1 簡介 Terraform是管理許多平臺的基礎設施的工具,如AWS、GCP和Azure。這篇文章將講解如何通過Terraform來管理GCP Pub/Sub。 創建GCP項目請參考:初始化一個GCP項目並用gcloud訪問操作 2 Terraform創建Pub/Sub 2.1 下載Terrafor ...
1 簡介
Terraform是管理許多平臺的基礎設施的工具,如AWS、GCP和Azure。這篇文章將講解如何通過Terraform來管理GCP Pub/Sub。
創建GCP項目請參考:初始化一個GCP項目並用gcloud訪問操作
2 Terraform創建Pub/Sub
2.1 下載Terraform插件
我們需要安裝GCP的Terraform插件來管理GCP資源:
# 設置插件目錄
$ export TERRAFORM_PLUGIN=/Users/larry/Software/terraform/plugins
# 創建目錄
$ mkdir -p ${TERRAFORM_PLUGIN}/registry.terraform.io/hashicorp/google/4.0.0/darwin_amd64
$ cd ${TERRAFORM_PLUGIN}/registry.terraform.io/hashicorp/google/4.0.0/darwin_amd64
# 下載
$ wget https://releases.hashicorp.com/terraform-provider-google/4.0.0/terraform-provider-google_4.0.0_darwin_amd64.zip
# 解壓
$ unzip terraform-provider-google_4.0.0_darwin_amd64.zip
2.2 準備Terraform代碼
需要提供Terraform代碼理管理Pub/Sub,更多細節請參考: Terrafrom GCP.
版本文件version.tf:
terraform {
required_version = "= 1.0.11"
required_providers {
google = {
source = "hashicorp/google"
version = "= 4.0.0"
}
}
}
主文件main.tf:
provider "google" {
project = "pkslow"
}
resource "google_pubsub_topic" "pkslow-poc" {
name = "pkslow-poc"
}
resource "google_pubsub_subscription" "pkslow-poc" {
name = "pkslow-poc"
topic = google_pubsub_topic.pkslow-poc.name
labels = {
foo = "bar"
}
# 20 minutes
message_retention_duration = "1200s"
retain_acked_messages = true
ack_deadline_seconds = 20
expiration_policy {
ttl = "300000.5s"
}
retry_policy {
minimum_backoff = "10s"
}
enable_message_ordering = true
}
2.3 初始化和變更
指定插件目錄初始化:
$ terraform init -plugin-dir=${TERRAFORM_PLUGIN}
使變更生效,就會在GCP上創建對應的資源:
$ terraform apply -auto-approve
如果沒有發生錯誤,則意味著創建成功,我們檢查一下:
$ gcloud pubsub topics list
---
name: projects/pkslow/topics/pkslow-poc
$ gcloud pubsub subscriptions list
---
ackDeadlineSeconds: 20
enableMessageOrdering: true
expirationPolicy:
ttl: 300000.500s
labels:
foo: bar
messageRetentionDuration: 1200s
name: projects/pkslow/subscriptions/pkslow-poc
pushConfig: {}
retainAckedMessages: true
retryPolicy:
maximumBackoff: 600s
minimumBackoff: 10s
topic: projects/pkslow/topics/pkslow-poc
註意:我們並沒有提供任何密碼或密鑰,那Terraform怎麼可以直接操作我的GCP資源呢?因為它會根據環境變數GOOGLE_APPLICATION_CREDENTIALS來獲取。
3 發送和接收消息
我們通過gcloud來發送消息到Pub/Sub上:
$ gcloud pubsub topics publish pkslow-poc --message="www.pkslow.com"
messageIds:
- '3491736520339885'
$ gcloud pubsub topics publish pkslow-poc --message="Larry Deng"
messageIds:
- '3491738650256958'
$ gcloud pubsub topics publish pkslow-poc --message="Hi, pkslower"
messageIds:
- '3491739306095970'
從Pub/Sub拉取消息:
$ gcloud pubsub subscriptions pull pkslow-poc --auto-ack
我們還能在GCP界面上監控對應的隊列,十分方便:
4 代碼
代碼在 GitHub上: https://github.com/LarryDpk/pkslow-samples
