近日创建GKE集群,需要使用现有的VPC进行创建,所以需要掌握两个步骤,导入资源,创建集群

terraform 导入命令

GCP中的资源地址和 ID。资源地址是指向配置中的资源实例的标识符。ID 是标识 Google Cloud 中要导入的资源的标识符

资源地址通常为 terraform在定义这类资源时配置的(对应提供商支持),以 GCP 为例 Cloud Storage 存储桶, google_storage_bucket.sample,sample 为 id,定义如下

yaml
1
2
3
4
5
6
resource "google_storage_bucket" "sample" {
 name          = "my-bucket"
 project       = "sample-project"
 location      = "US"
 force_destroy = true
}

示例 - 导入现有GKE集群

语法

bash
1
terraform import <resource_name>.<name> <project>/<locations>/<real_resource_name>

实例

bash
1
terraform import google_container_cluster.gke project20231124/asia-east2/gke-prd-cluster-02

输出结果如下

bash
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
$ terraform import google_container_cluster.gke project20231124/asia-east2/gke-prd-cluster-02
data.google_compute_network.available: Reading...
data.google_compute_zones.available: Reading...
data.google_container_engine_versions.gke_version: Reading...
data.google_container_engine_versions.gke_version: Read complete after 1s [id=2024-08-06 07:29:53.793630041 +0000 UTC]
data.google_compute_zones.available: Read complete after 1s [id=projects/project20231124/regions/asia-east2]
data.google_compute_network.available: Read complete after 2s [id=projects/project20231124/global/networks/gke-cluster-02-vpc-network]
google_container_cluster.gke: Importing from ID "project20231124/asia-east2/gke-prd-cluster-02"...
google_container_cluster.gke: Import prepared!
  Prepared google_container_cluster for import
google_container_cluster.gke: Refreshing state... [id=projects/project20231124/locations/asia-east2/clusters/gke-prd-cluster-02]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

导入GKE集群节点池

bash
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
$ terraform import google_container_node_pool.gcp-available-b project20231124/asia-east2/gke-prd-cluster-02
data.google_container_engine_versions.gke_version: Reading...
data.google_compute_network.available: Reading...
data.google_compute_zones.available: Reading...
data.google_compute_zones.available: Read complete after 0s [id=projects/project20231124/regions/asia-east2]
data.google_container_engine_versions.gke_version: Read complete after 0s [id=2024-08-06 07:51:46.183235726 +0000 UTC]
data.google_compute_network.available: Read complete after 0s [id=projects/project20231124/global/networks/gke-cluster-02-vpc-network]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

节点池这类资源地址不能查看,只能通过上一级 google_container_cluster 去查看

bash
1
2
3
4
5
6
$ terraform state show -state=./terraform.tfstate  google_container_node_pool.gcp-available-b
No instance found for the given address!

This command requires that the address references one specific instance.
To view the available instances, use "terraform state list". Please modify 
the address to reference a specific instance.

资源地址必须在 terraform state list 中才可以使用 terraform state show 去查看

bash
1
2
3
4
5
6
7
$ terraform state list

data.google_compute_network.available
data.google_compute_zones.available
data.google_container_engine_versions.gke_version
google_compute_subnetwork.vpc-subnet
google_container_cluster.gke

导入 VPC

bash
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
$ terraform import google_compute_network.vpc-network /project20231124/asia-east2/gke-cluster-02-vpc-network

data.google_compute_zones.available: Reading...
data.google_compute_network.available: Reading...
data.google_container_engine_versions.gke_version: Reading...
data.google_container_engine_versions.gke_version: Read complete after 0s [id=2024-08-06 07:41:30.318550432 +0000 UTC]
data.google_compute_network.available: Read complete after 0s [id=projects/project20231124/global/networks/gke-cluster-02-vpc-network]
data.google_compute_zones.available: Read complete after 0s [id=projects/project20231124/regions/asia-east2]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

导入VPC子网

语法

bash
1
terraform import <resource_name>.<name> <project>/<locations>/<real_resource_name>

示例

bash
1
terraform import google_compute_subnetwork.vpc-subnet project20231124/asia-east2/gke-cluster-02-vpc-network

输出

bash
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
terraform import google_compute_subnetwork.vpc-subnet project20231124/asia-east2/gke-cluster-02-vpc-network

data.google_compute_zones.available: Reading...
data.google_container_engine_versions.gke_version: Reading...
data.google_compute_network.available: Reading...
data.google_compute_zones.available: Read complete after 0s [id=projects/project20231124/regions/asia-east2]
data.google_container_engine_versions.gke_version: Read complete after 0s [id=2024-08-06 03:43:01.406680586 +0000 UTC]
data.google_compute_network.available: Read complete after 1s [id=projects/project20231124/global/networks/gke-cluster-02-vpc-network]
google_compute_subnetwork.vpc-subnet: Importing from ID "project20231124/asia-east2/gke-cluster-02-vpc-network"...
google_compute_subnetwork.vpc-subnet: Import prepared!
  Prepared google_compute_subnetwork for import
google_compute_subnetwork.vpc-subnet: Refreshing state... [id=projects/project20231124/regions/asia-east2/subnetworks/gke-cluster-02-vpc-network]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

最后查看导入后的资源

bash
1
2
3
4
5
6
7
$ terraform state list

data.google_compute_network.available
data.google_compute_zones.available
data.google_container_engine_versions.gke_version
google_compute_subnetwork.vpc-subnet
google_container_cluster.gke

terraform 查看本地state文件资源

terraform state list 查看本地state文件资源

语法

bash
1
2
#读取  state 或 plan file,不指定 [path] 则output当前文件夹下
terraform show  [options] [path] 

查看某个资源路径的信息

例如查看 VPC 子网

语法

bash
1
terraform [global options] state show [options] ADDRESS

示例

bash
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# terraform state show -state=./terraform.tfstate  google_compute_subnetwork.vpc-subnet 
# google_compute_subnetwork.vpc-subnet:
resource "google_compute_subnetwork" "vpc-subnet" {
    creation_timestamp         = "2022-06-25T01:51:49.868-07:00"
    description                = "public prod service network"
    gateway_address            = "192.233.10.1"
    id                         = "projects/project20231124/regions/asia-east2/subnetworks/gke-cluster-02-vpc-network"
    ip_cidr_range              = "192.233.10.0/24"
    name                       = "gke-cluster-02-vpc-network"
    network                    = "https://www.googleapis.com/compute/v1/projects/project20231124/global/networks/gke-cluster-02-vpc-network"
    private_ip_google_access   = true
    private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS"
    project                    = "project20231124"
    purpose                    = "PRIVATE"
    region                     = "asia-east2"
    secondary_ip_range         = [
        {
            ip_cidr_range = "10.126.0.0/22"
            range_name    = "gke-gke-prd-cluster-02-services-621a7058"
        },
        {
            ip_cidr_range = "10.116.0.0/16"
            range_name    = "gke-gke-prd-cluster-02-pods-621a7058"
        },
    ]
    self_link                  = "https://www.googleapis.com/compute/v1/projects/project20231124/regions/asia-east2/subnetworks/gke-cluster-02-vpc-network"
    stack_type                 = "IPV4_ONLY"

    timeouts {}
}