【Terraform】003. EC2インスタンスをプロビジョニングする - AWS
はじめに
本投稿では、AWSにEC2インスタンスをプロビジョニングする方法について記載しています。
作業環境
$ hostnamectl status
Static hostname: terraform
Icon name: computer-container
Chassis: container
Machine ID: ---
Boot ID: ---
Virtualization: lxc
Operating System: Ubuntu 22.04 LTS
Kernel: Linux 5.4.0-113-generic
Architecture: x86-64※ SHELLは、Bashを利用しています。
設定ファイルを作成
001. 作業ディレクトリの準備
Terraformを実行するための、ディレクトリを準備し、移動します。
$ mkdir terraform_work_dir \
&& cd terraform_work_dir002. 設定ファイルを記述
EC2インスタンスをプロビジョニングするための設定ファイル「ec2.tf」を作成します。
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.16"
}
}
required_version = ">= 1.2.0"
}
provider "aws" {
# 東京リージョン
region = "ap-northeast-1"
}
resource "aws_instance" "app_server" {
# Canonical, Ubuntu, 22.04 LTS, amd64 jammy image build on 2022-06-09
ami = "ami-07200fa04af91f087"
instance_type = "t2.micro"
tags = {
Name = "ExampleAppServerInstance"
}
}003. 作業ディレクトリの初期化
初めて「main.tf」を作成した場合、作業ディレクトリに移動し下記コマンドで初期化が必要になります。
$ terraform init
Initializing the backend...
Initializing provider plugins...
- Finding hashicorp/aws versions matching "~> 4.16"...
- Installing hashicorp/aws v4.23.0...
- Installed hashicorp/aws v4.23.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.004. フォーマットの整形と構文チェック
Terraformには、 .tf ファイルのインデントのズレなどを整形するための機能が備わっています。
下記コマンドを実行するだけで、自動的にコードの整形を実施してくれます。
$ terraform fmtまたTerrafromには、構文チェック機能も備わっており、設定項目等に誤りが無いことを確認できます。
下記コマンドを実行するだけで、構文チェックを実施することができます。
$ terraform validate
Success! The configuration is valid.EC2インスタンスをプロビジョニング
001. プロビジョニング
実際にAWSに対して、Terraformを実行します。
正常に完了するとEC2インスタンスがAWSに作成されます。
$ terraform apply
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_instance.app_server will be created
+ resource "aws_instance" "app_server" {
+ ami = "ami-07200fa04af91f087"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ disable_api_stop = (known after apply)
+ disable_api_termination = (known after apply)
+ ebs_optimized = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
+ instance_initiated_shutdown_behavior = (known after apply)
+ instance_state = (known after apply)
+ instance_type = "t2.micro"
+ ipv6_address_count = (known after apply)
+ ipv6_addresses = (known after apply)
+ key_name = (known after apply)
+ monitoring = (known after apply)
+ outpost_arn = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
+ placement_partition_number = (known after apply)
+ primary_network_interface_id = (known after apply)
+ private_dns = (known after apply)
+ private_ip = (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
+ secondary_private_ips = (known after apply)
+ security_groups = (known after apply)
+ source_dest_check = true
+ subnet_id = (known after apply)
+ tags = {
+ "Name" = "ExampleAppServerInstance"
}
+ tags_all = {
+ "Name" = "ExampleAppServerInstance"
}
+ tenancy = (known after apply)
+ user_data = (known after apply)
+ user_data_base64 = (known after apply)
+ user_data_replace_on_change = false
+ vpc_security_group_ids = (known after apply)
+ capacity_reservation_specification {
+ capacity_reservation_preference = (known after apply)
+ capacity_reservation_target {
+ capacity_reservation_id = (known after apply)
+ capacity_reservation_resource_group_arn = (known after apply)
}
}
+ ebs_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ snapshot_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
+ enclave_options {
+ enabled = (known after apply)
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}
+ maintenance_options {
+ auto_recovery = (known after apply)
}
+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
+ instance_metadata_tags = (known after apply)
}
+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_card_index = (known after apply)
+ network_interface_id = (known after apply)
}
+ private_dns_name_options {
+ enable_resource_name_dns_a_record = (known after apply)
+ enable_resource_name_dns_aaaa_record = (known after apply)
+ hostname_type = (known after apply)
}
+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_instance.app_server: Creating...
aws_instance.app_server: Still creating... [10s elapsed]
aws_instance.app_server: Still creating... [20s elapsed]
aws_instance.app_server: Still creating... [30s elapsed]
aws_instance.app_server: Creation complete after 32s [id=i-0a57ca75d5a7c33d2]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.プロビジョニングが完了すると作業ディレクトリに「terraform.tfstate」ファイルが生成されます。
「terraform.tfstate」ファイルは、下記コマンドで中身を確認することができます。
$ terraform show
# aws_instance.app_server:
resource "aws_instance" "app_server" {
ami = "ami-07200fa04af91f087"
arn = "arn:aws:ec2:ap-northeast-1:368636107501:instance/i-0a57ca75d5a7c33d2"
associate_public_ip_address = true
availability_zone = "ap-northeast-1a"
cpu_core_count = 1
cpu_threads_per_core = 1
disable_api_stop = false
disable_api_termination = false
ebs_optimized = false
get_password_data = false
hibernation = false
id = "i-0a57ca75d5a7c33d2"
instance_initiated_shutdown_behavior = "stop"
instance_state = "running"
instance_type = "t2.micro"
ipv6_address_count = 0
ipv6_addresses = []
monitoring = false
primary_network_interface_id = "eni-0354931fe27cea843"
private_dns = "ip-172-31-44-156.ap-northeast-1.compute.internal"
private_ip = "172.31.44.156"
public_dns = "ec2-54-65-46-254.ap-northeast-1.compute.amazonaws.com"
public_ip = "54.65.46.254"
secondary_private_ips = []
security_groups = [
"default",
]
source_dest_check = true
subnet_id = "subnet-09c75319ff8eef5c8"
tags = {
"Name" = "ExampleAppServerInstance"
}
tags_all = {
"Name" = "ExampleAppServerInstance"
}
tenancy = "default"
user_data_replace_on_change = false
vpc_security_group_ids = [
"sg-08caf9a67b97cd358",
]
capacity_reservation_specification {
capacity_reservation_preference = "open"
}
credit_specification {
cpu_credits = "standard"
}
enclave_options {
enabled = false
}
maintenance_options {
auto_recovery = "default"
}
metadata_options {
http_endpoint = "enabled"
http_put_response_hop_limit = 1
http_tokens = "optional"
instance_metadata_tags = "disabled"
}
private_dns_name_options {
enable_resource_name_dns_a_record = false
enable_resource_name_dns_aaaa_record = false
hostname_type = "ip-name"
}
root_block_device {
delete_on_termination = true
device_name = "/dev/sda1"
encrypted = false
iops = 100
tags = {}
throughput = 0
volume_id = "vol-0a52b36e90f344883"
volume_size = 8
volume_type = "gp2"
}
}002. 環境を廃棄
Terraformでプロビジョニングした環境は、簡単に削除することができます。
下記コマンドを実行してください。
$ terraform destroy
aws_instance.app_server: Refreshing state... [id=i-0a57ca75d5a7c33d2]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# aws_instance.app_server will be destroyed
- resource "aws_instance" "app_server" {
- ami = "ami-07200fa04af91f087" -> null
- arn = "arn:aws:ec2:ap-northeast-1:368636107501:instance/i-0a57ca75d5a7c33d2" -> null
- associate_public_ip_address = true -> null
- availability_zone = "ap-northeast-1a" -> null
- cpu_core_count = 1 -> null
- cpu_threads_per_core = 1 -> null
- disable_api_stop = false -> null
- disable_api_termination = false -> null
- ebs_optimized = false -> null
- get_password_data = false -> null
- hibernation = false -> null
- id = "i-0a57ca75d5a7c33d2" -> null
- instance_initiated_shutdown_behavior = "stop" -> null
- instance_state = "running" -> null
- instance_type = "t2.micro" -> null
- ipv6_address_count = 0 -> null
- ipv6_addresses = [] -> null
- monitoring = false -> null
- primary_network_interface_id = "eni-0354931fe27cea843" -> null
- private_dns = "ip-172-31-44-156.ap-northeast-1.compute.internal" -> null
- private_ip = "172.31.44.156" -> null
- public_dns = "ec2-54-65-46-254.ap-northeast-1.compute.amazonaws.com" -> null
- public_ip = "54.65.46.254" -> null
- secondary_private_ips = [] -> null
- security_groups = [
- "default",
] -> null
- source_dest_check = true -> null
- subnet_id = "subnet-09c75319ff8eef5c8" -> null
- tags = {
- "Name" = "ExampleAppServerInstance"
} -> null
- tags_all = {
- "Name" = "ExampleAppServerInstance"
} -> null
- tenancy = "default" -> null
- user_data_replace_on_change = false -> null
- vpc_security_group_ids = [
- "sg-08caf9a67b97cd358",
] -> null
- capacity_reservation_specification {
- capacity_reservation_preference = "open" -> null
}
- credit_specification {
- cpu_credits = "standard" -> null
}
- enclave_options {
- enabled = false -> null
}
- maintenance_options {
- auto_recovery = "default" -> null
}
- metadata_options {
- http_endpoint = "enabled" -> null
- http_put_response_hop_limit = 1 -> null
- http_tokens = "optional" -> null
- instance_metadata_tags = "disabled" -> null
}
- private_dns_name_options {
- enable_resource_name_dns_a_record = false -> null
- enable_resource_name_dns_aaaa_record = false -> null
- hostname_type = "ip-name" -> null
}
- root_block_device {
- delete_on_termination = true -> null
- device_name = "/dev/sda1" -> null
- encrypted = false -> null
- iops = 100 -> null
- tags = {} -> null
- throughput = 0 -> null
- volume_id = "vol-0a52b36e90f344883" -> null
- volume_size = 8 -> null
- volume_type = "gp2" -> null
}
}
Plan: 0 to add, 0 to change, 1 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
aws_instance.app_server: Destroying... [id=i-0a57ca75d5a7c33d2]
aws_instance.app_server: Still destroying... [id=i-0a57ca75d5a7c33d2, 10s elapsed]
aws_instance.app_server: Still destroying... [id=i-0a57ca75d5a7c33d2, 20s elapsed]
aws_instance.app_server: Still destroying... [id=i-0a57ca75d5a7c33d2, 30s elapsed]
aws_instance.app_server: Destruction complete after 30s
Destroy complete! Resources: 1 destroyed.参考サイト
About
関西在住のエンジニア
言語: Ruby・Go・PHP
フレームワーク: RoR・Gin
趣味: 自作PC