Description:
Managing infrastructure with Terraform has a prerequisite: the infrastructure must be created by Terraform, and Terraform must have the state information of these resources.
However, in a real production environment, most of the time, we already have a lot of public cloud infrastructure before we realize that we can use Terraform to manage it. In this case, since the existing public cloud infrastructure was not created by Terraform, these resources are not in the Terraform state, and thus cannot be managed (cannot add, delete, modify, or query these existing technical facilities).
Fortunately, Terraform provides a way to import non-Terraform created infrastructure resources using the terraform import command.
Command format: terraform import [options] ADDRESS ID
ADDRESS: The address of the resource in the resource configuration file
ID: The actual resource ID on the public cloud
Although terraform import provides a way to import and manage our previously existing resources, it has some inconveniences. For example, resources cannot be imported in bulk; only one resource can be imported at a time. Additionally, all resources must be manually written in the configuration file, and these configurations cannot be automatically generated.
Resource Import Demonstration
Preparation
- First, use the configuration file to create a VPC and a switch (subnet) in Alibaba Cloud.
Configuration file content:
Configure Alibaba Cloud provider
provider “alicloud” {
access_key = “your_ak_xxx”
secret_key = “your_sk_xxx”
region = “cn-shenzhen”
}
Create Alibaba Cloud VPC
resource “alicloud_vpc” “liqi-vpc-test” {
vpc_name = “liqi-vpc-test”
cidr_block = “10.100.0.0/16”
}
Create Alibaba Cloud vswitch, subnet is 10.100.1.0/24
resource “alicloud_vswitch” “liqi-vswitch-test” {
vpc_id = “${alicloud_vpc.liqi-vpc-test.id}”
cidr_block = “10.100.1.0/24”
zone_id = “cn-shenzhen-b”
}
Console resources:
- Manually create 2 switches (subnets) in the console
The red box shows the two switches (subnets) manually created in the console.
- Compare Terraform managed resources
Use terraform state list to view the resource list. You can see that there is only one VPC and switch created through the configuration file.
Add resource configuration to the configuration file
Configuration file content:
Add the resource configuration of the two switches (subnets) we want to import
Configure Alibaba Cloud provider
provider “alicloud” {
access_key = “your_ak_xxx”
secret_key = “your_sk_xxx”
region = “cn-shenzhen”
}
Create Alibaba Cloud VPC
resource “alicloud_vpc” “liqi-vpc-test” {
vpc_name = “liqi-vpc-test”
cidr_block = “10.100.0.0/16”
}
Create Alibaba Cloud vswitch, subnet is 10.100.1.0/24
resource “alicloud_vswitch” “liqi-vswitch-test” {
vpc_id = “${alicloud_vpc.liqi-vpc-test.id}”
cidr_block = “10.100.1.0/24”
zone_id = “cn-shenzhen-b”
}
Import Alibaba Cloud vswitch, subnet is 10.100.2.0/24
resource “alicloud_vswitch” “liqi-vswitch-test2” {
vpc_id = “${alicloud_vpc.liqi-vpc-test.id}”
vswitch_name = “liqi-vswitch-test2”
cidr_block = “10.100.2.0/24”
zone_id = “cn-shenzhen-c”
}
Import Alibaba Cloud vswitch, subnet is 10.100.3.0/24
resource “alicloud_vswitch” “liqi-vswitch-test3” {
vpc_id = “${alicloud_vpc.liqi-vpc-test.id}”
vswitch_name = “liqi-vswitch-test3”
cidr_block = “10.100.3.0/24”
zone_id = “cn-shenzhen-d”
}
Import resource
Although the resource configuration in our configuration file directly writes the configuration of the two switches (subnets), when we execute the terraform import command to import the resource state, only one resource can be imported at a time.
terraform import alicloud_vswitch.liqi-vswitch-test2 vsw-wz9dun3xkcfxxxxxxxxxx
terraform import alicloud_vswitch.liqi-vswitch-test3 vsw-wz9xc10qio9xxxxxxxxxx
The command line will prompt success after the import.
View the imported resource state list
Summary
Writing existing infrastructure as resource configuration files and importing them into Terraform allows us to manage our cloud infrastructure uniformly using Terraform in the future.
Although the current import process is not very intelligent or user-friendly (each resource configuration must be written manually; only one resource can be imported at a time), Terraform is continuously improving in this area.
Importing old VPC
|
username: tidb狂热爱好者
|
username: 
|
username: 
|
username: 
|
username: 
|
username: