DevOps/Terraform

moved block

xlwdn98767 2023. 7. 10. 19:07
728x90

Moved

테라폼에서 기존 리소스의 이름이 변경되는 등의 상황이 발생하면 기존 리소스가 삭제되고 새로운 리소스가 생성된다. 다만 이때 삭제되고 생성되는 리소스가 정지되면 안되거나 내용이 삭제되면 안되는 경우가 대다수인데 이때 유용하게 쓸 수 있는 블록이 moved이다.

None-moved

resource "local_file" "a" {
  content  = "hello!"
  filename = "hello.txt"
}

output "file_content" {
  value = local_file.a.content
}

위 tf파일에서 local_file.a의 이름을 b로 바꾸길 원할 때

resource "local_file" "b" {
  content  = "hello!"
  filename = "hello.txt"
}

output "file_content" {
  value = local_file.b.content
}

위와 같이 수정 후 terraform plan

local_file.a: Refreshing state... [id=8f7d88e901a5ad3a05d8cc0de93313fd76028f8c]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create
  - destroy

Terraform will perform the following actions:

  # local_file.a will be destroyed
  # (because local_file.a is not in configuration)
  - resource "local_file" "a" {
      - content              = "hello!" -> null
      - content_base64sha256 = "zgYJL7lI2f+sfRo3bkBLJrdXW8wR7gWkYV/vT+w6MIs=" -> null
      - content_base64sha512 = "xvgdsOn4IGyXHJ5YJuO6gj/7saOpAPgEdlKov3jqmP38dFhVo4U6Y1Z1RY620arxIJ6I6tLRkjgrXEy91oUOAg==" -> null
      - content_md5          = "5a8dd3ad0756a93ded72b823b19dd877" -> null
      - content_sha1         = "8f7d88e901a5ad3a05d8cc0de93313fd76028f8c" -> null
      - content_sha256       = "ce06092fb948d9ffac7d1a376e404b26b7575bcc11ee05a4615fef4fec3a308b" -> null
      - content_sha512       = "c6f81db0e9f8206c971c9e5826e3ba823ffbb1a3a900f8047652a8bf78ea98fdfc745855a3853a635675458eb6d1aaf1209e88ead2d192382b5c4cbdd6850e02" -> null
      - directory_permission = "0777" -> null
      - file_permission      = "0777" -> null
      - filename             = "hello.txt" -> null
      - id                   = "8f7d88e901a5ad3a05d8cc0de93313fd76028f8c" -> null
    }

  # local_file.b will be created
  + resource "local_file" "b" {
      + content              = "hello!"
      + content_base64sha256 = (known after apply)
      + content_base64sha512 = (known after apply)
      + content_md5          = (known after apply)
      + content_sha1         = (known after apply)
      + content_sha256       = (known after apply)
      + content_sha512       = (known after apply)
      + directory_permission = "0777"
      + file_permission      = "0777"
      + filename             = "hello.txt"
      + id                   = (known after apply)
    }

Plan: 1 to add, 0 to change, 1 to destroy.

이처럼 삭제 후 재생성되는 것을 확인할 수 있다. lifecycle의 create_before_destroy 옵션을 통해 다운타임을 최소화할 순 있겠지만, 이것은 우리가 원하는 것이 아니다.

moved 예시

resource "local_file" "b" {
  content  = "hello!"
  filename = "hello.txt"
}

output "file_content" {
  value = local_file.b.content
}

moved {
  from = local_file.a
  to   = local_file.b
}

moved 블록을 추가하여 연결해준다.


  # local_file.a has moved to local_file.b
    resource "local_file" "b" {
        id                   = "8f7d88e901a5ad3a05d8cc0de93313fd76028f8c"
        # (10 unchanged attributes hidden)
    }

Plan: 0 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes


Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

이후 terraform plan 시 이처럼 -/+로 표시되지 않고 변경됨을 알린다.