如何使用 API 管理 ClickHouse Cloud 上的集群?
回答
我们将使用 Terraform 配置我们的基础架构和ClickHouse 提供程序
步骤
1). 在云端创建 API 密钥。请在此处遵循文档 - https://clickhouse.ac.cn/docs/en/cloud/manage/openapi
在本地保存凭据。
2). 使用以下命令安装 Terraform - https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
如果您使用的是 Mac,则可以使用 Homebrew 包管理器。
3). 在任意位置创建一个目录
mkdir test
➜ test pwd
/Users/jaijhala/Desktop/terraform/test
4). 创建 2 个文件:main.tf 和 secret.tfvars
复制以下内容
main.tf 文件将是
terraform {
required_providers {
clickhouse = {
source = "ClickHouse/clickhouse"
version = "0.0.2"
}
}
}
variable "organization_id" {
type = string
}
variable "token_key" {
type = string
}
variable "token_secret" {
type = string
}
provider clickhouse {
environment = "production"
organization_id = var.organization_id
token_key = var.token_key
token_secret = var.token_secret
}
variable "service_password" {
type = string
sensitive = true
}
resource "clickhouse_service" "service123" {
name = "jai-terraform"
cloud_provider = "aws"
region = "us-east-2"
tier = "development"
idle_scaling = true
password = var.service_password
ip_access = [
{
source = "0.0.0.0/0"
description = "Anywhere"
}
]
}
output "CLICKHOUSE_HOST" {
value = clickhouse_service.service123.endpoints.0.host
}
您可以在上面的资源部分中替换您自己的参数,例如服务名称、区域等。
secret.tfvars 是您放置之前下载的所有与 API 密钥相关的信息的区域。此文件背后的理念是,所有机密凭据都将隐藏在主配置文件中。
它将类似于(替换这些参数)
organization_id = "e957a5f7-4qe3-4b05-ad5a-d02b2dcd0593"
token_key = "QWhhkMeytqQruTeKg"
token_secret = "4b1dNmjWdLUno9lXxmKvSUcPP62jvn7irkuZPbY"
service_password = "password123!"
5). 从此目录运行 terraform init
预期输出
Initializing the backend...
Initializing provider plugins...
- Finding clickhouse/clickhouse versions matching "0.0.2"...
- Installing clickhouse/clickhouse v0.0.2...
- Installed clickhouse/clickhouse v0.0.2 (self-signed, key ID D7089EE5C6A92ED1)
Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
6). 运行 terraform apply -var-file=secret.tfvars 命令。
类似于
➜ test terraform apply -var-file=secret.tfvars
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with
the following symbols:
+ create
Terraform will perform the following actions:
# clickhouse_service.service123 will be created
+ resource "clickhouse_service" "service123" {
+ cloud_provider = "aws"
+ endpoints = (known after apply)
+ id = (known after apply)
+ idle_scaling = true
+ ip_access = [
+ {
+ description = "Anywhere"
+ source = "0.0.0.0/0"
},
]
+ last_updated = (known after apply)
+ name = "jai-terraform"
+ password = (sensitive value)
+ region = "us-east-2"
+ tier = "development"
}
Plan: 1 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ CLICKHOUSE_HOST = (known after apply)
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
键入 yes 并按 Enter 键
旁注:请注意,上面显示 password = (sensitive value)。这是因为我们在 main.tf 文件中将 password 的 sensitive 设置为 true。
7). 创建服务需要几分钟时间,但最终它应该会显示为
Enter a value: yes
clickhouse_service.service123: Creating...
clickhouse_service.service123: Still creating... [10s elapsed]
clickhouse_service.service123: Still creating... [20s elapsed]
clickhouse_service.service123: Still creating... [30s elapsed]
clickhouse_service.service123: Still creating... [40s elapsed]
clickhouse_service.service123: Still creating... [50s elapsed]
clickhouse_service.service123: Still creating... [1m0s elapsed]
clickhouse_service.service123: Still creating... [1m10s elapsed]
clickhouse_service.service123: Still creating... [1m20s elapsed]
clickhouse_service.service123: Still creating... [1m30s elapsed]
clickhouse_service.service123: Still creating... [1m40s elapsed]
clickhouse_service.service123: Creation complete after 1m41s [id=aa8d8d63-1878-4600-8470-630715af38ed]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Outputs:
CLICKHOUSE_HOST = "h3ljlaqez6.us-east-2.aws.clickhouse.cloud"
➜ test
8). 检查云控制台,您应该能够看到已创建的服务。
9). 要再次清理/销毁服务,请运行 terraform destroy -var-file=secret.tfvars
类似于
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with
the following symbols:
- destroy
Terraform will perform the following actions:
# clickhouse_service.service123 will be destroyed
- resource "clickhouse_service" "service123" {
- cloud_provider = "aws" -> null
- ............
Plan: 0 to add, 0 to change, 1 to destroy.
Changes to Outputs:
- CLICKHOUSE_HOST = "h3ljlaqez6.us-east-2.aws.clickhouse.cloud" -> null
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value:
键入 yes 并按 Enter 键
10).
clickhouse_service.service123: Destroying... [id=aa8d8d63-1878-4600-8470-630715af38ed]
clickhouse_service.service123: Still destroying... [id=aa8d8d63-1878-4600-8470-630715af38ed, 10s elapsed]
clickhouse_service.service123: Still destroying... [id=aa8d8d63-1878-4600-8470-630715af38ed, 20s elapsed]
clickhouse_service.service123: Destruction complete after 27s
Destroy complete! Resources: 1 destroyed.
它应该会从云控制台中消失。
有关 Cloud API 的更多详细信息,请参见此处 - https://clickhouse.ac.cn/docs/en/cloud/manage/api/api-overview