Terraform 部署 Docker

Terraform 部署 Docker

文件目录结构

./
├── network                             # network 目录，创建 network
│   ├── main.tf
│   ├── outputs.tf
│   ├── terraform.tfstate
│   ├── terraform.tfstate.backup
│   └── versions.tf
└── service                             # service 目录，创建 service
    ├── nginx.tf
    ├── main.tf
    ├── terraform.tfstate
    ├── terraform.tfstate.backup
    └── versions.tf

3 directories, 10 files

创建 network

查看当前 docker network

evescn@evescndeMacBook-Pro network % docker network ls        
NETWORK ID     NAME      DRIVER    SCOPE
a97ca4e7cded   bridge    bridge    local
43c409a0c3e3   host      host      local
02706eb1b5ba   none      null      local

编写 Terraform 代码

• 查看 docker provider

https://registry.terraform.io/browse/providers

• 文件结构

./
└── network                             # network 目录，创建 network
    ├── main.tf                         # 定义 network 的创建信息
    ├── outputs.tf                      # 定义模块输出信息，后续其他模块/服务使用
    └── versions.tf                     # 定义 provider 版本 

文档地址：https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/network#ipam_config

• 定义 provider 版本

## versions.tf

# 定义使用的 docker provider 版本
terraform {
  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
      version = "3.0.2"
    }
  }
}

• 定义 network

## main.tf

# 定义 docker 服务信息，当前使用本机测试，如果远程连接，需要开启 docker 的远程连接服务
provider "docker" {
  host = "unix:///var/run/docker.sock"
}

# 定义环境变量，后续引用
locals {
  network_settings = [
    {
      name   = "devops1"
      driver = "bridge"
      subnet = "10.10.10.0/24"
    }
  ]
}

# docker network 定义，详细参数，查看官方文档
resource "docker_network" "network" {
  count  = length(local.network_settings)
  name   = local.network_settings[count.index]["name"]
  driver = local.network_settings[count.index]["driver"]
  ipam_config {
    subnet = local.network_settings[count.index]["subnet"]
  }
}

• 定义 output 后续 docker 容器创建需要使用此次创建的 network

## output.tf

# 定义输出信息
output "network" {
  value = docker_network.network
  # value = [for net in docker_network.network : tomap({ "name" : net.name, "subnet" : tolist(net.ipam_config)[0].subnet })]
}

• plan 查看服务信息

evescn@evescndeMacBook-Pro network % terraform fmt    
outputs.tf

evescn@evescndeMacBook-Pro network % terraform validate
Success! The configuration is valid.

evescn@evescndeMacBook-Pro network % terraform plan    

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # docker_network.network[0] will be created
  + resource "docker_network" "network" {
      + driver      = "bridge"
      + id          = (known after apply)
      + internal    = (known after apply)
      + ipam_driver = "default"
      + name        = "devops1"
      + options     = (known after apply)
      + scope       = (known after apply)

      + ipam_config {
          + subnet = "10.10.10.0/24"
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + network = [
      + {
          + attachable      = null
          + check_duplicate = null
          + driver          = "bridge"
          + id              = (known after apply)
          + ingress         = null
          + internal        = (known after apply)
          + ipam_config     = [
              + {
                  + aux_address = null
                  + gateway     = ""
                  + ip_range    = ""
                  + subnet      = "10.10.10.0/24"
                },
            ]
          + ipam_driver     = "default"
          + ipam_options    = null
          + ipv6            = null
          + labels          = []
          + name            = "devops1"
          + options         = (known after apply)
          + scope           = (known after apply)
        },
    ]