在本快速入門指南中,您將建立 Terraform 設定檔,佈建儲存空間值區,並將 sample_file.txt 物件上傳至該值區。如要完成本快速入門導覽課程,請使用本機殼層和終端機,或 Cloud Shell 編輯器和 Cloud Shell 終端機。您也會使用 Terraform CLI,這項工具已預先安裝在 Cloud Shell 中。
事前準備
如要為本快速入門導覽設定專案,請完成下列步驟:
-
In the Trusted Cloud console, on the project selector page, select or create a Trusted Cloud project.
-
Make sure that billing is enabled for your Trusted Cloud project.
-
Enable the Cloud Storage API.
-
In the Trusted Cloud console, activate Cloud Shell.
At the bottom of the Trusted Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.
- 設定要套用 Terraform 設定的預設 Trusted Cloud by S3NS 專案:
export GOOGLE_CLOUD_PROJECT=PROJECT_ID
- 在 Cloud Shell 終端機中,將主目錄設為有效目錄:
cd - 建立名為
terraform的新資料夾:
mkdir terraform - 按一下 Cloud Shell 視窗工具列上的「開啟編輯器」,啟動 Cloud Shell 編輯器。
- 在「Explorer」窗格中,在
terraform資料夾上按一下滑鼠右鍵,然後點選「New File」。 - 輸入
main.tf做為檔案名稱,然後按一下「OK」。 - 在「Explorer」窗格中,在
terraform資料夾上按一下滑鼠右鍵,然後點選「New File」。 - 輸入
sample_file.txt做為檔案名稱,然後按一下「OK」。 開啟
main.tf檔案。將下列範例複製到
main.tf檔案。# Create new storage bucket in the U-FRANCE-EAST1 # location with Standard Storage resource "google_storage_bucket" "static" { name = "BUCKET_NAME" location = "U-FRANCE-EAST1" storage_class = "STANDARD" uniform_bucket_level_access = true } # Upload a text file as an object # to the storage bucket resource "google_storage_bucket_object" "default" { name = "OBJECT_NAME" source = "OBJECT_PATH" content_type = "text/plain" bucket = google_storage_bucket.static.id }取代:
將 BUCKET_NAME 改成您要建立的值區名稱。例如:
my-bucket。OBJECT_NAME,並將其替換為要上傳的物件名稱。 在本快速入門導覽課程中,請輸入名稱
sample_file.txt。OBJECT_PATH,其中 OBJECT_PATH 是要上傳的物件路徑。 在本快速入門導覽課程中,請輸入路徑
~/terraform/sample_file.txt。
儲存
main.tf檔案。在終端機中,將
terraform資料夾設為目前的工作目錄:cd ~/terraform初始化 Terraform:
terraform init如果您使用 Cloud Shell,且系統提示您授權 Cloud Shell,請點選「Authorize」(授權)。
Terraform 會初始化工作目錄。如果成功初始化工作目錄,Terraform 會傳回類似下列內容的輸出結果:
Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.使用下列指令,將執行計畫中的變更套用至 Cloud Storage 基礎架構。套用變更後,Terraform 會建立儲存空間值區,並將
sample_file.txt上傳至該值區。terraform apply輸出內容範例:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # google_storage_bucket.static will be created + resource "google_storage_bucket" "static" { + force_destroy = false + id = (known after apply) + location = "U-FRANCE-EAST1" + name = "my-bucket" + project = "my-project" + public_access_prevention = (known after apply) + self_link = (known after apply) + storage_class = "STANDARD" + uniform_bucket_level_access = true + url = (known after apply) + versioning { + enabled = (known after apply) } + website { + main_page_suffix = (known after apply) + not_found_page = (known after apply) } } # google_storage_bucket_object.default will be created + resource "google_storage_bucket_object" "default" { + bucket = (known after apply) + content_type = "text/plain" + crc32c = (known after apply) + detect_md5hash = "different hash" + id = (known after apply) + kms_key_name = (known after apply) + md5hash = (known after apply) + media_link = (known after apply) + name = "sample_file.txt" + output_name = (known after apply) + self_link = (known after apply) + source = "sample_file.txt" + storage_class = (known after apply) } Plan: 2 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value:輸入
yes,然後按下 Enter 鍵。如果成功,Terraform 會傳回類似下列內容的輸出內容:
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.在終端機中,將
terraform資料夾設為目前的工作目錄:cd ~/terraform根據 Terraform 設定檔刪除您建立的 Cloud Storage 資源:
terraform destroy如果成功,Terraform 會傳回類似下列內容的輸出內容:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: # google_storage_bucket.static will be destroyed - resource "google_storage_bucket" "static" { - default_event_based_hold = false -> null - force_destroy = false -> null - id = "my-bucket" -> null - labels = {} -> null - location = "U-FRANCE-EAST1" -> null - name = "" -> null - project = "example-project" -> null - public_access_prevention = "inherited" -> null - requester_pays = false -> null - self_link = "https://www.s3nsapis.fr/storage/v1/b/cbonnie-bucket-9" -> null - storage_class = "STANDARD" -> null - uniform_bucket_level_access = true -> null - url = "gs://BUCKET_NAME" -> null } # google_storage_bucket_object.default will be destroyed - resource "google_storage_bucket_object" "default" { - bucket = "my-bucket" -> null - content_type = "text/plain" -> null - crc32c = "yZRlqg==" -> null - detect_md5hash = "XrY7u+Ae7tCTyyK7j1rNww==" -> null - event_based_hold = false -> null - id = "my-bucket-sample_file.txt" -> null - md5hash = "XrY7u+Ae7tCTyyK7j1rNww==" -> null - media_link = "https://storage.googleapis.com/download/storage/v1/b/BUCKET_NAME/o/sample_file.txt?generation=1675800386233102&alt=media" -> null - metadata = {} -> null - name = "sample_file.txt" -> null - output_name = "sample_file.txt" -> null - self_link = "https://www.s3nsapis.fr/storage/v1/b/BUCKET_NAME/o/sample_file.txt" -> null - source = "sample_file.txt" -> null - storage_class = "STANDARD" -> null - temporary_hold = false -> null } Plan: 0 to add, 0 to change, 2 to destroy. Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value:輸入
yes,然後按下 Enter 鍵。如果成功,Terraform 會傳回類似下列內容的輸出內容:Destroy complete! Resources: 2 destroyed.在終端機中刪除
terraform資料夾。rm -rf ~/terraform如要確認值區和物件已刪除,請前往 Trusted Cloud 控制台的「Buckets」(值區) 頁面。
建立資料夾結構和 Terraform 設定檔
如要建立 Terraform 設定檔,以及要以物件形式上傳至 Cloud Storage 的檔案,請完成下列步驟:
Cloud Shell
本機殼層
在 Terraform 設定檔中定義基礎架構
如要在 Terraform 設定檔中定義要佈建的基礎架構,請完成下列步驟:
初始化包含 Terraform 設定檔的工作目錄
如要初始化 Terraform 和包含 Terraform 設定檔的目錄,請完成下列步驟:
預覽執行計畫
Terraform 執行計畫會根據 Terraform 設定,指出 Terraform 打算對 Cloud Storage 基礎架構和服務進行的變更。
查看 Terraform 執行計畫:
terraform plan輸出內容範例:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# google_storage_bucket.static will be created
+ resource "google_storage_bucket" "static" {
+ force_destroy = false
+ id = (known after apply)
+ location = "U-FRANCE-EAST1"
+ name = "my-bucket"
+ project = "my-project"
+ public_access_prevention = (known after apply)
+ self_link = (known after apply)
+ storage_class = "STANDARD"
+ uniform_bucket_level_access = true
+ url = (known after apply)
+ versioning {
+ enabled = (known after apply)
}
+ website {
+ main_page_suffix = (known after apply)
+ not_found_page = (known after apply)
}
}
# google_storage_bucket_object.default will be created
+ resource "google_storage_bucket_object" "default" {
+ bucket = (known after apply)
+ content_type = "text/plain"
+ crc32c = (known after apply)
+ detect_md5hash = "different hash"
+ id = (known after apply)
+ kms_key_name = (known after apply)
+ md5hash = (known after apply)
+ media_link = (known after apply)
+ name = "sample_file.txt"
+ output_name = (known after apply)
+ self_link = (known after apply)
+ source = "sample_file.txt"
+ storage_class = (known after apply)
}
Plan: 2 to add, 0 to change, 0 to destroy.
套用執行計畫中提出的變更
如要套用 Terraform 設定檔中的變更,請完成下列步驟:
查看儲存空間值區和上傳的物件
在 Trusted Cloud 控制台,前往「Cloud Storage bucket」頁面。系統會顯示新值區,內含 sample_file.txt 物件。請注意,執行 terraform apply 後,資源可能需要幾分鐘的時間才能完成佈建。
清除專案所用資源
為避免系統向您收取在本快速入門導覽課程中建立的 Trusted Cloud by S3NS 資源費用,請完成下列步驟來清除資源: