使用 terraform apply 部署和销毁资源 - 根据条件

问题描述 投票:0回答:1

我们正在研究根据情况销毁和部署资源的概念。 我们还可以使用基于计数的 terraform apply 来避免破坏一些关键资源。但我在使用这个时失败了。如果可能的话你能帮我一下吗?

下面提供了示例 terraform 代码

variable "delete_resources" {
  description = "Set this to true to delete resources or false to keep them"
  type        = bool
  default     = true
}
        
locals {
  resource_count = var.delete_resources ? 0 : 1
}

resource "azurerm_resource_group" "example-express-rg" {
  count    = local.resource_count
  name     = "example-vnet-rg"
  location = "West Europe"
}

resource "azurerm_virtual_network" "vnettest" {
  count               = local.resource_count
  name                = "example-vnet"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.example-express-rg[count.index].location
  resource_group_name = azurerm_resource_group.example-express-rg[count.index].name
}
        
resource "azurerm_subnet" "gateway_subnet" {
  count               = local.resource_count
  name                = "GatewaySubnet"
  resource_group_name = azurerm_resource_group.example-express-rg[count.index].name
  virtual_network_name = azurerm_virtual_network.vnettest[count.index].name
  address_prefixes    = ["10.0.1.0/24"]
}
        
resource "azurerm_public_ip" "publicip" {
  count               = local.resource_count
  name                = "example-public-ip"
  location            = azurerm_resource_group.example-express-rg[count.index].location
  resource_group_name = azurerm_resource_group.example-express-rg[count.index].name
  allocation_method   = "Static"
  sku                 = "Standard"
}
        
resource "azurerm_resource_group" "expressrg" {
  count    = local.resource_count
  name     = "exprtTest"
  location = "West Europe"
}
    
resource "azurerm_express_route_circuit" "expressr" {
  name                  = "expressRoute1"
  resource_group_name   = azurerm_resource_group.expressrg[count.index].name
  location              = azurerm_resource_group.expressrg[count.index].location
  service_provider_name = "Equinix"
  peering_location      = "Singapore"
  bandwidth_in_mbps     = 1000
    
  sku {
    tier   = "Standard"
    family = "MeteredData"
  }
    
  tags = {
    Purpose = "Core Infra Network"
    ResorceOwner = "Cloud Connectivity Team"
  }
    
  lifecycle {
    prevent_destroy = true
  }
}
    
resource "azurerm_virtual_network_gateway" "example" {
  count               = local.resource_count
  name                = "testgw"
  location            = azurerm_resource_group.example-express-rg[count.index].location
  resource_group_name = azurerm_resource_group.example-express-rg[count.index].name
  type                = "ExpressRoute"
  vpn_type            = "PolicyBased"
  sku                 = "Standard"
    
  ip_configuration {
    name                          = "vnetGatewayConfig"
    public_ip_address_id          = azurerm_public_ip.publicip[count.index].id
    private_ip_address_allocation = "Dynamic"
    subnet_id                     = azurerm_subnet.gateway_subnet[count.index].id
  }
    
  tags = {
    Purpose = "CNetwork"
    ResorceOwner = "CTeam"
  }
}
azure terraform terraform-provider-azure
1个回答
0
投票

使用 terraform apply 部署和销毁资源 - 根据条件

当您提供相同的默认输入(即对所有资源都 destroy true)时,使用计数条件时从可用资源中销毁资源集的要求是不可能的。

当您使用计数条件并配置资源列表时,在销毁时您特别需要保存很少的资源,我们需要根据要求为每个资源提供不同的输入。

更新配置,以便为每个资源提供不同的输入,以便我们可以保护资源不被删除。当需求像上面提到的那样时,需要更新配置。

配置:

variable "delete_resources" {
description = "Set this to true to delete resources or false to keep them"
type        = bool
default     = true
}

locals {
resource_count       = var.delete_resources ? 0 : 1
protected_count      = 1 
}


resource "azurerm_resource_group" "expressrgvk" {
count    = local.resource_count
name     = "vinay-vnet-rg"
location = "West Europe"
}


resource "azurerm_resource_group" "expressrg" {
count    = local.protected_count
name     = "exprtTest"
location = "West Europe"

}


resource "azurerm_express_route_circuit" "expressr" {
count                = local.protected_count
name                 = "expressRoute1"
resource_group_name  = azurerm_resource_group.expressrg[0].name
location             = azurerm_resource_group.expressrg[0].location
service_provider_name = "Equinix"
peering_location      = "Singapore"
bandwidth_in_mbps     = 1000

sku {
  tier   = "Standard"
  family = "MeteredData"
}


}

resource "azurerm_virtual_network" "vnettest" {
count               = local.resource_count
name                = "vinay-vnet"
address_space       = ["10.0.0.0/16"]
location            = azurerm_resource_group.expressrgvk[count.index].location
resource_group_name = azurerm_resource_group.expressrgvk[count.index].name
}

resource "azurerm_subnet" "gateway_subnet" {
count                = local.resource_count
name                 = "GatewaySubnet"
resource_group_name  = azurerm_resource_group.expressrgvk[count.index].name
virtual_network_name = azurerm_virtual_network.vnettest[count.index].name
address_prefixes     = ["10.0.1.0/24"]
}

resource "azurerm_public_ip" "publicip" {
count               = local.resource_count
name                = "vinay-public-ip"
location            = azurerm_resource_group.expressrgvk[count.index].location
resource_group_name = azurerm_resource_group.expressrgvk[count.index].name
allocation_method   = "Static"
sku                 = "Standard"
}

resource "azurerm_virtual_network_gateway" "example" {
count               = local.resource_count
name                = "testgw"
location            = azurerm_resource_group.expressrgvk[count.index].location
resource_group_name = azurerm_resource_group.expressrgvk[count.index].name
type                = "ExpressRoute"
vpn_type            = "PolicyBased"
sku                 = "Standard"

ip_configuration {
  name                          = "vnetGatewayConfig"
  public_ip_address_id          = azurerm_public_ip.publicip[count.index].id
  private_ip_address_allocation = "Dynamic"
  subnet_id                     = azurerm_subnet.gateway_subnet[count.index].id
}
}

在这里您可以看到不同的计数输入会产生不同的结果,例如资源计数资源被删除,受保护计数资源被保护。

部署:

在 7 个资源中,我们能够保护关键资源,其余资源已被删除

我认为这两个资源对我来说至关重要。

参考:

https://developer.hashicorp.com/terraform/language/meta-arguments/count

https://registry.terraform.io/providers/hashicorp/azurerm/2.93.1/docs/resources/virtual_network_gateway

最新问题
© www.soinside.com 2019 - 2025. All rights reserved.