Anyị ewepụtala onye na-eweta ọrụ Terraform iji soro Selectel rụọ ọrụ. Ngwaahịa a na-enye ndị ọrụ ohere itinye njikwa akụrụngwa nke ọma site na usoro akụrụngwa-dị ka koodu.
Onye na-eweta ya na-akwado njikwa akụrụngwa ọrụ ugbu a (nke a na-akpọkwa VPC). N'ọdịnihu, anyị na-eme atụmatụ ịgbakwunye njikwa akụrụngwa maka ọrụ ndị ọzọ nke Selectel nyere.
Dịka ị maralarị, arụrụ ọrụ VPC na OpenStack. Otú ọ dị, n'ihi na OpenStack adịghị enye ngwá ọrụ ala maka ijere igwe ojii ozi, anyị na-arụ ọrụ na-efu efu na nhazi nke API ndị ọzọ na-eme ka njikwa nke ihe mgbagwoju anya dị mfe ma mee ka ọrụ ahụ dịkwuo mfe. Ụfọdụ ọrụ dị na OpenStack na-emechi site na iji ya eme ihe, mana ọ dị site na .
Onye na-eweta Selectel Terraform ugbu a gụnyere ikike ijikwa akụrụngwa VPC ndị a:
- oru ngo na oke ha;
- ndị ọrụ, ọrụ ha na akara ngosi;
- subnets ọha, gụnyere mpaghara mpaghara na VRRP;
- ikikere software.
Onye na-eweta ya na-eji ọba akwụkwọ Go ọha na-arụ ọrụ na VPC API. Ma ụlọ akwụkwọ ahụ na onye na-eweta ya n'onwe ya bụ ebe mepere emepe, a na-eme mmepe ha na Github:
- ebe nchekwa ọba akwụkwọ ,
- ebe nchekwa onye na-eweta .
Iji jikwaa akụrụngwa igwe ojii ndị ọzọ, dị ka igwe mebere, diski, ụyọkọ Kubernetes, ị nwere ike iji onye na-eweta OpenStack Terraform. Akwụkwọ ikike maka ndị na-eweta ha abụọ dị na njikọ ndị a:
- Akwụkwọ akụrụngwa Selectel: ,
- Akwụkwọ akụrụngwa OpenStack: .
-amalite Amalite
Iji malite, ịkwesịrị ịwụnye Terraform (ntụziaka na njikọ na ngwugwu nwụnye nwere ike ịchọta na ).
Iji rụọ ọrụ, onye na-eweta ya chọrọ igodo API Selectel, nke emepụtara na ya .
A na-emepụta ihe ngosi maka ịrụ ọrụ na Selectel site na iji Terraform ma ọ bụ jiri usoro ihe atụ emebere nke dị na ebe nchekwa Github anyị: .
E kewara ebe nchekwa ahụ nwere ọmụmaatụ n'ime akwụkwọ ndekọ aha abụọ:
- modul, nwere obere modul reusable nke na-ewere usoro ihe dị ka ntinye ma jikwaa obere ihe onwunwe;
- ihe atụ, nwere ihe atụ nke usoro modul jikọtara ọnụ zuru oke.
Mgbe ị wụnyechara Terraform, mepụta igodo API Selectel na ịmara onwe gị na ọmụmaatụ, ka anyị gaa n'ihu na ọmụmaatụ bara uru.
Ihe atụ nke ịmepụta ihe nkesa na diski mpaghara
Ka anyị lee ihe atụ nke imepụta ọrụ, onye ọrụ nwere ọrụ yana igwe mebere nwere diski mpaghara: .
Na faịlụ vars.tf parampat niile a ga-eji mgbe a na-akọwa modul oku. Ụfọdụ n'ime ha nwere ụkpụrụ ndabara, dịka ọmụmaatụ, a ga-emepụta ihe nkesa na mpaghara ahụ ru-3a ya na nhazi a:
variable "server_vcpus" {
default = 4
}
variable "server_ram_mb" {
default = 8192
}
variable "server_root_disk_gb" {
default = 8
}
variable "server_image_name" {
default = "Ubuntu 18.04 LTS 64-bit"
}
Na faịlụ isi.tf Emebere onye na-eweta Selectel:
provider "selectel" {
token = "${var.sel_token}"
}
Faịlụ a nwekwara uru ndabara maka igodo SSH nke a ga-etinye na sava ahụ:
module "server_local_root_disk" {
...
server_ssh_key = "${file("~/.ssh/id_rsa.pub")}"
}
Ọ bụrụ na ọ dị mkpa, ị nwere ike ezipụta igodo ọha dị iche. Agaghị akọwapụta igodo ahụ dị ka ụzọ faịlụ; ị nwekwara ike ịgbakwunye uru dị ka eriri.
Ọzọkwa na faịlụ a na-ewepụtara modul project_with_user и server_local_root_disk, nke na-ejikwa ihe ndị dị mkpa.
Ka anyị leba anya na modul ndị a nke ọma.
Ịmepụta ọrụ na onye ọrụ nwere ọrụ
Modul nke mbụ na-emepụta ọrụ na onye ọrụ nwere ọrụ na ọrụ ahụ: .
Onye ọrụ emepụtara ga-enwe ike ịbanye na OpenStack wee jikwaa akụrụngwa ya. Modul ahụ dị mfe ma na-ejikwa naanị ụlọ ọrụ atọ:
- selectel_vpc_project_v2,
- selectel_vpc_user_v2,
- selectel_vpc_role_v2.
Ịmepụta ihe nkesa mebere na diski mpaghara
Modul nke abụọ na-ekwu maka ijikwa ihe OpenStack, nke dị mkpa iji mepụta sava nwere diski mpaghara.
Ị kwesịrị ịṅa ntị na ụfọdụ arụmụka ndị akọwapụtara na modul a maka akụrụngwa openstack_compute_intance_v2:
resource "openstack_compute_instance_v2" "instance_1" {
...
lifecycle {
ignore_changes = ["image_id"]
}
vendor_options {
ignore_resize_confirmation = true
}
}
Arụmụka leghara_mgbanwe na-enye gị ohere ileghara mgbanwe àgwà anya id maka onyonyo eji emepụta igwe mebere. N'ime ọrụ VPC, a na-emelite ọtụtụ onyonyo ọha na-akpaghị aka otu ugboro n'izu ma n'otu oge ha id na-agbanwekwa. Nke a bụ n'ihi ihe dị iche iche nke akụrụngwa OpenStack - Glance, nke a na-ewere ihe onyonyo na-enweghị mgbanwe.
Ọ bụrụ na ị na-eke ma ọ bụ gbanwee ihe nkesa ma ọ bụ diski dị adị nke nwere ka arụmụka image_id jiri id onyonyo ọha, mgbe emelitere onyonyo ahụ, ịmegharị ihe ngosi Terraform ọzọ ga-emegharị ihe nkesa ma ọ bụ diski. Iji arụmụka leghara_mgbanwe na-enye gị ohere izere ọnọdụ dị otú ahụ.
Mara: arụmụka leghara_mgbanwe pụtara na Terraform ogologo oge gara aga: .
Arụmụka ileghara_resize_confirmation achọrọ iji megharịa diski mpaghara, cores, ma ọ bụ ebe nchekwa ihe nkesa nke ọma. A na-eme mgbanwe ndị a site na akụrụngwa OpenStack Nova site na iji arịrịọ resize. Nova ndabara mgbe arịrịọ resize na-etinye ihe nkesa ahụ n'ọkwa verify_resize ma chere maka nkwenye ọzọ n'aka onye ọrụ. Agbanyeghị, enwere ike ịgbanwe omume a ka Nova wee ghara ichere maka mmemme ndị ọzọ n'aka onye ọrụ.
Arụmụka akọwapụtara nke ọma na-enye ohere ka Terraform ghara ichere ọkwa verify_resize maka ihe nkesa ahụ ma dịrị njikere maka ihe nkesa ahụ ka ọ nọrọ n'ọnọdụ na-arụ ọrụ mgbe ọ gbanwere paramita ya. Arụmụka ahụ dị site na ụdị 1.10.0 nke ndị na-eweta OpenStack Terraform: .
Ịmepụta akụrụngwa
Tupu ịme ihe ngosi ahụ, biko rịba ama na n'ihe atụ anyị, a na-ewepụta ndị na-enye ọrụ abụọ dị iche iche, na OpenStack na-enye ọrụ na-adabere na akụrụngwa nke onye na-enye Selectel, ebe ọ bụ na-enweghị ịmepụta onye ọrụ na ọrụ ahụ, ọ gaghị ekwe omume ijikwa ihe ndị dị na ya. . N'ụzọ dị mwute, n'ihi otu ihe ahụ anyị enweghị ike ịme iwu ahụ terraform tinye n'ime ihe atụ anyị. Anyị kwesịrị ibu ụzọ mee tinye maka modul project_with_user na mgbe ahụ maka ihe ọ bụla ọzọ.
Mara: Edobebeghị okwu a na Terraform, ị nwere ike soro mkparịta ụka na Github na и .
Iji mepụta akụrụngwa, gaa na ndekọ , ọdịnaya ya kwesịrị ịdị ka nke a:
$ ls
README.md main.tf vars.tf
Anyị na-amalite modul site na iji iwu:
$ terraform init
Nsonaazụ na-egosi na Terraform na-ebudata ụdị kachasị ọhụrụ nke ndị na-eweta ọ na-eji wee lelee modulu niile akọwara na ihe atụ.
Mbụ ka anyị tinye modul ahụ project_with_user. Nke a na-achọ iji aka na-agafe ụkpụrụ maka mgbanwe ndị edobebeghị:
- sel_akaụntụ na nọmba akaụntụ Selectel gị;
- sel_token jiri igodo gị maka Selectel API;
- user_password jiri paswọọdụ maka onye ọrụ OpenStack.
A ghaghị iwere ụkpụrụ maka mgbanwe abụọ mbụ .
Maka mgbanwe ikpeazụ, ị nwere ike nweta paswọọdụ ọ bụla.
Iji jiri modul, ịkwesịrị iji dochie ụkpụrụ SEL_ACCOUNT, SEL_TOKEN и USER_PASSWORD na-eme iwu:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply -target=module.project_with_user
Mgbe ịmechara iwu ahụ, Terraform ga-egosi akụrụngwa ọ chọrọ imepụta wee rịọ maka nkwenye:
Plan: 3 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
Ozugbo arụpụtara ọrụ ahụ, onye ọrụ na ọrụ, ị nwere ike ịmalite ịmepụta akụrụngwa ndị ọzọ:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
Mgbe ị na-eke akụrụngwa, ṅaa ntị na mmepụta Terraform na adreesị IP mpụga ebe ihe nkesa emepụtara ga-enweta:
module.server_local_root_disk.openstack_networking_floatingip_associate_v2.association_1: Creating...
floating_ip: "" => "x.x.x.x"
Ị nwere ike ịrụ ọrụ na igwe mebere mebere site na SSH site na iji IP akọwapụtara.
Akụrụngwa edezi
Na mgbakwunye na ịmepụta akụrụngwa site na Terraform, ha nwekwara ike gbanwee.
Dịka ọmụmaatụ, ka anyị mụbaa ọnụọgụ cores na ebe nchekwa maka ihe nkesa anyị site n'ịgbanwe ụkpụrụ maka paramita server_vcpus и server_ram_mb na faịlụ examples/vpc/server_local_root_disk/main.tf:
- server_vcpus = "${var.server_vcpus}"
- server_ram_mb = "${var.server_ram_mb}"
+ server_vcpus = 8
+ server_ram_mb = 10240
Mgbe nke a gasịrị, anyị na-elele mgbanwe nke a ga-eduga n'iji iwu a:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform plan
N'ihi ya, Terraform mere mgbanwe akụrụngwa openstack_compute_intance_v2 и openstack_compute_flavor_v2.
Biko mara na nke a ga-agụnye ịmalitegharị igwe mebere emepụtara.
Iji tinye nhazi igwe mebere ọhụrụ, jiri iwu ahụ terraform tinye, nke anyị ebidolarị mbụ.
A ga-egosipụta ihe niile emepụtara :
Na nke anyi Ị nwekwara ike ịhụ ngosipụta maka ịmepụta igwe mebere nwere draịva netwọkụ.
Ọmụmaatụ nke ịmepụta ụyọkọ Kubernetes
Tupu anyị aga n'ihu n'atụmatụ na-esote, anyị ga-ehichapụ akụrụngwa anyị mepụtara na mbụ. Iji mee nke a na mgbọrọgwụ nke oru ngo Ka anyị mee iwu ka ihichapụ ihe OpenStack:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform destroy -target=module.server_local_root_disk
Wee mee iwu ka ikpochapụ ihe API Selectel VPC:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform destroy -target=module.project_with_user
N'okwu abụọ a, ị ga-achọ nkwenye ihichapụ ihe niile:
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
Ihe atụ na-esonụ dị na ndekọ .
Ihe atụ a na-emepụta ọrụ, onye ọrụ nwere ọrụ na ọrụ ahụ, ma bulie otu ụyọkọ Kubernetes. Na faịlụ vars.tf ị nwere ike ịhụ ụkpụrụ ndabara, dị ka ọnụọgụ ọnụ ọgụgụ, njirimara ha, ụdị Kubernetes, wdg.
Iji mepụta akụrụngwa yiri nke mbụ, nke mbụ anyị ga-amalite ịmalite modul na ịmepụta akụrụngwa modul project_with_userwee mepụta ihe ọ bụla ọzọ:
$ terraform init
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply -target=module.project_with_user
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
Anyị ga-ebufe mmepụta na njikwa nke ụyọkọ Kubernetes site na ngwa OpenStack Magnum. Ị nwere ike ịmatakwu otu esi arụ ọrụ na ụyọkọ n'otu n'ime anyị yana .
Mgbe ị na-akwadebe ụyọkọ ahụ, a ga-emepụta diski na igwe mebere ma tinye ihe niile dị mkpa. Nkwadebe na-ewe ihe dị ka nkeji 4, n'ime oge Terraform ga-egosipụta ozi dịka:
module.kubernetes_cluster.openstack_containerinfra_cluster_v1.cluster_1: Still creating... (3m0s elapsed)
Ozugbo echichi mechara, Terraform ga-egosi na ụyọkọ ahụ adịla njikere ma gosipụta NJ ya:
module.kubernetes_cluster.openstack_containerinfra_cluster_v1.cluster_1: Creation complete after 4m20s (ID: 3c8...)
Apply complete! Resources: 6 added, 0 changed, 0 destroyed.
Iji jikwaa ụyọkọ Kubernetes emepụtara site na akụrụngwa kubectl ị ga-enweta faịlụ ohere ụyọkọ. Iji mee nke a, gaa na oru ngo emepụtara site na Terraform na listi ọrụ dị na akaụntụ gị:
Ọzọ, soro njikọ dị ka nke pụtara n'okpuru aha oru ngo:
Maka ozi nbanye, jiri aha njirimara na paswọọdụ ị mepụtara site na Terraform. Ọ bụrụ na i mebeghị aghụghọ vars.tf ma ọ bụ isi.tf maka ihe atụ anyị, onye ọrụ ga-enwe aha tf_onye ọrụ. Ị ga-eji uru nke mgbanwe dị ka paswọọdụ TF_VAR_user_password, nke akọwapụtara na mmalite terraform tinye na mbụ.
N'ime ọrụ ahụ ịkwesịrị ịga na taabụ Kubernetes:
Nke a bụ ebe ụyọkọ e mepụtara site na Terraform dị. Budata faịlụ maka kubectl ị nwere ike na taabụ "Nnweta":
Ntuziaka nwụnye dị n'otu taabụ. kubectl na ojiji nke ebudatara config.yaml.
Mgbe mwepụta kubectl na ịtọ mgbanwe gburugburu ebe obibi KUBECONFIG Ị nwere ike iji Kubernetes:
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-9578f5c87-g6bjf 1/1 Running 0 8m
kube-system coredns-9578f5c87-rvkgd 1/1 Running 0 6m
kube-system heapster-866fcbc879-b6998 1/1 Running 0 8m
kube-system kube-dns-autoscaler-689688988f-8cxhf 1/1 Running 0 8m
kube-system kubernetes-dashboard-7bdb5d4cd7-jcjq9 1/1 Running 0 8m
kube-system monitoring-grafana-84c97bb64d-tc64b 1/1 Running 0 8m
kube-system monitoring-influxdb-7c8ccc75c6-dzk5f 1/1 Running 0 8m
kube-system node-exporter-tf-cluster-rz6nggvs4va7-minion-0 1/1 Running 0 8m
kube-system node-exporter-tf-cluster-rz6nggvs4va7-minion-1 1/1 Running 0 8m
kube-system openstack-cloud-controller-manager-8vrmp 1/1 Running 3 8m
prometeus-monitoring grafana-76bcb7ffb8-4tm7t 1/1 Running 0 8m
prometeus-monitoring prometheus-75cdd77c5c-w29gb 1/1 Running 0 8m
Enwere ike ịgbanwe ọnụ ọgụgụ nke ọnụ ụyọkọ n'ụzọ dị mfe site na Terraform.
Na faịlụ isi.tf akọwapụtara uru ndị a:
cluster_node_count = "${var.cluster_node_count}"
A na-eji dochie uru a vars.tf:
variable "cluster_node_count" {
default = 2
}
Ị nwere ike ịgbanwe ma uru ndabara na vars.tf, ma ọ bụ kọwaa uru achọrọ ozugbo na isi.tf:
- cluster_node_count = "${var.cluster_node_count}"
+ cluster_node_count = 3
Iji tinye mgbanwe ndị ahụ, dị ka ọ dị na ihe atụ nke mbụ, jiri iwu ahụ terraform tinye:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
Mgbe ọnụọgụ ọnụ ụzọ gbanwere, ụyọkọ ahụ ga-adịgide. Mgbe ịgbakwunye ọnụ site na Terraform, ị nwere ike iji ya na-enweghị nhazi ọzọ:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
tf-cluster-rz6nggvs4va7-master-0 Ready,SchedulingDisabled master 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-0 Ready <none> 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-1 Ready <none> 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-2 Ready <none> 3m v1.12.4
nkwubi
N'isiokwu a, anyị maara na isi ụzọ na-arụ ọrụ na site na Terraform. Anyị ga-enwe obi ụtọ ma ọ bụrụ na ị na-eji onye ọrụ Selectel Terraform na-eweta ma nye nzaghachi.
Enwere ike ịkọ ahụhụ ọ bụla achọtara na ndị na-eweta Selectel Terraform .
isi: www.habr.com