目的
TerraFormを使用して、DigitalOcean上でdropletを作成し、sshでログインできるところまでを確認する。
前提
+ Terraformはインストール済み
+ Digital Ocean のアカウントは取得済み
していない場合は以下の記事が参考になります
Terraform を Digital Ocean で触ってみた (初級編)
今回の流れ
- digitalocean_dropletのパラメータの説明
- dropletを作成する際に必要なパラメータの取得方法
- 環境変数経由でトークンなどを渡し、droplet作成
- sshでログイン
digitalocean_dropletのパラメータ説明
resource "digitalocean_droplet" "web" {
image = "ubuntu-14-04-x64"
name = "web-1"
region = "nyc2"
size = "512mb"
private_networking = true
backups = false
ipv6 = false
ssh_keys = [
"${var.ssh_fingerprint}"
]
}
| パラメータ名 | 必須か? | 説明 |
|---|---|---|
| image | 必須 | イメージIDかslug(自分で作成したイメージにはslugがついていないため、IDで指定する) |
| name | 必須 | サーバ名 |
| region | 必須 | リージョン |
| size | 必須 | サイズ |
| backups | バックアップするか(boolean) | |
| ipv6 | ipv6を使用するか(boolean) | |
| private_networking | プライベートネットワークを有効にするか(boolean) | |
| ssh_keys | ssh キー |
dropletを作成する際に必要なパラメータの取得方法
イメージ名取得
curl -X GET "https://api.digitalocean.com/v2/images/?page=2" -H "Authorization: Bearer $API_TOKEN"
リージョン名取得
curl -X GET "https://api.digitalocean.com/v2/regions" -H "Authorization: Bearer $API_TOKEN"
サイズ名取得
curl -X GET "https://api.digitalocean.com/v2/sizes" -H "Authorization: Bearer $API_TOKEN"
実行して確認するのが面倒な場合は以下を参照してください。
(Terraformで設定するdigitaloceanのパラメータ一覧)]
droplet作成
環境変数指定
環境に合わせて変更してください。
export SSH_FINGERPRINT=$(ssh-keygen -lf ~/.ssh/id_rsa.pub | awk '{print $2}')
export $API_TOKEN=API_TOKEN
プラン作成
droplet作成のため以下のファイルを作成する
sample.tf
variable "api_token" {}
variable "ssh_public_key" {}
variable "ssh_private_key" {}
variable "ssh_fingerprint" {}
provider "digitalocean" {
token = "${var.api_token}"
}
resource "digitalocean_droplet" "qiita" {
image = "ubuntu-14-04-x64"
name = "qiita"
region = "sgp1"
size = "512mb"
private_networking = true
ssh_keys = [
"${var.ssh_fingerprint}"
]
}
プランを実行
$ terraform plan -var "ssh_private_key=$HOME/.ssh/id_rsa" -var "ssh_public_key=$HOME/.ssh/id_rsa.pub" -var "api_token=$API_TOKEN" -var "ssh_fingerprint=$SSH_FINGERPRINT"
Refreshing Terraform state prior to plan...
digitalocean_droplet.qiita: Refreshing state... (ID: XXXXXXXX)
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed.
Note: You didn't specify an "-out" parameter to save this plan, so when
"apply" is called, Terraform can't guarantee this is what will execute.
+ digitalocean_droplet.qiita
backups: "" => "<computed>"
image: "" => "ubuntu-14-04-x64"
ipv4_address: "" => "<computed>"
ipv4_address_private: "" => "<computed>"
ipv6: "" => "<computed>"
ipv6_address: "" => "<computed>"
ipv6_address_private: "" => "<computed>"
locked: "" => "<computed>"
name: "" => "qiita"
private_networking: "" => "true"
region: "" => "sgp1"
size: "" => "512mb"
ssh_keys.#: "" => "1"
ssh_keys.0: "" => "$SSH_FINGER_PRINT"
status: "" => "<computed>"
droplet作成
$ terraform apply -var "ssh_private_key=$HOME/.ssh/id_rsa" -var "ssh_public_key=$HOME/.ssh/id_rsa.pub" -var "api_token=$API_TOKEN" -var "ssh_fingerprint=$SSH_FINGERPRINT"
digitalocean_droplet.qiita: Refreshing state... (ID: xxxxxxx)
digitalocean_droplet.qiita: Creating...
image: "" => "ubuntu-14-04-x64"
name: "" => "qiita"
private_networking: "" => "true"
region: "" => "sgp1"
size: "" => "512mb"
ssh_keys.#: "" => "1"
ssh_keys.0: "" => "$SSH_FINGER_PRINT"
digitalocean_droplet.qiita: Creation complete
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
The state of your infrastructure has been saved to the path
below. This state is required to modify and destroy your
infrastructure, so keep it safe. To inspect the complete state
use the `terraform show` command.
State path: terraform.tfstate
以下で使用するtugboatについてはメモを参照してください
SSHで接続
tugboat ssh qiita
Droplet fuzzy name provided. Finding droplet ID...done, xxxxxxxx (qiita)
Executing SSH (qiita)...
Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-32-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Sun Sep 7 01:03:26 EDT 2014
System load: 0.0 Processes: 71
Usage of /: 7.3% of 19.56GB Users logged in: 0
Memory usage: 9% IP address for eth1: xxx.xxx.x.x.xxx
Swap usage: 0%
Graph this data and manage this system at:
https://landscape.canonical.com/
0 packages can be updated.
0 updates are security updates.
Last login: Wed Jul 23 13:08:21 2014 from xxx.xxx.xxx.xxx
root@qiita:~#