Muchinyorwa chino tichatarisa kuti Terraform ine chii, uye zvakare zvishoma nezvishoma kuvhura yedu yezvivakwa - tichagadzirira maVM matatu nezvinangwa zvakasiyana: proxy, faira rekuchengetedza uye CMS.
Nezve zvese zvakadzama uye mumatanho matatu:
1. Terraform - tsananguro, zvakanakira uye zvikamu
Terraform ndeye IaC (Infrastructure-as-Code) chishandiso chekuvaka uye kugadzirisa chaiwo masikirwo uchishandisa kodhi.
Takaona zvakati wandei zvakanakira kushanda nechokushandisa:
-
Deployment speed yevaroja vatsva (custom virtual environments). Kazhinji, kana vatengi vatsva varipo, ndipo pakanyanya "kudzvanya" vashandi vekutsigira tekinoroji vanofanirwa kugadzira kuburitsa zviwanikwa zvitsva. NeTerraform, vashandisi vanogona kushandura zvigadziriso zvemuchina (semuenzaniso, kudzima OS uye kuwedzera iyo virtual disk partition) pasina kuda rubatsiro rwehunyanzvi kana kudzima muchina pachawo.
-
Instant verification yechirongwa chekusimudzira Muroja mutsva. Tichishandisa tsananguro yekodhi yezvivakwa, tinokwanisa kukurumidza kutarisa izvo zvichawedzerwa uye muhurongwa hupi, uye mune yekupedzisira mamiriro aya kana iwo chaiwo muchina kana virtual network ine chinongedzo kumashini chaiwo ichave.
-
Kugona kutsanangura anonyanya kufarirwa makore mapuratifomu. Unogona kushandisa chishandiso kubva kuAmazon neGoogle Cloud, kuenda kumapuratifomu akavanzika akavakirwa paVMware vCloud Director, achipa masevhisi mukati meIaaS, SaaS uye PaaS mhinduro.
-
Tonga akawanda makore vanopa uye kugovera zvivakwa pakati pavo kuvandudza kukanganisa kushivirira, uchishandisa imwe chete gadziriso kugadzira, kuongorora uye kubata makore zviwanikwa.
-
Iri nyore kushandiswa kugadzira demo mastand yekuongorora software uye kugadzirisa. Iwe unogona kugadzira uye kuendesa zvimire zvedhipatimendi rekuyedza, bvunzo software munzvimbo dzakasiyana dzakafanana, uye ipapo shandura nekudzima zviwanikwa nekugadzira imwe chete sosi yekuvaka chirongwa.
"Terrarium" Terraform
Isu takataura muchidimbu nezvezvakanakira chishandiso, zvino ngatizvitsemure muzvikamu zvayo
Vanopa.
MuTerraform, ingangoita chero mhando yezvivakwa inogona kumiririrwa sesosi. Kubatana pakati pezviwanikwa uye API papuratifomu inopihwa nevanopa modules, iyo inobvumidza iwe kugadzira zviwanikwa mukati meimwe puratifomu, semuenzaniso, Azure kana VMware vCloud Director.
Sechikamu chepurojekiti, unogona kutaurirana nevanopa vakasiyana pamapuratifomu akasiyana.
Zviwanikwa (resource tsananguro).
Tsanangudzo yezviwanikwa inobvumidza iwe kubata papuratifomu zvikamu, senge chaiwo muchina kana network.
Iwe unogona kugadzira tsananguro yechishandiso yeVMware vCloud Director iwe pachako uye shandisa tsananguro iyi kugadzira zviwanikwa nechero mupi wekutambira anoshandisa vCloud Director. Iwe unongoda kushandura maparamendi echokwadi uye network yekubatanidza paramita kune inodiwa yekubata mupi
Provider.
Ichi chikamu chinoita kuti zvikwanise kuita mashandiro ekutanga kuisirwa nekuchengetedza sisitimu yekushandisa mushure mekugadzira chaiwo michina. Kana uchinge wagadzira chaiyo muchina sosi, unogona kushandisa vanogadzira kugadzirisa uye kubatana kuburikidza neSSH, gadziridza sisitimu yekushandisa, uye dhawunirodha uye mhanyisa script.
Input uye Output variables.
Input variables - mabhidhiyo ekuisa kune chero mhando dze block.
Mhedzisiro inobuda inobvumidza iwe kuchengetedza kukosha mushure mekugadzira zviwanikwa uye inogona kushandiswa seyakasiyana-siyana mune mamwe ma module, semuenzaniso muProvisioners block.
States.
States mafaera anochengeta ruzivo nezve kumisikidzwa kwevanopa papuratifomu zviwanikwa. Apo chikuva chakatanga kugadzirwa, hapana ruzivo pamusoro pezviwanikwa uye kusati kwaitwa chero basa, Terraform inovandudza hurumende nehupfumi chaihwo hwezviwanikwa zvakatotsanangurwa.
Chinangwa chikuru chenyika ndechekuchengetedza boka rezvinhu zvezviwanikwa zvakatogadzirwa kuenzanisa gadziriso yezvakawedzerwa zviwanikwa uye zvinhu kuitira kudzivirira kudzokororwa kusikwa uye shanduko papuratifomu.
Nokusingaperi, ruzivo rwehurumende runochengetwa munharaunda ye terraform.tfstate faira, asi kana zvichidiwa, zvinokwanisika kushandisa kure kure kuchengetedza basa reboka.
Iwe unogona zvakare kupinza zviwanikwa zvepuratifomu zvazvino muhurumende kuti uenderere mberi nekudyidzana nezvimwe zviwanikwa zvakazogadzirwa pasina rubatsiro rweTerraform.
2. Kusikwa kwezvivakwa
Izvo zvikamu zvakagadziriswa, ikozvino tichishandisa Terraform isu tichagadzira zvishoma nezvishoma zvivakwa zvine matatu chaiwo michina. Yekutanga ine nginx proxy server yakaiswa, yechipiri ine faira yekuchengetedza yakavakirwa paNextcloud uye yechitatu ine CMS Bitrix.
Isu tichanyora kodhi uye tiite tichishandisa muenzaniso wedu . Vashandisi vedu vanogashira account ine kodzero yeOrganization Administrator.Kana ukashandisa account ine kodzero dzakafanana mune rimwe VMware gore, unogona kuburitsa kodhi kubva mumienzaniso yedu. Enda!
Kutanga, ngatigadzire dhairekitori repurojekiti yedu nyowani umo mafaera anotsanangura zvivakwa achaiswa.
mkdir project01
Zvadaro, tinotsanangura zvikamu zvezvivako. Terraform inogadzira hukama uye inogadzirisa mafaera zvichienderana nerondedzero mumafaira. Iwo mafaera pachawo anogona kupihwa zita zvichienderana nechinangwa chezvivharo zvinotsanangurwa, semuenzaniso, network.tf - inotsanangura network parameters yezvivakwa.
Kutsanangura zvikamu zvezvivakwa zvedu, takagadzira mafaera anotevera:
Rondedzero yemafaira.
main.tf - tsananguro yezviyero zvezvakatipoteredza zvakatipoteredza - virtual machines, virtual containers;
network.tf - tsanangudzo yevirtual network parameters uye NAT uye Firewall mitemo;
variables.tf - rondedzero yemhando dzatinoshandisa;
vcd.tfvars - purojekiti inoshanduka kukosha yeVMware vCloud Director module.
Mutauro wekugadzirisa muTerraform unozivisa uye kurongeka kwezvivharo hazvina basa, kunze kwezvivharo zvekupa, nekuti. mune ino block tinotsanangura mirairo inofanirwa kuurayiwa pakugadzirira zvivakwa uye ivo vanozoitwa zvakarongeka.
Block structure.
<BLOCK TYPE> "<BLOCK LABEL>" "<BLOCK LABEL>" {
# Block body
<IDENTIFIER> = <EXPRESSION> # Argument
}
Kutsanangura mabhuraki, mutauro wayo wechirongwa HCL (HashiCorp Configuration Mutauro) unoshandiswa; zvinogoneka kutsanangura zvivakwa uchishandisa JSON. Iwe unogona kudzidza zvakawanda nezve syntax .
Environment variable configuration, variables.tf and vcd.tfvars
Chekutanga, ngatigadzire mafaera maviri anotsanangura rondedzero yeese anoshandiswa akasiyana uye maitiro avo eVMware vCloud Director module. Kutanga, ngatitangei faira variables.tf.
Zviri mukati me variables.tf file.
variable "vcd_org_user" {
description = "vCD Tenant User"
}
variable "vcd_org_password" {
description = "vCD Tenant Password"
}
variable "vcd_org" {
description = "vCD Tenant Org"
}
variable "vcd_org_vdc" {
description = "vCD Tenant VDC"
}
variable "vcd_org_url" {
description = "vCD Tenant URL"
}
variable "vcd_org_max_retry_timeout" {
default = "60"
}
variable "vcd_org_allow_unverified_ssl" {
default = "true"
}
variable "vcd_org_edge_name" {
description = "vCD edge name"
}
variable "vcd_org_catalog" {
description = "vCD public catalog"
}
variable "vcd_template_os_centos7" {
description = "OS CentOS 7"
default = "CentOS7"
}
variable "vcd_org_ssd_sp" {
description = "Storage Policies"
default = "Gold Storage Policy"
}
variable "vcd_org_hdd_sp" {
description = "Storage Policies"
default = "Bronze Storage Policy"
}
variable "vcd_edge_local_subnet" {
description = "Organization Network Subnet"
}
variable "vcd_edge_external_ip" {
description = "External public IP"
}
variable "vcd_edge_local_ip_nginx" {}
variable "vcd_edge_local_ip_bitrix" {}
variable "vcd_edge_local_ip_nextcloud" {}
variable "vcd_edge_external_network" {}
Variable values ββdzatinogamuchira kubva kumupi.
-
vcd_org_user - zita rekushandisa neSangano Administrator kodzero,
-
vcd_org_password - password yemushandisi,
-
vcd_org - zita resangano,
-
vcd_org_vdc - zita reiyo chaiyo data data,
-
vcd_org_url - API URL,
-
vcd_org_edge_name - zita reiyo chaiyo router,
-
vcd_org_catalog - zita redhairekitori rine chaiwo muchina matemplate,
-
vcd_edge_external_ip - yeruzhinji IP kero,
-
vcd_edge_external_network - zita rekunze network,
-
vcd_org_hdd_sp - zita reiyo HDD yekuchengetedza mutemo,
-
vcd_org_ssd_sp - zita reiyo SSD yekuchengetedza mutemo.
Uye pinda zvedu zvakasiyana:
-
vcd_edge_local_ip_nginx - IP kero yemuchina chaiwo une NGINX,
-
vcd_edge_local_ip_bitrix - IP kero yemuchina chaiwo une 1C: Bitrix,
-
vcd_edge_local_ip_nextcloud - IP kero yemuchina chaiwo une Nextcloud.
Neyechipiri faira isu tinogadzira uye tinotsanangura zvinosiyana zveVMware vCloud Director module muvcd.tfvars faira: Ngatiyeukei kuti mumuenzaniso wedu tinoshandisa. , kana ukashanda nemumwe mupi, tarisa maitiro navo.
Zviri mukati mevcd.tfvars file.
vcd_org_url = "https://vcloud.mclouds.ru/api"
vcd_org_user = "orgadmin"
vcd_org_password = "*"
vcd = "org"
vcd_org_vdc = "orgvdc"
vcd_org_maxretry_timeout = 60
vcd_org_allow_unverified_ssl = true
vcd_org_catalog = "Templates"
vcd_templateos_centos7 = "CentOS7"
vcd_org_ssd_sp = "Gold Storage Policy"
vcd_org_hdd_sp = "Bronze Storage Policy"
vcd_org_edge_name = "MCLOUDS-EDGE"
vcd_edge_external_ip = "185.17.66.1"
vcd_edge_local_subnet = "192.168.110.0/24"
vcd_edge_local_ip_nginx = "192.168.110.1"
vcd_edge_local_ip_bitrix = "192.168.110.10"
vcd_edge_local_ip_nextcloud = "192.168.110.11"
vcd_edge_external_network = "NET-185-17-66-0"
Network configuration, network.tf.
Mamiriro ekunze akaiswa, ikozvino tichamisa iyo chaiyo muchina wekubatanidza chirongwa - isu tichapa yakavanzika IP kero kune yega yega muchina uye toshandisa Destination NAT "mberi" madoko kune yekunze network. Kudzikamisa kupinda kune manejimendi ports, isu tichaisa yekuwana chete kune yedu IP kero.
Network dhayagiramu yeTerraform chikuva chiri kugadzirwa
Isu tinogadzira network yesangano rine zita rekuti net_lan01, gedhi rekutanga: 192.168.110.254, uye zvakare nenzvimbo yekero: 192.168.110.0/24.
Isu tinotsanangura a virtual network.
resource "vcd_network_routed" "net" {
name = "net_lan01"
edge_gateway = var.vcd_org_edge_name
gateway = "192.168.110.254"
dns1 = "1.1.1.1"
dns2 = "8.8.8.8"
static_ip_pool {
start_address = "192.168.110.1"
end_address = "192.168.110.253"
}
}
Ngatigadzirei mitemo yefirewall inobvumira virtual muchina kuwana Internet. Mukati meichi block, zvese zviwanikwa zviri mugore zvichawana mukana weInternet:
Isu tinotsanangura mitemo yeVM kuwana kuInternet.
resource "vcd_nsxv_firewall_rule" "fw_internet_access" {
edge_gateway = var.vcdorgedgename
name = "Internet Access"
source {
gateway_interfaces = ["internal"]
}
destination {
gateway_interfaces = ["external"]
}
service {
protocol = "any"
}
depends_on = [vcdnetworkrouted.net]
}
Mushure mekutangisa kutsamira kuti mushure mekugadzirisa vcdnetworkrouted.net block, tinoenderera mberi nekugadzirisa vcdnsxvfirewallrule block., nekushandisa zvinoenderana ne. Isu tinoshandisa iyi sarudzo nekuti zvimwe zvinotsamira zvinogona kucherechedzwa zvizere mukumisikidzwa.
Tevere, isu tichagadzira mitemo inobvumira kupinda kumadoko kubva kune yekunze network uye kuratidza yedu IP kero yekubatanidza kuburikidza neSSH kumaseva. Chero mushandisi weInternet anokwanisa kuwana ports 80 uye 443 pawebhu server, uye mushandisi ane IP kero ye90.1.15.1 ane mukana kune SSH ports yemaseva chaiwo.
Bvumira kuwana madoko kubva kune yekunze network.
resource "vcd_nsxv_firewall_rule" "fwnatports" {
edge_gateway = var.vcd_org_edge_name
name = "HTTPs Access"
source {
gateway_interfaces = ["external"]
}
destination {
gateway_interfaces = ["internal"]
}
service {
protocol = "tcp"
port = "80"
}
service {
protocol = "tcp"
port = "443"
}
depends_on = [vcd_network_routed.net]
}
resource "vcd_nsxv_firewall_rule" "fw_nat_admin_ports" {
edge_gateway = var.vcd_org_edge_name
name = "Admin Access"
source {
ip_addresses = [ "90.1.15.1" ]
}
destination {
gateway_interfaces = ["internal"]
}
service {
protocol = "tcp"
port = "58301"
}
service {
protocol = "tcp"
port = "58302"
}
service {
protocol = "tcp"
port = "58303"
}
depends_on = [vcd_network_routed.net]
}
Isu tinogadzira Source NAT mitemo yekuwana iyo Internet kubva kune gore yenzvimbo network:
Isu tinotsanangura iyo Source NAT mitemo.
resource "vcd_nsxv_snat" "snat_local" {
edge_gateway = var.vcd_org_edge_name
network_type = "ext"
network_name = var.vcdedgeexternalnetwork
original_address = var.vcd_edge_local_subnet
translated_address = var.vcd_edge_external_ip
depends_on = [vcd_network_routed.net]
}
Uye kupedzisa kumisikidzwa kweiyo network block, isu tinowedzera Destination NAT mitemo yekuwana masevhisi kubva kune yekunze network:
Kuwedzera Kwekuenda NAT mitemo.
resource "vcd_nsxv_dnat" "dnat_tcp_nginx_https" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "NGINX HTTPs"
original_address = var.vcd_edge_external_ip
original_port = 443
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 443
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
resource "vcd_nsxv_dnat" "dnat_tcp_nginx_http" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "NGINX HTTP"
original_address = var.vcd_edge_external_ip
original_port = 80
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 80
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Wedzera mutemo weNAT wekushandura port kune SSH server pasi peNginx.
resource "vcd_nsxv_dnat" "dnat_tcp-nginx_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH NGINX"
original_address = var.vcd_edge_external_ip
original_port = 58301
translated_address = var.vcd_edge_local_ip_nginx
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Wedzera mutemo weNAT wekushandura port kune SSH server ine 1C-Bitrix.
resource "vcd_nsxv_dnat" "dnat_tcp_bitrix_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH Bitrix"
original_address = var.vcd_edge_external_ip
original_port = 58302
translated_address = var.vcd_edge_local_ip_bitrix
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Wedzera mutemo weNAT wekushandura port kune SSH server neNextcloud.
resource "vcd_nsxv_dnat" "dnat_tcp_nextcloud_ssh" {
edge_gateway = var.vcd_org_edge_name
network_name = var.vcd_edge_external_network
network_type = "ext"
description = "SSH Nextcloud"
original_address = var.vcd_edge_external_ip
original_port = 58303 translated_address = var.vcd_edge_local_ip_nextcloud
translated_port = 22
protocol = "tcp"
depends_on = [vcd_network_routed.net]
}
Main.tf virtual environment configuration
Sezvatakaronga pakutanga kwechinyorwa, isu tichagadzira matatu chaiwo michina. Vachagadzirirwa vachishandisa "Guest Customization". Isu tichaseta ma parameter etiweki zvinoenderana nezvirongwa zvatakatsanangura, uye password yemushandisi inogadzirwa otomatiki.
Ngatitsanangurirei iyo vApp umo madhiraini chaiwo achave ari uye nekumisikidzwa kwawo.
Virtual muchina kugadzirisa
Ngatigadzirei vApp mudziyo. Kuti isu tigone kukurumidza kubatanidza iyo vApp neVM kune chaiyo network, isu tinowedzerawo depend_on parameter:
Gadzira mudziyo
resource "vcd_vapp" "vapp" {
name = "web"
power_on = "true" depends_on = [vcd_network_routed.net]
}
Ngatigadzirei muchina chaiwo une tsananguro
resource "vcd_vapp_vm" "nginx" {
vapp_name = vcd_vapp.vapp.name
name = "nginx"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_nginx
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "32768"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
Main paramita mune tsananguro yeVM:
-
zita - zita remuchina chaiwo,
-
vappname - zita revApp yekuwedzera VM nyowani,
-
catalogname / templatename - catalog zita uye chaiwo muchina template zita,
-
storageprofile - default kuchengetedza mutemo.
Network block parameters:
-
mhando - mhando ye network yakabatana,
-
zita - ndeipi chaiyo network yekubatanidza iyo VM kune,
-
isprimary - primary network adapter,
-
ipallocation_mode - MANUAL / DHCP / POOL kero yekugovera maitiro,
-
ip - IP kero yemuchina chaiwo, isu tichazvitsanangura nemaoko.
override_template_disk block:
-
sizeinmb - boot disk saizi yemuchina chaiwo
-
storage_profile - mutemo wekuchengetedza dhisiki
Ngatigadzire yechipiri VM ine tsananguro yeNextcloud faira rekuchengetedza
resource "vcd_vapp_vm" "nextcloud" {
vapp_name = vcd_vapp.vapp.name
name = "nextcloud"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_nextcloud
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "32768"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
resource "vcd_vm_internal_disk" "disk1" {
vapp_name = vcd_vapp.vapp.name
vm_name = "nextcloud"
bus_type = "paravirtual"
size_in_mb = "102400"
bus_number = 0
unit_number = 1
storage_profile = var.vcd_org_hdd_sp
allow_vm_reboot = true
depends_on = [ vcd_vapp_vm.nextcloud ]
}
Muchikamu chevcdvminternal_disk tichatsanangura dhisiki nyowani yakabatana nemuchina chaiwo.
Tsananguro dzeiyo vcdvminternaldisk block:
-
bustype - disk controller mhando
-
sizeinmb - disk size
-
busnumber / unitnumber - nzvimbo yekubatanidza mune adapta
-
storage_profile - mutemo wekuchengetedza dhisiki
Ngatitsanangure ichangoburwa VM paBitrix
resource "vcd_vapp_vm" "bitrix" {
vapp_name = vcd_vapp.vapp.name
name = "bitrix"
catalog_name = var.vcd_org_catalog
template_name = var.vcd_template_os_centos7
storage_profile = var.vcd_org_ssd_sp
memory = 8192
cpus = 1
cpu_cores = 1
network {
type = "org"
name = vcd_network_routed.net.name
is_primary = true
adapter_type = "VMXNET3"
ip_allocation_mode = "MANUAL"
ip = var.vcd_edge_local_ip_bitrix
}
override_template_disk {
bus_type = "paravirtual"
size_in_mb = "81920"
bus_number = 0
unit_number = 0
storage_profile = var.vcd_org_ssd_sp
}
}
Kugadziridza OS uye nekuisa mamwe magwaro
Iyo network yakagadzirirwa, iyo chaiyo michina inotsanangurwa. Tisati tapinza zvivakwa zvedu, tinokwanisa kuita zvekutanga kupa pachine nguva tichishandisa mabhuroko ekupa uye tisingashandisi Ansible.
Ngatitarisei maitiro ekugadzirisa OS uye kumhanya iyo CMS Bitrix yekuisa script uchishandisa iyo provider block.
Kutanga, ngatiisei CentOS yekuvandudza mapakeji.
resource "null_resource" "nginx_update_install" {
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.nginx.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58301"
timeout = "30s"
}
inline = [
"yum -y update && yum -y upgrade",
"yum -y install wget nano epel-release net-tools unzip zip" ]
}
}
}
Kusarudzwa kwezvikamu:
-
Provider "remote-exec" - batanidza iyo kure yekugovera block
-
Muchivharo chekubatanidza tinotsanangura rudzi uye parameters yekubatanidza:
-
mhando - protocol, mune yedu SSH;
-
mushandisi - zita remushandisi;
-
password - mushandisi password. Muchiitiko chedu, tinonongedza parameter vcdvappvm.nginx.customization[0].admin_password, iyo inochengetedza password yakagadzirwa yemushandisi wegadziriro.
-
host - yekunze IP kero yekubatanidza;
-
port - port yekubatanidza, iyo yakambotaurwa muDNAT marongero;
-
inline - nyora rondedzero yemirairo ichapinzwa. Mirairo ichaiswa muhurongwa sezvakaratidzwa muchikamu chino.
Semuenzaniso, ngatiwedzerei kuita iyo 1C-Bitrix yekuisa script. Iko kuburitsa kweiyo script execution mhedzisiro ichave iripo apo chirongwa chiri kushanda. Kuisa script, chekutanga tinotsanangura block:
Ngatitsanangurirei kuiswa kwe1C-Bitrix.
provisioner "file" {
source = "prepare.sh"
destination = "/tmp/prepare.sh"
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.nginx.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58301"
timeout = "30s"
}
}
provisioner "remote-exec" {
inline = [
"chmod +x /tmp/prepare.sh", "./tmp/prepare.sh"
]
}
Uye isu tichakurumidza kutsanangura iyo Bitrix update.
Muenzaniso wekupa 1C-Bitrix.
resource "null_resource" "install_update_bitrix" {
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
password = vcd_vapp_vm.bitrix.customization[0].admin_password
host = var.vcd_edge_external_ip
port = "58302"
timeout = "60s"
}
inline = [
"yum -y update && yum -y upgrade",
"yum -y install wget nano epel-release net-tools unzip zip",
"wget http://repos.1c-bitrix.ru/yum/bitrix-env.sh -O /tmp/bitrix-env.sh",
"chmod +x /tmp/bitrix-env.sh",
"/tmp/bitrix-env.sh"
]
}
}
Zvakakosha! Iyo script inogona kusashanda kana ukasadzima SELinux pamberi! Kana iwe uchida chinyorwa chakadzama pakuisa nekugadzirisa CMS 1C-Bitrix uchishandisa bitrix-env.sh, oo unogona .
3. Infrastructure kutanga
Kutanga ma modules uye plugins
Kubasa, tinoshandisa "gentleman's kit" yakapusa: laptop ine Windows 10 OS uye kit yekugovera kubva kune yepamutemo webhusaiti. . Ngatiburitse uye titange nekushandisa murairo: terraform.exe init
Mushure mekutsanangura iyo komputa uye network network, isu tinotanga kuronga kuyedza kumisikidzwa kwedu, kwatinogona kuona izvo zvichagadzirwa uye kuti zvichabatanidzwa sei kune mumwe nemumwe.
-
Ita murairo
- terraform plan -var-file=vcd.tfvars. -
Tinowana chigumisiro
- Plan: 16 to add, 0 to change, 0 to destroy.Ndiko kuti, maererano nechirongwa ichi, 16 zviwanikwa zvichagadzirwa. -
Isu tinotangisa chirongwa pakuraira
- terraform.exe apply -var-file=vcd.tfvars.
Michina yeVirtual ichagadzirwa, uyezve mapakeji atakanyora anozoitwa mukati mechikamu chekugovera - iyo OS ichagadziridzwa uye CMS Bitrix ichaiswa.
Kugamuchira ruzivo rwekubatanidza
Mushure mekuita hurongwa, tinoda kugamuchira data mune zvinyorwa zvekubatanidza kune maseva, nekuda kweizvi tichafometa chikamu chekubuda nenzira inotevera:
output "nginxpassword" {
value = vcdvappvm.nginx.customization[0].adminpassword
}
Uye zvinotevera zvinobuda zvinotiudza password yemuchina wakagadzirwa chaiwo:
Outputs: nginx_password = F#4u8!!N
Nekuda kweizvozvo, tinowana mukana kune chaiwo muchina ane yakagadziridzwa sisitimu yekushandisa uye pre-yakaiswa mapakeji ekuwedzera basa redu. Zvese zvagadzirira!
Asi zvakadini kana iwe uchitova nehupfumi huripo?
3.1. Kushanda Terraform nezvivakwa zviripo
Zviri nyore, unogona kuendesa ikozvino chaiwo michina uye yavo vApp midziyo uchishandisa iyo yekuraira yekuraira.
Ngatitsanangurirei vAPP sosi uye muchina chaiwo.
resource "vcd_vapp" "Monitoring" {
name = "Monitoring"
org = "mClouds"
vdc = "mClouds"
}
resource "vcd_vapp_vm" "Zabbix" {
name = "Zabbix"
org = "mClouds"
vdc = "mClouds"
vapp = "Monitoring"
}
Nhanho inotevera ndeyekupinza zvinhu zvevApp zviwanikwa mufomati vcdvapp.<vApp> <org>.<orgvdc>.<vApp>kupi:
-
vApp - vApp zita;
-
org - zita resangano;
-
org_vdc - zita reiyo chaiyo data data.
Kupinza vAPP zviwanikwa
Ngatitorei kunze zvinhu zveVM zviwanikwa mufomati: vcdvappvm.<VM> <org>.<orgvdc>.<vApp>.<VM>, umo:
-
VM - VM zita;
-
vApp - vApp zita;
-
org - zita resangano;
-
orgvdc izita reiyo virtual data center.
Kutora kunze kwakabudirira
C:UsersMikhailDesktopterraform>terraform import vcd_vapp_vm.Zabbix mClouds.mClouds.Monitoring.Zabbix
vcd_vapp_vm.Zabbix: Importing from ID "mClouds.mClouds.Monitoring.Zabbix"...
vcd_vapp_vm.Zabbix: Import prepared!
Prepared vcd_vapp_vm for import
vcd_vapp_vm.Zabbix: Refreshing state... [id=urn:vcloud:vm:778f4a89-1c8d-45b9-9d94-0472a71c4d1f]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
Iye zvino isu tinokwanisa kutarisa kune chitsva chinotengeswa kunze kwenyika:
Zvekushandisa kunze kwenyika
> terraform show
...
# vcd_vapp.Monitoring:
resource "vcd_vapp" "Monitoring" {
guest_properties = {}
href = "https://vcloud.mclouds.ru/api/vApp/vapp-fe5db285-a4af-47c4-93e8-55df92f006ec"
id = "urn:vcloud:vapp:fe5db285-a4af-47c4-93e8-55df92f006ec"
ip = "allocated"
metadata = {}
name = "Monitoring"
org = "mClouds"
status = 4
status_text = "POWERED_ON"
vdc = "mClouds"
}
β¦
# vcd_vapp_vm.Zabbix:
resource "vcd_vapp_vm" "Zabbix" {
computer_name = "Zabbix"
cpu_cores = 1
cpus = 2
expose_hardware_virtualization = false
guest_properties = {}
hardware_version = "vmx-14"
href = "https://vcloud.mclouds.ru/api/vApp/vm-778f4a89-1c8d-45b9-9d94-0472a71c4d1f"
id = "urn:vcloud:vm:778f4a89-1c8d-45b9-9d94-0472a71c4d1f"
internal_disk = [
{
bus_number = 0
bus_type = "paravirtual"
disk_id = "2000"
iops = 0
size_in_mb = 122880
storage_profile = "Gold Storage Policy"
thin_provisioned = true
unit_number = 0
},
]
memory = 8192
metadata = {}
name = "Zabbix"
org = "mClouds"
os_type = "centos8_64Guest"
storage_profile = "Gold Storage Policy"
vapp_name = "Monitoring"
vdc = "mClouds"
customization {
allow_local_admin_password = true
auto_generate_password = true
change_sid = false
enabled = false
force = false
join_domain = false
join_org_domain = false
must_change_password_on_first_login = false
number_of_auto_logons = 0
}
network {
adapter_type = "VMXNET3"
ip_allocation_mode = "DHCP"
is_primary = true
mac = "00:50:56:07:01:b1"
name = "MCLOUDS-LAN01"
type = "org"
}
}
Ikozvino takanyatso gadzirira - tapedza nepoindi yekupedzisira (kupinza mune iripo zvivakwa) uye tafunga nezvese mapoinzi makuru ekushanda neTerraform.
Chishandiso chacho chakazove chakanyanya kunaka uye chinokutendera kuti utsanangure zvivakwa zvako sekodhi, kutanga kubva kumashini chaiwo emumwe wegore rinopa kutsanangura zviwanikwa zvetiweki zvikamu.
Panguva imwecheteyo, kusununguka kubva kune zvakatipoteredza kunoita kuti zvikwanise kushanda nemunharaunda, cloud resources, uye kunyange kutarisira chikuva. Uye kana pasina chikuva chakatsigirwa uye iwe uchida kuwedzera imwe nyowani, unogona kunyora wega mupi wako woishandisa.
Source: www.habr.com