Ma kēia ʻatikala e nānā mākou i ke ʻano o Terraform, a hoʻomaka hoʻi i kā mākou pono ponoʻī - e hoʻomākaukau mākou i ʻekolu VM no nā kumu like ʻole: proxy, waiho waihona a me CMS.
E pili ana i nā mea a pau i nā kikoʻī a i ʻekolu mau pae:
1. Terraform - wehewehe, pono a me nā ʻāpana
ʻO Terraform kahi mea hana IaC (Infrastructure-as-Code) no ke kūkulu ʻana a me ka hoʻokele ʻana i nā ʻōnaehana virtual me ka hoʻohana ʻana i ke code.
Ua ʻike mākou i nā mea maikaʻi i ka hana ʻana me ka mea hana:
-
Ka māmā holo o nā mea hoʻolimalima hou (nā kaiapuni virtual maʻamau). ʻO ka mea maʻamau, ʻoi aku ka nui o nā mea kūʻai aku i laila, ʻoi aku ka nui o nā "clicks" e pono ai nā limahana kākoʻo ʻenehana e hoʻopuka i nā kumuwaiwai hou. Me Terraform, hiki i nā mea hoʻohana ke hoʻololi i nā hoʻonohonoho mīkini virtual (no ka laʻana, e pani ʻokoʻa i ka OS a me ka hoʻonui ʻana i ka partition disk virtual) me ka ʻole e koi i ke kākoʻo ʻenehana a i ʻole ke pani ʻana i ka mīkini ponoʻī.
-
Hōʻoia koke o ka hoʻolālā hoʻāla mea hoolimalima hou. Ke hoʻohana nei i ka wehewehe ʻana o ke code infrastructure, hiki iā mākou ke nānā koke i nā mea e hoʻohui ʻia a i ke ʻano o ke ʻano, a me ke ʻano hope o kēia a i ʻole kēlā mīkini virtual a i ʻole ka pūnaewele virtual me nā pili i nā mīkini virtual.
-
Hiki ke wehewehe i nā paepae ao kaulana loa. Hiki iā ʻoe ke hoʻohana i ka mea hana mai Amazon a me Google Cloud, i nā paepae pilikino e pili ana i ka VMware vCloud Director, e hāʻawi ana i nā lawelawe i loko o IaaS, SaaS a me PaaS.
-
Hoʻoponopono i nā mea hoʻolako kapua he nui a e puʻunaue i ka ʻōnaehana ma waena o lākou e hoʻomaikaʻi i ka hoʻomanawanui hewa, me ka hoʻohana ʻana i kahi hoʻonohonoho hoʻokahi no ka hana ʻana, ʻike a mālama i nā kumuwaiwai ao.
-
Hoʻohana maʻalahi no ka hana ʻana i nā kū demo no ka hoʻāʻo ʻana i nā polokalamu a me ka debugging. Hiki iā ʻoe ke hana a hoʻololi i nā kū no ke keʻena hoʻāʻo, polokalamu hoʻāʻo i nā kaiapuni like ʻole, a hoʻololi koke a holoi i nā kumuwaiwai ma ka hana ʻana i hoʻokahi hoʻolālā kūkulu kumu.
"Terrarium" Terraform
Ua kamaʻilio pōkole mākou e pili ana i nā pono o ka mea hana, i kēia manawa e hoʻokaʻawale mākou i kāna mau ʻāpana
Nā mea hoʻolako.
Ma Terraform, aneane hiki ke hōʻike ʻia nā ʻano ʻano ʻano like ʻole he kumu waiwai. Hāʻawi ʻia ka pilina ma waena o nā kumuwaiwai a me ka platform API e nā modula hāʻawi, e ʻae iā ʻoe e hana i nā kumuwaiwai i loko o kahi kahua kikoʻī, no ka laʻana, Azure a i ʻole VMware vCloud Director.
Ma keʻano he māhele o ka papahana, hiki iāʻoe ke launa pū me nā mea hoʻolako likeʻole ma nā papahana likeʻole.
Nā kumuwaiwai (hōʻike kumu waiwai).
ʻO ka wehewehe ʻana i nā kumuwaiwai hiki iā ʻoe ke hoʻokele i nā ʻāpana platform, e like me nā mīkini virtual a i ʻole nā pūnaewele.
Hiki iā ʻoe ke hana i kahi wehewehe kumu no ka mea hoʻolako VMware vCloud Director iā ʻoe iho a hoʻohana i kēia wehewehe no ka hana ʻana i nā kumuwaiwai me kekahi mea hoʻolako kikowaena hoʻohana iā vCloud Director. Pono ʻoe e hoʻololi i nā ʻāpana hōʻoia a me nā ʻāpana pili pūnaewele i ka mea hoʻolako hoʻolako pono
Nā mea hoʻolako.
Hiki i kēia ʻāpana ke hana i nā hana no ka hoʻonohonoho mua ʻana a me ka mālama ʻana i ka ʻōnaehana hana ma hope o ka hana ʻana i nā mīkini virtual. Ke hana ʻoe i kahi kumuwaiwai mīkini virtual, hiki iā ʻoe ke hoʻohana i nā mea hoʻolako e hoʻonohonoho a hoʻopili ma o SSH, hoʻohou i ka ʻōnaehana hana, a hoʻoiho a holo i kahi palapala.
Nā hoʻololi hoʻokomo a me nā mea hoʻopuka.
Nā hoʻololi hoʻokomo - nā mea hoʻokomo no kēlā me kēia ʻano poloka.
Hiki iā ʻoe ke mālama i nā waiwai ma hope o ka hoʻokumu ʻana i nā kumuwaiwai a hiki ke hoʻohana ʻia e like me nā mea hoʻololi hoʻokomo i nā modula ʻē aʻe, no ka laʻana ma ka poloka Provisioners.
Mokuʻāina.
Mālama nā waihona mokuʻāina i ka ʻike e pili ana i ka hoʻonohonoho ʻana o nā kumuwaiwai platform mea hoʻolako. I ka wā i hana mua ʻia ai ka paepae, ʻaʻohe ʻike e pili ana i nā kumuwaiwai a ma mua o ka hana ʻana, hoʻomaikaʻi ʻo Terraform i ka mokuʻāina me nā ʻōnaehana maoli o nā kumuwaiwai i wehewehe ʻia.
ʻO ke kumu nui o nā mokuʻāina ʻo ia ka mālama ʻana i kahi pūʻulu o nā kumuwaiwai i hana mua ʻia e hoʻohālikelike i ka hoʻonohonoho ʻana o nā kumuwaiwai i hoʻohui ʻia a me nā mea i mea e pale ai i ka hana hou ʻana a me nā loli i ka paepae.
Ma ka maʻamau, mālama ʻia ka ʻike mokuʻāina ma ka faila terraform.tfstate kūloko, akā inā pono, hiki ke hoʻohana i kahi waihona mamao no ka hana hui.
Hiki iā ʻoe ke hoʻokomo i nā kumuwaiwai o kēia manawa i ka mokuʻāina e launa pū me nā kumuwaiwai ʻē aʻe i hana ʻia me ke kōkua ʻole o Terraform.
2. Ka hana ʻana i nā ʻoihana
Ua hoʻokaʻawale ʻia nā ʻāpana, i kēia manawa me ka hoʻohana ʻana iā Terraform e hana mālie mākou i kahi ʻōnaehana me ʻekolu mau mīkini virtual. ʻO ka mea mua me ka server proxy nginx i hoʻokomo ʻia, ʻo ka lua me ka waihona waihona e pili ana iā Nextcloud a me ke kolu me CMS Bitrix.
E kākau mākou i ke code a hoʻokō me ka hoʻohana ʻana i kā mākou hiʻohiʻona . Loaʻa i kā mākou mea hoʻohana i kahi moʻokāki me nā kuleana Administrator Organization. Inā hoʻohana ʻoe i kahi moʻokāki me nā kuleana like ma kahi ao VMware ʻē aʻe, hiki iā ʻoe ke hana hou i ke code mai kā mākou mau laʻana. Hele!
ʻO ka mea mua, e hana mākou i papa kuhikuhi no kā mākou papahana hou kahi e waiho ai nā faila e wehewehe ana i ka ʻoihana.
mkdir project01
A laila, wehewehe mākou i nā ʻāpana hana. Hoʻokumu ʻo Terraform i nā pilina a me nā faila e pili ana i ka wehewehe ʻana i nā faila. Hiki ke kapa ʻia nā faila ma muli o ke kumu o nā poloka i wehewehe ʻia, no ka laʻana, network.tf - wehewehe i nā ʻāpana pūnaewele no ka ʻōnaehana.
No ka wehewehe ʻana i nā ʻāpana o kā mākou ʻoihana, hana mākou i kēia mau faila:
Papa inoa o nā faila.
main.tf - ka wehewehe ʻana i nā ʻāpana no ke kaiapuni virtual - nā mīkini virtual, nā pahu virtual;
network.tf - ka wehewehe ʻana i nā palena o ka pūnaewele virtual a me nā lula NAT a me Firewall;
variables.tf - papa inoa o nā mea hoʻololi a mākou e hoʻohana ai;
vcd.tfvars - nā waiwai hoʻololi papahana no ka module VMware vCloud Director.
ʻO ka ʻōlelo hoʻonohonoho ma Terraform he haʻihaʻi a ʻaʻole pili ka hoʻonohonoho ʻana o nā poloka, koe wale nō nā poloka hoʻolako, no ka mea i loko o kēia poloka, wehewehe mākou i nā kauoha e hoʻokō ʻia i ka wā e hoʻomākaukau ai i ka ʻōnaehana a e hoʻokō ʻia lākou ma ke ʻano.
Hoʻolālā poloka.
<BLOCK TYPE> "<BLOCK LABEL>" "<BLOCK LABEL>" {
# Block body
<IDENTIFIER> = <EXPRESSION> # Argument
}
No ka wehewehe ʻana i nā poloka, hoʻohana ʻia kāna ʻōlelo hoʻonohonoho ponoʻī HCL (HashiCorp Configuration Language); hiki ke wehewehe i ka ʻōnaehana me ka hoʻohana ʻana iā JSON. Hiki iā ʻoe ke aʻo hou aku e pili ana i ka syntax .
Nā hoʻonohonoho hoʻololi kaiapuni, variables.tf a me vcd.tfvars
ʻO ka mea mua, e hana mākou i ʻelua faila e wehewehe i ka papa inoa o nā mea hoʻololi a pau i hoʻohana ʻia a me kā lākou mau waiwai no ka module VMware vCloud Director. ʻO ka mua, e hana kākou i ka faila variables.tf.
Nā mea i loko o ka waihona variables.tf.
variable "vcd_org_user" {
description = "vCD Tenant User"
}
variable "vcd_org_password" {
description = "vCD Tenant Password"
}
variable "vcd_org" {
description = "vCD Tenant Org"
}
variable "vcd_org_vdc" {
description = "vCD Tenant VDC"
}
variable "vcd_org_url" {
description = "vCD Tenant URL"
}
variable "vcd_org_max_retry_timeout" {
default = "60"
}
variable "vcd_org_allow_unverified_ssl" {
default = "true"
}
variable "vcd_org_edge_name" {
description = "vCD edge name"
}
variable "vcd_org_catalog" {
description = "vCD public catalog"
}
variable "vcd_template_os_centos7" {
description = "OS CentOS 7"
default = "CentOS7"
}
variable "vcd_org_ssd_sp" {
description = "Storage Policies"
default = "Gold Storage Policy"
}
variable "vcd_org_hdd_sp" {
description = "Storage Policies"
default = "Bronze Storage Policy"
}
variable "vcd_edge_local_subnet" {
description = "Organization Network Subnet"
}
variable "vcd_edge_external_ip" {
description = "External public IP"
}
variable "vcd_edge_local_ip_nginx" {}
variable "vcd_edge_local_ip_bitrix" {}
variable "vcd_edge_local_ip_nextcloud" {}
variable "vcd_edge_external_network" {}
Nā waiwai hoʻololi i loaʻa iā mākou mai ka mea hoʻolako.
-
vcd_org_user — inoa inoa me nā kuleana Luna Hoʻonohonoho,
-
vcd_org_password — ʻōlelo huna mea hoʻohana,
-
vcd_org — inoa o ka hui,
-
vcd_org_vdc — inoa o ke kikowaena data virtual,
-
vcd_org_url - API URL,
-
vcd_org_edge_name — inoa o ka mea hoʻokele virtual,
-
vcd_org_catalog — ka inoa o ka papa kuhikuhi me nā ʻōnaehana mīkini virtual,
-
vcd_edge_external_ip — helu IP lehulehu,
-
vcd_edge_external_network — inoa o ka pūnaewele waho,
-
vcd_org_hdd_sp — inoa o ke kulekele mālama HDD,
-
vcd_org_ssd_sp — inoa o ke kulekele mālama SSD.
A e hoʻokomo i kā mākou mau hoʻololi:
-
vcd_edge_local_ip_nginx — IP address o ka mīkini virtual me NGINX,
-
vcd_edge_local_ip_bitrix - IP address o ka mīkini virtual me 1C: Bitrix,
-
vcd_edge_local_ip_nextcloud — IP address o ka mīkini virtual me Nextcloud.
Me ka faila ʻelua, hana mākou a kuhikuhi i nā mea hoʻololi no ka module VMware vCloud Director i ka faila vcd.tfvars: E hoʻomanaʻo mākou i kā mākou hiʻohiʻona ke hoʻohana nei mākou. , inā ʻoe e hana pū me kahi mea lawelawe ʻē aʻe, e nānā i nā waiwai me lākou.
Ma loko o ka waihona vcd.tfvars.
vcd_org_url = "https://vcloud.mclouds.ru/api"
vcd_org_user = "orgadmin"
vcd_org_password = "*"
vcd = "org"
vcd_org_vdc = "orgvdc"
vcd_org_maxretry_timeout = 60
vcd_org_allow_unverified_ssl = true
vcd_org_catalog = "Templates"
vcd_templateos_centos7 = "CentOS7"
vcd_org_ssd_sp = "Gold Storage Policy"
vcd_org_hdd_sp = "Bronze Storage Policy"
vcd_org_edge_name = "MCLOUDS-EDGE"
vcd_edge_external_ip = "185.17.66.1"
vcd_edge_local_subnet = "192.168.110.0/24"
vcd_edge_local_ip_nginx = "192.168.110.1"
vcd_edge_local_ip_bitrix = "192.168.110.10"
vcd_edge_local_ip_nextcloud = "192.168.110.11"
vcd_edge_external_network = "NET-185-17-66-0"
Hoʻonohonoho pūnaewele, network.tf.
Hoʻonohonoho ʻia nā ʻano hoʻololi kaiapuni, i kēia manawa e hoʻonohonoho mākou i ka hoʻolālā pili mīkini virtual - e hāʻawi mākou i kahi leka uila IP pilikino i kēlā me kēia mīkini virtual a hoʻohana i ka Destination NAT e "hoʻouna" i nā awa i ka pūnaewele waho. No ka kaupalena ʻana i ke komo ʻana i nā awa hoʻokele, e hoʻonohonoho mākou i ke komo no kā mākou helu IP wale nō.
Hoʻokumu ʻia ke kiʻikuhi pūnaewele no ka platform Terraform
Hana mākou i kahi pūnaewele hoʻonohonoho virtual me ka inoa net_lan01, ka ʻīpuka paʻamau: 192.168.110.254, a me ka wahi helu wahi: 192.168.110.0/24.
Hōʻike mākou i kahi pūnaewele virtual.
resource "vcd_network_routed" "net" {
name = "net_lan01"
edge_gateway = var.vcd_org_edge_name
gateway = "192.168.110.254"
dns1 = "1.1.1.1"
dns2 = "8.8.8.8"
static_ip_pool {
start_address = "192.168.110.1"
end_address = "192.168.110.253"
}
}
E hana kākou i nā lula pā ahi e hiki ai i nā mīkini virtual ke komo i ka Pūnaewele. Ma loko o kēia poloka, e loaʻa i nā kumuwaiwai virtual āpau i ke ao ke komo i ka Pūnaewele:
Hōʻike mākou i nā lula no ka loaʻa ʻana o VM i ka Pūnaewele.
resource "vcd_nsxv_firewall_rule" "fw_internet_access" {
edge_gateway = var.vcdorgedgename
name = "Internet Access"
source {
gateway_interfaces = ["internal"]
}
destination {
gateway_interfaces = ["external"]
}
service {
protocol = "any"
}
depends_on = [vcdnetworkrouted.net]
}
Ma hope o ka hoʻokumu ʻana i ka hilinaʻi ma hope o ka hana ʻana i ka poloka vcdnetworkrouted.net, hoʻomaka mākou e hoʻonohonoho i ka poloka vcdnsxvfirewallrule, ma ka hoohana ana hilinaʻi. Hoʻohana mākou i kēia koho no ka mea hiki ke ʻike maopopo ʻia kekahi mau hilinaʻi i ka hoʻonohonoho.
A laila, e hana mākou i nā lula e hiki ai ke komo i nā awa mai ka pūnaewele waho a hōʻike i kā mākou IP address no ka hoʻopili ʻana ma SSH i nā kikowaena. Hiki i kēlā me kēia mea hoʻohana pūnaewele ke komo i nā awa 80 a me 443 ma ka pūnaewele pūnaewele, a hiki i ka mea hoʻohana me ka IP address o 90.1.15.1 ke komo i nā awa SSH o nā kikowaena virtual.
E ʻae i ke komo ʻana i nā awa mai ka pūnaewele waho.
resource "vcd_nsxv_firewall_rule" "fwnatports" {
edge_gateway = var.vcd_org_edge_name
name = "HTTPs Access"
source {
gateway_interfaces = ["external"]
}
destination {
gateway_interfaces = ["internal"]
}
service {
protocol = "tcp"
port = "80"
}
service {
protocol = "tcp"
port = "443"
}
depends_on = [vcd_network_routed.net]
}
resource "vcd_nsxv_firewall_rule" "fw_nat_admin_ports" {
edge_gateway = var.vcd_org_edge_name
name = "Admin Access"
source {
ip_addresses = [ "90.1.15.1" ]
}
destination {
gateway_interfaces = ["internal"]
}
service {
protocol = "tcp"
port = "58301"
}
service {
protocol = "tcp"
port = "58302"
}
service {
protocol = "tcp"
port = "58303"
}
depends_on = [vcd_network_routed.net]
}
Hoʻokumu mākou i nā lula Source NAT no ka loaʻa ʻana o ka Pūnaewele mai kahi kikowaena kikowaena kapua:
Hōʻike mākou i nā lula Source NAT.
resource "vcd_nsxv_snat" "snat_local" {
edge_gateway = var.vcd_org_edge_name
network_type = "ext"
network_name = var.vcdedgeexternalnetwork
original_address = var.vcd_edge_local_subnet
translated_address = var.vcd_edge_external_ip
depends_on = [vcd_network_routed.net]
}
A e hoʻopau i ka hoʻonohonoho ʻana o ka poloka pūnaewele, hoʻohui mākou i nā lula Destination NAT no ke komo ʻana i nā lawelawe mai ka pūnaewele waho:
Hoʻohui i nā lula NAT Destination.
resource "vcd_nsxv_dnat" "dnat_tcp_nginx_https" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "NGINX HTTPs"
original_address = var.vcd_edge_external_ip
original_port = 443
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 443
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
resource "vcd_nsxv_dnat" "dnat_tcp_nginx_http" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "NGINX HTTP"
original_address = var.vcd_edge_external_ip
original_port = 80
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 80
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Hoʻohui i kahi lula NAT no ka unuhi ʻana i ke awa i ka server SSH ma lalo o Nginx.
resource "vcd_nsxv_dnat" "dnat_tcp-nginx_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH NGINX"
original_address = var.vcd_edge_external_ip
original_port = 58301
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Hoʻohui i ka lula NAT no ka unuhi ʻana i ke awa i ke kikowaena SSH me 1C-Bitrix.
resource "vcd_nsxv_dnat" "dnat_tcp_bitrix_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH Bitrix"
original_address = var.vcd_edge_external_ip
original_port = 58302
translated_address = var.vcd_edge_local_ip_bitrix
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Hoʻohui i kahi lula NAT no ka unuhi ʻana i ke awa i ke kikowaena SSH me Nextcloud.
resource "vcd_nsxv_dnat" "dnat_tcp_nextcloud_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH Nextcloud"
original_address = var.vcd_edge_external_ip
original_port = 58303 translated_address = var.vcd_edge_local_ip_nextcloud
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Main.tf hoʻonohonoho kaiapuni virtual
E like me kā mākou i hoʻolālā ai i ka hoʻomaka ʻana o ka ʻatikala, e hana mākou i ʻekolu mau mīkini virtual. E hoʻomākaukau ʻia lākou me ka "Guest Customization". E hoʻonohonoho mākou i nā ʻāpana pūnaewele e like me nā hoʻonohonoho a mākou i kuhikuhi ai, a e hana ʻia ka ʻōlelo huna mea hoʻohana.
E wehewehe i ka vApp kahi e loaʻa ai nā mīkini virtual a me kā lākou hoʻonohonoho.
Hoʻonohonoho mīkini maʻamau
E hana i kahi pahu vApp. I hiki iā mākou ke hoʻohui koke i ka vApp a me VM i ka pūnaewele virtual, hoʻohui pū mākou i ka depende_on parameter:
E hana i kahi pahu
resource "vcd_vapp" "vapp" {
name = "web"
power_on = "true" depends_on = [vcd_network_routed.net]
}
E hana mākou i kahi mīkini virtual me kahi wehewehe
resource "vcd_vapp_vm" "nginx" {
vapp_name = vcd_vapp.vapp.name
name = "nginx"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_nginx
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "32768"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
Nā palena nui i ka wehewehe VM:
-
inoa - inoa o ka mīkini virtual,
-
vappname - inoa o ka vApp kahi e hoʻohui ai i kahi VM hou,
-
catalogname / templatename - ka inoa papa inoa a me ka inoa template mīkini virtual,
-
storageprofile - kulekele mālama mālama.
Nā ʻāpana poloka pūnaewele:
-
ʻano - ʻano o ka pūnaewele pili,
-
inoa - ʻo ia ka pūnaewele virtual e hoʻopili ai i ka VM,
-
isprimary - mea hoʻopili pūnaewele mua,
-
ipallocation_mode — MANUAL / DHCP / POOL ka hoʻokaʻawale ʻana i ka helu wahi,
-
ip - IP address no ka mīkini virtual, e kuhikuhi mākou iā ia me ka lima.
override_template_disk poloka:
-
sizeinmb - ka nui o ka disk boot no ka mīkini virtual
-
storage_profile - kulekele mālama no ka disk
E hana i kahi VM lua me ka wehewehe ʻana i ka waihona waihona Nextcloud
resource "vcd_vapp_vm" "nextcloud" {
vapp_name = vcd_vapp.vapp.name
name = "nextcloud"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_nextcloud
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "32768"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
resource "vcd_vm_internal_disk" "disk1" {
vapp_name = vcd_vapp.vapp.name
vm_name = "nextcloud"
bus_type = "paravirtual"
size_in_mb = "102400"
bus_number = 0
unit_number = 1
storage_profile = var.vcd_org_hdd_sp
allow_vm_reboot = true
depends_on = [ vcd_vapp_vm.nextcloud ]
}
Ma ka ʻāpana vcdvminternal_disk e wehewehe mākou i kahi disk virtual hou e pili ana i ka mīkini virtual.
Nā wehewehe no ka poloka vcdvminternaldisk:
-
bustype - ʻano hoʻokele disk
-
sizeinmb - ka nui diski
-
helu bus / helu helu - wahi pili i ka mea hoʻopili
-
storage_profile - kulekele mālama no ka disk
E wehewehe i ka VM hou loa ma Bitrix
resource "vcd_vapp_vm" "bitrix" {
vapp_name = vcd_vapp.vapp.name
name = "bitrix"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_bitrix
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "81920"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
Hoʻohou i ka OS a hoʻokomo i nā palapala hou
Hoʻomākaukau ʻia ka pūnaewele, wehewehe ʻia nā mīkini virtual. Ma mua o ka lawe ʻana i kā mākou ʻoihana, hiki iā mākou ke hoʻokō i ka hoʻolako mua ʻana me ka hoʻohana ʻana i nā poloka provisioner a me ka hoʻohana ʻole ʻana iā Ansible.
E nānā pehea e hoʻonui ai i ka OS a holo i ka palapala hoʻonohonoho CMS Bitrix me ka hoʻohana ʻana i ka poloka hoʻolako.
ʻO ka mea mua, e hoʻokomo i nā pūʻulu hoʻoponopono CentOS.
resource "null_resource" "nginx_update_install" {
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.nginx.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58301"
timeout = "30s"
}
inline = [
"yum -y update && yum -y upgrade",
"yum -y install wget nano epel-release net-tools unzip zip" ]
}
}
}
Ke koho ʻana o nā ʻāpana:
-
mea hoʻolako "remote-exec" - hoʻohui i ka poloka hoʻolako mamao
-
Ma ka poloka pili e wehewehe mākou i ke ʻano a me nā ʻāpana no ka pilina:
-
ʻano - protocol, i kā mākou hihia SSH;
-
mea hoʻohana - inoa hoʻohana;
-
ʻōlelo huna — password user. Ma kā mākou hihia, kuhikuhi mākou i ka ʻāpana vcdvappvm.nginx.customization[0].admin_password, kahi e mālama ai i ka ʻōlelo huna i hana ʻia no ka mea hoʻohana pūnaewele.
-
host - ka helu IP waho no ka pilina;
-
awa - awa no ka pilina, i ho'ākāka muaʻia ma nā hoʻonohonoho DNAT;
-
inline - papa inoa i ka papa inoa o nā kauoha e hoʻokomo ʻia. E hoʻokomo ʻia nā kauoha e like me ka mea i hōʻike ʻia ma kēia ʻāpana.
No ka laʻana, e hoʻokō hou i ka palapala hoʻonohonoho 1C-Bitrix. E loaʻa ana ka hopena o ka hopena hoʻokō script i ka wā e holo ana ka papahana. No ka hoʻouka ʻana i ka palapala, wehewehe mua mākou i ka poloka:
E wehewehe kākou i ke kau ʻana o 1C-Bitrix.
provisioner "file" {
source = "prepare.sh"
destination = "/tmp/prepare.sh"
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.nginx.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58301"
timeout = "30s"
}
}
provisioner "remote-exec" {
inline = [
"chmod +x /tmp/prepare.sh", "./tmp/prepare.sh"
]
}
A e wehewehe koke mākou i ka hōʻano hou o Bitrix.
He laʻana o ka hoʻolako ʻana i ka 1C-Bitrix.
resource "null_resource" "install_update_bitrix" {
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.bitrix.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58302"
timeout = "60s"
}
inline = [
"yum -y update && yum -y upgrade",
"yum -y install wget nano epel-release net-tools unzip zip",
"wget http://repos.1c-bitrix.ru/yum/bitrix-env.sh -O /tmp/bitrix-env.sh",
"chmod +x /tmp/bitrix-env.sh",
"/tmp/bitrix-env.sh"
]
}
}
Mea nui! ʻAʻole hiki ke hana ka palapala inā ʻaʻole ʻoe e hoʻopau iā SELinux ma mua! Inā makemake ʻoe i kahi ʻatikala kikoʻī e pili ana i ka hoʻokomo ʻana a me ka hoʻonohonoho ʻana iā CMS 1C-Bitrix me ka hoʻohana ʻana i ka bitrix-env.sh, hiki iā ʻoe ke .
3. Ka hoʻomaka ʻana o nā mea hana
Hoʻomaka i nā modula a me nā plugins
No ka hana, hoʻohana mākou i kahi "gentleman's kit" maʻalahi: kahi pona me Windows 10 OS a me kahi pahu hāʻawi mai ka pūnaewele mana. . E wehe a hoʻomaka kākou me ke kauoha: terraform.exe init
Ma hope o ka wehewehe ʻana i ka ʻōnaehana kamepiula a me ka ʻoihana pūnaewele, hoʻomaka mākou i ka hoʻolālā e hoʻāʻo i kā mākou hoʻonohonoho, kahi e ʻike ai i ka mea e hana ʻia a pehea e pili ai kekahi i kekahi.
-
E hoʻokō i ke kauoha
- terraform plan -var-file=vcd.tfvars. -
Loaʻa iā mākou ka hopena
- Plan: 16 to add, 0 to change, 0 to destroy.ʻO ia hoʻi, e like me kēia hoʻolālā, e hana ʻia nā kumuwaiwai 16. -
Hoʻomaka mākou i ka papahana ma ke kauoha
- terraform.exe apply -var-file=vcd.tfvars.
E hana ʻia nā mīkini virtual, a laila e hoʻokō ʻia nā pūʻolo a mākou i helu ai i loko o ka ʻāpana hoʻolako - e hoʻonui ʻia ka OS a e hoʻokomo ʻia ʻo CMS Bitrix.
Loaʻa ka ʻike pili
Ma hope o ka hoʻokō ʻana i ka hoʻolālā, makemake mākou e loaʻa ka ʻikepili ma ke ʻano kikokikona no ka hoʻopili ʻana i nā kikowaena, no kēia mea mākou e hōʻano i ka ʻāpana hoʻopuka penei:
output "nginxpassword" {
value = vcdvappvm.nginx.customization[0].adminpassword
}
A ke haʻi mai nei ka huaʻōlelo iā mākou i ka ʻōlelo huna no ka mīkini virtual i hana ʻia:
Outputs: nginx_password = F#4u8!!N
ʻO ka hopena, loaʻa iā mākou ke komo i nā mīkini virtual me kahi ʻōnaehana hana hou a me nā pūʻolo i hoʻokomo mua ʻia no kā mākou hana hou. Ua mākaukau nā mea a pau!
Akā he aha inā inā loaʻa iā ʻoe nā ʻōnaehana i kēia manawa?
3.1. Ke hana nei ʻo Terraform me nā ʻoihana e kū nei
He mea maʻalahi, hiki iā ʻoe ke hoʻokomo i nā mīkini virtual o kēia manawa a me kā lākou vApp ipu me ka hoʻohana ʻana i ke kauoha import.
E wehewehe kākou i ka waiwai vAPP a me ka mīkini virtual.
resource "vcd_vapp" "Monitoring" {
name = "Monitoring"
org = "mClouds"
vdc = "mClouds"
}
resource "vcd_vapp_vm" "Zabbix" {
name = "Zabbix"
org = "mClouds"
vdc = "mClouds"
vapp = "Monitoring"
}
ʻO ka hana aʻe e hoʻokomo i nā waiwai o nā kumuwaiwai vApp ma ke ʻano vcdvapp.<vApp> <org>.<orgvdc>.<vApp>, ma hea:
-
vApp - inoa vApp;
-
org - inoa o ka hui;
-
org_vdc — inoa o ke kikowaena data virtual.
Ke lawe mai nei i nā waiwai waiwai vAPP
E hoʻokomo i nā waiwai o nā kumu waiwai VM ma ke ʻano: vcdvappvm.<VM> <org>.<orgvdc>.<vApp>.<VM>, ma kahi:
-
VM - inoa VM;
-
vApp - inoa vApp;
-
org - inoa o ka hui;
-
ʻO orgvdc ka inoa o ke kikowaena data virtual.
Ua holomua ka lawe ʻana mai
C:UsersMikhailDesktopterraform>terraform import vcd_vapp_vm.Zabbix mClouds.mClouds.Monitoring.Zabbix
vcd_vapp_vm.Zabbix: Importing from ID "mClouds.mClouds.Monitoring.Zabbix"...
vcd_vapp_vm.Zabbix: Import prepared!
Prepared vcd_vapp_vm for import
vcd_vapp_vm.Zabbix: Refreshing state... [id=urn:vcloud:vm:778f4a89-1c8d-45b9-9d94-0472a71c4d1f]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
I kēia manawa hiki iā mākou ke nānā i ka waiwai hou i lawe ʻia mai:
Punawai lawe ʻia mai
> terraform show
...
# vcd_vapp.Monitoring:
resource "vcd_vapp" "Monitoring" {
guest_properties = {}
href = "https://vcloud.mclouds.ru/api/vApp/vapp-fe5db285-a4af-47c4-93e8-55df92f006ec"
id = "urn:vcloud:vapp:fe5db285-a4af-47c4-93e8-55df92f006ec"
ip = "allocated"
metadata = {}
name = "Monitoring"
org = "mClouds"
status = 4
status_text = "POWERED_ON"
vdc = "mClouds"
}
…
# vcd_vapp_vm.Zabbix:
resource "vcd_vapp_vm" "Zabbix" {
computer_name = "Zabbix"
cpu_cores = 1
cpus = 2
expose_hardware_virtualization = false
guest_properties = {}
hardware_version = "vmx-14"
href = "https://vcloud.mclouds.ru/api/vApp/vm-778f4a89-1c8d-45b9-9d94-0472a71c4d1f"
id = "urn:vcloud:vm:778f4a89-1c8d-45b9-9d94-0472a71c4d1f"
internal_disk = [
{
bus_number = 0
bus_type = "paravirtual"
disk_id = "2000"
iops = 0
size_in_mb = 122880
storage_profile = "Gold Storage Policy"
thin_provisioned = true
unit_number = 0
},
]
memory = 8192
metadata = {}
name = "Zabbix"
org = "mClouds"
os_type = "centos8_64Guest"
storage_profile = "Gold Storage Policy"
vapp_name = "Monitoring"
vdc = "mClouds"
customization {
allow_local_admin_password = true
auto_generate_password = true
change_sid = false
enabled = false
force = false
join_domain = false
join_org_domain = false
must_change_password_on_first_login = false
number_of_auto_logons = 0
}
network {
adapter_type = "VMXNET3"
ip_allocation_mode = "DHCP"
is_primary = true
mac = "00:50:56:07:01:b1"
name = "MCLOUDS-LAN01"
type = "org"
}
}
I kēia manawa ua mākaukau mākou - ua pau mākou me ka helu hope loa (hoʻokomo ʻia i loko o nā ʻenehana i loaʻa) a ua noʻonoʻo i nā kumu nui o ka hana ʻana me Terraform.
Ua lilo ka mea hana i mea maʻalahi a hiki iā ʻoe ke wehewehe i kāu ʻōnaehana ma ke ʻano he code, e hoʻomaka ana mai nā mīkini virtual o kahi mea hāʻawi kapuaʻi e wehewehe i nā kumuwaiwai o nā ʻāpana pūnaewele.
I ka manawa like, hiki i ke kūʻokoʻa mai ke kaiapuni ke hana me nā kumuwaiwai kūloko, nā ao, a me ka hoʻokele ʻana i ka paepae. A inā ʻaʻohe kahua kākoʻo a makemake ʻoe e hoʻohui i kahi mea hou, hiki iā ʻoe ke kākau i kāu mea hoʻolako ponoʻī a hoʻohana.
Source: www.habr.com