Gestire le risorse di utilizzo dei servizi con Terraform
Questo documento descrive come eseguire il provisioning delle risorse di Service Usage, ad esempio gli override delle quote, mediante Terraform.
Per gestire gli override delle quote dei consumer, puoi utilizzare lo schema google_service_usage_consumer_quota_override per specificare le risorse nel file di configurazione Terraform ed eseguire i comandi Terraform per applicare la modifica.
Prima di iniziare
Esamina il modello della quota di servizio, che descrive la terminologia utilizzata in questo tutorial.
Configura Terraform e le credenziali:
Installa Google Cloud SDK.
Crea le credenziali predefinite dell'applicazione:
gcloud auth application-default login
Crea override delle quote consumer
Crea file di configurazione:
Vai alla directory di lavoro.
Copia e incolla i seguenti contenuti in un nuovo file denominato main.tf.
resource "google_service_usage_consumer_quota_override" "regional_override" { provider = google-beta dimensions = { region = "us-central1" } project = PROJECT_ID service = "libraryagent.googleapis.com" metric = "libraryagent.googleapis.com%2Fread_requests_regional" limit = "%2Fmin%2Fproject%2Fregion" override_value = "8" force = true } resource "google_service_usage_consumer_quota_override" "cd_override" { provider = google-beta dimensions = { author = "larry" } project = PROJECT_ID service = "libraryagent.googleapis.com" metric = "libraryagent.googleapis.com%2Fborrows" limit = "%2Fauthor%2Fproject" override_value = "8" force = true }I contenuti che hai inserito nel file
main.tfcontengono le informazioni di configurazione per due override consumer:"regional_override"e"cd_override". Per le spiegazioni di ciascun campo, consulta la sezione Riferimento argomento.Inizializza la directory di lavoro.
terraform init -upgradeApplica la configurazione di Terraform.
terraform applyTerraform controlla lo stato attuale e lo confronta con le informazioni contenute nel file di configurazione. Una volta completato il confronto, Terraform stampa un elenco delle modifiche e fornisce le opzioni per procedere o annullare l'applicazione delle modifiche.
GoSM: Setting up security policy for terraform binary. GoSM: Setting up security policy for terraform binary. google_service_usage_consumer_quota_override.cd_override: Refreshing state... [id=projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fborrows/limits/%2Fauthor%2Fproject/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGg8KBmF1dGhvchIFbGFycnk=] An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # google_service_usage_consumer_quota_override.cd_override will be created + resource "google_service_usage_consumer_quota_override" "cd_override" { + dimensions = { + "author" = "larry" } + force = true + id = (known after apply) + limit = "%2Fauthor%2Fproject" + metric = "libraryagent.googleapis.com%2Fborrows" + name = (known after apply) + override_value = "8" + project = "loas-linweic" + service = "libraryagent.googleapis.com" } # google_service_usage_consumer_quota_override.regional_override will be created + resource "google_service_usage_consumer_quota_override" "regional_override" { + dimensions = { + "region" = "us-central1" } + force = true + id = (known after apply) + limit = "%2Fmin%2Fproject%2Fregion" + metric = "libraryagent.googleapis.com%2Fread_requests_regional" + name = (known after apply) + override_value = "8" + project = "loas-linweic" + service = "libraryagent.googleapis.com" } Plan: 2 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value:Inserisci yes:
Enter a value: yes google_service_usage_consumer_quota_override.regional_override: Creating... google_service_usage_consumer_quota_override.cd_override: Creating... google_service_usage_consumer_quota_override.cd_override: Still creating... [10s elapsed] google_service_usage_consumer_quota_override.regional_override: Still creating... [10s elapsed] google_service_usage_consumer_quota_override.cd_override: Creation complete after 12s [id=projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fborrows/limits/%2Fauthor%2Fproject/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGg8KBmF1dGhvchIFbGFycnk=] google_service_usage_consumer_quota_override.regional_override: Creation complete after 12s [id=projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fread_requests_regional/limits/%2Fmin%2Fproject%2Fregion/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGhUKBnJlZ2lvbhILdXMtY2VudHJhbDE=] Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
Modifica override quota consumer
- Per cambiare una sostituzione, modifica il file
main.tfe il valore di un campooverride_value. Applica la configurazione di Terraform.
terraform apply
Elimina override delle quote consumer
Per eliminare un override della quota consumer, rimuovi il blocco di risorse corrispondente dal file main.tf. Puoi rimuovere più override. Per rimuovere tutte le sostituzioni, assicurati che il file main.tf sia vuoto.
Applica la configurazione di Terraform.
terraform applyad esempio per eliminare l'override regionale di cui hai eseguito il provisioning in precedenza. Elimina il blocco che fa riferimento alla risorsa:
resource "google_service_usage_consumer_quota_override" "regional_override" { ... }L'output dopo
terraform applyè il seguente:GoSM: Setting up security policy for terraform binary. GoSM: Setting up security policy for terraform binary. google_service_usage_consumer_quota_override.regional_override: Refreshing state... [id=projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fread_requests_regional/limits/%2Fmin%2Fproject%2Fregion/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGhUKBnJlZ2lvbhILdXMtY2VudHJhbDE=] google_service_usage_consumer_quota_override.cd_override: Refreshing state... [id=projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fborrows/limits/%2Fauthor%2Fproject/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGg8KBmF1dGhvchIFbGFycnk=] An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: # google_service_usage_consumer_quota_override.regional_override will be destroyed - resource "google_service_usage_consumer_quota_override" "regional_override" { - dimensions = { - "region" = "us-central1" } -> null - force = true -> null - id = "projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fread_requests_regional/limits/%2Fmin%2Fproject%2Fregion/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGhUKBnJlZ2lvbhILdXMtY2VudHJhbDE=" -> null - limit = "%2Fmin%2Fproject%2Fregion" -> null - metric = "libraryagent.googleapis.com%2Fread_requests_regional" -> null - name = "Cg1RdW90YU92ZXJyaWRlGhUKBnJlZ2lvbhILdXMtY2VudHJhbDE=" -> null - override_value = "8" -> null - project = "loas-linweic" -> null - service = "libraryagent.googleapis.com" -> null } Plan: 0 to add, 0 to change, 1 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value:Inserisci yes per continuare:
Enter a value: yes google_service_usage_consumer_quota_override.regional_override: Destroying... [id=projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fread_requests_regional/limits/%2Fmin%2Fproject%2Fregion/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGhUKBnJlZ2lvbhILdXMtY2VudHJhbDE=] google_service_usage_consumer_quota_override.regional_override: Still destroying... [id=projects/loas-linweic/services/librarya...JyaWRlGhUKBnJlZ2lvbhILdXMtY2VudHJhbDE=, 10s elapsed] google_service_usage_consumer_quota_override.regional_override: Destruction complete after 11s Apply complete! Resources: 0 added, 0 changed, 1 destroyed.
File di stato
Noterai che nella directory di lavoro sono generati due file: terraform.tfstate e terraform.tfstate.backup. Il primo file registra lo stato attuale dell'infrastruttura dopo l'esecuzione dell'ultimo terraform apply. Il secondo file registra lo stato precedente all'ultimo terraform apply. Per saperne di più sullo stato di Terraform, consulta il relativo documento ufficiale.
Se hai seguito i passaggi descritti in questa pagina finora, il contenuto seguente si trova nel file terraform.tfstate, con cd_override rimasto nella nostra infrastruttura.
{
"version": 4,
"terraform_version": "0.12.31",
"serial": 49,
"lineage": "9dfbb2cc-7014-10ec-b8e1-ec9f36ea1acc",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "google_service_usage_consumer_quota_override",
"name": "cd_override",
"provider": "provider.google-beta",
"instances": [
{
"schema_version": 0,
"attributes": {
"dimensions": {
"author": "larry"
},
"force": true,
"id": "projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fborrows/limits/%2Fauthor%2Fproject/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGg8KBmF1dGhvchIFbGFycnk=",
"limit": "%2Fauthor%2Fproject",
"metric": "libraryagent.googleapis.com%2Fborrows",
"name": "Cg1RdW90YU92ZXJyaWRlGg8KBmF1dGhvchIFbGFycnk=",
"override_value": "8",
"project": "loas-linweic",
"service": "libraryagent.googleapis.com",
"timeouts": null
},
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoyNDAwMDAwMDAwMDAsImRlbGV0ZSI6MjQwMDAwMDAwMDAwLCJ1cGRhdGUiOjI0MDAwMDAwMDAwMH19"
}
]
}
]
}
Nel file terraform.tfstate.backup, contiene entrambi gli override prima del deprovision.
{
"version": 4,
"terraform_version": "0.12.31",
"serial": 47,
"lineage": "9dfbb2cc-7014-10ec-b8e1-ec9f36ea1acc",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "google_service_usage_consumer_quota_override",
"name": "cd_override",
"provider": "provider.google-beta",
"instances": [
{
"schema_version": 0,
"attributes": {
"dimensions": {
"author": "larry"
},
"force": true,
"id": "projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fborrows/limits/%2Fauthor%2Fproject/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGg8KBmF1dGhvchIFbGFycnk=",
"limit": "%2Fauthor%2Fproject",
"metric": "libraryagent.googleapis.com%2Fborrows",
"name": "Cg1RdW90YU92ZXJyaWRlGg8KBmF1dGhvchIFbGFycnk=",
"override_value": "8",
"project": "loas-linweic",
"service": "libraryagent.googleapis.com",
"timeouts": null
},
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoyNDAwMDAwMDAwMDAsImRlbGV0ZSI6MjQwMDAwMDAwMDAwLCJ1cGRhdGUiOjI0MDAwMDAwMDAwMH19"
}
]
},
{
"mode": "managed",
"type": "google_service_usage_consumer_quota_override",
"name": "regional_override",
"provider": "provider.google-beta",
"instances": [
{
"schema_version": 0,
"attributes": {
"dimensions": {
"region": "us-central1"
},
"force": true,
"id": "projects/loas-linweic/services/libraryagent.googleapis.com/consumerQuotaMetrics/libraryagent.googleapis.com%2Fread_requests_regional/limits/%2Fmin%2Fproject%2Fregion/consumerOverrides/Cg1RdW90YU92ZXJyaWRlGhUKBnJlZ2lvbhILdXMtY2VudHJhbDE=",
"limit": "%2Fmin%2Fproject%2Fregion",
"metric": "libraryagent.googleapis.com%2Fread_requests_regional",
"name": "Cg1RdW90YU92ZXJyaWRlGhUKBnJlZ2lvbhILdXMtY2VudHJhbDE=",
"override_value": "8",
"project": "loas-linweic",
"service": "libraryagent.googleapis.com",
"timeouts": null
},
"private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoyNDAwMDAwMDAwMDAsImRlbGV0ZSI6MjQwMDAwMDAwMDAwLCJ1cGRhdGUiOjI0MDAwMDAwMDAwMH19"
}
]
}
]
}