I roto i tenei tuhinga ka titiro tatou ki te ahua o Terraform, me te tuku haere i a tatou ake hanganga — ka whakarite matou kia toru nga VM mo nga kaupapa rereke: takawaenga, rokiroki konae me te CMS.
Mo nga mea katoa i roto i nga korero me nga waahanga e toru:
1. Terraform - whakaahuatanga, painga me nga waahanga
Ko Terraform he taputapu IaC (Infrastructure-as-Code) mo te hanga me te whakahaere i nga hanganga mariko ma te whakamahi i te waehere.
I kitea e matou he maha nga painga ki te mahi me te taputapu:
-
Te tere tuku o nga kairëti hou (nga taiao mariko ritenga). Ko te tikanga, ko te nui ake o nga kaihoko hou, ko te nui ake o nga "pao" me mahi nga kaimahi tautoko hangarau ki te whakaputa rauemi hou. Ma te Terraform, ka taea e nga kaiwhakamahi te whakarereke i nga tautuhinga miihini mariko (hei tauira, te kati aunoa i te OS me te whakanui ake i te wehewehenga kōpae mariko) me te kore e hiahia tautoko hangarau, ka kati ranei i te miihini ake.
-
Manatokonga inamata o te mahere whakahohenga Kareti hou. Ma te whakamahi i te whakaahuatanga o te waehere hanganga, ka taea e taatau te tirotiro tonu he aha ka taapirihia me te aha te raupapa, me te aha te ahua whakamutunga o tenei miihini mariko, whatunga mariko ranei me nga hononga ki nga miihini mariko.
-
Te kaha ki te whakaahua i nga papanga kapua rongonui. Ka taea e koe te whakamahi i te taputapu mai i Amazon me Google Cloud, ki nga papaaapapa motuhake i runga i te Kaiwhakahaere VMware vCloud, e tuku ratonga i roto i nga otinga IaaS, SaaS me PaaS.
-
Whakahaerehia nga kaiwhakarato kapua maha me te tohatoha i nga hanganga ki waenganui i a raatau hei whakapai ake i te kawa o te he, ma te whakamahi i te whirihoranga kotahi ki te hanga, ki te tirotiro me te whakahaere i nga rauemi kapua.
-
Te whakamahi watea mo te hanga turanga demo mo te whakamatautau rorohiko me te patuiro. Ka taea e koe te hanga me te whakawhiti i nga tuunga mo te tari whakamatautau, te rorohiko whakamatautau i roto i nga taiao rereke i roto i te whakarara, me te whakarereke tonu me te whakakore i nga rauemi ma te hanga i tetahi mahere hanga rauemi.
"Terrarium" Terraform
I korero poto matou mo nga painga o te taputapu, inaianei ka wehewehea ki ona waahanga
Kaituku.
I roto i te Terraform, tata katoa nga momo hanganga ka taea te tohu hei rauemi. Ko te hononga i waenga i nga rauemi me te papaahi API e whakaratohia ana e nga waahanga kaiwhakarato, ka taea e koe te hanga rauemi i roto i tetahi kaupapa motuhake, hei tauira, Azure, VMware vCloud Kaiwhakahaere ranei.
Hei waahanga o te kaupapa, ka taea e koe te taunekeneke me nga kaiwhakarato rereke i runga i nga papaaho rereke.
Rauemi (whakaahua rauemi).
Ko te whakaahuatanga o nga rauemi ka taea e koe te whakahaere i nga waahanga papaarangi, penei i nga miihini mariko me nga whatunga.
Ka taea e koe te hanga i tetahi whakaahuatanga rauemi mo te kaiwhakarato VMware vCloud Kaiwhakahaere me te whakamahi i tenei whakaahuatanga hei hanga rauemi me tetahi kaiwhakarato manaaki e whakamahi ana i te Kaiwhakahaere vCloud. Me huri noa nga tawhā motuhēhēnga me ngā tawhā hononga whatunga ki te kaiwhakarato manaaki e hiahiatia ana
Kaituku.
Ma tenei waahanga ka taea te mahi mo te whakaurunga tuatahi me te tiaki i te punaha whakahaere i muri i te hanga miihini mariko. Ina oti i a koe te hanga rauemi miihini mariko, ka taea e koe te whakamahi i nga kaiwhakarato ki te whirihora me te hono ma te SSH, te whakahou i te punaha whakahaere, me te tango me te whakahaere tuhinga.
Taurangi Whakauru me te Putanga.
Taurangi whakauru - taurangi whakauru mo nga momo poraka.
Ko nga taurangi putanga ka taea e koe te tiaki i nga uara i muri i te waihanga rauemi ka taea te whakamahi hei taurangi whakauru ki etahi atu waahanga, hei tauira i te poraka Kaituku.
Whenua.
Ko nga konae a Amerika kei te rongoa korero mo te whirihoranga o nga rauemi papaahoa kaiwhakarato. I te wa tuatahi i hangaia ai te papaahi, kaore he korero mo nga rauemi, a, i mua i tetahi mahi, ka whakahou a Terraform i te kawanatanga me nga tino hanganga o nga rauemi kua oti te korero.
Ko te kaupapa matua o nga kawanatanga ko te penapena i nga tini taonga o nga rauemi kua oti te hanga ki te whakataurite i te whirihoranga o nga rauemi taapiri me nga taonga kia kore ai e hangai tonu me nga huringa ki te papaaho.
Ma te taunoa, ka penapenahia nga korero a te kawanatanga ki te konae terraform.tfstate rohe, engari mena e tika ana, ka taea te whakamahi i te rokiroki mamao mo te mahi a te roopu.
Ka taea hoki e koe te kawemai i nga rauemi papaarangi o naianei ki te kawanatanga ki te mahi tahi me etahi atu rauemi i hangaia me te kore awhina a Terraform.
2. Te hanga hanganga
Kua tohatohahia nga waahanga, inaianei ma te whakamahi i a Terraform ka hangaia he hanganga me nga miihini mariko e toru. Ko te tuatahi me te tūmau takawaenga nginx i whakauruhia, ko te tuarua me te rokiroki konae i runga i Nextcloud me te tuatoru me CMS Bitrix.
Ka tuhia e matou he waehere ka mahia ma te whakamahi i ta maatau tauira . Ka whakawhiwhia e a maatau kaiwhakamahi tetahi kaute me nga mana Whakahaere Whakahaere. Mena ka whakamahi koe i tetahi kaute me nga mana rite ki tetahi atu kapua VMware, ka taea e koe te whakaputa i te waehere mai i o maatau tauira. Haere!
Tuatahi, me hanga he raarangi mo ta maatau kaupapa hou ka whakatakotohia nga konae e whakaatu ana i nga hanganga.
mkdir project01
I muri mai, ka whakaahuahia e matou nga waahanga hanganga. Ka hangaia e Terraform nga hononga me te tukatuka i nga konae i runga i te whakaahuatanga i roto i nga konae. Ko nga konae ano ka taea te whakaingoatia i runga i te kaupapa o nga poraka e whakaahuahia ana, hei tauira, network.tf - e whakaatu ana i nga tawhā whatunga mo te hanganga.
Hei whakaahua i nga waahanga o a maatau hanganga, i hangaia e matou nga konae e whai ake nei:
Rārangi o ngā kōnae.
main.tf - te whakaahuatanga o nga tawhā mo te taiao mariko - nga miihini mariko, nga ipu mariko;
network.tf - he whakaahuatanga mo nga tawhā whatunga mariko me nga ture NAT me te Paahiahi;
variables.tf - rarangi o nga taurangi ka whakamahia e matou;
vcd.tfvars - uara taurangi kaupapa mo te kōwae Kaiwhakahaere vCloud VMware.
Ko te reo whirihoranga i roto i te Terraform he whakapuakanga me te raupapa o nga poraka kaore he mea nui, engari mo nga poraka kaiwhakarato, na te mea i roto i tenei poraka e whakaahua ana matou i nga whakahau kia mahia i te wa e whakareri ana i nga hanganga ka mahia kia rite.
Hanganga poraka.
<BLOCK TYPE> "<BLOCK LABEL>" "<BLOCK LABEL>" {
# Block body
<IDENTIFIER> = <EXPRESSION> # Argument
}
Hei whakaahua i nga poraka, ka whakamahia tana ake reo hötaka HCL (HashiCorp Configuration Language); ka taea te whakaahua i nga hanganga ma te whakamahi i a JSON. Ka taea e koe te ako atu mo te wetereo .
Te whirihoranga taurangi taiao, variables.tf me vcd.tfvars
Tuatahi, me hanga e rua nga konae e whakaahua ana i te rarangi o nga taurangi kua whakamahia katoa me o raatau uara mo te waahanga Kaiwhakahaere VMware vCloud. Tuatahi, me hanga e tatou te kōnae variables.tf.
Nga ihirangi o te kōnae variables.tf.
variable "vcd_org_user" {
description = "vCD Tenant User"
}
variable "vcd_org_password" {
description = "vCD Tenant Password"
}
variable "vcd_org" {
description = "vCD Tenant Org"
}
variable "vcd_org_vdc" {
description = "vCD Tenant VDC"
}
variable "vcd_org_url" {
description = "vCD Tenant URL"
}
variable "vcd_org_max_retry_timeout" {
default = "60"
}
variable "vcd_org_allow_unverified_ssl" {
default = "true"
}
variable "vcd_org_edge_name" {
description = "vCD edge name"
}
variable "vcd_org_catalog" {
description = "vCD public catalog"
}
variable "vcd_template_os_centos7" {
description = "OS CentOS 7"
default = "CentOS7"
}
variable "vcd_org_ssd_sp" {
description = "Storage Policies"
default = "Gold Storage Policy"
}
variable "vcd_org_hdd_sp" {
description = "Storage Policies"
default = "Bronze Storage Policy"
}
variable "vcd_edge_local_subnet" {
description = "Organization Network Subnet"
}
variable "vcd_edge_external_ip" {
description = "External public IP"
}
variable "vcd_edge_local_ip_nginx" {}
variable "vcd_edge_local_ip_bitrix" {}
variable "vcd_edge_local_ip_nextcloud" {}
variable "vcd_edge_external_network" {}
Ko nga uara rereke ka whakawhiwhia e matou mai i te kaiwhakarato.
-
vcd_org_user — ingoa kaiwhakamahi me nga mana Kaiwhakahaere Whakahaere,
-
vcd_org_password — kupuhipa kaiwhakamahi,
-
vcd_org — ingoa o te whakahaere,
-
vcd_org_vdc — ingoa o te pokapū raraunga mariko,
-
vcd_org_url - API URL,
-
vcd_org_edge_name — ingoa o te pouara mariko,
-
vcd_org_catalog — ingoa o te whaiaronga me nga tauira miihini mariko,
-
vcd_edge_external_ip — wāhitau IP tūmatanui,
-
vcd_edge_external_network — ingoa o te whatunga o waho,
-
vcd_org_hdd_sp — ingoa o te kaupapa here rokiroki HDD,
-
vcd_org_ssd_sp — ingoa o te kaupapa here rokiroki SSD.
A ka uru ki a maatau taurangi:
-
vcd_edge_local_ip_nginx — Wāhitau IP o te miihini mariko me NGINX,
-
vcd_edge_local_ip_bitrix - Wāhitau IP o te miihini mariko me te 1C: Bitrix,
-
vcd_edge_local_ip_nextcloud — Wāhitau IP o te miihini mariko me Nextcloud.
Ma te konae tuarua ka waihangahia e matou, ka whakawhāitihia nga taurangi mo te VMware vCloud Kaiwhakahaere kōwae i roto i te kōnae vcd.tfvars: Kia maumahara tatou i roto i ta maatau tauira ka whakamahia e matou. , ki te mahi tahi koe me tetahi atu kaiwhakarato, tirohia nga uara me ratou.
Nga ihirangi o te kōnae vcd.tfvars.
vcd_org_url = "https://vcloud.mclouds.ru/api"
vcd_org_user = "orgadmin"
vcd_org_password = "*"
vcd = "org"
vcd_org_vdc = "orgvdc"
vcd_org_maxretry_timeout = 60
vcd_org_allow_unverified_ssl = true
vcd_org_catalog = "Templates"
vcd_templateos_centos7 = "CentOS7"
vcd_org_ssd_sp = "Gold Storage Policy"
vcd_org_hdd_sp = "Bronze Storage Policy"
vcd_org_edge_name = "MCLOUDS-EDGE"
vcd_edge_external_ip = "185.17.66.1"
vcd_edge_local_subnet = "192.168.110.0/24"
vcd_edge_local_ip_nginx = "192.168.110.1"
vcd_edge_local_ip_bitrix = "192.168.110.10"
vcd_edge_local_ip_nextcloud = "192.168.110.11"
vcd_edge_external_network = "NET-185-17-66-0"
whirihoranga whatunga, network.tf.
Kua whakaritea nga taurangi taiao, inaianei ka whakatuu te kaupapa hono miihini mariko - ka tohua he wahitau IP motuhake ki ia miihini mariko me te whakamahi i te Destination NAT ki te "whakamua" i nga tauranga ki te whatunga o waho. Hei whakawhāiti i te urunga ki nga tauranga whakahaere, ka tautuhia te urunga mo to tatou wahitau IP anake.
Ko te hoahoa whatunga mo te papahanga Terraform e hangaia ana
Ka hangaia e matou he whatunga whakahaere mariko me te ingoa net_lan01, te kuwaha taunoa: 192.168.110.254, me te mokowā wāhitau hoki: 192.168.110.0/24.
Ka whakaahua matou i tetahi whatunga mariko.
resource "vcd_network_routed" "net" {
name = "net_lan01"
edge_gateway = var.vcd_org_edge_name
gateway = "192.168.110.254"
dns1 = "1.1.1.1"
dns2 = "8.8.8.8"
static_ip_pool {
start_address = "192.168.110.1"
end_address = "192.168.110.253"
}
}
Me hanga ture papaahi e taea ai e nga miihini mariko te uru ki te Ipurangi. I roto i tenei poraka, ka whai waahi nga rauemi mariko katoa o te kapua ki te Ipurangi:
Ka whakaahua matou i nga ture mo te uru VM ki te Ipurangi.
resource "vcd_nsxv_firewall_rule" "fw_internet_access" {
edge_gateway = var.vcdorgedgename
name = "Internet Access"
source {
gateway_interfaces = ["internal"]
}
destination {
gateway_interfaces = ["external"]
}
service {
protocol = "any"
}
depends_on = [vcdnetworkrouted.net]
}
I te whakatau i te ti'aturi i muri i te tukatuka i te poraka vcdnetworkrouted.net, ka haere tonu matou ki te whirihora i te poraka vcdnsxvfirewallrule, ma te whakamahi whakawhirinaki. Ka whakamahia e matou tenei whiringa na te mea ka mohiotia etahi o nga whakawhirinakitanga i roto i te whirihoranga.
I muri mai, ka hangaia e matou he ture e taea ai te uru atu ki nga tauranga mai i te whatunga o waho me te tohu i to maatau IP mo te hono ma te SSH ki nga kaitoro. Ka taea e tetahi kaiwhakamahi Ipurangi te uru ki nga tauranga 80 me 443 i runga i te tūmau tukutuku, me te kaiwhakamahi me te IP IP o 90.1.15.1 ka uru ki nga tauranga SSH o nga tūmau mariko.
Whakaaetia te uru ki nga tauranga mai i te whatunga o waho.
resource "vcd_nsxv_firewall_rule" "fwnatports" {
edge_gateway = var.vcd_org_edge_name
name = "HTTPs Access"
source {
gateway_interfaces = ["external"]
}
destination {
gateway_interfaces = ["internal"]
}
service {
protocol = "tcp"
port = "80"
}
service {
protocol = "tcp"
port = "443"
}
depends_on = [vcd_network_routed.net]
}
resource "vcd_nsxv_firewall_rule" "fw_nat_admin_ports" {
edge_gateway = var.vcd_org_edge_name
name = "Admin Access"
source {
ip_addresses = [ "90.1.15.1" ]
}
destination {
gateway_interfaces = ["internal"]
}
service {
protocol = "tcp"
port = "58301"
}
service {
protocol = "tcp"
port = "58302"
}
service {
protocol = "tcp"
port = "58303"
}
depends_on = [vcd_network_routed.net]
}
Ka waihangahia e matou nga ture NAT Puna mo te uru ki te Ipurangi mai i te whatunga rohe kapua:
Ka whakaahua matou i nga ture Puna NAT.
resource "vcd_nsxv_snat" "snat_local" {
edge_gateway = var.vcd_org_edge_name
network_type = "ext"
network_name = var.vcdedgeexternalnetwork
original_address = var.vcd_edge_local_subnet
translated_address = var.vcd_edge_external_ip
depends_on = [vcd_network_routed.net]
}
A ki te whakaoti i te whirihoranga o te poraka whatunga, ka taapirihia e matou nga ture Destination NAT mo te uru atu ki nga ratonga mai i te whatunga o waho:
Te taapiri i nga ture Destination NAT.
resource "vcd_nsxv_dnat" "dnat_tcp_nginx_https" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "NGINX HTTPs"
original_address = var.vcd_edge_external_ip
original_port = 443
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 443
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
resource "vcd_nsxv_dnat" "dnat_tcp_nginx_http" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "NGINX HTTP"
original_address = var.vcd_edge_external_ip
original_port = 80
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 80
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Tāpirihia he ture NAT mo te whakamaoritanga tauranga ki te tūmau SSH i raro i te Nginx.
resource "vcd_nsxv_dnat" "dnat_tcp-nginx_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH NGINX"
original_address = var.vcd_edge_external_ip
original_port = 58301
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Tāpirihia he ture NAT mo te whakamaoritanga tauranga ki te tūmau SSH me te 1C-Bitrix.
resource "vcd_nsxv_dnat" "dnat_tcp_bitrix_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH Bitrix"
original_address = var.vcd_edge_external_ip
original_port = 58302
translated_address = var.vcd_edge_local_ip_bitrix
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Tāpirihia he ture NAT mo te whakamaoritanga tauranga ki te tūmau SSH me Nextcloud.
resource "vcd_nsxv_dnat" "dnat_tcp_nextcloud_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH Nextcloud"
original_address = var.vcd_edge_external_ip
original_port = 58303 translated_address = var.vcd_edge_local_ip_nextcloud
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Main.tf whirihoranga taiao mariko
Ka rite ki ta maatau i whakamahere i te timatanga o te tuhinga, ka hangaia e matou nga miihini mariko e toru. Ka rite ratou ma te whakamahi i te "Whakaritenga Manuhiri". Ka tautuhia e matou nga tawhā whatunga kia rite ki nga tautuhinga i tohua e matou, a ka hangaia te kupuhipa kaiwhakamahi.
Me whakaahua te vApp kei reira nga miihini mariko me o raatau whirihoranga.
whirihoranga miihini mariko
Me hanga he ipu vApp. Kia taea ai e tatou te hono tonu i te vApp me te VM ki te whatunga mariko, ka taapirihia e matou te tawhā depende_on:
Waihangahia he ipu
resource "vcd_vapp" "vapp" {
name = "web"
power_on = "true" depends_on = [vcd_network_routed.net]
}
Me hanga he miihini mariko me te whakaahuatanga
resource "vcd_vapp_vm" "nginx" {
vapp_name = vcd_vapp.vapp.name
name = "nginx"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_nginx
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "32768"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
Tawhā matua i roto i te whakaahuatanga VM:
-
ingoa — ingoa o te miihini mariko,
-
vappname - ingoa o te vApp hei taapiri i tetahi VM hou,
-
ingoa putumōhio / ingoa tauira - ingoa putumōhio me te ingoa tauira miihini mariko,
-
storageprofile - kaupapa here rokiroki taunoa.
Tawhā paraka whatunga:
-
momo — momo whatunga hono,
-
ingoa — ko wai te whatunga mariko hei hono i te VM,
-
isprimary - urutau whatunga matua,
-
ipallocation_mode — MANUAL / DHCP / POOL aratau tohatoha wāhitau,
-
ip — Wāhitau IP mo te miihini mariko, ka tohua ma te ringa.
override_template_disk paraka:
-
sizeinmb - te rahi o te kōpae whawhai mo te miihini mariko
-
storage_profile - kaupapa here rokiroki mo te kōpae
Me hanga he VM tuarua me te whakamaarama mo te rokiroki konae Nextcloud
resource "vcd_vapp_vm" "nextcloud" {
vapp_name = vcd_vapp.vapp.name
name = "nextcloud"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_nextcloud
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "32768"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
resource "vcd_vm_internal_disk" "disk1" {
vapp_name = vcd_vapp.vapp.name
vm_name = "nextcloud"
bus_type = "paravirtual"
size_in_mb = "102400"
bus_number = 0
unit_number = 1
storage_profile = var.vcd_org_hdd_sp
allow_vm_reboot = true
depends_on = [ vcd_vapp_vm.nextcloud ]
}
I roto i te waahanga vcdvminternal_disk ka whakaahuahia he kōpae mariko hou e hono ana ki te miihini mariko.
Nga whakamarama mo te paraka vcdvminternaldisk:
-
bustype - momo kaiwhakahaere kōpae
-
sizeinmb — rahi kōpae
-
busnumber / unitnumber - tauwāhi hononga i roto i te whāurutau
-
storage_profile - kaupapa here rokiroki mo te kōpae
Kia whakaahuahia te VM hou mo Bitrix
resource "vcd_vapp_vm" "bitrix" {
vapp_name = vcd_vapp.vapp.name
name = "bitrix"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_bitrix
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "81920"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
Te whakahou i te OS me te whakauru i nga tuhinga taapiri
Kua rite te whatunga, kua whakaahuahia nga miihini mariko. I mua i te kawemai i a maatau hangahanga, ka taea e maatau te whakahaere i nga whakaritenga tuatahi ma te whakamahi i nga poraka kaiwhakarato me te kore e whakamahi i te Ansible.
Me titiro me pehea te whakahou i te OS me te whakahaere i te tuhinga whakaurunga CMS Bitrix ma te whakamahi i te poraka kaiwhakarato.
Tuatahi, me whakauru i nga kohinga whakahou CentOS.
resource "null_resource" "nginx_update_install" {
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.nginx.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58301"
timeout = "30s"
}
inline = [
"yum -y update && yum -y upgrade",
"yum -y install wget nano epel-release net-tools unzip zip" ]
}
}
}
Te tohu o nga waahanga:
-
kaiwhakarato “mamao-exec” - honoa te paraka whakarato mamao
-
I roto i te paraka hono ka whakaahuahia te momo me nga tawhā mo te hononga:
-
momo - kawa, i roto i to tatou take SSH;
-
kaiwhakamahi — ingoa kaiwhakamahi;
-
kupuhipa — kupuhipa kaiwhakamahi. I roto i to maatau, ka tohu matou ki te tawhā vcdvappvm.nginx.customization[0].admin_password, e pupuri ana i te kupuhipa kua hangaia mo te kaiwhakamahi punaha.
-
kaihautū - wāhitau IP waho mo te hononga;
-
tauranga - tauranga mo te hononga, i tohua i mua i nga tautuhinga DNAT;
-
rōraina - whakarārangihia te rārangi o ngā whakahau ka tāurutia. Ka whakauruhia nga whakahau kia rite ki nga tohu i tenei waahanga.
Hei tauira, me mahi ano te tuhinga whakaurunga 1C-Bitrix. Ka watea mai te putanga o te hua o te mahinga tuhinga i te wa e haere ana te mahere. Hei tāuta i te hōtuhi, tuatahi ka whakaahuahia te paraka:
Kia whakaahuahia te whakaurunga o 1C-Bitrix.
provisioner "file" {
source = "prepare.sh"
destination = "/tmp/prepare.sh"
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.nginx.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58301"
timeout = "30s"
}
}
provisioner "remote-exec" {
inline = [
"chmod +x /tmp/prepare.sh", "./tmp/prepare.sh"
]
}
A ka whakaahua tonu matou i te whakahoutanga Bitrix.
He tauira o te whakaratonga 1C-Bitrix.
resource "null_resource" "install_update_bitrix" {
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.bitrix.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58302"
timeout = "60s"
}
inline = [
"yum -y update && yum -y upgrade",
"yum -y install wget nano epel-release net-tools unzip zip",
"wget http://repos.1c-bitrix.ru/yum/bitrix-env.sh -O /tmp/bitrix-env.sh",
"chmod +x /tmp/bitrix-env.sh",
"/tmp/bitrix-env.sh"
]
}
}
He mea nui! Kaore pea te tuhinga e mahi ki te kore koe e whakakore i te SELinux i mua! Mena ka hiahia koe ki tetahi tuhinga taipitopito mo te whakauru me te whirihora CMS 1C-Bitrix ma te whakamahi i te bitrix-env.sh, oo ka taea e koe .
3. Te arawhitinga hangahanga
Te whakaara i nga waahanga me nga monomai
Mo te mahi, ka whakamahia e matou he "kete rangatira" ngawari: he pona me Windows 10 OS me tetahi kete tohatoha mai i te paetukutuku mana. . Me wetewete me te arawhiti ma te whakamahi i te whakahau: terraform.exe init
Whai muri i te whakamaarama i nga hanganga rorohiko me te whatunga, ka whakarewahia e matou te whakamahere ki te whakamatautau i to maatau whirihoranga, ka kitea nga mea ka hangaia me te pehea e hono ai tetahi ki tetahi.
-
Whakahaerehia te whakahau
- terraform plan -var-file=vcd.tfvars. -
Ka whiwhi tatou i te hua
- Plan: 16 to add, 0 to change, 0 to destroy.Arā, e ai ki tēnei mahere, 16 ngā rauemi ka hangaia. -
Ka whakarewahia e matou te mahere i runga i te whakahau
- terraform.exe apply -var-file=vcd.tfvars.
Ka hangaia nga miihini mariko, katahi ka mahia nga kohinga kua whakarārangihia e matou i roto i te waahanga kaiwhakarato - ka whakahouhia te OS ka whakauruhia te CMS Bitrix.
Te whiwhi raraunga hononga
I muri i te whakatinanatanga o te mahere, e hiahia ana matou ki te whiwhi raraunga i roto i te puka tuhinga mo te hono atu ki nga kaitoro, mo tenei ka whakahōputuhia te waahanga whakaputa penei:
output "nginxpassword" {
value = vcdvappvm.nginx.customization[0].adminpassword
}
Na ko te putanga e whai ake nei ka korero mai ki a maatau te kupuhipa mo te miihini mariko i hangaia:
Outputs: nginx_password = F#4u8!!N
Ko te mutunga mai, ka uru tatou ki nga miihini mariko me te punaha whakahaere kua whakahoutia me nga kohinga kua oti te whakauru mo a maatau mahi. Kua reri katoa!
Engari ka pehea mena kei a koe nga hanganga o mua?
3.1. Mahi Terraform me nga hanganga o naianei
He ngawari noa, ka taea e koe te kawemai i nga miihini mariko o naianei me o raatau ipu vApp ma te whakamahi i te whakahau kawemai.
Me whakaahua te rauemi vAPP me te miihini mariko.
resource "vcd_vapp" "Monitoring" {
name = "Monitoring"
org = "mClouds"
vdc = "mClouds"
}
resource "vcd_vapp_vm" "Zabbix" {
name = "Zabbix"
org = "mClouds"
vdc = "mClouds"
vapp = "Monitoring"
}
Ko te mahi e whai ake nei ko te kawemai i nga taonga o nga rauemi vApp i te whakatakotoranga vcdvapp.<vApp> <org>.<orgvdc>.<vApp>, kei hea:
-
vApp - ingoa vApp;
-
org — ingoa o te whakahaere;
-
org_vdc — ingoa o te pokapū raraunga mariko.
Te kawemai i nga rawa rauemi vAPP
Me kawemai i nga ahuatanga o nga rauemi VM i te whakatakotoranga: vcdvappvm.<VM> <org>.<orgvdc>.<vApp>.<VM>, kei roto:
-
VM - ingoa VM;
-
vApp - ingoa vApp;
-
org — ingoa o te whakahaere;
-
Ko orgvdc te ingoa o te pokapū raraunga mariko.
I angitu te kawemai
C:UsersMikhailDesktopterraform>terraform import vcd_vapp_vm.Zabbix mClouds.mClouds.Monitoring.Zabbix
vcd_vapp_vm.Zabbix: Importing from ID "mClouds.mClouds.Monitoring.Zabbix"...
vcd_vapp_vm.Zabbix: Import prepared!
Prepared vcd_vapp_vm for import
vcd_vapp_vm.Zabbix: Refreshing state... [id=urn:vcloud:vm:778f4a89-1c8d-45b9-9d94-0472a71c4d1f]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
Inaianei ka taea e tatou te titiro ki te rauemi hou i kawemai:
Rauemi kawemai
> terraform show
...
# vcd_vapp.Monitoring:
resource "vcd_vapp" "Monitoring" {
guest_properties = {}
href = "https://vcloud.mclouds.ru/api/vApp/vapp-fe5db285-a4af-47c4-93e8-55df92f006ec"
id = "urn:vcloud:vapp:fe5db285-a4af-47c4-93e8-55df92f006ec"
ip = "allocated"
metadata = {}
name = "Monitoring"
org = "mClouds"
status = 4
status_text = "POWERED_ON"
vdc = "mClouds"
}
…
# vcd_vapp_vm.Zabbix:
resource "vcd_vapp_vm" "Zabbix" {
computer_name = "Zabbix"
cpu_cores = 1
cpus = 2
expose_hardware_virtualization = false
guest_properties = {}
hardware_version = "vmx-14"
href = "https://vcloud.mclouds.ru/api/vApp/vm-778f4a89-1c8d-45b9-9d94-0472a71c4d1f"
id = "urn:vcloud:vm:778f4a89-1c8d-45b9-9d94-0472a71c4d1f"
internal_disk = [
{
bus_number = 0
bus_type = "paravirtual"
disk_id = "2000"
iops = 0
size_in_mb = 122880
storage_profile = "Gold Storage Policy"
thin_provisioned = true
unit_number = 0
},
]
memory = 8192
metadata = {}
name = "Zabbix"
org = "mClouds"
os_type = "centos8_64Guest"
storage_profile = "Gold Storage Policy"
vapp_name = "Monitoring"
vdc = "mClouds"
customization {
allow_local_admin_password = true
auto_generate_password = true
change_sid = false
enabled = false
force = false
join_domain = false
join_org_domain = false
must_change_password_on_first_login = false
number_of_auto_logons = 0
}
network {
adapter_type = "VMXNET3"
ip_allocation_mode = "DHCP"
is_primary = true
mac = "00:50:56:07:01:b1"
name = "MCLOUDS-LAN01"
type = "org"
}
}
Inaianei kua tino reri matou - kua oti taatau ki te waahi whakamutunga (ka kawemai ki roto i nga hanganga o naianei) me te whai whakaaro ki nga kaupapa matua katoa mo te mahi tahi me Terraform.
Ko te taputapu he tino watea, ka taea e koe te whakaahua i to hanganga hei waehere, timata mai i nga miihini mariko o tetahi kaiwhakarato kapua ki te whakaahua i nga rauemi o nga waahanga whatunga.
I te wa ano, ko te noho motuhake mai i te taiao ka taea te mahi me nga rauemi a-rohe, kapua, me te whakahaere i te turanga. A, ki te kore he papaa tautoko me te hiahia ki te taapiri i tetahi mea hou, ka taea e koe te tuhi i to ake kaiwhakarato me te whakamahi.
Source: will.com