4. GCP-테라폼-Cloud SQL
<1> 환경설정
<2> Cloud SQL
<1> 환경설정
1
gcloud auth list
2
gcloud config list project
<2> Cloud SQL
1
cat main.tf
$ more *.tf
::::::::::::::
main.tf
::::::::::::::
provider "google" {
version = "~> 2.13"
}
provider "google-beta" {
version = "~> 2.13"
}
provider "random" {
version = "~> 2.2"
}
resource "random_id" "name" {
byte_length = 2
}
resource "google_sql_database_instance" "master" {
name = "example-mysql-${random_id.name.hex}"
project = var.project
region = var.region
database_version = var.database_version
master_instance_name = var.master_instance_name
settings {
tier = var.tier
activation_policy = var.activation_policy
authorized_gae_applications = var.authorized_gae_applications
disk_autoresize = var.disk_autoresize
dynamic "backup_configuration" {
for_each = [var.backup_configuration]
content {
binary_log_enabled = lookup(backup_configuration.value, "binary_log_enabled", null)
enabled = lookup(backup_configuration.value, "enabled", null)
start_time = lookup(backup_configuration.value, "start_time", null)
}
}
dynamic "ip_configuration" {
for_each = [var.ip_configuration]
content {
ipv4_enabled = lookup(ip_configuration.value, "ipv4_enabled", true)
private_network = lookup(ip_configuration.value, "private_network", null)
require_ssl = lookup(ip_configuration.value, "require_ssl", null)
dynamic "authorized_networks" {
for_each = lookup(ip_configuration.value, "authorized_networks", [])
content {
expiration_time = lookup(authorized_networks.value, "expiration_time", null)
name = lookup(authorized_networks.value, "name", null)
value = lookup(authorized_networks.value, "value", null)
}
}
}
}
dynamic "location_preference" {
for_each = [var.location_preference]
content {
follow_gae_application = lookup(location_preference.value, "follow_gae_application", null)
zone = lookup(location_preference.value, "zone", null)
}
}
dynamic "maintenance_window" {
for_each = [var.maintenance_window]
content {
day = lookup(maintenance_window.value, "day", null)
hour = lookup(maintenance_window.value, "hour", null)
update_track = lookup(maintenance_window.value, "update_track", null)
}
}
disk_size = var.disk_size
disk_type = var.disk_type
pricing_plan = var.pricing_plan
replication_type = var.replication_type
availability_type = var.availability_type
}
dynamic "replica_configuration" {
for_each = [var.replica_configuration]
content {
ca_certificate = lookup(replica_configuration.value, "ca_certificate", null)
client_certificate = lookup(replica_configuration.value, "client_certificate", null)
client_key = lookup(replica_configuration.value, "client_key", null)
connect_retry_interval = lookup(replica_configuration.value, "connect_retry_interval", null)
dump_file_path = lookup(replica_configuration.value, "dump_file_path", null)
failover_target = lookup(replica_configuration.value, "failover_target", null)
master_heartbeat_period = lookup(replica_configuration.value, "master_heartbeat_period", null)
password = lookup(replica_configuration.value, "password", null)
ssl_cipher = lookup(replica_configuration.value, "ssl_cipher", null)
username = lookup(replica_configuration.value, "username", null)
verify_server_certificate = lookup(replica_configuration.value, "verify_server_certificate", null)
}
}
timeouts {
create = "60m"
delete = "2h"
}
}
resource "google_sql_database" "default" {
count = var.master_instance_name == "" ? 1 : 0
name = var.db_name
project = var.project
instance = google_sql_database_instance.master.name
charset = var.db_charset
collation = var.db_collation
}
resource "random_id" "user-password" {
byte_length = 8
}
resource "google_sql_user" "default" {
count = var.master_instance_name == "" ? 1 : 0
name = var.user_name
project = var.project
instance = google_sql_database_instance.master.name
host = var.user_host
password = var.user_password == "" ? random_id.user-password.hex : var.user_password
}
::::::::::::::
outputs.tf
::::::::::::::
output "instance_name" {
description = "The name of the database instance"
value = google_sql_database_instance.master.name
}
output "instance_address" {
description = "The IPv4 address of the master database instnace"
value = google_sql_database_instance.master.ip_address.0.ip_address
}
output "instance_address_time_to_retire" {
description = "The time the master instance IP address will be retired. RFC 3339 format."
value = google_sql_database_instance.master.ip_address.0.time_to_retire
}
output "self_link" {
description = "Self link to the master instance"
value = google_sql_database_instance.master.self_link
}
output "generated_user_password" {
description = "The auto generated default user password if no input password was provided"
value = random_id.user-password.hex
sensitive = true
}
::::::::::::::
variables.tf
::::::::::::::
variable "project" {
description = "The project to deploy to, if not set the default provider project is used."
default = ""
}
variable "region" {
description = "Region for cloud resources"
default = "us-central1"
}
variable "database_version" {
description = "The version of of the database. For example, `MYSQL_5_6` or `POSTGRES_9_6`."
default = "MYSQL_5_6"
}
variable "master_instance_name" {
description = "The name of the master instance to replicate"
default = ""
}
variable "tier" {
description = "The machine tier (First Generation) or type (Second Generation). See this page for supported tiers and pricing: https://cloud.google.com/sql/pricing"
default = "db-f1-micro"
}
variable "db_name" {
description = "Name of the default database to create"
default = "default"
}
variable "db_charset" {
description = "The charset for the default database"
default = ""
}
variable "db_collation" {
description = "The collation for the default database. Example for MySQL databases: 'utf8_general_ci', and Postgres: 'en_US.UTF8'"
default = ""
}
variable "user_name" {
description = "The name of the default user"
default = "default"
}
variable "user_host" {
description = "The host for the default user"
default = "%"
}
variable "user_password" {
description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable."
default = ""
}
variable "activation_policy" {
description = "This specifies when the instance should be active. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`."
default = "ALWAYS"
}
variable "authorized_gae_applications" {
description = "A list of Google App Engine (GAE) project names that are allowed to access this instance."
default = []
}
variable "disk_autoresize" {
description = "Second Generation only. Configuration to increase storage size automatically."
default = true
}
variable "disk_size" {
description = "Second generation only. The size of data disk, in GB. Size of a running instance cannot be reduced but can be increased."
default = 10
}
variable "disk_type" {
description = "Second generation only. The type of data disk: `PD_SSD` or `PD_HDD`."
default = "PD_SSD"
}
variable "pricing_plan" {
description = "First generation only. Pricing plan for this instance, can be one of `PER_USE` or `PACKAGE`."
default = "PER_USE"
}
variable "replication_type" {
description = "Replication type for this instance, can be one of `ASYNCHRONOUS` or `SYNCHRONOUS`."
default = "SYNCHRONOUS"
}
variable "database_flags" {
description = "List of Cloud SQL flags that are applied to the database server"
default = []
}
variable "backup_configuration" {
description = "The backup_configuration settings subblock for the database setings"
default = {}
}
variable "ip_configuration" {
description = "The ip_configuration settings subblock"
default = {}
}
variable "location_preference" {
description = "The location_preference settings subblock"
default = {}
}
variable "maintenance_window" {
description = "The maintenance_window settings subblock"
default = {}
}
variable "replica_configuration" {
description = "The optional replica_configuration block for the database instance"
default = {}
}
variable "availability_type" {
description = "This specifies whether a PostgreSQL instance should be set up for high availability (REGIONAL) or single zone (ZONAL)."
default = "ZONAL"
}
terraform init
terraform plan -out=tfplan
terraform apply tfplan
전체보기
https://brunch.co.kr/@topasvga/3394
감사합니다.
