TerraformでDigitalOcean dropletを作る(2)

公開:2021/02/11
更新:2021/02/11
3 min読了の目安(約3300字TECH技術記事

TerraformでDigitalOcean dropletを作る(1)からの続きです。

テスト用のdropletを準備。

Provider.tfが完成し、次はDropletの作成を行ってみましょう。droplet.tfを作成しましょう。

nano droplet.tf

下記は、様々なリソースが作成できる中で、ubuntu+nginxのdropletの作成方法です。このパターンは、いろんなdropletをみていきますので、最初の一歩は簡単なサンプルにとどめておきましょう。

resource "digitalocean_droplet" "www-1" {
  image = "ubuntu-18-04-x64"
  name = "www-1"
  region = "sgp1" #シンガポール
  size = "s-1vcpu-1gb" #1vcpu 1Gbメモリ
  private_networking = true 
  ssh_keys = [
    data.digitalocean_ssh_key.terraform.id
  ]
  connection {
    host = self.ipv4_address
    user = "root"
    type = "ssh"
    private_key = file(var.pvt_key)
    timeout = "2m"
  }
  provisioner "remote-exec" {
    inline = [
      "export PATH=$PATH:/usr/bin",
      # install nginx
      "sudo apt-get update",
      "sudo apt-get -y install nginx"
    ]
  }
}

dropletの作成をします。

続いてdropletを作成します。APIを登録します。左端のAPIを押してGenerate New Tokenを押してTokenを取り出します。1回生成したらその時だけしかコピーできないので、必ず控えてください。

export を使用してTokenを変数に代入します。

export DO_PAT="YOUR_PERSONAL_ACCESS_TOKEN"

上でAPI tokenとTerraformでDigitalOcean dropletを作る(1)で指定していた公開鍵の値
terraform planの引数に代入します。terraform planはテスト用のコマンドで実際には、dropletが作成されるわけではありませんので気軽にテストしてみましょう。

terraform plan -var "do_token=${DO_PAT}"  -var "pvt_key=$HOME/.ssh/id_rsa"
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  #digitalocean_droplet.www-1 will be created
  + resource "digitalocean_droplet" "www-1" {
      + backups              = false
      + created_at           = (known after apply)
      + disk                 = (known after apply)
      + id                   = (known after apply)
      + image                = "ubuntu-18-04-x64"
      + ipv4_address         = (known after apply)
      + ipv4_address_private = (known after apply)
      + ipv6                 = false
      + ipv6_address         = (known after apply)
      + ipv6_address_private = (known after apply)
      + locked               = (known after apply)
      + memory               = (known after apply)
      + monitoring           = false
      + name                 = "www-1"
      + price_hourly         = (known after apply)
      + price_monthly        = (known after apply)
      + private_networking   = true
      + region               = "nyc2"
      + resize_disk          = true
      + size                 = "s-1vcpu-1gb"
      + ssh_keys             = [
          + "29568391",
        ]
      + status               = (known after apply)
      + urn                  = (known after apply)
      + vcpus                = (known after apply)
      + volume_ids           = (known after apply)
      + vpc_uuid             = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

うまく行ったら実際に作成してみます。

terraform apply -var "do_token=${DO_PAT}"  -var "pvt_key=$HOME/.ssh/id_rsa"

うまく行ったでしょうか?