ProHoster > Blog > Pulega > Fa'atauga Terraform Selectel

Fa'atauga Terraform Selectel

Fa'atauga Terraform Selectel

Ua matou fa'alauiloa se kamupani fa'apitoa Terraform e galulue ma Selectel. O lenei oloa e mafai ai e tagata fa'aoga ona fa'atino atoatoa le puleaina o puna'oa e ala i le Infrastructure-as-code methodology.

O lo'o lagolagoina e le 'au'aunaga i le taimi nei le pulega o puna'oa "Virtual private cloud" (e ta'ua mulimuli ane o le VPC). I le lumanaʻi, matou te fuafua e faʻaopoopo le pulega o punaoa mo isi auaunaga na saunia e Selectel.

E pei ona e iloa, o le VPC auaunaga o loʻo fausia ile OpenStack. Ae ui i lea, ona o le mea moni e le tuʻuina atu e OpenStack meafaigaluega faʻapitoa mo le tautuaina o le ao lautele, matou te faʻatinoina galuega o loʻo misi i se seti o API faʻaopoopo e faʻafaigofie ai le puleaina o mea faʻapipiʻi lavelave ma faʻafaigofie le galuega. O nisi o galuega o loʻo maua i OpenStack ua tapunia mai le faʻaoga tuusaʻo, ae o loʻo avanoa e ala i matou API.

O le kamupani Selectel Terraform ua aofia nei le tomai e pulea ai punaoa VPC nei:

  • galuega faatino ma a latou tau;
  • tagata fa'aoga, o latou matafaioi ma fa'ailoga;
  • subnets lautele, e aofia ai fa'aitulagi fa'aitumalo ma VRRP;
  • laisene polokalame.

E fa'aaoga e le kamupani le matou faletusi a le Go lautele e galulue ai ma le VPC API. O le faletusi ma le kamupani lava ia e tatala-punaoa, o latou atinaʻe o loʻo faia i luga o Github:

Ina ia pulea isi punaoa ao, e pei o masini komepiuta, tisiki, fuifui Kubernetes, e mafai ona e faʻaogaina le OpenStack Terraform provider. O fa'amaumauga aloa'ia mo 'au'aunaga uma e lua o lo'o avanoa i so'oga nei:

Amataina

Ina ia amata, e tatau ona e faʻapipiʻi Terraform (faʻatonuga ma fesoʻotaʻiga i faʻapipiʻi afifi e mafai ona maua ile faʻapitonuʻu aloaia).

Ina ia faʻagaioia, e manaʻomia e le kamupani se ki API Selectel, lea e fatuina i totonu laulau e pulea ai teugatupe.

Faʻaaliga mo le galulue faʻatasi ma Selectel e faia e faʻaaoga ai Terraform poʻo le faʻaaogaina o se seti o faʻataʻitaʻiga ua saunia o loʻo avanoa i totonu o le matou Github repository: fa'ata'ita'iga-tereraform.

O le fale teu oloa ma faʻataʻitaʻiga ua vaevaeina i ni lisi se lua:

  • modules, o loʻo i ai ni faʻaoga laiti e mafai ona faʻaaogaina e ave ai se seti o taʻiala e fai ma faʻaoga ma pulea se seti o punaoa;
  • faataitaiga, o loʻo i ai faʻataʻitaʻiga o se seti atoatoa o modules fesoʻotaʻi.

A maeʻa ona faʻapipiʻi Terraform, fatuina se Selectel API key ma faʻamasani oe i faʻataʻitaʻiga, seʻi o tatou agai i luma i faʻataʻitaʻiga faʻatino.

O se faʻataʻitaʻiga o le fatuina o se 'auʻaunaga ma se tisiki faʻapitonuʻu

Sei o tatou vaʻai i se faʻataʻitaʻiga o le fatuina o se poloketi, o se tagata faʻaoga ma se matafaioi ma se masini masini ma se tisiketi i le lotoifale: terraform-examples/examples/vpc/server_local_root_disk.

I le faila vars.tf o fa'auma uma o le a fa'aaogaina pe a vala'au modules o lo'o fa'amatalaina. O nisi oi latou o loʻo i ai tulaga faʻaletonu, mo se faʻataʻitaʻiga, o le a faia le server i le sone ru-3a fa'atasi ai ma le fa'atulagaga nei:

variable "server_vcpus" {
default = 4
}

variable "server_ram_mb" {
default = 8192
}

variable "server_root_disk_gb" {
default = 8
}

variable "server_image_name" {
default = "Ubuntu 18.04 LTS 64-bit"
}

I le faila autu.tf Ua amataina le kamupani Selectel:

provider "selectel" {
token    = "${var.sel_token}"
}

O lenei faila o loʻo i ai foi le tau le aoga mo le SSH key o le a faʻapipiʻi i luga o le server:

module "server_local_root_disk" {
...
server_ssh_key      = "${file("~/.ssh/id_rsa.pub")}"
}

Afai e manaʻomia, e mafai ona e faʻamaonia se isi faʻamatalaga lautele. O le ki e le tatau ona faʻamaonia o se ala faila; e mafai foi ona e faʻaopoopoina le tau o se manoa.

E le gata i lea i totonu o lenei faila ua faʻalauiloaina modules project_with_user и server_local_root_disk, lea e pulea punaoa talafeagai.

Se'i o tatou va'ai atili i nei modules.

Fausia se poloketi ma se tagata faʻaoga ma se matafaioi

O le module muamua e fatuina se poloketi ma se tagata faʻaoga ma se matafaioi i lena poloketi: terraform-examples/modules/vpc/project_with_user.

O le a mafai e le tagata faʻaogaina ona faʻaoga i OpenStack ma pulea ana punaoa. E faigofie le module ma e na'o le tolu vaega e pulea:

  • filifili_vpc_project_v2,
  • filifili_vpc_user_v2,
  • filifili_vpc_role_v2.

Fausiaina o se masini komepiuta ma le tisiki fa'apitonu'u

O le vaega lona lua e faʻatatau i le puleaina o mea OpenStack, lea e manaʻomia e fausia ai se 'auʻaunaga ma se tisiki i le lotoifale.

E tatau ona e gauai atu i nisi o finauga o loʻo faʻamaonia i lenei module mo le punaoa openstack_compute_instance_v2:

resource "openstack_compute_instance_v2" "instance_1" {
  ...

  lifecycle {
    ignore_changes = ["image_id"]
  }

  vendor_options {
    ignore_resize_confirmation = true
  }
}

Manatu finau ignore_changes fa'atagaina oe e le amana'ia suiga o uiga id mo le ata na faʻaaogaina e fatu ai le masini komepiuta. I le auaunaga VPC, o le tele o ata lautele e otometi ona faʻafouina faʻatasi i le vaiaso ma i le taimi lava e tasi latou id suiga foi. E mafua lenei mea ona o uiga faʻapitoa o le OpenStack component - Glance, lea e taʻua ai ata o mea e le mafai ona suia.

Afai o lo'o e faia pe suia se 'au'aunaga po'o se tisiki o lo'o iai e fai ma finauga image_id e faʻaaoga id ata lautele, a maeʻa ona faʻafouina lena ata, toe faʻaogaina le Terraform manifest o le a toe faia ai le server poʻo le disk. Fa'aaogaina o se finauga ignore_changes e mafai ai ona e aloese mai se tulaga faapena.

Manatua: finauga ignore_changes na aliali mai i Terraform i se taimi ua leva: toso#2525.

Manatu finau ignore_resize_confirmation e mana'omia e fa'alelei ai le fa'ailoga o le tisiki fa'apitonu'u, cores, po'o le manatua o le server. O ia suiga e faia e ala i le OpenStack Nova vaega e faʻaaoga ai se talosaga toe faʻafou. Fa'atonu Nova pe a uma ona talosaga toe faʻafou tuu le server i le tulaga verify_resize ma faʻatali mo faʻamaoniga faaopoopo mai le tagata faʻaoga. Ae ui i lea, o lenei amio e mafai ona suia ina ia le faatali Nova mo ni gaioiga faaopoopo mai le tagata faʻaoga.

O le finauga faʻamaonia e mafai ai e Terraform ona le faʻatali mo le tulaga verify_resize mo le 'auʻaunaga ma saunia mo le 'auʻaunaga ina ia i ai i se tulaga malosi pe a uma ona suia ona faʻamau. E maua le finauga mai le version 1.10.0 o le OpenStack Terraform provider: toso#422.

Fausia Punaoa

Aʻo leʻi faʻatinoina le faʻaaliga, faʻamolemole ia maitauina i la matou faʻataʻitaʻiga, e lua kamupani tuʻufaʻatasia e faʻalauiloaina, ma o le OpenStack provider e faʻalagolago i punaoa a le Selectel provider, talu ai e aunoa ma le fatuina o se tagata faʻaoga i le poloketi, e le mafai ona pulea mea e iai. . Ae paga lea, mo le mafuaʻaga lava e tasi e le mafai ona tatou faʻatautaia le poloaiga fa'aaoga le terraform i totonu o la tatou faataitaiga. E tatau ona tatou faia muamua faʻaaoga mo module project_with_user ma mulimuli ane mo isi mea uma.

Manatua: O lenei mataupu e leʻi foia i Terraform, e mafai ona e mulimuli i le talanoaga ile Github ile lomiga#2430 и lomiga#4149.

Ina ia fatuina punaoa, alu i le lisi terraform-examples/examples/vpc/server_local_root_disk, o mea o lo'o i totonu e tatau ona fa'apea:

$ ls
README.md	   main.tf		vars.tf

Matou te amataina ia modules e faʻaaoga ai le poloaiga:

$ terraform init

O le fa'atinoga o lo'o fa'aalia ai o le Terraform o lo'o la'uina i lalo fa'amatalaga lata mai a kamupani o lo'o fa'aogaina ma siaki uma modules o lo'o fa'amatalaina i le fa'ata'ita'iga.

Muamua tatou faʻaoga le module project_with_user. O lenei mea e manaʻomia ai le pasi lima lima mo fesuiaiga e leʻi setiina:

  • sel_account fa'atasi ai ma lau numera fa'amatalaga Selectel;
  • sel_token ma lau ki mo Selectel API;
  • user_password fa'atasi ai ma se fa'aupuga mo le tagata fa'aoga OpenStack.

O tau mo suiga muamua e lua e tatau ona ave mai laulau fa'atonu.

Mo le fesuiaiga mulimuli, e mafai ona e sau i luga o soʻo se upu faʻaulutalatala.

Mo le fa'aogaina o le module e te mana'omia le sui o tau SEL_ACCOUNT, SEL_TOKEN и USER_PASSWORD fa'atino le fa'atonuga:

$ env 
TF_VAR_sel_account=SEL_ACCOUNT 
TF_VAR_sel_token=SEL_TOKEN 
TF_VAR_user_password=USER_PASSWORD 
terraform apply -target=module.project_with_user

A maeʻa le faʻatonuga, o le a faʻaalia e Terraform mea e manaʻo e fai ma fesili mo se faʻamaoniga:

Plan: 3 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.

Enter a value: yes

O le taimi lava e fausia ai le poloketi, tagata faʻaoga ma matafaioi, e mafai ona e amata fatuina punaoa o totoe:

$ env 
TF_VAR_sel_account=SEL_ACCOUNT 
TF_VAR_sel_token=SEL_TOKEN 
TF_VAR_user_password=USER_PASSWORD 
terraform apply

Pe a fatuina punaoa, faʻalogo i le Terraform output ma le tuatusi IP fafo lea e mafai ona maua ai le server na faia:

module.server_local_root_disk.openstack_networking_floatingip_associate_v2.association_1: Creating...
  floating_ip: "" => "x.x.x.x"

E mafai ona e galue faʻatasi ma le masini mataʻutia na faia e ala i le SSH e faʻaaoga ai le IP faʻamaonia.

Fa'atonu Punaoa

I le faaopoopo atu i le fatuina o punaoa e ala i Terraform, e mafai foi ona suia.

Mo se faʻataʻitaʻiga, seʻi o tatou faʻateleina le numera o cores ma manatua mo la tatou 'auʻaunaga e ala i le suia o tau mo faʻamaufaʻailoga. server_vcpus и server_ram_mb i faila examples/vpc/server_local_root_disk/main.tf:

-  server_vcpus        = "${var.server_vcpus}"
-  server_ram_mb       = "${var.server_ram_mb}"
+  server_vcpus        = 8
+  server_ram_mb       = 10240

A maeʻa lenei, matou siaki poʻo a suiga o le a taʻitaʻia ai le faʻaaogaina o le poloaiga lenei:

$ env 
TF_VAR_sel_account=SEL_ACCOUNT 
TF_VAR_sel_token=SEL_TOKEN 
TF_VAR_user_password=USER_PASSWORD 
terraform plan

O se taunuuga, na faia e Terraform se suiga o punaoa openstack_compute_instance_v2 и openstack_compute_flavor_v2.

Faamolemole ia matau o lenei mea o le a aofia ai le toe faʻafouina o le masini komepiuta na faia.

Ina ia faʻaogaina le faʻaoga fou o masini masini, faʻaaoga le poloaiga fa'aaoga le terraform, lea ua uma ona matou tatalaina muamua.

O mea uma na faia o le a faʻaalia i totonu VPC fa'atonu vaega:

Fa'atauga Terraform Selectel

I la matou fale fa'ata'ita'iga E mafai fo'i ona e va'ai fa'aaliga mo le fa'atupuina o masini mata'utia ma ta'avale feso'otaiga.

Fa'ata'ita'iga o le fa'atupuina o se fuifui Kubernetes

Ae tatou te leʻi agai i luma i le isi faʻataʻitaʻiga, o le a tatou faʻamamaina punaoa na tatou fatuina muamua. Ina ia faia lenei mea i le aʻa o le poloketi terraform-examples/examples/vpc/server_local_root_disk Sei o tatou taʻavale le poloaiga e tape mea OpenStack:

$ env 
TF_VAR_sel_account=SEL_ACCOUNT 
TF_VAR_sel_token=SEL_TOKEN 
TF_VAR_user_password=USER_PASSWORD 
terraform destroy -target=module.server_local_root_disk

Ona fa'asolo lea o le fa'atonuga e fa'amama ai mea Filifili VPC API:

$ env 
TF_VAR_sel_account=SEL_ACCOUNT 
TF_VAR_sel_token=SEL_TOKEN 
TF_VAR_user_password=USER_PASSWORD 
terraform destroy -target=module.project_with_user

I tulaga uma e lua, e tatau ona e faʻamaonia le tapeina o mea uma:

Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.

Enter a value: yes

O le faʻataʻitaʻiga lea o loʻo i totonu o le lisi terraform-examples/examples/vpc/kubernetes_cluster.

O lenei fa'ata'ita'iga e fa'atupuina ai se poloketi, o se tagata fa'aoga e iai sona sao i totonu o le poloketi, ma fa'atupuina le tasi vaega Kubernetes. I le faila vars.tf e mafai ona e vaʻai i tulaga faʻaletonu, e pei o le numera o nodes, o latou uiga, Kubernetes version, etc.

Ina ia fatuina punaoa tutusa ma le faʻataʻitaʻiga muamua, muamua o le a tatou amata amataina modules ma fatuina punaoa module project_with_userona faia lea o isi mea uma:

$ terraform init

$ env 
TF_VAR_sel_account=SEL_ACCOUNT 
TF_VAR_sel_token=SEL_TOKEN 
TF_VAR_user_password=USER_PASSWORD 
terraform apply -target=module.project_with_user

$ env 
TF_VAR_sel_account=SEL_ACCOUNT 
TF_VAR_sel_token=SEL_TOKEN 
TF_VAR_user_password=USER_PASSWORD 
terraform apply

O le a matou faʻafeiloaʻi le fausiaina ma le puleaina o fuifui Kubernetes e ala i le vaega OpenStack Magnum. E mafai ona e su'esu'e atili pe fa'apefea ona galue ma se fuifui i se tasi o matou tala muamuafaʻapea foʻi i totonu faavae malamalama.

Pe a saunia le fuifui, o le a fausia tisiki ma masini masini ma faʻapipiʻi uma vaega talafeagai. O sauniuniga e tusa ma le 4 minute, o le taimi lea e faʻaalia ai e Terraform savali e pei o:

module.kubernetes_cluster.openstack_containerinfra_cluster_v1.cluster_1: Still creating... (3m0s elapsed)

A maeʻa le faʻapipiʻi, o le a faʻaalia e Terraform ua sauni le fuifui ma faʻaalia lona ID:

module.kubernetes_cluster.openstack_containerinfra_cluster_v1.cluster_1: Creation complete after 4m20s (ID: 3c8...)

Apply complete! Resources: 6 added, 0 changed, 0 destroyed.

E pulea le fa'aputuga Kubernetes na faia e ala ile aoga kubectl e mana'omia ona e maua le faila avanoa fa'apipi'i. Ina ia faia lenei mea, alu i le poloketi na faia e ala i Terraform i le lisi o galuega faatino i lau teugatupe:

Fa'atauga Terraform Selectel

Sosoo ai, mulimuli i le sootaga pei xxxxxx.selvpc.rulea e aliali mai i lalo ole igoa ole poloketi:

Fa'atauga Terraform Selectel

Mo fa'amatalaga saini, fa'aoga le igoa ole igoa ma le fa'aupuga na e faia e ala ile Terraform. Afai e te le'i fa'a'ole'ole vars.tf poʻo autu.tf mo la tatou faʻataʻitaʻiga, o le a maua e le tagata faʻaoga le igoa tf_user. E tatau ona e faʻaogaina le tau o le fesuiaiga e fai ma upu faʻaulu TF_VAR_user_password, lea na faʻamaonia i le amataga fa'aaoga le terraform muamua

I totonu o le galuega faatino e tatau ona e alu i le tab Kubernetes:

Fa'atauga Terraform Selectel

O le mea lea o loʻo i ai le fuifui na faia e ala i Terraform. La'u faila mo kubectl e mafai i luga o le "Access" tab:

Fa'atauga Terraform Selectel

O faʻatonuga faʻapipiʻi o loʻo maua i luga o le laupepa tutusa. kubectl ma le faʻaaogaina o le laiga config.yaml.

Ina ua maeʻa tatalaina kubectl ma le setiina o le fesuiaiga o le siosiomaga KUBECONFIG e mafai ona e faʻaogaina Kubernetes:

$ kubectl get pods --all-namespaces

NAMESPACE        NAME                                    READY  STATUS  RESTARTS AGE
kube-system   coredns-9578f5c87-g6bjf                      1/1   Running   0 8m
kube-system   coredns-9578f5c87-rvkgd                     1/1   Running   0 6m
kube-system   heapster-866fcbc879-b6998                 1/1   Running   0 8m
kube-system   kube-dns-autoscaler-689688988f-8cxhf             1/1   Running   0 8m
kube-system   kubernetes-dashboard-7bdb5d4cd7-jcjq9          1/1   Running   0 8m
kube-system   monitoring-grafana-84c97bb64d-tc64b               1/1   Running   0 8m
kube-system   monitoring-influxdb-7c8ccc75c6-dzk5f                1/1   Running   0 8m
kube-system   node-exporter-tf-cluster-rz6nggvs4va7-minion-0 1/1   Running   0 8m
kube-system   node-exporter-tf-cluster-rz6nggvs4va7-minion-1 1/1   Running   0 8m
kube-system   openstack-cloud-controller-manager-8vrmp        1/1   Running   3 8m
prometeus-monitoring   grafana-76bcb7ffb8-4tm7t       1/1   Running   0 8m
prometeus-monitoring   prometheus-75cdd77c5c-w29gb           1/1   Running   0 8m

Ole numera ole fuifui nodes e faigofie ona suia ile Terraform.
I le faila autu.tf o le tau o loʻo faʻamaonia mai:

cluster_node_count = "${var.cluster_node_count}"

O lenei tau e suitulaga mai vars.tf:

variable "cluster_node_count" {
default = 2
}

E mafai ona e suia le tau fa'aletonu ile vars.tf, pe fa'amaoti sa'o le tau mana'omia i totonu autu.tf:

-  cluster_node_count = "${var.cluster_node_count}"
+  cluster_node_count = 3

Ina ia faʻaoga suiga, e pei o le tulaga o le faʻataʻitaʻiga muamua, faʻaaoga le poloaiga fa'aaoga le terraform:

$ env 
TF_VAR_sel_account=SEL_ACCOUNT 
TF_VAR_sel_token=SEL_TOKEN 
TF_VAR_user_password=USER_PASSWORD 
terraform apply

Pe a suia le numera o nodes, o le a tumau pea le fuifui avanoa. A maeʻa ona faʻaopoopoina se node e ala i Terraform, e mafai ona e faʻaogaina e aunoa ma se faʻaopoopo faʻaopoopo:

$ kubectl get nodes
NAME                               STATUS                     ROLES     AGE   VERSION
tf-cluster-rz6nggvs4va7-master-0   Ready,SchedulingDisabled   master    8m    v1.12.4
tf-cluster-rz6nggvs4va7-minion-0   Ready                      <none>    8m    v1.12.4
tf-cluster-rz6nggvs4va7-minion-1   Ready                      <none>    8m    v1.12.4
tf-cluster-rz6nggvs4va7-minion-2   Ready                      <none>    3m    v1.12.4

iʻuga

I lenei tusiga na matou masani i auala autu e galulue ai "Virtual private cloud" e ala i Terraform. Matou te fiafia pe a e faʻaogaina le kamupani Selectel Terraform ma tuʻuina atu faʻamatalaga.

So'o se fa'ailoga e maua i le Selectel Terraform provider e mafai ona lipotia e ala i Fa'afitauli Github.

puna: www.habr.com

Faaopoopo i ai se faamatalaga