M'nkhaniyi tiwona zomwe Terraform ili nazo, komanso pang'onopang'ono kuyambitsa zomanga zathu - Tikonzekera ma VM atatu pazolinga zosiyanasiyana: projekiti, kusungira mafayilo ndi CMS.
Za chilichonse mwatsatanetsatane komanso m'magawo atatu:
1. Terraform - kufotokoza, ubwino ndi zigawo zikuluzikulu
Terraform ndi chida cha IaC (Infrastructure-as-Code) pomanga ndi kuyang'anira zomangamanga pogwiritsa ntchito code.
Tidawona zabwino zingapo pogwira ntchito ndi chida:
-
Liwiro la kutumiza kwa alendi atsopano (malo opezeka mwamakonda). Nthawi zambiri, makasitomala atsopano akamakhala, m'pamenenso "kudina" ogwira ntchito zaukadaulo amafunikira kupanga kuti asindikize zatsopano. Ndi Terraform, ogwiritsa ntchito amatha kusintha makina osinthika (mwachitsanzo, kutseka OS ndikuwonjezera gawo la disk) osafuna thandizo laukadaulo kapena kuzimitsa makinawo.
-
Kutsimikizira pompopompo dongosolo loyambitsa Tennant watsopano. Pogwiritsa ntchito malongosoledwe a kachidindo kachitukuko, titha kuyang'ana nthawi yomweyo zomwe zidzawonjezedwe komanso momwe zimakhalira, komanso kuti izi kapena makina enieniwo kapena maukonde olumikizana ndi makina enieni adzakhala otani.
-
Kutha kufotokozera nsanja zodziwika kwambiri zamtambo. Mukhoza kugwiritsa ntchito kuchokera ku Amazon ndi Google Cloud, kupita kumapulatifomu achinsinsi ozikidwa pa VMware vCloud Director, opereka chithandizo mkati mwa IaaS, SaaS ndi PaaS mayankho.
-
Konzani angapo opereka mtambo ndikugawa zomanga pakati pawo kuti apititse patsogolo kulolerana kwa zolakwika, pogwiritsa ntchito kasinthidwe kamodzi kuti apange, kuzindikira ndi kuyang'anira zinthu zamtambo.
-
Kugwiritsa ntchito bwino popanga ma demo kuyesa mapulogalamu ndi kukonza zolakwika. Mutha kupanga ndi kusamutsa maimidwe a dipatimenti yoyesera, mapulogalamu oyesera m'malo osiyanasiyana mofananira, ndikusintha nthawi yomweyo ndikuchotsa zinthu popanga pulani imodzi yokha yopangira zida.
"Terrarium" Terraform
Tinakambirana mwachidule za ubwino wa chida, tsopano tiyeni tizigawanika mu zigawo zake
Othandizira.
Mu Terraform, pafupifupi mtundu uliwonse wa zomangamanga ukhoza kuimiridwa ngati gwero. Kugwirizana pakati pa zothandizira ndi nsanja ya API kumaperekedwa ndi ma modules operekera, omwe amakulolani kupanga zothandizira mkati mwa nsanja inayake, mwachitsanzo, Azure kapena VMware vCloud Director.
Monga gawo la polojekitiyi, mutha kuyanjana ndi othandizira osiyanasiyana pamapulatifomu osiyanasiyana.
Zothandizira (mafotokozedwe azinthu).
Kufotokozera kwazinthu kumakupatsani mwayi wowongolera magawo a nsanja, monga makina enieni kapena maukonde.
Mutha kupanga kufotokozera kwa VMware vCloud Director nokha ndikugwiritsa ntchito malongosoledwe awa kuti mupange zothandizira ndi wothandizira aliyense yemwe amagwiritsa ntchito vCloud Director. Mukungofunika kusintha magawo ovomerezeka ndi magawo olumikizira maukonde kupita kwa omwe akufunidwa
Othandizira.
Chigawochi chimapangitsa kuti zitheke kugwira ntchito zoyambitsa kukhazikitsa ndi kukonza makina ogwiritsira ntchito pambuyo popanga makina enieni. Mukangopanga makina enieni, mutha kugwiritsa ntchito operekera kukonza ndikulumikiza kudzera pa SSH, kusintha makina ogwiritsira ntchito, ndikutsitsa ndikuyendetsa script.
Zosintha ndi Zotulutsa.
Zosintha zolowetsa - zosinthika zamtundu uliwonse wa block.
Zosintha zomwe zimatuluka zimakulolani kuti musunge zinthu mukatha kupanga zothandizira ndipo zitha kugwiritsidwa ntchito ngati zosintha zama module ena, mwachitsanzo mu block ya Provisioners.
Mayiko.
Mafayilo a mayiko amasunga zambiri zokhudzana ndi kasinthidwe kazinthu zothandizira papulatifomu. Pamene nsanja idapangidwa koyamba, palibe chidziwitso chokhudza zothandizira ndipo isanayambe ntchito iliyonse, Terraform imasintha boma ndi zowonongeka zenizeni zazinthu zomwe zafotokozedwa kale.
Cholinga chachikulu cha mayiko ndikupulumutsa gulu la zinthu zomwe zidapangidwa kale kuti zifananize kasinthidwe kazinthu zowonjezera ndi zinthu kuti tipewe kulenga mobwerezabwereza ndi kusintha kwa nsanja.
Mwachikhazikitso, chidziwitso cha boma chimasungidwa mu fayilo yapafupi ya terraform.tfstate, koma ngati kuli kofunikira, n'zotheka kugwiritsa ntchito kusungirako kutali kwa ntchito yamagulu.
Mutha kuyitanitsanso zida zapapulatifomu zamakono m'boma kuti mupitilize kulumikizana ndi zinthu zina zomwe zidapangidwa popanda thandizo la Terraform.
2. Kupanga zomangamanga
Zigawozo zasankhidwa, tsopano pogwiritsa ntchito Terraform tidzapanga pang'onopang'ono zomangamanga ndi makina atatu enieni. Yoyamba yokhala ndi seva ya proxy ya nginx yoyikidwa, yachiwiri ndi yosungirako mafayilo kutengera Nextcloud ndipo yachitatu ndi CMS Bitrix.
Tidzalemba code ndikuyichita pogwiritsa ntchito chitsanzo chathu . Ogwiritsa athu amalandira akaunti yokhala ndi ufulu wa Oyang'anira Bungwe Ngati mugwiritsa ntchito akaunti yomwe ili ndi ufulu womwewo mumtambo wina wa VMware, mutha kutulutsanso ma code kuchokera ku zitsanzo zathu. Pitani!
Choyamba, tiyeni tipange chikwatu cha pulojekiti yathu yatsopano momwe mafayilo ofotokozera zachitukuko adzayikidwa.
mkdir project01
Kenaka, tikufotokozera zigawo za zomangamanga. Terraform imapanga maubwenzi ndikusintha mafayilo kutengera kufotokozera m'mafayilo. Mafayilo okha amatha kutchulidwa kutengera cholinga cha midadada yomwe ikufotokozedwa, mwachitsanzo, network.tf - imafotokoza magawo a netiweki pazomangamanga.
Kufotokozera zigawo za zomangamanga zathu, tinapanga mafayilo awa:
Mndandanda wamafayilo.
main.tf - kufotokozera magawo a chilengedwe - makina enieni, zotengera zenizeni;
network.tf - kufotokoza kwa magawo ochezera a pa intaneti ndi NAT ndi malamulo a Firewall;
variables.tf - mndandanda wazinthu zomwe timagwiritsa ntchito;
vcd.tfvars - mayendedwe osinthika a projekiti ya VMware vCloud Director module.
Chilankhulo chosinthira mu Terraform ndichofotokozera ndipo dongosolo la midadada lilibe kanthu, kupatula zoletsa zoperekera, chifukwa mu chipikachi tikufotokoza malamulo oti aphedwe pokonzekera zomangamanga ndipo adzaphedwa mwadongosolo.
Kapangidwe ka block.
<BLOCK TYPE> "<BLOCK LABEL>" "<BLOCK LABEL>" {
# Block body
<IDENTIFIER> = <EXPRESSION> # Argument
}
Kufotokozera midadada, chilankhulo chake cha pulogalamu ya HCL (HashiCorp Configuration Language) chimagwiritsidwa ntchito; ndizotheka kufotokozera zomangamanga pogwiritsa ntchito JSON. Mutha kudziwa zambiri za syntax .
Kusintha kwa chilengedwe, variables.tf ndi vcd.tfvars
Choyamba, tiyeni tipange mafayilo awiri omwe amafotokoza mndandanda wazosintha zonse zomwe zimagwiritsidwa ntchito ndi zomwe zimafunikira pagawo la VMware vCloud Director. Choyamba, tiyeni tipange fayilo ya variables.tf.
Zomwe zili mufayilo ya variables.tf.
variable "vcd_org_user" {
description = "vCD Tenant User"
}
variable "vcd_org_password" {
description = "vCD Tenant Password"
}
variable "vcd_org" {
description = "vCD Tenant Org"
}
variable "vcd_org_vdc" {
description = "vCD Tenant VDC"
}
variable "vcd_org_url" {
description = "vCD Tenant URL"
}
variable "vcd_org_max_retry_timeout" {
default = "60"
}
variable "vcd_org_allow_unverified_ssl" {
default = "true"
}
variable "vcd_org_edge_name" {
description = "vCD edge name"
}
variable "vcd_org_catalog" {
description = "vCD public catalog"
}
variable "vcd_template_os_centos7" {
description = "OS CentOS 7"
default = "CentOS7"
}
variable "vcd_org_ssd_sp" {
description = "Storage Policies"
default = "Gold Storage Policy"
}
variable "vcd_org_hdd_sp" {
description = "Storage Policies"
default = "Bronze Storage Policy"
}
variable "vcd_edge_local_subnet" {
description = "Organization Network Subnet"
}
variable "vcd_edge_external_ip" {
description = "External public IP"
}
variable "vcd_edge_local_ip_nginx" {}
variable "vcd_edge_local_ip_bitrix" {}
variable "vcd_edge_local_ip_nextcloud" {}
variable "vcd_edge_external_network" {}
Zosintha zosiyanasiyana zomwe timalandira kuchokera kwa omwe amapereka.
-
vcd_org_user - dzina lolowera lomwe lili ndi ufulu Woyang'anira Bungwe,
-
vcd_org_password - mawu achinsinsi,
-
vcd_org - dzina la bungwe,
-
vcd_org_vdc - dzina la malo enieni a data,
-
vcd_org_url - API URL,
-
vcd_org_edge_name - dzina la rauta yeniyeni,
-
vcd_org_catalog - dzina la chikwatu chokhala ndi makina enieni,
-
vcd_edge_external_ip - adilesi yapagulu ya IP,
-
vcd_edge_external_network - dzina la netiweki yakunja,
-
vcd_org_hdd_sp - dzina la ndondomeko yosungirako HDD,
-
vcd_org_ssd_sp - dzina la ndondomeko yosungirako SSD.
Ndipo lowetsani zosintha zathu:
-
vcd_edge_local_ip_nginx - IP adilesi yamakina omwe ali ndi NGINX,
-
vcd_edge_local_ip_bitrix - IP adilesi yamakina omwe ali ndi 1C: Bitrix,
-
vcd_edge_local_ip_nextcloud - IP adilesi yamakina omwe ali ndi Nextcloud.
Ndi fayilo yachiwiri timapanga ndikutchula zosintha za VMware vCloud Director module mu fayilo ya vcd.tfvars: Tikumbukire kuti mu chitsanzo chathu timagwiritsa ntchito. , ngati mutagwira ntchito ndi wothandizira wina, yang'anani zomwe zili nawo.
Zomwe zili mu fayilo ya vcd.tfvars.
vcd_org_url = "https://vcloud.mclouds.ru/api"
vcd_org_user = "orgadmin"
vcd_org_password = "*"
vcd = "org"
vcd_org_vdc = "orgvdc"
vcd_org_maxretry_timeout = 60
vcd_org_allow_unverified_ssl = true
vcd_org_catalog = "Templates"
vcd_templateos_centos7 = "CentOS7"
vcd_org_ssd_sp = "Gold Storage Policy"
vcd_org_hdd_sp = "Bronze Storage Policy"
vcd_org_edge_name = "MCLOUDS-EDGE"
vcd_edge_external_ip = "185.17.66.1"
vcd_edge_local_subnet = "192.168.110.0/24"
vcd_edge_local_ip_nginx = "192.168.110.1"
vcd_edge_local_ip_bitrix = "192.168.110.10"
vcd_edge_local_ip_nextcloud = "192.168.110.11"
vcd_edge_external_network = "NET-185-17-66-0"
Network configuration, network.tf.
Zosintha zachilengedwe zakhazikitsidwa, tsopano tikhazikitsa dongosolo lolumikizira makina - tipereka adilesi yachinsinsi ya IP pamakina aliwonse ndikugwiritsa ntchito Destination NAT "kutumiza" madoko ku netiweki yakunja. Kuti tichepetse mwayi wopita kumadoko owongolera, tidzakhazikitsa ma adilesi athu a IP okha.
Chithunzi cha netiweki cha nsanja ya Terraform yomwe ikupangidwa
Timapanga netiweki yagulu yokhala ndi dzina net_lan01, njira yolowera: 192.168.110.254, komanso ndi malo adilesi: 192.168.110.0/24.
Timalongosola maukonde pafupifupi.
resource "vcd_network_routed" "net" {
name = "net_lan01"
edge_gateway = var.vcd_org_edge_name
gateway = "192.168.110.254"
dns1 = "1.1.1.1"
dns2 = "8.8.8.8"
static_ip_pool {
start_address = "192.168.110.1"
end_address = "192.168.110.253"
}
}
Tiyeni tipange malamulo a firewall omwe amalola makina enieni kuti azitha kugwiritsa ntchito intaneti. Mu block iyi, zida zonse zomwe zili mumtambo zitha kugwiritsa ntchito intaneti:
Timalongosola malamulo a VM kupeza intaneti.
resource "vcd_nsxv_firewall_rule" "fw_internet_access" {
edge_gateway = var.vcdorgedgename
name = "Internet Access"
source {
gateway_interfaces = ["internal"]
}
destination {
gateway_interfaces = ["external"]
}
service {
protocol = "any"
}
depends_on = [vcdnetworkrouted.net]
}
Titakhazikitsa kudalira kuti titakonza chipika cha vcdnetworkrouted.net, timapitiliza kukonza chipika cha vcdnsxvfirewallrule., pogwiritsa ntchito kudalira. Timagwiritsa ntchito njirayi chifukwa zodalira zina zitha kudziwika bwino pakukonza.
Kenaka, tidzapanga malamulo omwe amalola kupeza madoko kuchokera ku intaneti yakunja ndikuwonetsa adilesi yathu ya IP yolumikizira kudzera pa SSH kupita ku maseva. Wogwiritsa ntchito intaneti aliyense amatha kupeza madoko 80 ndi 443 pa seva yapaintaneti, ndipo wogwiritsa ntchito adilesi ya IP ya 90.1.15.1 ali ndi mwayi wopita ku madoko a SSH a maseva enieni.
Lolani kupeza madoko kuchokera pa netiweki yakunja.
resource "vcd_nsxv_firewall_rule" "fwnatports" {
edge_gateway = var.vcd_org_edge_name
name = "HTTPs Access"
source {
gateway_interfaces = ["external"]
}
destination {
gateway_interfaces = ["internal"]
}
service {
protocol = "tcp"
port = "80"
}
service {
protocol = "tcp"
port = "443"
}
depends_on = [vcd_network_routed.net]
}
resource "vcd_nsxv_firewall_rule" "fw_nat_admin_ports" {
edge_gateway = var.vcd_org_edge_name
name = "Admin Access"
source {
ip_addresses = [ "90.1.15.1" ]
}
destination {
gateway_interfaces = ["internal"]
}
service {
protocol = "tcp"
port = "58301"
}
service {
protocol = "tcp"
port = "58302"
}
service {
protocol = "tcp"
port = "58303"
}
depends_on = [vcd_network_routed.net]
}
Timapanga malamulo a Source NAT ofikira pa intaneti kuchokera pamtambo wakomweko:
Timalongosola malamulo a Source NAT.
resource "vcd_nsxv_snat" "snat_local" {
edge_gateway = var.vcd_org_edge_name
network_type = "ext"
network_name = var.vcdedgeexternalnetwork
original_address = var.vcd_edge_local_subnet
translated_address = var.vcd_edge_external_ip
depends_on = [vcd_network_routed.net]
}
Ndipo kuti titsirize kasinthidwe ka block network, timawonjezera malamulo a Destination NAT opezera ntchito kuchokera pa netiweki yakunja:
Kuonjezera Malamulo Opita NAT.
resource "vcd_nsxv_dnat" "dnat_tcp_nginx_https" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "NGINX HTTPs"
original_address = var.vcd_edge_external_ip
original_port = 443
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 443
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
resource "vcd_nsxv_dnat" "dnat_tcp_nginx_http" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "NGINX HTTP"
original_address = var.vcd_edge_external_ip
original_port = 80
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 80
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Onjezani lamulo la NAT lomasulira padoko ku seva ya SSH pansi pa Nginx.
resource "vcd_nsxv_dnat" "dnat_tcp-nginx_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH NGINX"
original_address = var.vcd_edge_external_ip
original_port = 58301
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Onjezani lamulo la NAT lomasulira padoko ku seva ya SSH ndi 1C-Bitrix.
resource "vcd_nsxv_dnat" "dnat_tcp_bitrix_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH Bitrix"
original_address = var.vcd_edge_external_ip
original_port = 58302
translated_address = var.vcd_edge_local_ip_bitrix
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Onjezani lamulo la NAT lomasulira padoko ku seva ya SSH ndi Nextcloud.
resource "vcd_nsxv_dnat" "dnat_tcp_nextcloud_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH Nextcloud"
original_address = var.vcd_edge_external_ip
original_port = 58303 translated_address = var.vcd_edge_local_ip_nextcloud
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Main.tf pafupifupi chilengedwe kasinthidwe
Monga tidakonzera koyambirira kwa nkhaniyi, tipanga makina atatu enieni. Adzakonzedwa pogwiritsa ntchito "Makonda Alendo". Tidzakhazikitsa magawo a netiweki molingana ndi makonda omwe tawafotokozera, ndipo mawu achinsinsi ogwiritsira ntchito adzapangidwa okha.
Tiyeni tifotokoze za vApp momwe makina enieniwo adzakhalapo ndi kasinthidwe kawo.
Kusintha kwa makina a Virtual
Tiyeni tipange chidebe cha vApp. Kuti titha kulumikiza vApp ndi VM ku netiweki yeniyeni, timawonjezeranso parameter ya depend_on:
Pangani chidebe
resource "vcd_vapp" "vapp" {
name = "web"
power_on = "true" depends_on = [vcd_network_routed.net]
}
Tiyeni tipange makina enieni okhala ndi kufotokozera
resource "vcd_vapp_vm" "nginx" {
vapp_name = vcd_vapp.vapp.name
name = "nginx"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_nginx
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "32768"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
Zofunikira zazikulu pakulongosola kwa VM:
-
dzina - dzina la makina enieni,
-
vappname - dzina la vApp momwe mungawonjezere VM yatsopano,
-
catalogname / templatename - catalog dzina ndi makina enieni template dzina,
-
storageprofile - mfundo zosunga zokhazikika.
Network block parameters:
-
mtundu - mtundu wa netiweki yolumikizidwa,
-
dzina - ndi netiweki yotani yolumikizira VM,
-
isprimary - adaputala yoyamba ya netiweki,
-
ipallocation_mode - MANUAL / DHCP / POOL njira yogawa adilesi,
-
ip - IP adilesi ya makina enieni, tidzafotokoza pamanja.
override_template_disk block:
-
sizeinmb - kukula kwa disk boot kwa makina enieni
-
storage_profile - ndondomeko yosungirako disk
Tiyeni tipange VM yachiwiri ndikufotokozera za kusungidwa kwa fayilo ya Nextcloud
resource "vcd_vapp_vm" "nextcloud" {
vapp_name = vcd_vapp.vapp.name
name = "nextcloud"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_nextcloud
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "32768"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
resource "vcd_vm_internal_disk" "disk1" {
vapp_name = vcd_vapp.vapp.name
vm_name = "nextcloud"
bus_type = "paravirtual"
size_in_mb = "102400"
bus_number = 0
unit_number = 1
storage_profile = var.vcd_org_hdd_sp
allow_vm_reboot = true
depends_on = [ vcd_vapp_vm.nextcloud ]
}
Mu gawo la vcdvminternal_disk tidzafotokozera disk yatsopano yomwe imalumikizidwa ndi makina enieni.
Kufotokozera kwa vcdvminternaldisk block:
-
bustype - disk controller mtundu
-
sizeinmb - kukula kwa disk
-
busnumber / unitnumber - malo olumikizirana mu adaputala
-
storage_profile - ndondomeko yosungirako disk
Tiyeni tifotokoze zaposachedwa kwambiri za VM pa Bitrix
resource "vcd_vapp_vm" "bitrix" {
vapp_name = vcd_vapp.vapp.name
name = "bitrix"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_bitrix
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "81920"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
Kusintha OS ndikuyika zolemba zina
Maukonde akonzedwa, makina enieni akufotokozedwa. Tisanalowetse katundu wathu, titha kuchita zoyambira pasadakhale pogwiritsa ntchito ma blocker komanso osagwiritsa ntchito Ansible.
Tiyeni tiwone momwe mungasinthire OS ndikuyendetsa CMS Bitrix script pogwiritsa ntchito blocker block.
Choyamba, tiyeni tiyike mapepala osintha a CentOS.
resource "null_resource" "nginx_update_install" {
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.nginx.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58301"
timeout = "30s"
}
inline = [
"yum -y update && yum -y upgrade",
"yum -y install wget nano epel-release net-tools unzip zip" ]
}
}
}
Kusankhidwa kwa zigawo:
-
provider "remote-exec" - kulumikiza chipika chopereka chakutali
-
Mu block block timafotokoza mtundu ndi magawo a kulumikizana:
-
mtundu - protocol, kwa ife SSH;
-
wosuta - dzina;
-
password - password ya ogwiritsa. Kwa ife, timalozera ku parameter vcdvappvm.nginx.customization[0].admin_password, yomwe imasunga mawu achinsinsi opangidwa kwa wogwiritsa ntchito dongosolo.
-
host - adilesi yakunja ya IP yolumikizira;
-
doko - doko lolumikizira, lomwe lidanenedwa kale muzokonda za DNAT;
-
pamzere - lembani mndandanda wa malamulo omwe adzalowe. Malamulowa adzalowetsedwa mwadongosolo monga momwe zasonyezedwera m'gawoli.
Mwachitsanzo, tiyeni tiwonjezere script ya 1C-Bitrix. Zotsatira za zotsatira za script zidzapezeka pamene dongosolo likugwira ntchito. Kuti tiyike script, choyamba tikufotokozera chipikacho:
Tiyeni tifotokoze kukhazikitsidwa kwa 1C-Bitrix.
provisioner "file" {
source = "prepare.sh"
destination = "/tmp/prepare.sh"
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.nginx.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58301"
timeout = "30s"
}
}
provisioner "remote-exec" {
inline = [
"chmod +x /tmp/prepare.sh", "./tmp/prepare.sh"
]
}
Ndipo tidzafotokozera nthawi yomweyo kusintha kwa Bitrix.
Chitsanzo cha kupereka kwa 1C-Bitrix.
resource "null_resource" "install_update_bitrix" {
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.bitrix.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58302"
timeout = "60s"
}
inline = [
"yum -y update && yum -y upgrade",
"yum -y install wget nano epel-release net-tools unzip zip",
"wget http://repos.1c-bitrix.ru/yum/bitrix-env.sh -O /tmp/bitrix-env.sh",
"chmod +x /tmp/bitrix-env.sh",
"/tmp/bitrix-env.sh"
]
}
}
Zofunika! Zolemba sizingagwire ntchito ngati simuletsa SELinux pasadakhale! Ngati mukufuna nkhani yatsatanetsatane pakukhazikitsa ndikusintha CMS 1C-Bitrix pogwiritsa ntchito bitrix-env.sh, mutha .
3. Kukhazikitsa maziko
Kuyambitsa ma modules ndi mapulagini
Kuntchito, timagwiritsa ntchito "chida cha gentleman": laputopu yokhala ndi Windows 10 OS ndi zida zogawa kuchokera patsamba lovomerezeka. . Tiyeni titulutse ndikuyambitsa pogwiritsa ntchito lamulo: terraform.exe init
Pambuyo pofotokoza za makompyuta ndi maukonde, timayamba kukonzekera kuyesa kasinthidwe kathu, komwe tingathe kuona zomwe zidzapangidwe komanso momwe zidzagwirizanirana wina ndi mzake.
-
Perekani lamulo
- terraform plan -var-file=vcd.tfvars. -
Timapeza zotsatira
- Plan: 16 to add, 0 to change, 0 to destroy.Ndiye kuti, malinga ndi dongosololi, zida 16 zidzapangidwa. -
Timakhazikitsa dongosolo pa lamulo
- terraform.exe apply -var-file=vcd.tfvars.
Makina owoneka bwino adzapangidwa, kenako maphukusi omwe tawalembawo adzaperekedwa mkati mwa gawo loperekera - OS idzasinthidwa ndipo CMS Bitrix idzakhazikitsidwa.
Kulandila zambiri zamalumikizidwe
Pambuyo pochita pulaniyo, tikufuna kulandira zidziwitso m'mawu kuti tilumikizane ndi ma seva, chifukwa cha izi tidzapanga gawo lotulutsa motere:
output "nginxpassword" {
value = vcdvappvm.nginx.customization[0].adminpassword
}
Ndipo zotsatira zotsatirazi zimatiuza mawu achinsinsi pamakina omwe adapangidwa:
Outputs: nginx_password = F#4u8!!N
Zotsatira zake, timapeza makina enieni omwe ali ndi makina ogwiritsira ntchito osinthidwa komanso phukusi lokhazikitsidwa kale kuti tigwire ntchito ina. Zonse zakonzeka!
Koma bwanji ngati muli ndi zida zomwe zilipo kale?
3.1. Terraform yogwira ntchito ndi zomangamanga zomwe zilipo
Ndizosavuta, mutha kuitanitsa makina omwe alipo komanso zotengera zawo za vApp pogwiritsa ntchito lamulo lolowetsa.
Tiyeni tifotokoze gwero la vAPP ndi makina enieni.
resource "vcd_vapp" "Monitoring" {
name = "Monitoring"
org = "mClouds"
vdc = "mClouds"
}
resource "vcd_vapp_vm" "Zabbix" {
name = "Zabbix"
org = "mClouds"
vdc = "mClouds"
vapp = "Monitoring"
}
Chotsatira ndicho kuitanitsa katundu wa vApp chuma mu mtundu vcdvapp.<vApp> <org>.<orgvdc>.<vApp>,ku:
-
vApp - vApp dzina;
-
org - dzina la bungwe;
-
org_vdc - dzina la malo enieni a data.
Kulowetsa katundu wa vAPP
Tiyeni tilowetse katundu wa VM mumtundu: vcdvappvm.<VM> <org>.<orgvdc>.<vApp>.<VM>, momwe:
-
VM - dzina la VM;
-
vApp - vApp dzina;
-
org - dzina la bungwe;
-
orgvdc ndi dzina la virtual data center.
Kuitanitsa kunapambana
C:UsersMikhailDesktopterraform>terraform import vcd_vapp_vm.Zabbix mClouds.mClouds.Monitoring.Zabbix
vcd_vapp_vm.Zabbix: Importing from ID "mClouds.mClouds.Monitoring.Zabbix"...
vcd_vapp_vm.Zabbix: Import prepared!
Prepared vcd_vapp_vm for import
vcd_vapp_vm.Zabbix: Refreshing state... [id=urn:vcloud:vm:778f4a89-1c8d-45b9-9d94-0472a71c4d1f]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
Tsopano titha kuyang'ana zatsopano zomwe zatumizidwa kunja:
Zida zochokera kunja
> terraform show
...
# vcd_vapp.Monitoring:
resource "vcd_vapp" "Monitoring" {
guest_properties = {}
href = "https://vcloud.mclouds.ru/api/vApp/vapp-fe5db285-a4af-47c4-93e8-55df92f006ec"
id = "urn:vcloud:vapp:fe5db285-a4af-47c4-93e8-55df92f006ec"
ip = "allocated"
metadata = {}
name = "Monitoring"
org = "mClouds"
status = 4
status_text = "POWERED_ON"
vdc = "mClouds"
}
β¦
# vcd_vapp_vm.Zabbix:
resource "vcd_vapp_vm" "Zabbix" {
computer_name = "Zabbix"
cpu_cores = 1
cpus = 2
expose_hardware_virtualization = false
guest_properties = {}
hardware_version = "vmx-14"
href = "https://vcloud.mclouds.ru/api/vApp/vm-778f4a89-1c8d-45b9-9d94-0472a71c4d1f"
id = "urn:vcloud:vm:778f4a89-1c8d-45b9-9d94-0472a71c4d1f"
internal_disk = [
{
bus_number = 0
bus_type = "paravirtual"
disk_id = "2000"
iops = 0
size_in_mb = 122880
storage_profile = "Gold Storage Policy"
thin_provisioned = true
unit_number = 0
},
]
memory = 8192
metadata = {}
name = "Zabbix"
org = "mClouds"
os_type = "centos8_64Guest"
storage_profile = "Gold Storage Policy"
vapp_name = "Monitoring"
vdc = "mClouds"
customization {
allow_local_admin_password = true
auto_generate_password = true
change_sid = false
enabled = false
force = false
join_domain = false
join_org_domain = false
must_change_password_on_first_login = false
number_of_auto_logons = 0
}
network {
adapter_type = "VMXNET3"
ip_allocation_mode = "DHCP"
is_primary = true
mac = "00:50:56:07:01:b1"
name = "MCLOUDS-LAN01"
type = "org"
}
}
Tsopano ndife okonzeka - tamaliza ndi mfundo yomaliza (kulowetsa mu zomangamanga zomwe zilipo) ndipo taganizira mfundo zazikulu zonse zogwirira ntchito ndi Terraform.
Chidacho chinakhala chothandiza kwambiri ndipo chimakupatsani mwayi wofotokozera zachitukuko chanu monga ma code, kuyambira pamakina enieni amtundu umodzi wopereka mtambo mpaka pofotokoza zazinthu zama network.
Panthawi imodzimodziyo, kudziyimira pawokha kuchokera ku chilengedwe kumapangitsa kuti zitheke kugwira ntchito ndi malo am'deralo, mtambo, komanso kuyang'anira nsanja. Ndipo ngati palibe nsanja yothandizidwa ndipo mukufuna kuwonjezera ina, mutha kulemba omwe akukupatsani ndikuigwiritsa ntchito.
Source: www.habr.com