14.3.4 Terraform Configuration 실행하기
명령창실행
Configuration 파일이 있는 경로로 이동
[opc@bastion-host example_vcn]$ ls -la total 12 drwxrwxr-x. 2 opc opc 63 Jan 18 09:50 . drwxrwxr-x. 3 opc opc 25 Jan 18 09:46 .. -rw-rw-r--. 1 opc opc 359 Jan 18 09:47 provider.tf -rw-rw-r--. 1 opc opc 479 Jan 18 09:50 terraform.tfvars -rw-rw-r--. 1 opc opc 284 Jan 18 09:47 vcn.tf초기화 실행
초기화를 수행하면 provider.tf에서 사용하는 OCI Provider를 자동으로 .terraform 폴더 밑으로 다운받습니다.
terraform init실행예시
[opc@bastion-host example_vcn]$ terraform init Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/oci... - Installing hashicorp/oci v4.59.0... - Installed hashicorp/oci v4.59.0 (signed by HashiCorp) ... [opc@bastion-host example_vcn]$ ls -la total 20 drwxrwxr-x. 3 opc opc 4096 Jan 18 09:51 . drwxrwxr-x. 3 opc opc 25 Jan 18 09:46 .. drwxr-xr-x. 3 opc opc 23 Jan 18 09:51 .terraform -rw-r--r--. 1 opc opc 1002 Jan 18 09:51 .terraform.lock.hcl -rw-rw-r--. 1 opc opc 359 Jan 18 09:47 provider.tf -rw-rw-r--. 1 opc opc 479 Jan 18 09:50 terraform.tfvars -rw-rw-r--. 1 opc opc 284 Jan 18 09:47 vcn.tf [opc@bastion-host example_vcn]$ ls -la .terraform total 4 drwxr-xr-x. 3 opc opc 23 Jan 18 09:51 . drwxrwxr-x. 3 opc opc 4096 Jan 18 09:51 .. drwxr-xr-x. 3 opc opc 35 Jan 18 09:51 providers
실행 플랜 확인
플랜 명령을 수행하면, 실제 OCI에 수행되는 계획을 확인할 수 있습니다.
terraform plan실행예시
[opc@bastion-host example_vcn]$ terraform plan Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # oci_core_virtual_network.vcn1 will be created + resource "oci_core_virtual_network" "vcn1" { + cidr_block = "10.0.0.0/16" + cidr_blocks = (known after apply) + compartment_id = "ocid1.compartment.oc1..aaaaaaaaqcgintvsf3giria27rztelhvr4n6gra5wcvtj2bxzm3ukrk7aq7q" + default_dhcp_options_id = (known after apply) + default_route_table_id = (known after apply) + default_security_list_id = (known after apply) + defined_tags = (known after apply) + display_name = "vcn1" + dns_label = "vcn1" + freeform_tags = (known after apply) + id = (known after apply) + ipv6cidr_blocks = (known after apply) + is_ipv6enabled = (known after apply) + state = (known after apply) + time_created = (known after apply) + vcn_domain_name = (known after apply) } Plan: 1 to add, 0 to change, 0 to destroy. Changes to Outputs: + vcn1_ocid = [ + (known after apply), ] ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.
실행
실행하면 실제 OCI에 Terraform 계획이 적용되어 관련된 OCI 자원이 생성됩니다. 또한 실행후 terraform output 명령을 통해 outout 변수를 조회할 수 있습니다.
terraform apply실행예시
[opc@bastion-host example_vcn]$ terraform apply Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # oci_core_virtual_network.vcn1 will be created + resource "oci_core_virtual_network" "vcn1" { + cidr_block = "10.0.0.0/16" + cidr_blocks = (known after apply) + compartment_id = "ocid1.compartment.oc1..aaaaaaaaqcgintvsf3giria27rztelhvr4n6gra5wcvtj2bxzm3ukrk7aq7q" + default_dhcp_options_id = (known after apply) + default_route_table_id = (known after apply) + default_security_list_id = (known after apply) + defined_tags = (known after apply) + display_name = "vcn1" + dns_label = "vcn1" + freeform_tags = (known after apply) + id = (known after apply) + ipv6cidr_blocks = (known after apply) + is_ipv6enabled = (known after apply) + state = (known after apply) + time_created = (known after apply) + vcn_domain_name = (known after apply) } Plan: 1 to add, 0 to change, 0 to destroy. Changes to Outputs: + vcn1_ocid = [ + (known after apply), ] Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes oci_core_virtual_network.vcn1: Creating... oci_core_virtual_network.vcn1: Creation complete after 1s [id=ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q] Apply complete! Resources: 1 added, 0 changed, 0 destroyed. Outputs: vcn1_ocid = [ "ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q", ]
실행결과 확인
OCI 콘솔에서 내비게이션 메뉴를 엽니다. Networking » Virtual Cloud Networks 항목으로 이동합니다.
Terraform Configuration시 지정한 Comparment를 선택합니다.
그림과 같이 생성된 VCN을 확인 할 수 있습니다.
State 관리
다시 terraform apply를 실행하면 아래와 앞서 이미 실행되어 자원이 생성되었기 때문에, 변경 적용할 것이 없다고 표시됩니다.
[opc@bastion-host example_vcn]$ terraform apply oci_core_virtual_network.vcn1: Refreshing state... [id=ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q] No changes. Your infrastructure matches the configuration. Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed. Apply complete! Resources: 0 added, 0 changed, 0 destroyed. Outputs: vcn1_ocid = [ "ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q", ]Terraform State 관리 파일
terraform 설정을 실행하면, 실행후 아래처럼 terraform.tfstate 파일이 생성되고 생성된 자원에 대한 id와 관련 속성 등을 기록하여 자원 상태를 관리하게 됩니다. 그래서 다시 terraform apply를 통해 실행하더라도, tfstate에서 관리되는 id의 자원의 현재 OCI 자원의 현재 상태를 확인(Refresh)한 상태와 적용할 Plan을 비교하여 변경할 사항이 있는 지 확인후 반영됩니다.
[opc@bastion-host example_vcn]$ ls -la total 24 drwxrwxr-x. 3 opc opc 4096 Jan 18 10:06 . drwxrwxr-x. 3 opc opc 25 Jan 18 09:46 .. drwxr-xr-x. 3 opc opc 23 Jan 18 09:51 .terraform -rw-r--r--. 1 opc opc 1002 Jan 18 09:51 .terraform.lock.hcl -rw-rw-r--. 1 opc opc 359 Jan 18 09:47 provider.tf -rw-rw-r--. 1 opc opc 2152 Jan 18 10:06 terraform.tfstate -rw-rw-r--. 1 opc opc 479 Jan 18 09:50 terraform.tfvars -rw-rw-r--. 1 opc opc 284 Jan 18 09:47 vcn.tf [opc@bastion-host example_vcn]$ cat terraform.tfstate { "version": 4, "terraform_version": "1.1.3", "serial": 2, "lineage": "b9cd2a13-5ef9-f1e1-ffc9-ea5b2964955d", "outputs": { "vcn1_ocid": { "value": [ "ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q" ], "type": [ "tuple", [ "string" ] ] } }, "resources": [ { "mode": "managed", "type": "oci_core_virtual_network", "name": "vcn1", "provider": "provider[\"registry.terraform.io/hashicorp/oci\"]", "instances": [ { "schema_version": 0, "attributes": { "cidr_block": "10.0.0.0/16", "cidr_blocks": [ "10.0.0.0/16" ], "compartment_id": "ocid1.compartment.oc1..aaaaaaaaqcgintvsf3giria27rztelhvr4n6gra5wcvtj2bxzm3ukrk7aq7q", "default_dhcp_options_id": "ocid1.dhcpoptions.oc1.ap-seoul-1.aaaaaaaaun4ti33kubad7cqexhe4npgwy773lldor7xxfbbu2lu5yz3q6uaa", "default_route_table_id": "ocid1.routetable.oc1.ap-seoul-1.aaaaaaaammsdhhl7czlkrxeji7eqot6tkiyfcvrhuqvf4hh3cra3rt3m2e2a", "default_security_list_id": "ocid1.securitylist.oc1.ap-seoul-1.aaaaaaaadmiqjfjkiw7k73lxwbilgci2xrzehxud3ezfujmt3gtjenocsoaa", "defined_tags": { "Oracle-Tags.CreatedBy": "sandboxer", "Oracle-Tags.CreatedOn": "2022-01-18T10:00:51.322Z" }, "display_name": "vcn1", "dns_label": "vcn1", "freeform_tags": {}, "id": "ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q", "ipv6cidr_blocks": [], "is_ipv6enabled": false, "state": "AVAILABLE", "time_created": "2022-01-18 10:00:51.389 +0000 UTC", "timeouts": null, "vcn_domain_name": "vcn1.oraclevcn.com" }, "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19" } ] } ] }
삭제
앞서 Terraform으로 생성된 자원을 삭제하려면 다음 명령을 수행하면 됩니다.
terraform destroy실행예시
[opc@bastion-host example_vcn]$ terraform destroy oci_core_virtual_network.vcn1: Refreshing state... [id=ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: # oci_core_virtual_network.vcn1 will be destroyed - resource "oci_core_virtual_network" "vcn1" { - cidr_block = "10.0.0.0/16" -> null - cidr_blocks = [ - "10.0.0.0/16", ] -> null - compartment_id = "ocid1.compartment.oc1..aaaaaaaaqcgintvsf3giria27rztelhvr4n6gra5wcvtj2bxzm3ukrk7aq7q" -> null - default_dhcp_options_id = "ocid1.dhcpoptions.oc1.ap-seoul-1.aaaaaaaaun4ti33kubad7cqexhe4npgwy773lldor7xxfbbu2lu5yz3q6uaa" -> null - default_route_table_id = "ocid1.routetable.oc1.ap-seoul-1.aaaaaaaammsdhhl7czlkrxeji7eqot6tkiyfcvrhuqvf4hh3cra3rt3m2e2a" -> null - default_security_list_id = "ocid1.securitylist.oc1.ap-seoul-1.aaaaaaaadmiqjfjkiw7k73lxwbilgci2xrzehxud3ezfujmt3gtjenocsoaa" -> null - defined_tags = { - "Oracle-Tags.CreatedBy" = "sandboxer" - "Oracle-Tags.CreatedOn" = "2022-01-18T10:00:51.322Z" } -> null - display_name = "vcn1" -> null - dns_label = "vcn1" -> null - freeform_tags = {} -> null - id = "ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q" -> null - ipv6cidr_blocks = [] -> null - is_ipv6enabled = false -> null - state = "AVAILABLE" -> null - time_created = "2022-01-18 10:00:51.389 +0000 UTC" -> null - vcn_domain_name = "vcn1.oraclevcn.com" -> null } Plan: 0 to add, 0 to change, 1 to destroy. Changes to Outputs: - vcn1_ocid = [ - "ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q", ] -> null Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value: yes oci_core_virtual_network.vcn1: Destroying... [id=ocid1.vcn.oc1.ap-seoul-1.amaaaaaansfh2iiaduerl4znqr6sb2yng6j7x2yov4kqrsuhi452pcjxl52q] oci_core_virtual_network.vcn1: Destruction complete after 1s Destroy complete! Resources: 1 destroyed.실행결과
아래 그림과 같이 vcn1이 없어진 것을 볼 수 있습니다.
이 글은 개인으로서, 개인의 시간을 할애하여 작성된 글입니다. 글의 내용에 오류가 있을 수 있으며, 글 속의 의견은 개인적인 의견입니다.