Ina so in gaya muku game da sabon kayan aikin CLI da na rubuta don magance tsohuwar matsala.
matsala
Terraform ya daɗe yana zama ma'auni a cikin al'ummar Devops/Cloud/IT. Abun yana da matukar dacewa kuma yana da amfani don ma'amala da abubuwan more rayuwa azaman lambar. Akwai abubuwan jin daɗi da yawa a cikin Terraform da kuma cokali mai yatsu da yawa, wuƙaƙe masu kaifi da rake.
Tare da Terraform yana da matukar dacewa don ƙirƙirar sabbin abubuwa sannan sarrafa, canza ko share su. Menene ya kamata waɗanda ke da manyan abubuwan more rayuwa a cikin girgije kuma ba a ƙirƙira su ta hanyar Terraform ba? Sake rubutawa da sake ƙirƙirar gajimaren duka yana da tsada kuma ba shi da aminci.
Na ci karo da wannan matsala a ayyukan 2, mafi sauƙi misali shine lokacin da kuke son komai ya kasance a cikin Git a cikin nau'in fayilolin terraform, amma kuna da buckets 250+ kuma yana da yawa don rubuta su a cikin terraform da hannu.
Akwai tun 2014 a cikin terrafom wanda aka rufe a cikin 2016 tare da fatan za a shigo da su.
Gabaɗaya, komai yana kamar a cikin hoto kawai daga dama zuwa hagu
Gargadi: Marubucin ba ya zaune a Rasha tsawon rabin rayuwarsa kuma ya rubuta kadan a cikin Rashanci. Hattara da kurakuran rubutu.
Magani
1. Akwai shirye-shiryen da aka yi da tsofaffi don AWS . Lokacin da na yi ƙoƙarin samun buckets na 250+ ta ciki, na gane cewa duk abin da ba daidai ba ne a can. AWS ya dade yana gabatar da sabbin zaɓuɓɓuka da yawa, amma terraforming bai san game da su ba kuma gabaɗaya ruby ne. . Bayan 2 na yamma na aika don ƙara ƙarin fasali a can kuma ya gane cewa irin wannan maganin bai dace da komai ba.
Yadda terraforming ke aiki: yana ɗaukar bayanai daga AWS SDK kuma yana haifar da tf da tfstate ta hanyar samfuri.
Akwai matsaloli 3 anan:
1. A koyaushe za a yi jinkiri a sabuntawa
2. tf fayiloli wani lokaci suna fitowa karye
3. Ana tattara tfstate daban daga tf kuma ba koyaushe yana haɗuwa ba
Gabaɗaya, yana da wahala a sami sakamako wanda 'tsarin tsarin' ya ce babu canje-canje
2. `terraform import` wani ginannen umarni ne a cikin terraform. Ta yaya yake aiki?
Kuna rubuta fayil ɗin TF mara komai tare da suna da nau'in albarkatu, sannan ku gudanar da 'shigo da terraform' kuma ku wuce ID ɗin albarkatun. terraform yana tuntuɓar mai bayarwa, yana karɓar bayanai kuma yayi fayil ɗin tfstate.
Akwai matsaloli 3 anan:
1. Muna samun fayil ɗin tfstate kawai, kuma tf ba komai bane, kuna buƙatar rubuta shi da hannu ko canza shi daga tfstate
2. Zai iya aiki tare da albarkatu ɗaya kawai a lokaci guda kuma baya tallafawa duk albarkatun. Kuma me zan sake yi da buckets 250+?
3. Kuna buƙatar sanin ID na albarkatun - wato, kuna buƙatar kunsa shi cikin lambar da ke samun jerin albarkatun.
Gabaɗaya, sakamakon yana da ban sha'awa kuma baya da kyau
Shawarata
Bukatun:
1. Ikon ƙirƙirar tf da fayilolin tfstate don albarkatu. Misali, zazzage duk guga/kungiyoyin tsaro/mai daidaita ma'auni kuma 'tsarin tsarin' ya dawo da cewa babu canje-canje.
2. Kuna buƙatar 2 GCP + AWS girgije
3. Maganin duniya wanda ke da sauƙin sabunta kowane lokaci kuma baya ɓata lokaci akan kowane albarkatu na kwanaki 3 na aiki
4. Make shi Open Source - kowa da kowa yana da irin wannan matsala
Harshen Go shine dalilin da yasa nake son shi, kuma yana da ɗakin karatu don ƙirƙirar fayilolin HCL waɗanda ake amfani da su a cikin terraform + lambar da yawa a cikin terraform wanda zai iya zama da amfani.
hanyar
Ƙoƙari na farko
Na fara da siga mai sauƙi. Tuntuɓar gajimare ta hanyar SDK don albarkatun da ake buƙata da musanya shi zuwa filaye don terraform. Yunkurin ya mutu nan da nan a kan kungiyar tsaro saboda ba na son kwanakin 1.5 don canza kungiyar tsaro kawai (kuma akwai albarkatu masu yawa). Na dogon lokaci sannan ana iya canza filayen / ƙara
Ƙoƙari na biyu
Dangane da ra'ayin da aka bayyana . Kawai ɗauka kuma canza tfstate zuwa tf. Duk bayanan suna nan kuma filayen iri ɗaya ne. Yadda ake samun cikakken tfstate don albarkatu da yawa ?? Anan ne umarnin `terraform refresh' ya zo wurin ceto. terraform yana ɗaukar duk albarkatun tfstate kuma, ta ID, yana fitar da bayanai akan su kuma ya rubuta komai zuwa tfstate. Wato, ƙirƙirar tfstate mara komai mai suna kawai da ID, gudanar da 'terraform refresh' sannan mu sami cikakkun tfstates. Hooray!
Yanzu bari mu sake maimaita batsa na rubuta mai canza tfstate zuwa tf. Ga waɗanda basu taɓa karanta tfstate ba, JSON ce, amma na musamman.
Ga mahimman halayen sa
"attributes": {
"id": "default/backend-logging-load-deployment",
"metadata.#": "1",
"metadata.0.annotations.%": "0",
"metadata.0.generate_name": "",
"metadata.0.generation": "24",
"metadata.0.labels.%": "1",
"metadata.0.labels.app": "backend-logging",
"metadata.0.name": "backend-logging-load-deployment",
"metadata.0.namespace": "default",
"metadata.0.resource_version": "109317427",
"metadata.0.self_link": "/apis/apps/v1/namespaces/default/deployments/backend-logging-load-deployment",
"metadata.0.uid": "300ecda1-4138-11e9-9d5d-42010a8400b5",
"spec.#": "1",
"spec.0.min_ready_seconds": "0",
"spec.0.paused": "false",
"spec.0.progress_deadline_seconds": "600",
"spec.0.replicas": "1",
"spec.0.revision_history_limit": "10",
"spec.0.selector.#": "1",
Akwai:
1. id - zaren
2. metadata - tsararru na girman 1 kuma a cikin sa wani abu mai filaye wanda aka bayyana a ƙasa
3. spec - zanta na girman 1 da maɓalli, ƙima a ciki
A takaice, tsari mai nishadi, komai na iya zama zurfin matakai da yawa
"spec.#": "1",
"spec.0.min_ready_seconds": "0",
"spec.0.paused": "false",
"spec.0.progress_deadline_seconds": "600",
"spec.0.replicas": "1",
"spec.0.revision_history_limit": "10",
"spec.0.selector.#": "1",
"spec.0.selector.0.match_expressions.#": "0",
"spec.0.selector.0.match_labels.%": "1",
"spec.0.selector.0.match_labels.app": "backend-logging-load",
"spec.0.strategy.#": "0",
"spec.0.template.#": "1",
"spec.0.template.0.metadata.#": "1",
"spec.0.template.0.metadata.0.annotations.%": "0",
"spec.0.template.0.metadata.0.generate_name": "",
"spec.0.template.0.metadata.0.generation": "0",
"spec.0.template.0.metadata.0.labels.%": "1",
"spec.0.template.0.metadata.0.labels.app": "backend-logging-load",
"spec.0.template.0.metadata.0.name": "",
"spec.0.template.0.metadata.0.namespace": "",
"spec.0.template.0.metadata.0.resource_version": "",
"spec.0.template.0.metadata.0.self_link": "",
"spec.0.template.0.metadata.0.uid": "",
"spec.0.template.0.spec.#": "1",
"spec.0.template.0.spec.0.active_deadline_seconds": "0",
"spec.0.template.0.spec.0.container.#": "1",
"spec.0.template.0.spec.0.container.0.args.#": "3",
Gabaɗaya, idan wani yana son matsalar shirye-shirye don hira, kawai tambaye su su rubuta parser don wannan aikin :)
Bayan ƙoƙarce-ƙoƙarce da yawa don rubuta parser ba tare da kwari ba, na sami ɓangarensa a cikin lambar tauraro, kuma mafi mahimmancin sashi. Kuma komai ya yi kama da kyau
Ƙoƙari uku
Masu samar da terraform sune binaries waɗanda ke ƙunshe da lamba tare da duk albarkatun da dabaru don aiki tare da girgije API. Kowane girgije yana da nasa mai ba da sabis kuma terraform kanta kawai yana kiran su ta hanyar ka'idar RPC tsakanin matakai biyu.
Yanzu na yanke shawarar tuntuɓar masu samar da terraform kai tsaye ta kiran RPC. Ya fito da kyau kuma ya ba da damar canza masu samar da terraform zuwa sababbi da samun sabbin abubuwa ba tare da canza lambar ba. Hakanan ya zama cewa ba duk filayen da ke cikin tfstate yakamata su kasance cikin tf ba, amma ta yaya zaku iya ganowa? Kawai tambayi mai baka game da wannan. Daga nan sai aka fara wani batsa mai maimaitawa na haɗa maganganun yau da kullun, ana neman filayen cikin tfstate a cikin zurfin zurfi.
A ƙarshe, mun sami kayan aikin CLI mai amfani wanda ke da kayan aikin gama gari don duk masu samar da terraform kuma zaka iya ƙara sabon abu cikin sauƙi. Hakanan, ƙara albarkatu yana ɗaukar ƙaramin lamba. Bugu da ƙari, kowane nau'i na kyawawan abubuwa kamar haɗi tsakanin albarkatu. Tabbas, akwai matsaloli daban-daban da ba za a iya kwatanta su duka ba.
Na sanya wa dabba suna Terrafomer.
Ƙarshe
Ta amfani da Terrafomer, mun samar da layin 500-700 dubu na tf + tfstate code daga gajimare biyu. Mun sami damar ɗaukar abubuwan gado kuma mu fara taɓa su ta hanyar terraform kawai, kamar a cikin mafi kyawun abubuwan more rayuwa azaman ra'ayoyin code. Sihiri ne kawai lokacin da kuka ɗauki babban gajimare kuma ku karɓe shi ta hanyar ƙungiya a cikin nau'ikan fayilolin ma'aikacin terraform. Sannan grep / maye gurbin / git da sauransu.
Na tsefe shi na sanya shi cikin tsari, na sami izini. An sake shi akan GitHub ga kowa da kowa ranar Alhamis (02.05.19/XNUMX/XNUMX).
An riga an karɓi tauraro 600, buƙatun ja na 2 don ƙara tallafi don openstack da kubernetes. Kyakkyawan ra'ayi. Gabaɗaya, aikin yana da amfani ga mutane
Ina ba da shawara ga duk wanda yake so ya fara aiki tare da Terraform kuma kada ya sake rubuta komai don wannan.
Zan yi farin cikin ja buƙatun, batutuwa, taurari.
Demo
source: www.habr.com