Terraforming で取れる情報と実際の Terraform のファイルの差を見てみた
どのくらい差があるのかという素朴な疑問があったので、単純な EC2 作成で比較してみました。
オリジナルの tf ファイル
これは比較しませんけど、一応。
aws.tf
provider "aws" {
region = "ap-northeast-1"
access_key = "<access key>"
secret_key = "<secret key>"
}
で、本命。手抜きしすぎだろ、おっさん・・・
ec2.tf
resource "aws_instance" "test" {
ami = "ami-0fd02119f1653c976"
instance_type = "t2.micro"
}
いや、これでもできるからいいんですよ・・・イイワケジャナイデスヨ
では、plan & apply
> ./terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ aws_instance.test
id: <computed>
ami: "ami-0fd02119f1653c976"
arn: <computed>
associate_public_ip_address: <computed>
availability_zone: <computed>
cpu_core_count: <computed>
cpu_threads_per_core: <computed>
ebs_block_device.#: <computed>
ephemeral_block_device.#: <computed>
get_password_data: "false"
instance_state: <computed>
instance_type: "t2.micro"
ipv6_address_count: <computed>
ipv6_addresses.#: <computed>
key_name: <computed>
network_interface.#: <computed>
network_interface_id: <computed>
password_data: <computed>
placement_group: <computed>
primary_network_interface_id: <computed>
private_dns: <computed>
private_ip: <computed>
public_dns: <computed>
public_ip: <computed>
root_block_device.#: <computed>
security_groups.#: <computed>
source_dest_check: "true"
subnet_id: <computed>
tenancy: <computed>
volume_tags.%: <computed>
vpc_security_group_ids.#: <computed>
Plan: 1 to add, 0 to change, 0 to destroy.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
> ./terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ aws_instance.test
id: <computed>
ami: "ami-0fd02119f1653c976"
arn: <computed>
associate_public_ip_address: <computed>
availability_zone: <computed>
cpu_core_count: <computed>
cpu_threads_per_core: <computed>
ebs_block_device.#: <computed>
ephemeral_block_device.#: <computed>
get_password_data: "false"
instance_state: <computed>
instance_type: "t2.micro"
ipv6_address_count: <computed>
ipv6_addresses.#: <computed>
key_name: <computed>
network_interface.#: <computed>
network_interface_id: <computed>
password_data: <computed>
placement_group: <computed>
primary_network_interface_id: <computed>
private_dns: <computed>
private_ip: <computed>
public_dns: <computed>
public_ip: <computed>
root_block_device.#: <computed>
security_groups.#: <computed>
source_dest_check: "true"
subnet_id: <computed>
tenancy: <computed>
volume_tags.%: <computed>
vpc_security_group_ids.#: <computed>
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_instance.test: Creating...
ami: "" => "ami-0fd02119f1653c976"
arn: "" => "<computed>"
associate_public_ip_address: "" => "<computed>"
availability_zone: "" => "<computed>"
cpu_core_count: "" => "<computed>"
cpu_threads_per_core: "" => "<computed>"
ebs_block_device.#: "" => "<computed>"
ephemeral_block_device.#: "" => "<computed>"
get_password_data: "" => "false"
instance_state: "" => "<computed>"
instance_type: "" => "t2.micro"
ipv6_address_count: "" => "<computed>"
ipv6_addresses.#: "" => "<computed>"
key_name: "" => "<computed>"
network_interface.#: "" => "<computed>"
network_interface_id: "" => "<computed>"
password_data: "" => "<computed>"
placement_group: "" => "<computed>"
primary_network_interface_id: "" => "<computed>"
private_dns: "" => "<computed>"
private_ip: "" => "<computed>"
public_dns: "" => "<computed>"
public_ip: "" => "<computed>"
root_block_device.#: "" => "<computed>"
security_groups.#: "" => "<computed>"
source_dest_check: "" => "true"
subnet_id: "" => "<computed>"
tenancy: "" => "<computed>"
volume_tags.%: "" => "<computed>"
vpc_security_group_ids.#: "" => "<computed>"
aws_instance.test: Still creating... (10s elapsed)
aws_instance.test: Still creating... (20s elapsed)
aws_instance.test: Still creating... (30s elapsed)
aws_instance.test: Creation complete after 32s (ID: i-07c4faacac527c52e)
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
さくっと、できましたね。
Terraforming で出力される tf ファイル
> terraforming ec2
resource "aws_instance" "i-07c4faacac527c52e" {
ami = "ami-0fd02119f1653c976"
availability_zone = "ap-northeast-1a"
ebs_optimized = false
instance_type = "t2.micro"
monitoring = false
key_name = ""
subnet_id = "subnet-8fcc99c6"
vpc_security_group_ids = ["sg-8f5f16f6"]
associate_public_ip_address = true
private_ip = "172.31.38.66"
source_dest_check = true
root_block_device {
volume_type = "gp2"
volume_size = 8
delete_on_termination = true
}
tags {
}
}
結構増えてますね。
入れてないネットワーク関連とか、ディスク関連が入ってます。
本来は、このあたり入れといた方がいいってことでしょう。
オリジナルの tfstate ファイル
では、 terraform apply した後にできた tfstate ファイルはどうでしょうか。
terraform.tfstate
{
"version": 3,
"terraform_version": "0.11.10",
"serial": 1,
"lineage": "ef7e7a07-d499-2208-421b-9d6241bafd8c",
"modules": [
{
"path": [
"root"
],
"outputs": {},
"resources": {
"aws_instance.test": {
"type": "aws_instance",
"depends_on": [],
"primary": {
"id": "i-07c4faacac527c52e",
"attributes": {
"ami": "ami-0fd02119f1653c976",
"arn": "arn:aws:ec2:ap-northeast-1:<account ID>:instance/i-07c4faacac527c52e",
"associate_public_ip_address": "true",
"availability_zone": "ap-northeast-1a",
"cpu_core_count": "1",
"cpu_threads_per_core": "1",
"credit_specification.#": "1",
"credit_specification.0.cpu_credits": "standard",
"disable_api_termination": "false",
"ebs_block_device.#": "0",
"ebs_optimized": "false",
"ephemeral_block_device.#": "0",
"get_password_data": "false",
"iam_instance_profile": "",
"id": "i-07c4faacac527c52e",
"instance_state": "running",
"instance_type": "t2.micro",
"ipv6_addresses.#": "0",
"key_name": "",
"monitoring": "false",
"network_interface.#": "0",
"network_interface_id": "eni-0b103e556dd6950c8",
"password_data": "",
"placement_group": "",
"primary_network_interface_id": "eni-0b103e556dd6950c8",
"private_dns": "ip-172-31-38-66.ap-northeast-1.compute.internal",
"private_ip": "172.31.38.66",
"public_dns": "ec2-54-150-223-147.ap-northeast-1.compute.amazonaws.com",
"public_ip": "54.150.223.147",
"root_block_device.#": "1",
"root_block_device.0.delete_on_termination": "true",
"root_block_device.0.iops": "100",
"root_block_device.0.volume_id": "vol-0ef6156edd7c0bf41",
"root_block_device.0.volume_size": "8",
"root_block_device.0.volume_type": "gp2",
"security_groups.#": "1",
"security_groups.3814588639": "default",
"source_dest_check": "true",
"subnet_id": "subnet-8fcc99c6",
"tags.%": "0",
"tenancy": "default",
"volume_tags.%": "0",
"vpc_security_group_ids.#": "1",
"vpc_security_group_ids.606438745": "sg-8f5f16f6"
},
"meta": {
"e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": {
"create": 600000000000,
"delete": 1200000000000,
"update": 600000000000
},
"schema_version": "1"
},
"tainted": false
},
"deposed": [],
"provider": "provider.aws"
}
},
"depends_on": []
}
]
}
結構、情報多いですね・・・
Terraforming で出力される tfstate ファイル
> terraforming ec2 --tfstate
{
"version": 1,
"serial": 1,
"modules": [
{
"path": [
"root"
],
"outputs": {
},
"resources": {
"aws_instance.i-07c4faacac527c52e": {
"type": "aws_instance",
"primary": {
"id": "i-07c4faacac527c52e",
"attributes": {
"ami": "ami-0fd02119f1653c976",
"associate_public_ip_address": "true",
"availability_zone": "ap-northeast-1a",
"ebs_block_device.#": "0",
"ebs_optimized": "false",
"ephemeral_block_device.#": "0",
"id": "i-07c4faacac527c52e",
"instance_type": "t2.micro",
"monitoring": "false",
"private_dns": "ip-172-31-38-66.ap-northeast-1.compute.internal",
"private_ip": "172.31.38.66",
"public_dns": "ec2-54-150-223-147.ap-northeast-1.compute.amazonaws.com",
"public_ip": "54.150.223.147",
"root_block_device.#": "1",
"security_groups.#": "0",
"source_dest_check": "true",
"tenancy": "default",
"vpc_security_group_ids.#": "1",
"subnet_id": "subnet-8fcc99c6"
},
"meta": {
"schema_version": "1"
}
}
}
}
}
]
}
あれ、意外にシンプルな感じですね・・・
このあたりが、必要最低限という感じなんでしょうか。
まとめ
Terraforming でとった情報を使って、Terraform で整合性をとっていく作業をすることとかあると思いますが、簡単にさせてくれる気配がないですねw
まぁでも、意外に差があるもんだなという結果が面白かったので、よしとします。
ちょっと次回は、取れた tf ファイルを使って作ったらどうなるかとかやってみたいと思います。