infrastructure 也可以 for each 之二
课程内容与代码会放在 Github 上: https://github.com/chechiachang/terraform-30-days
赛後文章会整理放到个人的部落格上 http://chechia.net/
这边细讲 for_each
meta-argument 的相关使用
for_each
的 resource block 中,可以在使用 each object,来取得 for_each
内的 key 与 value以 node_pools
这个变数为例,本身是 module 的 intput variable
# modules/kubernetes_cluster/variables.tf
# var.node_pools is a map of any
variable "node_pools" {
type = map(any)
default = {}
}
实际 node_pools
input variable 内容物可能涨这样
node_pools = {
spot = {...},
on-demand = {...}
}
然後回头看 for_each
for_each = var.node_pools
指的是,为每个 node_pools
的 member 产生一组 resourceresource "azurerm_kubernetes_cluster_node_pool" "main" {
for_each = var.node_pools
name = each.value.name
...
}
将 meta-argument 展开後,实际上会是
azurerm_kubernetes_cluster_node_pool
resourcefor_each
meta-argument,让 terraform 知道resource "azurerm_kubernetes_cluster_node_pool" "main[spot]" {
name = var.node_pools.spot.name
...
}
resource "azurerm_kubernetes_cluster_node_pool" "main[on-demand]" {
name = var.node_pools.on-demand.name
...
}
至於实际 each.value.name 会取到什麽值,就依照各个 member value 去寻找
node_pools = {
spot = {
name = "spot"
...
},
on_demand = {
name = "on-demand"
...
}
}
最後变成,两个 resource block
resource "azurerm_kubernetes_cluster_node_pool" "main[spot]" {
name = "spot"
...
}
resource "azurerm_kubernetes_cluster_node_pool" "main[on-demand]" {
name = "on-demand"
...
}
比较两种写法
resource "azurerm_kubernetes_cluster_node_pool" "main" {
for_each = var.node_pools
name = each.value.name
kubernetes_cluster_id = azurerm_kubernetes_cluster.main.id
vm_size = each.value.vm_size
node_count = each.value.node_count
mode = each.value.mode
priority = each.value.priority
node_labels = each.value.node_labels
node_taints = each.value.node_taints
}
resource "azurerm_kubernetes_cluster_node_pool" "main[spot]" {
name = "spot"
...
}
resource "azurerm_kubernetes_cluster_node_pool" "main[on-demand]" {
name = "on-demand"
...
}
好处
坏处
实务上我们都会选择使用 for_each
meta-argument,牺牲可读性换取精简的程序码
Terraform for each meta-argument 也有许多限制
for_each
的 variable 必须是 deterministic,意思是必须是定值for_each
的参数其实仍是 undefinedsentisive 的参数也无法使用在 for_each
上
for_each
需要的可见度,会无法取得 sensitive 数值variable "vpcs" {
type = map(object({
cidr_block = string
}))
}
resource "aws_vpc" "example" {
# One VPC for each element of var.vpcs
for_each = var.vpcs
# each.value here is a value from var.vpcs
cidr_block = each.value.cidr_block
}
resource "aws_internet_gateway" "example" {
# One Internet Gateway per VPC
for_each = aws_vpc.example
# each.value here is a full aws_vpc object
vpc_id = each.value.id
}
output "vpc_ids" {
value = {
for k, v in aws_vpc.example : k => v.id
}
# The VPCs aren't fully functional until their
# internet gateways are running.
depends_on = [aws_internet_gateway.example]
}
While顾名思义就是,当…,所以当我们假设的条件成立时,就会执行回圈内的东西,否则就执行回圈外的程...
学习目标 if判断&switch case 、取得html元素 if判断 if(条件)-&g...
前序检查(preorder) 中序检查(inorder) 後序检查(postorder) 後序检查来...
三十天很快要到了尾声了,今天要来介绍 The Twelve-Factor App(下称 12 Fac...
上一篇介绍了Shimmer这个第三方 并建立了自己想要的Widget 这一篇将实际结合API fet...