728x90
반응형
Overview
오늘은 Terraformer에 대해서 공부해보려고 한다.
Terraformer란?
기존의 생성되어있는 인프라를 테라폼 소스로 가져오는 오픈소스 툴이다.
그리고 Terraformer는 GCP를 위해 만들어진 툴이다. Waze SRE에서 만들었으며 공식적인 제품은 아니다.
Terraformer 가지고 있는 AWS 리소스는 아래 링크와 같다.
Terraformer 설치 및 Import Resource
저는 Window를 사용중이고 그 위에 WSL을 설치하여 사용중입니다.
따라서 제가 알려드리는 설치과정은 Linux기준입니다.
Terraformer 다운로드
export PROVIDER={all,google,aws,kubernetes}
curl -LO https://github.com/GoogleCloudPlatform/terraformer/releases/download/$(curl -s https://api.github.com/repos/GoogleCloudPlatform/terraformer/releases/latest | grep tag_name | cut -d '"' -f 4)/terraformer-${PROVIDER}-linux-amd64
chmod +x terraformer-${PROVIDER}-linux-amd64
sudo mv terraformer-${PROVIDER}-linux-amd64 /usr/local/bin/terraformer
export PROVIDER=aws
curl -LO https://github.com/GoogleCloudPlatform/terraformer/releases/download/$(curl -s https://api.github.com/repos/GoogleCloudPlatform/terraformer/releases/latest | grep tag_name | cut -d '"' -f 4)/terraformer-${PROVIDER}-linux-amd64
chmod +x terraformer-${PROVIDER}-linux-amd64
sudo mv terraformer-${PROVIDER}-linux-amd64 /usr/local/bin/terraformer
export PROVIDER=google
curl -LO https://github.com/GoogleCloudPlatform/terraformer/releases/download/$(curl -s https://api.github.com/repos/GoogleCloudPlatform/terraformer/releases/latest | grep tag_name | cut -d '"' -f 4)/terraformer-${PROVIDER}-linux-amd64
chmod +x terraformer-${PROVIDER}-linux-amd64
sudo mv terraformer-${PROVIDER}-linux-amd64 /usr/local/bin/terraformer
AWS
$ terraformer import
Import current state to Terraform configuration
Usage:
import [command]
Available Commands:
aws Import current state to Terraform configuration from AWS
plan Import planned state to Terraform configuration
Flags:
-h, --help help for import
Additional help topics:
import no-sort Don't sort resources
Use " import [command] --help" for more information about a command.
GCP
$ terraformer import
Import current state to Terraform configuration
Usage:
import [command]
Available Commands:
google Import current state to Terraform configuration from Google Cloud
plan Import planned state to Terraform configuration
Flags:
-h, --help help for import
Additional help topics:
import no-sort Don't sort resources
Use " import [command] --help" for more information about a command.
Provider 다운로드
$ curl -LO https://releases.hashicorp.com/terraform-provider-aws/4.64.0/terraform-provider-aws_4.64.0_linux_amd64.zip
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 76.3M 100 76.3M 0 0 99.0M 0 --:--:-- --:--:-- --:--:-- 98.9M
$ mkdir -p ~/.terraform.d/plugins/linux_amd64
$ mv terraform-provider-aws_4.64.0_linux_amd64.zip ~/.terraform.d/plugins/linux_amd64/
$ cd .terraform.d/plugins/linux_amd64/
~/.terraform.d/plugins/linux_amd64$ unzip terraform-provider-aws_4.64.0_linux_amd64.zip
Archive: terraform-provider-aws_4.64.0_linux_amd64.zip
inflating: terraform-provider-aws_v4.64.0_x5
Terraformer Import Resource
Import를 하면 generated 디렉토리 안에 리소스들이 생성된다.
$ terraformer import aws --resources=* --path-pattern="{output}/" --connect=true --regions=ap-northeast-2 --profile luxon
2023/04/27 16:48:53 aws importing region ap-northeast-2
2023/04/27 16:48:53 aws importing... vpc
2023/04/27 16:48:53 aws done importing vpc
2023/04/27 16:48:53 aws importing... subnet
2023/04/27 16:48:53 aws done importing subnet
2023/04/27 16:48:53 aws importing... route_table
2023/04/27 16:48:53 aws done importing route_table
2023/04/27 16:48:53 aws importing... igw
2023/04/27 16:48:53 aws done importing igw
2023/04/27 16:48:53 aws importing... sg
2023/04/27 16:48:53 aws done importing sg
2023/04/27 16:48:53 aws importing... nat
2023/04/27 16:48:54 aws done importing nat
2023/04/27 16:48:54 Number of resources for service sg: 26
2023/04/27 16:48:54 Number of resources for service nat: 5
2023/04/27 16:48:54 Number of resources for service vpc: 4
2023/04/27 16:48:54 Number of resources for service subnet: 26
2023/04/27 16:48:54 Number of resources for service route_table: 42
2023/04/27 16:48:54 Number of resources for service igw: 4
...
$ ls
acm_certificate.tf docdb_cluster_instance.tf elasticache_replication_group.tf iam_user_policy_attachment.tf opsworks_user_profile.tf s3_bucket_policy.tf
cloudformation_stack.tf docdb_cluster_parameter_group.tf elasticache_subnet_group.tf instance.tf organizations_account.tf secretsmanager_secret.tf
cloudfront_distribution.tf docdb_subnet_group.tf iam_group.tf internet_gateway.tf organizations_organization.tf security_group.tf
cloudwatch_dashboard.tf dynamodb_table.tf iam_group_policy_attachment.tf lb.tf outputs.tf subnet.tf
cloudwatch_event_rule.tf ecr_repository.tf iam_instance_profile.tf lb_listener.tf provider.tf terraform.tfstate
cloudwatch_event_target.tf efs_file_system.tf iam_policy.tf lb_listener_rule.tf rds_cluster.tf variables.tf
cloudwatch_log_group.tf efs_file_system_policy.tf iam_role.tf lb_target_group.tf resourcegroups_group.tf vpc.tf
cloudwatch_metric_alarm.tf efs_mount_target.tf iam_role_policy.tf lb_target_group_attachment.tf route53_record.tf
db_instance.tf eip.tf iam_role_policy_attachment.tf main_route_table_association.tf route53_zone.tf
db_parameter_group.tf eks_cluster.tf iam_user.tf nat_gateway.tf route_table.tf
db_subnet_group.tf elasticache_cluster.tf iam_user_group_membership.tf network_acl.tf route_table_association.tf
docdb_cluster.tf elasticache_parameter_group.tf iam_user_policy.tf network_interface.tf
Provider.tf 수정
$ cat provider.tf
provider "aws" {
region = "ap-northeast-2"
profile = "<profile>"
shared_config_files = ["~/.aws/config"]
shared_credentials_files = ["~/.aws/credentials"]
}
terraform {
required_providers {
aws = {
version = "~> 4.64.0"
}
}
}
.tfstate를 aws 형식으로 변경
terraformer로 생성된 provider에는 shared_config_files, shared_credentials_files 옵션이 없기 때문에 terraform init&plan이 불가능하기 때문에 꼭 필요한 작업이다.
$ terraform state replace-provider -auto-approve -- -/aws hashicorp/aws
Terraform will perform the following actions:
~ Updating provider:
- registry.terraform.io/-/aws
+ registry.terraform.io/hashicorp/aws
Changing 107 resources:
$ cat iam_user.tf
resource "aws_iam_user" "tfer--AIDAXYWB7XLZF5D4TG2XB" {
force_destroy = "false"
name = "administrator"
path = "/"
}
resource "aws_iam_user" "tfer--AIDAXYWB7XLZG3EP2YD3J" {
force_destroy = "false"
name = "github-action"
path = "/"
}
Reference
728x90
반응형
'IaC > Infrastructure Provisioning' 카테고리의 다른 글
| 2. Pulumi 활용 (2) | 2023.10.04 |
|---|---|
| 1. Pulumi란? (0) | 2023.09.13 |
| 5. Terraform의 다양한 Expression (0) | 2023.04.13 |
| 4. Terraform의 다양한 Function(함수) (0) | 2023.04.11 |
| 3. Terraform 다양한 변수(variable, local, data...output, input) - AWS (0) | 2023.04.09 |