基本命令
terraform init
terraform init 命令是我们执行的第一条命令,主要用于初始化工作目录,完成Provider、Backend、Modules等模块的加载。
$ terraform init Initializing the backend... Initializing provider plugins... - Finding latest version of huaweicloud/huaweicloud... - Installing huaweicloud/huaweicloud v1.20.0... - Installed huaweicloud/huaweicloud v1.20.0 (self-signed, key ID 55E52798EF815D18) The following providers do not have any version constraints in configuration, so the latest version was installed. To prevent automatic upgardes to new major versions that may contain breaking changes, we recommend adding version constraints in a required_providers block in your configuration, with the constraint strings suggested below. * huaweicloud/huaweicloud: version = "~> 1.20.0" Terraform has been successfully initialized!
在同一个工作目录下,terraform init 命令可以重复执行。我们可以使用 "-upgrade=true" 选项对使用的Provider和Modules进行更新。
$ terraform init -upgrade=true
terraform plan
terraform plan 命令用于创建执行前的计划,是 terraform apply 执行前的一个预览方式,可以检查当前的变更是否符合预期。terraform plan 命令将检测云上资源的属性和状态文件是否存在差异,如果不一致,Terraform 会将差异结果显示在命令下方:
$ terraform plan Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or state storage. ... Plan: 1 to add, 0 to change, 1 to destroy. ...
如果 Terraform 未检测到资源或根模块的更改,则 terraform plan 会输出如下提示:
$ terraform plan ... No changes. Infrastructure is up-to-date. This means that Terraform did not detect ant differences between your configuration and real physical resources that exist. As a result, no actions need to be performed.
默认情况下,terraform plan 命令首先会从远端更新资源的属性。在管理资源较多的情况下,该操作会耗时较长,我们可以使用 "-refresh=false" 选项来禁止更新。
terraform apply
terraform apply 命令用于执行资源的创建或变更。在操作执行前会进行一次人机交互,用于对资源创建和变更的确认。我们也可以使用 "-auto-approve" 选项跳过人机交互直接执行。
$ terraform apply An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: Terraform will perform the following action: ... Plan: 1 to add, 0 to change, 1 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value:
Apply complete! Resources: 1 to add, 0 to change, 1 to destroy. Outputs: vpc_id = df507d37-bce2-4750-8873-f62abb3b085c
terraform destroy
terraform destroy 命令用于销毁目标资源,并且会在操作执行前进行一次人机交互,用于对资源销毁确认。我们也可以使用 "-auto-approve" 选项跳过人机交互直接销毁资源。
$ terraform destroy -auto-approve ... Destroy complete! Resources: 3 destroyed.
terraform destroy 命令默认会释放当前模块中的所有资源,我们可以通过 -target 选项销毁特定的资源,格式为:-target=<资源类型>.<资源名称>:
$ terraform destroy -target=huaweicloud_vpc_subnet.subnet_1 An execution plan has been generated and is show below. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: # huaweicloud_vpc_subnet.subnet_1 will be destroyed - resource "huaweicloud_vpc_subnet" "subnet_1" { ... } Plan: 0 to add, 0 to change, 1 to destroy. ... Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value:
terraform refresh
terraform refresh 命令用于刷新当前 state 文件的配置,该命令会调用远端 API 获取最新数据并将结果写入 state 文件中。
terraform show
terraform show 命令用于展示当前 state 文件中所有被管理的资源及其属性值。
terraform output
terraform output 命令用于显示当前配置中的输出变量。根据配置中定义的输出变量,执行 terrafrom output 命令后会按照变量定义逐一进行输出,规则为 <输出变量名> = <输出变量值>。输出变量的用法请参考输出变量。
$ terraform output vpc_id = df507d37-bce2-4750-8873-f62abb3b085c