only when a new resource group is defined
102 resource_group = azurerm_resource_group.myterraformgroup.name
103 }
104
105 byte_length = 8
106 }
107
108 # Create storage account for boot diagnostics
109 resource "azurerm_storage_account" "mystorageaccount" {
110 name = "diag${random_id.randomId.hex}"
111 resource_group_name = azurerm_resource_group.myterraformgroup.name
112 location = "chinaeast"
113 account_tier = "Standard"
114 account_replication_type = "LRS"
115
116 tags = {
117 environment = "Terraform Demo"
118 }
119 }
120
121 # Create (and display) an SSH key
122 resource "tls_private_key" "example_ssh" {
123 algorithm = "RSA"
124 rsa_bits = 4096
125 }
126 #output "tls_private_key" { value = tls_private_key.example_ssh.private_key_pem }
127
128 # Create virtual machine
129 resource "azurerm_linux_virtual_machine" "myterraformvm" {
130 name = "myVM"
131 location = "chinaeast"
132 resource_group_name = azurerm_resource_group.myterraformgroup.name
133 network_interface_ids = [azurerm_network_interface.myterraformnic.id]
134 size = "Standard_DS1_v2"
135
136 os_disk {
137 name = "myOsDisk"
138 caching = "ReadWrite"
139 storage_account_type = "Premium_LRS"
140 }
141
142 source_image_reference {
143 publisher = "Canonical"
144 offer = "UbuntuServer"
145 sku = "18.04-LTS"
146 version = "latest"
147 }
148
149 computer_name = "myvm"
150 admin_username = "azureuser"
151 disable_password_authentication = true
152
153 admin_ssh_key {
154 username = "azureuser"
155 public_key = tls_private_key.example_ssh.public_key_openssh
156 }
157
158 boot_diagnostics {
159 storage_account_uri = azurerm_storage_account.mystorageaccount.primary_blob_endpoint
160 }
161
162 tags = {
163 environment = "Terraform Demo"
164 }
165 }
完成 Terraform 脚本:https://docs.microsoft.com/zh-cn/azure/developer/terraform/create-linux-virtual-machine-with-infrastructure#complete-terraform-script
登录到中国区Azure
本文使用Visual Studio Code工具来展示命令及Terraform脚本,也可以直接使用PowerShell窗口。
一:打开VS Code,使用 az cloud set --name AzureChinaCloud 设置登录环境为China Azure。
二:使用 az login 登录
三:如有多个订阅号,可以使用 az account set --subscription "your subscription id" 指定资源所创建的订阅
执行Terraform init, plan, apply命令
第一步:初始化 terraform init
命令
terraform init
第二步:检查并验证模板 terraform plan
命令
terraform plan
**注意:**在检查模板时候有两个错误,是因为copy的terraform模板是创建在global azure的,而当前是在中国区azure,所以需要修改location从eastus到chinaeast或其他。 第二个错误output输出可以暂时注释126行模板即可。修改完成后,再次使用terraform plan命令检查模板,输出结果中会包含模板中将要创建,修改的资源列表。
第三步:构建模板中的资源 terraform apply
命令
terraform apply
输出(apply命令需要在执行前手动输入yes,然后开始真正执行创建资源。当创建完成后,可以看见Apply complete! Resources: 9 added, 0 changed, 0 destroyed.提示消息)
恭喜!踏入Terraform创建Azure资源大门。
参考资料
“Azure 上的 Terraform”文档: https://docs.microsoft.com/zh-cn/azure/developer/terraform/
使用 Terraform 在 Azure 中创建带有基础结构的 Linux VM: https://docs.microsoft.com/zh-cn/azure/developer/terraform/create-linux-virtual-machine-with-infrastructure#complete-terraform-script
Install Azure CLI on Windows:https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?tabs=azure-powershell