如何在不连接AWS的情况下从Terraform配置生成执行计划?
[英]How can I generate an execution plan from Terraform configuration without connecting to AWS?
问题描述
I'm writing a unit test for a Terraform module, and I would like to confirm that the module produces the execution plan that I expect. 
我正在为Terraform模块编写单元测试,我想确认该模块产生了我期望的执行计划。 However, connecting to Amazon within a test would take too long and require too much configuration of the continuous integration server. 但是,在测试中连接到Amazon需要太长时间,并且需要过多的持续集成服务器配置。
How can I use terraform plan to generate an execution plan from my configuration that assumes that no resources exist? 如何使用terraform plan从我的配置生成执行计划,假定不存在任何资源?
2 个解决方案
解决方案1
4 已采纳 2017-02-01 10:57:02
I've been considering something similar for a testing framework around Terraform modules and have previously used Moto for mocking Boto calls in Python. 我一直在考虑类似于Terraform模块的测试框架,并且以前使用Moto来模拟Python中的Boto调用。
Moto works by monkey patching calls to AWS so only works natively with Python. Moto通过猴子修补对AWS的调用来工作,因此只能在Python本地工作。 However it does provide the mocked backend as a server running on Flask to be used in a stand alone mode. 但是它确实提供了模拟后端作为在Flask上运行的服务器 ,以便在独立模式下使用。
That said, I've just tried it with Terraform and while plan s seem to work okay a very basic configuration being applied led to this error: 也就是说,我刚刚尝试使用Terraform,虽然plan似乎工作正常但是应用了一个非常基本的配置导致了这个错误:
* aws_instance.web: Error launching source instance: SerializationError: failed decoding EC2 Query response
caused by: parsing time "2015-01-01T00:00:00+0000" as "2006-01-02T15:04:05Z": cannot parse "+0000" as "Z"
I then happened to notice that plans complete fine even when the Moto server isn't running and I'm just using a non existent local endpoint in the AWS provider . 然后我碰巧注意到,即使Moto服务器没有运行,计划也完好无损,我只是在AWS提供程序中使用不存在的本地端点。
As such, if you just need plans then you should be able to do this by adding an endpoint block that points to localhost like this: 因此,如果您只需要计划,那么您应该能够通过添加指向localhost的endpoint块来执行此操作,如下所示:
provider "aws" {
skip_credentials_validation = true
max_retries = 1
skip_metadata_api_check = true
access_key = "a"
secret_key = "a"
region = "us-west-2"
endpoints {
ec2 = "http://127.0.0.1:5000/"
}
}
resource "aws_instance" "web" {
ami = "ami-123456"
instance_type = "t2.micro"
tags {
Name = "HelloWorld"
}
}
How you inject that endpoint block in for testing and not for real world usage is probably another question and would need more information in how your tests are being constructed. 如何将该端点块注入测试而不是实际使用可能是另一个问题,需要更多关于如何构建测试的信息。
解决方案2
0 2017-02-01 02:30:10
Does terraform plan -refresh=false do what you want? terraform plan -refresh=false做你想要的吗?
I use it to do a "fast plan", without taking the time to refresh the status of all the AWS resources. 我用它做一个“快速计划”,没有花时间刷新所有AWS资源的状态。 Not sure if it actually connects to AWS to do that though. 不确定它是否实际连接到AWS以执行此操作。
If you're using a more complicated remote-state setup and that's the part you don't want to configure - you could also try adding an empty tfstate file and pointing to that with the -state option. 如果您正在使用更复杂的远程状态设置,而这是您不想配置的部分 - 您还可以尝试添加空的tfstate文件并使用-state选项指向该文件。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.