안녕하세요!
하씨가문의 영광팀입니다!
지난 주제로 테라폼과 엔서블을 이용하여 Azure 리소스 구성까지 해보았는데요!
오늘은 테라폼을 기반으로 AWS의 리소스 구성과 설치를 해보도록 하겠습니다!
▶ 목차
1. AWS IAM 계정 생성
- 사용자 이름
- 액세스 유형 : AdminAccess
- 콘솔비밀번호 설정
- .csv 다운로드 및 액세스 키 ID & 비밀 액세스 키를 저장합니다.
2. VScode 워크스페이스 생성
3. AWS CLI 설치
- AWS 홈페이지로 접속해서 다음과 같은 명령어를 관리자모드 PowerShell에 접속하고 명령어를 입력하여 AWS CLI를 설치
# AWS CLI설치
msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi
# AWS CLI 버전 확인
aws --version
aws-cli/2.7.4 Python/3.9.11 Windows/10 exe/AMD64 prompt/off4. AWS CLI 사용자 설정
$ aws configure
$ aws configure
[OUTPUT]
AWS Access Key ID [None]: [INPUT]
AWS Secret Access Key [None]: [INPUT]
Default region name [None]: [원하는 리전] ap-northeast-2
Default output format [None]: [원하는 형식] json5. 테라폼 초기화
- main.tf 파일을 만들어서 프로바이더를 입력합니다.
provider "aws" {
region = "ap-northeast-2"
}- 테라폼 초기화
$ terraform init
terraform init
Initializing the backend...
Initializing provider plugins...
- Finding latest version of hashicorp/aws...
- Installing hashicorp/aws v4.16.0...
- Installed hashicorp/aws v4.16.0 (signed by HashiCorp)6. 리소스 생성
- ec2.tf 생성뒤 다음과 같이 리소스값 입력합니다.
resource "aws_instance" "AmazonLinux2AMI" {
ami = "ami-0e4a9ad2eb120e054"
instance_type = "t2.small"
tags = {
Name = "aws-ubuntu-1"
}
}$ terraform plan
- lock=false(테라폼에서 여러 사용자가 동시에 인프라를 수정하기 위한 것을 방지하기 위해 생성된 것)
$ terraform plan -lock=false
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
following symbols:
+ create
Terraform will perform the following actions:
# aws_instance.AmazonLinux2AMI will be created
+ resource "aws_instance" "AmazonLinux2AMI" {
+ ami = "ami-0e4a9ad2eb120e054"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ disable_api_termination = (known after apply)
+ ebs_optimized = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
...
+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}
Plan: 1 to add, 0 to change, 0 to destroy.# 리소스 적용
$ terraform apply
$ terraform apply -lock=false
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
following symbols:
+ create
Terraform will perform the following actions:
# aws_instance.AmazonLinux2AMI will be created
+ resource "aws_instance" "AmazonLinux2AMI" {
+ ami = "ami-0e4a9ad2eb120e054"
+ arn = (known after apply)
+ associate_public_ip_address = (known after apply)
+ availability_zone = (known after apply)
+ cpu_core_count = (known after apply)
+ cpu_threads_per_core = (known after apply)
+ disable_api_termination = (known after apply)
+ ebs_optimized = (known after apply)
+ get_password_data = false
+ host_id = (known after apply)
+ id = (known after apply)
...
+ metadata_options {
+ http_endpoint = (known after apply)
+ http_put_response_hop_limit = (known after apply)
+ http_tokens = (known after apply)
+ instance_metadata_tags = (known after apply)
}
+ network_interface {
+ delete_on_termination = (known after apply)
+ device_index = (known after apply)
+ network_card_index = (known after apply)
+ network_interface_id = (known after apply)
}
+ root_block_device {
+ delete_on_termination = (known after apply)
+ device_name = (known after apply)
+ encrypted = (known after apply)
+ iops = (known after apply)
+ kms_key_id = (known after apply)
+ tags = (known after apply)
+ throughput = (known after apply)
+ volume_id = (known after apply)
+ volume_size = (known after apply)
+ volume_type = (known after apply)
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_instance.AmazonLinux2AMI: Creating...
aws_instance.AmazonLinux2AMI: Still creating... [10s elapsed]
aws_instance.AmazonLinux2AMI: Still creating... [20s elapsed]
aws_instance.AmazonLinux2AMI: Still creating... [30s elapsed]
aws_instance.AmazonLinux2AMI: Creation complete after 32s [id=i-0920fc92f5ae45656]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.- Apply가 끝나면 다음과 같이 콘솔에 들어가면 생성된 것을 확인할 수 있다.
7. 리소스 삭제
$ terraform destroy
$ terraform destroy -lock=false
aws_instance.AmazonLinux2AMI: Refreshing state... [id=i-0920fc92f5ae45656]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
following symbols:
- destroy
Terraform will perform the following actions:
# aws_instance.AmazonLinux2AMI will be destroyed
- resource "aws_instance" "AmazonLinux2AMI" {
- ami = "ami-0e4a9ad2eb120e054" -> null
- arn = "arn:aws:ec2:ap-northeast-2:331898012279:instance/i-0920fc92f5ae45656" ->
null
- associate_public_ip_address = true -> null
- availability_zone = "ap-northeast-2c" -> null
- cpu_core_count = 1 -> null
- cpu_threads_per_core = 1 -> null
- disable_api_termination = false -> null
- ebs_optimized = false -> null
- get_password_data = false -> null
- hibernation = false -> null
- id = "i-0920fc92f5ae45656" -> null
...
- enclave_options {
- enabled = false -> null
}
- maintenance_options {
- auto_recovery = "default" -> null
}
- metadata_options {
- http_endpoint = "enabled" -> null
- http_put_response_hop_limit = 1 -> null
- http_tokens = "optional" -> null
- instance_metadata_tags = "disabled" -> null
}
- root_block_device {
- delete_on_termination = true -> null
- device_name = "/dev/xvda" -> null
- encrypted = false -> null
- iops = 100 -> null
- tags = {} -> null
- throughput = 0 -> null
- volume_id = "vol-0ab57c6994f251d58" -> null
- volume_size = 8 -> null
- volume_type = "gp2" -> null
}
}
Plan: 0 to add, 0 to change, 1 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
aws_instance.AmazonLinux2AMI: Destroying... [id=i-0920fc92f5ae45656]
aws_instance.AmazonLinux2AMI: Still destroying... [id=i-0920fc92f5ae45656, 10s elapsed]
aws_instance.AmazonLinux2AMI: Still destroying... [id=i-0920fc92f5ae45656, 20s elapsed]
aws_instance.AmazonLinux2AMI: Still destroying... [id=i-0920fc92f5ae45656, 30s elapsed]
aws_instance.AmazonLinux2AMI: Still destroying... [id=i-0920fc92f5ae45656, 40s elapsed]
aws_instance.AmazonLinux2AMI: Destruction complete after 41s
Destroy complete! Resources: 1 destroyed.
이렇게 테라폼을 통해서 AWS 리소스를 구축해보았는데요!
정말 간편하지 않나요!!
콘솔에 들어가 작업하는 것 보다 코드로 리소스를 만들어서 배포하는 작업은
리소스를 관리하는 면에서 정말 편리한 거 같아요!
이처럼 테라폼을 기반으로 AWS 리소스를 구축해보았고 다음 주제에
엔서블을 기반으로 AWS 리소스 및 애플리케이션을 구축해보겠습니다!!
감사합니다><
'INFRA > Operation' 카테고리의 다른 글
| AWS Puppet 설치 및 리소스 배포 (0) | 2022.06.13 |
|---|---|
| AWS Ansible 리소스 구성 및 설치 (0) | 2022.06.09 |
| Azure Ansible 설치 및 리소스 배포 (0) | 2022.05.30 |
| Azure Terraform 설치 (0) | 2022.05.16 |
| Linux Terraform & Ansible 설치 방법 (0) | 2022.05.10 |
댓글