操作步驟

1. 安裝程序包。

   1. 前往Terraform官網(wǎng)下載適用于您的操作系統(tǒng)的程序包。

   2. 將程序包解壓。

      • Linux或macOS操作系統(tǒng)：將程序包解壓到/usr/local/bin目錄中，如果將可執(zhí)行文件解壓到其他目錄，需要為其設置環(huán)境變量。具體方法請參見在Linux系統(tǒng)或macOS系統(tǒng)設置環(huán)境變量。

      • Windows操作系統(tǒng)：將程序包解壓到任意目錄，例如D:\terraform\目錄，然后將該目錄添加到環(huán)境變量path中。具體方法請參見在Windows系統(tǒng)設置環(huán)境變量。

   3. 運行terraform驗證路徑配置。

      將顯示可用的Terraform選項的列表，類似如下所示，表示安裝完成。

      Usage: terraform [global options] <subcommand> [args]
      
      The available commands for execution are listed below.
      The primary workflow commands are given first, followed by
      less common or more advanced commands.
      
      Main commands:
        init          Prepare your working directory for other commands
        validate      Check whether the configuration is valid
        plan          Show changes required by the current configuration
        apply         Create or update infrastructure
        destroy       Destroy previously-created infrastructure
      
      All other commands:
        console       Try Terraform expressions at an interactive command prompt
        fmt           Reformat your configuration in the standard style
        force-unlock  Release a stuck lock on the current workspace
        get           Install or upgrade remote Terraform modules
        graph         Generate a Graphviz graph of the steps in an operation
        import        Associate existing infrastructure with a Terraform resource
        login         Obtain and save credentials for a remote host
        logout        Remove locally-stored credentials for a remote host
        output        Show output values from your root module
        providers     Show the providers required for this configuration
        refresh       Update the state to match remote systems
        show          Show the current state or a saved plan
        state         Advanced state management
        taint         Mark a resource instance as not fully functional
        test          Experimental support for module integration testing
        untaint       Remove the 'tainted' state from a resource instance
        version       Show the current Terraform version
        workspace     Workspace management
      
      Global options (use these before the subcommand, if any):
        -chdir=DIR    Switch to a different working directory before executing the
                      given subcommand.
        -help         Show this help output, or the help for a specified subcommand.
        -version      An alias for the "version" subcommand.

2. 為提高權(quán)限管理的靈活性和安全性，建議您創(chuàng)建RAM用戶，并為其授權(quán)。

   1. 登錄RAM控制臺。

   2. 創(chuàng)建名為Terraform的RAM用戶，并為該用戶創(chuàng)建AccessKey。具體步驟請參見創(chuàng)建RAM用戶和創(chuàng)建AccessKey。

   3. 為RAM用戶授權(quán)。在本示例中，給用戶Terraform授予AliyunRDSFullAccess、AliyunVPCFullAccess和AliyunRAMFullAccess權(quán)限，具體步驟請參見為RAM用戶授權(quán)。

3. 創(chuàng)建環(huán)境變量，用于存放身份認證信息。

   • Linux或macOS：

     export ALICLOUD_ACCESS_KEY="*****"
     export ALICLOUD_SECRET_KEY="*****"
     export ALICLOUD_REGION="cn-hangzhou"

     說明

     ALICLOUD_REGION表示待操作的地域，該配置需與后續(xù)創(chuàng)建實例的地域保持一致，請根據(jù)實際情況修改。

   • Windows：在系統(tǒng)環(huán)境變量中分別添加ALICLOUD_ACCESS_KEY、ALICLOUD_SECRET_KEY和ALICLOUD_REGION。

4. 創(chuàng)建執(zhí)行目錄及Terraform模板（terraform.tf）文件。

   1. 創(chuàng)建執(zhí)行目錄并進入。

      說明

      需要為每個Terraform項目創(chuàng)建一個獨立的執(zhí)行目錄。

      • Linux或macOS：

        sudo mkdir /usr/local/terraform
        cd /usr/local/terraform

        重要

        如果您使用的非root權(quán)限用戶，則還需要為terraform目錄授權(quán)，使用sudo chown -R <當前用戶名>:<用戶所屬組名> /usr/local/terraform命令，將terraform文件夾的owner修改為當前用戶。

      • Windows：以D盤下創(chuàng)建rdspg文件夾為例，進入rdspg文件夾。

   2. 在執(zhí)行目錄下，創(chuàng)建Terraform模板（terraform.tf）文件。

      • Linux或macOS：

        touch terraform.tf

      • Windows：手動創(chuàng)建terraform.tf文件。

5. 以查詢可用區(qū)信息為例，編輯terraform.tf文件，補充如下信息。

   • Linux或macOS：

     vim terraform.tf

   • Windows：編輯terraform.tf文件。

   模板內(nèi)容如下：

   data "alicloud_db_zones" "queryzones" {
     instance_charge_type= "PostPaid"
     engine = "PostgreSQL"
     db_instance_storage_type = "cloud_essd"
   }

   說明

   vim命令配置完成后，需按Esc后輸入:wq保存并退出。

6. 在執(zhí)行目錄中使用terraform init命令初始化配置。

   以Windows客戶端為例，執(zhí)行結(jié)果示例如下：

   PS D:\rdspg> terraform init
   
   Initializing the backend...
   
   Initializing provider plugins...
   - Reusing previous version of hashicorp/alicloud from the dependency lock file
   - Using previously-installed hashicorp/alicloud v1.186.0
   
   ?
   │ Warning: Additional provider information from registry
   │
   │ The remote registry returned warnings for registry.terraform.io/hashicorp/alicloud:
   │ - For users on Terraform 0.13 or greater, this provider has moved to aliyun/alicloud. Please update your source in
   │ required_providers.
   ?
   
   Terraform has been successfully initialized!
   
   You may now begin working with Terraform. Try running "terraform plan" to see
   any changes that are required for your infrastructure. All Terraform commands
   should now work.
   
   If you ever set or change modules or backend configuration for Terraform,
   rerun this command to reinitialize your working directory. If you forget, other
   commands will detect it and remind you to do so if necessary.

7. 執(zhí)行terraform plan命令預覽配置。

   以Windows客戶端為例，執(zhí)行結(jié)果示例如下：

   PS D:\rdspg> terraform plan
   data.alicloud_db_zones.queryzones: Reading...
   data.alicloud_db_zones.queryzones: Read complete after 4s [id=491248936]
   
   No changes. Your infrastructure matches the configuration.
   
   Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are
   needed.

8. 執(zhí)行terraform apply應用配置。

   以Windows客戶端為例，執(zhí)行結(jié)果示例如下：

   PS D:\rdspg> terraform apply
   data.alicloud_db_zones.queryzones: Reading...
   data.alicloud_db_zones.queryzones: Read complete after 0s [id=491248936]
   
   No changes. Your infrastructure matches the configuration.
   
   Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are
   needed.
   
   Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

9. 執(zhí)行terraform show查看查詢結(jié)果。

   以Windows客戶端為例，執(zhí)行結(jié)果示例如下：

   PS D:\rdspg> terraform show
   # data.alicloud_db_zones.queryzones:
   data "alicloud_db_zones" "queryzones" {
       db_instance_storage_type = "cloud_essd"
       engine                   = "PostgreSQL"
       id                       = "491248936"
       ids                      = [
           "cn-hangzhou-g",
           "cn-hangzhou-j",
           "cn-hangzhou-k",
       ]
       instance_charge_type     = "PostPaid"
       multi                    = false
       multi_zone               = false
       zones                    = [
           {
               id             = "cn-hangzhou-g"
               multi_zone_ids = []
           },
           {
               id             = "cn-hangzhou-j"
               multi_zone_ids = []
           },
           {
               id             = "cn-hangzhou-i"
               multi_zone_ids = []
           },
           {
               id             = "cn-hangzhou-j"
               multi_zone_ids = []
           },
           {
               id             = "cn-hangzhou-k"
               multi_zone_ids = []
           },
       ]
   }