Peb tau tshaj tawm ib tus neeg muab kev pabcuam Terraform los ua haujlwm nrog Selectel. Cov khoom no tso cai rau cov neeg siv kom ua tiav kev tswj hwm kev tswj hwm los ntawm Infrastructure-as-code methodology.
Tam sim no tus neeg muab kev pabcuam txhawb nqa kev pabcuam kev pabcuam (tom qab no hu ua VPC). Nyob rau hauv lub neej yav tom ntej, peb npaj yuav ntxiv kev tswj hwm kev pabcuam rau lwm cov kev pabcuam uas muab los ntawm Selectel.
Raws li koj twb paub lawm, qhov kev pabcuam VPC yog tsim los ntawm OpenStack. Txawm li cas los xij, vim qhov tseeb tias OpenStack tsis muab cov cuab yeej ib txwm siv los ua haujlwm rau pej xeem huab cua, peb tau siv cov haujlwm uas ploj lawm hauv cov txheej txheem APIs ntxiv uas ua kom yooj yim rau kev tswj hwm cov khoom sib xyaw ua ke thiab ua rau kev ua haujlwm yooj yim dua. Qee qhov kev ua haujlwm muaj nyob hauv OpenStack raug kaw los ntawm kev siv ncaj qha, tab sis muaj los ntawm .
Tus neeg muab kev pabcuam Selectel Terraform tam sim no suav nrog lub peev xwm los tswj VPC cov peev txheej hauv qab no:
- tej yaam num thiab lawv cov quotas;
- cov neeg siv, lawv lub luag haujlwm thiab tokens;
- pej xeem subnets, suav nrog hla cheeb tsam thiab VRRP;
- cov ntawv tso cai software.
Tus kws kho mob siv peb lub tsev qiv ntawv Go rau pej xeem los ua haujlwm nrog VPC API. Ob lub tsev qiv ntawv thiab tus neeg muab kev pabcuam nws tus kheej yog qhov chaw qhib, lawv txoj kev loj hlob tau ua tiav ntawm Github:
- tsev qiv ntawv repository ,
- qhov chaw muab kev pabcuam .
Txhawm rau tswj hwm lwm cov kev pabcuam huab, xws li tshuab virtual, disks, Kubernetes pawg, koj tuaj yeem siv OpenStack Terraform tus neeg zov me nyuam. Cov ntaub ntawv raug cai rau ob tus kws kho mob muaj nyob rau ntawm qhov txuas hauv qab no:
- Selectel cov ntaub ntawv pov thawj: ,
- OpenStack cov ntaub ntawv: .
Pib
Txhawm rau pib, koj yuav tsum nruab Terraform (cov lus qhia thiab txuas mus rau cov pob teeb tsa tuaj yeem pom ntawm ).
Txhawm rau ua haujlwm, tus kws kho mob yuav tsum muaj tus yuam sij Selectel API, uas yog tsim nyob rau hauv .
Manifests rau kev ua hauj lwm nrog Selectel yog tsim los siv Terraform los yog siv ib txheej ntawm npaj txhij-ua piv txwv uas muaj nyob rau hauv peb Github repository: .
Lub repository nrog piv txwv yog muab faib ua ob daim ntawv teev npe:
- Modules, muaj cov khoom siv me me rov siv tau uas siv cov txheej txheem tsis raws li cov tswv yim thiab tswj cov txheej txheem me me;
- piv txwv, muaj cov piv txwv ntawm ib tug ua tiav txheej ntawm interconnected modules.
Tom qab txhim kho Terraform, tsim ib tus yuam sij Selectel API thiab paub koj tus kheej nrog cov piv txwv, cia peb mus rau cov piv txwv ua tau zoo.
Ib qho piv txwv ntawm kev tsim ib lub server nrog lub zos disk
Cia peb saib ib qho piv txwv ntawm kev tsim ib qhov project, tus neeg siv nrog lub luag haujlwm thiab lub tshuab virtual nrog lub zos disk: .
Hauv cov ntaub ntawv ua. tf tag nrho cov kev ntsuas uas yuav siv tau thaum hu xov tooj modules tau piav qhia. Ib txhia ntawm lawv muaj qhov tseem ceeb, piv txwv li, lub server yuav raug tsim nyob rau hauv cheeb tsam ru-3 ua nrog configuration hauv qab no:
variable "server_vcpus" {
default = 4
}
variable "server_ram_mb" {
default = 8192
}
variable "server_root_disk_gb" {
default = 8
}
variable "server_image_name" {
default = "Ubuntu 18.04 LTS 64-bit"
}
Hauv cov ntaub ntawv loj. tf Tus kws kho mob Selectel tau pib:
provider "selectel" {
token = "${var.sel_token}"
}
Cov ntaub ntawv no tseem muaj tus nqi pib rau SSH tus yuam sij uas yuav raug ntsia rau ntawm lub server:
module "server_local_root_disk" {
...
server_ssh_key = "${file("~/.ssh/id_rsa.pub")}"
}
Yog tias tsim nyog, koj tuaj yeem teev tus yuam sij pej xeem sib txawv. Tus yuam sij tsis tas yuav tsum tau teev tseg raws li txoj kev ua ntaub ntawv; koj tuaj yeem ntxiv tus nqi raws li txoj hlua.
Ntxiv rau hauv cov ntaub ntawv no cov modules raug tso tawm project_with_user и server_local_root_disk, uas tswj cov peev txheej tsim nyog.
Cia peb saib cov modules kom ntxaws ntxiv.
Tsim ib qhov project thiab tus neeg siv nrog lub luag haujlwm
Thawj qhov module tsim ib qhov project thiab tus neeg siv nrog lub luag haujlwm hauv qhov project: .
Tus neeg siv tsim yuav tuaj yeem nkag rau hauv OpenStack thiab tswj hwm nws cov peev txheej. Lub module yog yooj yim thiab tswj tsuas yog peb qhov chaw:
- selectel_vpc_project_v2,
- selectel_vpc_user_v2,
- selectel_vpc_role_v2.
Tsim ib tug virtual server nrog lub zos disk
Qhov thib ob module cuam tshuam nrog kev tswj hwm OpenStack cov khoom, uas tsim nyog los tsim ib lub server nrog lub zos disk.
Koj yuav tsum tau xyuam xim rau qee qhov kev sib cav uas tau teev tseg hauv cov qauv no rau cov peev txheej openstack_compute_instance_v2:
resource "openstack_compute_instance_v2" "instance_1" {
...
lifecycle {
ignore_changes = ["image_id"]
}
vendor_options {
ignore_resize_confirmation = true
}
}
sib cav ignore_changes tso cai rau koj tsis quav ntsej tus cwj pwm hloov pauv id rau cov duab siv los tsim lub tshuab virtual. Hauv kev pabcuam VPC, cov duab pej xeem feem ntau tau hloov kho tshiab ib zaug ib lim tiam thiab tib lub sijhawm lawv id kuj hloov. Qhov no yog vim qhov peculiarities ntawm OpenStack tivthaiv - Glance, nyob rau hauv uas dluab yog suav tias yog immutable chaw.
Yog tias koj tab tom tsim lossis hloov kho lub server lossis disk uas twb muaj lawm uas muaj kev sib cav duab_id yog siv id cov duab pej xeem, tom qab ntawd tom qab cov duab hloov tshiab, khiav Terraform manifest dua yuav rov tsim dua lub server lossis disk. Siv kev sib cav ignore_changes tso cai rau koj kom tsis txhob muaj qhov xwm txheej zoo li no.
Nco tseg: kev sib cav ignore_changes tau tshwm sim hauv Terraform ntev dhau los: .
sib cav tsis quav ntsej_resize_confirmation xav tau kom ua tau zoo resize lub zos disk, cores, los yog neeg rau zaub mov nco. Cov kev hloov no yog ua los ntawm OpenStack Nova tivthaiv siv qhov kev thov resize. Default Nova tom qab thov resize muab lub server rau hauv cov xwm txheej verify_resize thiab tos kom paub meej ntxiv los ntawm tus neeg siv. Txawm li cas los xij, tus cwj pwm no tuaj yeem hloov pauv kom Nova tsis tos rau kev ua ntxiv los ntawm tus neeg siv.
Cov lus sib cav uas tau teev tseg tso cai rau Terraform tsis txhob tos rau qhov xwm txheej verify_resize rau cov neeg rau zaub mov thiab npaj rau cov neeg rau zaub mov kom nyob rau hauv ib qho kev ua haujlwm tom qab hloov nws cov kev txwv. Cov lus sib cav yog muaj los ntawm version 1.10.0 ntawm OpenStack Terraform tus neeg zov me nyuam: .
Tsim cov peev txheej
Ua ntej khiav cov manifests, thov nco ntsoov tias hauv peb qhov piv txwv, ob lub chaw muab kev pabcuam sib txawv tau pib, thiab OpenStack tus neeg zov me nyuam nyob ntawm cov peev txheej ntawm Selectel tus muab kev pabcuam, vim tias tsis tsim ib tus neeg siv hauv qhov project, nws tsis tuaj yeem tswj hwm cov khoom ntawm nws. . Hmoov tsis zoo, rau tib qho laj thawj peb tsis tuaj yeem khiav cov lus txib xwb terraform thov hauv peb qhov piv txwv. Peb yuav tsum ua ntej thov rau module project_with_user thiab tom qab ntawd rau txhua yam.
Nco tseg: Qhov teeb meem no tseem tsis tau daws hauv Terraform, koj tuaj yeem ua raws li kev sib tham ntawm Github ntawm и .
Txhawm rau tsim cov peev txheej, mus rau cov npe , nws cov ntsiab lus yuav tsum zoo li no:
$ ls
README.md main.tf vars.tf
Peb pib lub modules siv cov lus txib:
$ terraform init
Cov zis qhia tau hais tias Terraform downloads qhov tseeb versions ntawm cov chaw muab kev pab nws siv thiab xyuas tag nrho cov modules piav nyob rau hauv piv txwv.
Ua ntej cia peb siv lub module project_with_user. Qhov no yuav tsum tau manually dhau qhov tseem ceeb rau cov hloov pauv uas tsis tau teeb tsa:
- sel_tus account nrog koj tus lej Selectel;
- sel_token nrog koj tus yuam sij rau Selectel API;
- user_password nrog tus password rau tus neeg siv OpenStack.
Qhov tseem ceeb rau thawj ob qhov sib txawv yuav tsum raug coj los ntawm .
Rau qhov hloov pauv kawg, koj tuaj yeem tuaj nrog txhua tus password.
Txhawm rau siv lub module koj yuav tsum tau hloov cov nqi SEL_ACCOUNT, SEL_TOKEN и USER_PASSWORD khiav qhov hais kom ua:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply -target=module.project_with_user
Tom qab khiav qhov hais kom ua, Terraform yuav qhia cov peev txheej uas nws xav tsim thiab nug kom paub meej:
Plan: 3 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
Thaum qhov project, tus neeg siv thiab lub luag haujlwm tau tsim, koj tuaj yeem pib tsim cov peev txheej ntxiv:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
Thaum tsim cov peev txheej, ua tib zoo saib rau Terraform cov zis nrog qhov chaw nyob IP sab nraud qhov chaw tsim khoom siv yuav nkag tau:
module.server_local_root_disk.openstack_networking_floatingip_associate_v2.association_1: Creating...
floating_ip: "" => "x.x.x.x"
Koj tuaj yeem ua haujlwm nrog lub tshuab virtual tsim los ntawm SSH siv tus IP teev.
Kho cov peev txheej
Ntxiv rau kev tsim cov peev txheej los ntawm Terraform, lawv tuaj yeem hloov kho.
Piv txwv li, cia peb nce tus naj npawb ntawm cov cores thiab nco rau peb cov neeg rau zaub mov los ntawm kev hloov cov txiaj ntsig rau qhov tsis server_vcpus и server_ram_mb hauv cov ntaub ntawv example/vpc/server_local_root_disk/main.tf:
- server_vcpus = "${var.server_vcpus}"
- server_ram_mb = "${var.server_ram_mb}"
+ server_vcpus = 8
+ server_ram_mb = 10240
Tom qab ntawd, peb xyuas seb qhov kev hloov pauv no yuav ua rau siv cov lus txib hauv qab no:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform plan
Yog li ntawd, Terraform tau hloov pauv cov peev txheej openstack_compute_instance_v2 и openstack_compute_flavor_v2.
Thov nco ntsoov tias qhov no yuav ua rau rebooting lub tshuab virtual tsim.
Txhawm rau siv lub tshuab virtual tshiab, siv cov lus txib terraform thov, uas peb twb launched ua ntej lawm.
Tag nrho cov khoom tsim yuav raug tso tawm hauv :
Ntawm peb Koj tseem tuaj yeem pom cov ntawv qhia rau kev tsim cov tshuab virtual nrog lub network drives.
Piv txwv ntawm kev tsim ib pawg Kubernetes
Ua ntej peb mus rau qhov piv txwv tom ntej, peb yuav ntxuav cov peev txheej uas peb tau tsim ua ntej. Txhawm rau ua qhov no hauv paus ntawm qhov project Cia peb khiav cov lus txib kom rho tawm cov khoom OpenStack:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform destroy -target=module.server_local_root_disk
Tom qab ntawd khiav cov lus txib kom tshem tawm Selectel VPC API cov khoom:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform destroy -target=module.project_with_user
Hauv ob qho xwm txheej, koj yuav tsum tau lees paub qhov kev tshem tawm tag nrho cov khoom:
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
Cov piv txwv hauv qab no yog nyob rau hauv phau ntawv teev npe .
Qhov piv txwv no tsim ib qhov project, tus neeg siv nrog lub luag haujlwm hauv qhov project, thiab tsa ib qho Kubernetes pawg. Hauv cov ntaub ntawv ua. tf koj tuaj yeem pom qhov tseem ceeb, xws li tus naj npawb ntawm cov nodes, lawv cov yam ntxwv, Kubernetes version, thiab lwm yam.
Txhawm rau tsim cov peev txheej zoo ib yam li thawj qhov piv txwv, ua ntej ntawm tag nrho peb yuav pib pib cov modules thiab tsim cov peev txheej module project_with_userthiab tom qab ntawd tsim txhua yam ntxiv:
$ terraform init
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply -target=module.project_with_user
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
Peb yuav hloov qhov tsim thiab tswj ntawm Kubernetes pawg los ntawm OpenStack Magnum tivthaiv. Koj tuaj yeem paub ntau ntxiv txog yuav ua li cas ua haujlwm nrog pawg hauv ib qho ntawm peb xyab ntawv thiab .
Thaum npaj cov pawg, disks thiab cov tshuab virtual yuav raug tsim thiab txhua yam tsim nyog yuav raug teeb tsa. Kev npaj yuav siv sijhawm li 4 feeb, thaum lub sijhawm Terraform yuav tso tawm cov lus xws li:
module.kubernetes_cluster.openstack_containerinfra_cluster_v1.cluster_1: Still creating... (3m0s elapsed)
Thaum lub installation tiav lawm, Terraform yuav qhia tias pawg yog npaj txhij thiab tso saib nws tus ID:
module.kubernetes_cluster.openstack_containerinfra_cluster_v1.cluster_1: Creation complete after 4m20s (ID: 3c8...)
Apply complete! Resources: 6 added, 0 changed, 0 destroyed.
Txhawm rau tswj tus tsim Kubernetes pawg los ntawm kev siv hluav taws xob kubtl ua koj yuav tsum tau txais cov ntaub ntawv nkag mus rau pawg. Txhawm rau ua qhov no, mus rau qhov project tsim los ntawm Terraform hauv cov npe ntawm cov haujlwm hauv koj tus account:
Tom ntej no, ua raws li qhov txuas zoo li uas tshwm hauv qab lub npe qhov project:
Rau cov ntaub ntawv nkag mus, siv tus username thiab password uas koj tsim los ntawm Terraform. Yog koj tsis tau dag ua. tf los yog loj. tf rau peb piv txwv, tus neeg siv yuav muaj lub npe tf_user. Koj yuav tsum siv tus nqi ntawm qhov sib txawv raws li tus password TF_VAR_user_password, uas tau teev tseg thaum pib terraform thov ua ntej lawm.
Hauv qhov project koj yuav tsum mus rau lub tab Kubernetes:
Qhov no yog qhov uas pawg tsim los ntawm Terraform nyob. Download file rau kubtl ua Koj tuaj yeem nyob ntawm "Access" tab:
Cov lus qhia rau kev txhim kho yog nyob ntawm tib lub tab. kubtl ua thiab siv cov downloaded config.yaml.
Tom qab tso tawm kubtl ua thiab teeb tsa ib puag ncig hloov pauv KUBECONFIG Koj tuaj yeem siv Kubernetes:
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-9578f5c87-g6bjf 1/1 Running 0 8m
kube-system coredns-9578f5c87-rvkgd 1/1 Running 0 6m
kube-system heapster-866fcbc879-b6998 1/1 Running 0 8m
kube-system kube-dns-autoscaler-689688988f-8cxhf 1/1 Running 0 8m
kube-system kubernetes-dashboard-7bdb5d4cd7-jcjq9 1/1 Running 0 8m
kube-system monitoring-grafana-84c97bb64d-tc64b 1/1 Running 0 8m
kube-system monitoring-influxdb-7c8ccc75c6-dzk5f 1/1 Running 0 8m
kube-system node-exporter-tf-cluster-rz6nggvs4va7-minion-0 1/1 Running 0 8m
kube-system node-exporter-tf-cluster-rz6nggvs4va7-minion-1 1/1 Running 0 8m
kube-system openstack-cloud-controller-manager-8vrmp 1/1 Running 3 8m
prometeus-monitoring grafana-76bcb7ffb8-4tm7t 1/1 Running 0 8m
prometeus-monitoring prometheus-75cdd77c5c-w29gb 1/1 Running 0 8m
Tus naj npawb ntawm pawg nodes tuaj yeem hloov tau yooj yim ntawm Terraform.
Hauv cov ntaub ntawv loj. tf tus nqi hauv qab no tau teev tseg:
cluster_node_count = "${var.cluster_node_count}"
Tus nqi no yog hloov los ntawm ua. tf:
variable "cluster_node_count" {
default = 2
}
Koj tuaj yeem hloov pauv tus nqi pib hauv ua. tf, los yog qhia tus nqi uas yuav tsum tau ncaj qha rau hauv loj. tf:
- cluster_node_count = "${var.cluster_node_count}"
+ cluster_node_count = 3
Txhawm rau siv cov kev hloov pauv, xws li hauv qhov piv txwv thawj, siv cov lus txib terraform thov:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
Thaum tus naj npawb ntawm cov nodes hloov, pawg yuav nyob twj ywm. Tom qab ntxiv ib qho ntawm Terraform, koj tuaj yeem siv nws yam tsis muaj kev teeb tsa ntxiv:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
tf-cluster-rz6nggvs4va7-master-0 Ready,SchedulingDisabled master 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-0 Ready <none> 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-1 Ready <none> 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-2 Ready <none> 3m v1.12.4
xaus
Hauv tsab xov xwm no peb tau paub txog txoj hauv kev tseem ceeb los ua haujlwm nrog ntawm Terraform. Peb yuav zoo siab yog tias koj siv Terraform tus kws kho mob Selectel thiab muab cov lus qhia.
Txhua yam kab mob pom hauv Selectel Terraform tus kws kho mob tuaj yeem raug tshaj tawm ntawm .
Tau qhov twg los: www.hab.com