本文主要讲解如何使用Terraform-在Azure Cloud 中创建一个新的资源组
然后在这个资源组中,创建一个虚拟网络-192.168.10.0/24, 以及8个/27位子网
环境说明:一般都是资源与资源组在一个Location位置中,写法也相对简单一些
因此本文,使用了,资源组,与虚拟网络资源不在同一个Location位置的情况进行演示,因此也会多一些细节点注意事项
首先还是先准备如下3个Terraform模板文件,以后各个文件的内容
li [ ~/qq-5201351 ]$ ls main.tf providers.tf variables.tf
1、变量文件-variables.tf 内容
variable "resource_group_location" { type = string default = "East Asia" description = "Location of the resource group." } variable "resource_group_name" { type = string default = "RG001" } variable "vnet_name" { type = string default = "vnet-192.168.10.0" }
2、providers文件-providers.tf-内容
terraform { required_version = ">=0.12" required_providers { azapi = { source = "azure/azapi" version = "~>1.5" } azurerm = { source = "hashicorp/azurerm" version = "~>2.0" } random = { source = "hashicorp/random" version = "~>3.0" } } } provider "azurerm" { features {} }
3、主文件-main.tf-内容
# Create Resource Group RG001 resource "azurerm_resource_group" "rg" { location = var.resource_group_location name = var.resource_group_name } # Create virtual network - 192.168.10.0/24 resource "azurerm_virtual_network" "my_terraform_network" { name = "vnet-192.168.10.0" address_space = ["192.168.10.0/24"] location = "Japan East" resource_group_name = azurerm_resource_group.rg.name } # Create subnet 01 resource "azurerm_subnet" "my_terraform_subnet_01" { name = "subnet-192.168.10.0" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["192.168.10.0/27"] enforce_private_link_endpoint_network_policies = true } # Create subnet 02 resource "azurerm_subnet" "my_terraform_subnet_02" { name = "subnet-192.168.10.32" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["192.168.10.32/27"] enforce_private_link_endpoint_network_policies = true } # Create subnet 03 resource "azurerm_subnet" "my_terraform_subnet_03" { name = "subnet-192.168.10.64" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["192.168.10.64/27"] enforce_private_link_endpoint_network_policies = true } # Create subnet 04 resource "azurerm_subnet" "my_terraform_subnet_04" { name = "subnet-192.168.10.96" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["192.168.10.96/27"] enforce_private_link_endpoint_network_policies = true } # Create subnet 05 resource "azurerm_subnet" "my_terraform_subnet_05" { name = "subnet-192.168.10.128" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["192.168.10.128/27"] enforce_private_link_endpoint_network_policies = true } # Create subnet 06 resource "azurerm_subnet" "my_terraform_subnet_06" { name = "subnet-192.168.10.160" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["192.168.10.160/27"] enforce_private_link_endpoint_network_policies = true } # Create subnet 07 resource "azurerm_subnet" "my_terraform_subnet_07" { name = "subnet-192.168.10.192" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["192.168.10.192/27"] enforce_private_link_endpoint_network_policies = true } # Create subnet 08 resource "azurerm_subnet" "my_terraform_subnet_08" { name = "subnet-192.168.10.224" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["192.168.10.224/27"] enforce_private_link_endpoint_network_policies = true }
4、将 Terraform 部署进行初始化,下载管理 Azure 资源所需的 Azure 提供程序 : terraform init -upgrade
5、创建Terraform-执行计划:terraform plan -out main.tfplan
li [ ~/qq-5201351 ]$ terraform plan -out main.tfplan Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # azurerm_resource_group.rg will be created + resource "azurerm_resource_group" "rg" { + id = (known after apply) + location = "eastasia" + name = "RG001" } # azurerm_subnet.my_terraform_subnet_01 will be created + resource "azurerm_subnet" "my_terraform_subnet_01" { + address_prefix = (known after apply) + address_prefixes = [ + "192.168.10.0/27", ] + enforce_private_link_endpoint_network_policies = true + enforce_private_link_service_network_policies = false + id = (known after apply) + name = "subnet-192.168.10.0" + resource_group_name = "RG001" + virtual_network_name = "vnet-192.168.10.0" } # azurerm_subnet.my_terraform_subnet_02 will be created + resource "azurerm_subnet" "my_terraform_subnet_02" { + address_prefix = (known after apply) + address_prefixes = [ + "192.168.10.32/27", ] + enforce_private_link_endpoint_network_policies = true + enforce_private_link_service_network_policies = false + id = (known after apply) + name = "subnet-192.168.10.32" + resource_group_name = "RG001" + virtual_network_name = "vnet-192.168.10.0" } # azurerm_subnet.my_terraform_subnet_03 will be created + resource "azurerm_subnet" "my_terraform_subnet_03" { + address_prefix = (known after apply) + address_prefixes = [ + "192.168.10.64/27", ] + enforce_private_link_endpoint_network_policies = true + enforce_private_link_service_network_policies = false + id = (known after apply) + name = "subnet-192.168.10.64" + resource_group_name = "RG001" + virtual_network_name = "vnet-192.168.10.0" } # azurerm_subnet.my_terraform_subnet_04 will be created + resource "azurerm_subnet" "my_terraform_subnet_04" { + address_prefix = (known after apply) + address_prefixes = [ + "192.168.10.96/27", ] + enforce_private_link_endpoint_network_policies = true + enforce_private_link_service_network_policies = false + id = (known after apply) + name = "subnet-192.168.10.96" + resource_group_name = "RG001" + virtual_network_name = "vnet-192.168.10.0" } # azurerm_subnet.my_terraform_subnet_05 will be created + resource "azurerm_subnet" "my_terraform_subnet_05" { + address_prefix = (known after apply) + address_prefixes = [ + "192.168.10.128/27", ] + enforce_private_link_endpoint_network_policies = true + enforce_private_link_service_network_policies = false + id = (known after apply) + name = "subnet-192.168.10.128" + resource_group_name = "RG001" + virtual_network_name = "vnet-192.168.10.0" } # azurerm_subnet.my_terraform_subnet_06 will be created + resource "azurerm_subnet" "my_terraform_subnet_06" { + address_prefix = (known after apply) + address_prefixes = [ + "192.168.10.160/27", ] + enforce_private_link_endpoint_network_policies = true + enforce_private_link_service_network_policies = false + id = (known after apply) + name = "subnet-192.168.10.160" + resource_group_name = "RG001" + virtual_network_name = "vnet-192.168.10.0" } # azurerm_subnet.my_terraform_subnet_07 will be created + resource "azurerm_subnet" "my_terraform_subnet_07" { + address_prefix = (known after apply) + address_prefixes = [ + "192.168.10.192/27", ] + enforce_private_link_endpoint_network_policies = true + enforce_private_link_service_network_policies = false + id = (known after apply) + name = "subnet-192.168.10.192" + resource_group_name = "RG001" + virtual_network_name = "vnet-192.168.10.0" } # azurerm_subnet.my_terraform_subnet_08 will be created + resource "azurerm_subnet" "my_terraform_subnet_08" { + address_prefix = (known after apply) + address_prefixes = [ + "192.168.10.224/27", ] + enforce_private_link_endpoint_network_policies = true + enforce_private_link_service_network_policies = false + id = (known after apply) + name = "subnet-192.168.10.224" + resource_group_name = "RG001" + virtual_network_name = "vnet-192.168.10.0" } # azurerm_virtual_network.my_terraform_network will be created + resource "azurerm_virtual_network" "my_terraform_network" { + address_space = [ + "192.168.10.0/24", ] + dns_servers = (known after apply) + guid = (known after apply) + id = (known after apply) + location = "japaneast" + name = "vnet-192.168.10.0" + resource_group_name = "RG001" + subnet = (known after apply) + vm_protection_enabled = false } Plan: 10 to add, 0 to change, 0 to destroy. ──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Saved the plan to: main.tfplan To perform exactly these actions, run the following command to apply: terraform apply "main.tfplan"
6、应用 Terraform 执行计划:terraform apply main.tfplan
li [ ~/qq-5201351 ]$ terraform apply main.tfplan azurerm_resource_group.rg: Creating... azurerm_resource_group.rg: Creation complete after 2s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001] azurerm_virtual_network.my_terraform_network: Creating... azurerm_virtual_network.my_terraform_network: Creation complete after 6s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0] azurerm_subnet.my_terraform_subnet_06: Creating... azurerm_subnet.my_terraform_subnet_03: Creating... azurerm_subnet.my_terraform_subnet_04: Creating... azurerm_subnet.my_terraform_subnet_01: Creating... azurerm_subnet.my_terraform_subnet_05: Creating... azurerm_subnet.my_terraform_subnet_02: Creating... azurerm_subnet.my_terraform_subnet_07: Creating... azurerm_subnet.my_terraform_subnet_08: Creating... azurerm_subnet.my_terraform_subnet_06: Creation complete after 5s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0/subnets/subnet-192.168.10.160] azurerm_subnet.my_terraform_subnet_04: Still creating... [10s elapsed] azurerm_subnet.my_terraform_subnet_03: Still creating... [10s elapsed] azurerm_subnet.my_terraform_subnet_01: Still creating... [10s elapsed] azurerm_subnet.my_terraform_subnet_05: Still creating... [10s elapsed] azurerm_subnet.my_terraform_subnet_07: Still creating... [10s elapsed] azurerm_subnet.my_terraform_subnet_08: Still creating... [10s elapsed] azurerm_subnet.my_terraform_subnet_02: Still creating... [10s elapsed] azurerm_subnet.my_terraform_subnet_01: Creation complete after 10s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0/subnets/subnet-192.168.10.0] azurerm_subnet.my_terraform_subnet_03: Creation complete after 15s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0/subnets/subnet-192.168.10.64] azurerm_subnet.my_terraform_subnet_05: Creation complete after 20s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0/subnets/subnet-192.168.10.128] azurerm_subnet.my_terraform_subnet_04: Still creating... [20s elapsed] azurerm_subnet.my_terraform_subnet_07: Still creating... [20s elapsed] azurerm_subnet.my_terraform_subnet_02: Still creating... [20s elapsed] azurerm_subnet.my_terraform_subnet_08: Still creating... [20s elapsed] azurerm_subnet.my_terraform_subnet_07: Creation complete after 24s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0/subnets/subnet-192.168.10.192] azurerm_subnet.my_terraform_subnet_08: Creation complete after 29s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0/subnets/subnet-192.168.10.224] azurerm_subnet.my_terraform_subnet_04: Still creating... [30s elapsed] azurerm_subnet.my_terraform_subnet_02: Still creating... [30s elapsed] azurerm_subnet.my_terraform_subnet_02: Creation complete after 34s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0/subnets/subnet-192.168.10.32] azurerm_subnet.my_terraform_subnet_04: Creation complete after 39s [id=/subscriptions/2027a5ea-db41-4d93-a2b3-caff8e2c1157/resourceGroups/RG001/providers/Microsoft.Network/virtualNetworks/vnet-192.168.10.0/subnets/subnet-192.168.10.96] Apply complete! Resources: 10 added, 0 changed, 0 destroyed.
这样,就可以在Azure Portal 上看到 创建了一个 RG001资源组,一个虚拟网络,8个子网,对于上面显示的10个资源
其他说明:但是实际到Azure上可以看到还多创建了如下2个
1、NetworkWatcherRG 这样一个资源组,位置与虚拟网络位置一样:Japan East
2、NetworkWatcher_japaneast 网络观察程序,位于NetworkWatcherRG资源组:Location位置也是:Japan East
尊重别人的劳动成果 转载请务必注明出处:https://www.cnblogs.com/5201351/p/17643791.html