ProHoster > Blog > Ma'muriyat > Terraform bilan vm ESXi-ni tezkor joylashtirish

Terraform bilan vm ESXi-ni tezkor joylashtirish

Hammaga salom, mening ismim Ivan va men spirtli tizim administratoriman (OPS).

Men Terraform yordamida vCentersiz ESXi-da virtual mashinalarni qanday joylashtirishimni aytmoqchiman.

Ko'pincha siz u yoki bu dasturni sinab ko'rish uchun virtual mashinalarni o'rnatishingiz / qayta yaratishingiz kerak. Dangasalik tufayli men jarayonni avtomatlashtirish haqida o'yladim. Mening qidiruvim meni kompaniyaning ajoyib mahsulotiga olib keldi hashicorp, terraform.

O'ylaymanki, ko'pchilik Terraform nima ekanligini biladi va kim bilmaydi, bu IasC kontseptsiyasidan foydalangan holda har qanday bulut, infratuzilma yoki xizmatni boshqarish uchun dastur (Infratuzilma kod sifatida).

Men virtualizatsiya muhiti sifatida ESXi dan foydalanaman. Juda oddiy, qulay va ishonchli.
Men savolni kutyapman.

Agar vCenter serveridan foydalansangiz, nima uchun terraform?

Albatta mumkin, lekin. Birinchidan, bu qo'shimcha litsenziya, ikkinchidan, bu mahsulot juda ko'p resurs talab qiladi va oddiygina mening uy serverimga mos kelmaydi, uchinchidan, malaka oshirish qobiliyati.

Intel NUC platformasi server vazifasini bajaradi:

CPU: 2 CPUs x Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
RAM: 8Gb
HDD: 500Gb
ESXi version: ESXi-6.5.0-4564106-standard (VMware, Inc.)

Va shuning uchun birinchi navbatda birinchi narsa.

Hozircha esxi-ni o'rnatamiz, ya'ni xavfsizlik devori sozlamalarida VNC portini oching.

Odatiy bo'lib, fayl yozishdan himoyalangan. Biz quyidagi manipulyatsiyalarni bajaramiz:

chmod 644 /etc/vmware/firewall/service.xml
chmod +t /etc/vmware/firewall/service.xml
vi /etc/vmware/firewall/service.xml

faylning oxiriga quyidagi blokni qo'shing:

<service id="1000">
  <id>packer-vnc</id>
  <rule id="0000">
    <direction>inbound</direction>
    <protocol>tcp</protocol>
    <porttype>dst</porttype>
    <port>
      <begin>5900</begin>
      <end>6000</end>
    </port>
  </rule>
  <enabled>true</enabled>
  <required>true</required>
</service>

Chiqish, saqlash. Huquqlarni o'zgartiring va xizmatni qayta ishga tushiring:

chmod 444 /etc/vmware/firewall/service.xml
esxcli network firewall refresh

Xost qayta ishga tushmaguncha amal qiladi. Shundan so'ng, bu manipulyatsiyani takrorlash kerak bo'ladi.

Bundan tashqari, men barcha ishlarni bitta serverda virtual mashinada bajaraman.

Mahsulot xususiyatlari:

OS: Centos 7 x86_64 minimal
RAM: 1GB
HDD: 20GB
Selinux: disable
firewalld: disable

Keyinchalik, bizga kerak qadoqlovchi, shuningdek, HashiCorp mahsuloti.

Bu "oltin" tasvirni avtomatik ravishda yig'ish uchun kerak. kelajakda biz foydalanamiz.

yum install unzip git -y
curl -O https://releases.hashicorp.com/packer/1.5.5/packer_1.5.5_linux_amd64.zip
unzip packer_1.5.5_linux_amd64.zip -d /usr/bin && rm -rf packer_1.5.5_linux_amd64.zip
packer version
Packer v1.5.5

Harakatda Packer versiyasi xatolik yuz berishi mumkin, chunki RedHat-ga asoslangan bir xil nomdagi paket bo'lishi mumkin.

which -a packer
/usr/sbin/packer

Yechim uchun siz symlink yaratishingiz yoki mutlaq yo'ldan foydalanishingiz mumkin /usr/bin/packer.

Endi bizga ovftool kerak Download bog'laning. Yuklab oling, serverga qo'ying va o'rnating:

chmod +x VMware-ovftool-4.4.0-15722219-lin.x86_64.bundle
./VMware-ovftool-4.4.0-15722219-lin.x86_64.bundle
Extracting VMware Installer...done.
You must accept the VMware OVF Tool component for Linux End User
License Agreement to continue.  Press Enter to proceed.
VMWARE END USER LICENSE AGREEMENT
Do you agree? [yes/no]:yes
The product is ready to be installed.  Press Enter to begin
installation or Ctrl-C to cancel. 
Installing VMware OVF Tool component for Linux 4.4.0
    Configuring...
[######################################################################] 100%
Installation was successful.

Biz davom etamiz.

Githda men sizga kerak bo'lgan hamma narsani tayyorladim. 

git clone https://github.com/letnab/create-and-deploy-esxi.git && cd create-and-deploy-esxi

Jildga katta operatsion tizimning tarqatish to'plamini qo'yishingiz kerak. Mening holatimda bu centos 7.

Bundan tashqari, faylni tahrirlashingiz kerak. centos-7-base.json:

variables: ΡƒΠΊΠ°Π·Π°Ρ‚ΡŒ свои Π΄Π°Π½Π½Ρ‹Π΅ для ΠΏΠΎΠ΄ΠΊΠ»ΡŽΡ‡Π΅Π½ΠΈΡ
iso_urls: ΡƒΠΊΠ°Π·Π°Ρ‚ΡŒ Π°ΠΊΡ‚ΡƒΠ°Π»ΡŒΠ½Ρ‹ΠΉ
iso_checksum: чСксумма вашСго ΠΎΠ±Ρ€Π°Π·Π°

Barcha o'zgarishlardan so'ng, montajni ishga tushiring:

/usr/bin/packer build centos-7-base.json

Har bir narsa to'g'ri sozlangan va ko'rsatilgan bo'lsa, unda siz operatsion tizimning avtomatik o'rnatilishi rasmini ko'rasiz. Bu jarayon menga 7-8 daqiqa vaqt oladi.

Jildda muvaffaqiyatli bajarilgandan so'ng chiqish-paker-centos7-x86_64 ova fayli joylashgan bo'ladi.

Terraformni o'rnating:

curl -O https://releases.hashicorp.com/terraform/0.12.24/terraform_0.12.24_linux_amd64.zip
unzip terraform_0.12.24_linux_amd64.zip -d /usr/bin/ && rm -rf terraform_0.12.24_linux_amd64.zip
terraform version
Terraform v0.12.24

Terraformda ESXi uchun provayder yo'qligi sababli, uni yaratishingiz kerak.

Biz jo'natamiz:

cd /tmp
curl -O https://dl.google.com/go/go1.14.2.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.14.2.linux-amd64.tar.gz && rm -rf go1.14.2.linux-amd64.tar.gz
export PATH=$PATH:/usr/local/go/bin
go version
go version go1.14.2 linux/amd64

Keyinchalik, biz provayderni yig'amiz:

go get -u -v golang.org/x/crypto/ssh
go get -u -v github.com/hashicorp/terraform
go get -u -v github.com/josenk/terraform-provider-esxi
export GOPATH="$HOME/go"
cd $GOPATH/src/github.com/josenk/terraform-provider-esxi
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -ldflags '-w -extldflags "-static"' -o terraform-provider-esxi_`cat version`
cp terraform-provider-esxi_`cat version` /usr/bin

Biz marra chizig'idamiz. Keling, rasmimizni yoyib chiqaylik.

Keling, papkaga o'tamiz:

cd /root/create-and-deploy-esxi/centos7

Avvalo, faylni tahrirlang variables.tf. ESXi serveriga ulanishni ko'rsatishingiz kerak.

Fayl ichida network_config.cfg kelajakdagi virtual mashinaning tarmoq sozlamalarini o'z ichiga oladi. Ehtiyojlaringizga qarab o'zgartiring va bitta chiziqni ishga tushiring:

sed -i -e '2d' -e '3i "network": "'$(gzip < network_config.cfg| base64 | tr -d 'n')'",' metadata.json

Xo'sh, faylda main.tf ova fayliga yo'lni o'zingizga o'zgartiring, agar boshqacha bo'lsa.

Haqiqat momenti.

terraform init
Initializing the backend...

Initializing provider plugins...

The following providers do not have any version constraints in configuration,
so the latest version was installed.

To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.

* provider.esxi: version = "~> 1.6"
* provider.template: version = "~> 2.1"

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

data.template_file.Default: Refreshing state...
data.template_file.network_config: Refreshing state...

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # esxi_guest.Default will be created
  + resource "esxi_guest" "Default" {
      + boot_disk_size         = (known after apply)
      + disk_store             = "datastore1"
      + guest_name             = "centos7-test"
      + guest_shutdown_timeout = (known after apply)
      + guest_startup_timeout  = (known after apply)
      + guestinfo              = {
          + "metadata"          = "base64text"
          + "metadata.encoding" = "gzip+base64"
          + "userdata"          = "base64text"
          + "userdata.encoding" = "gzip+base64"
        }
      + guestos                = (known after apply)
      + id                     = (known after apply)
      + ip_address             = (known after apply)
      + memsize                = "1024"
      + notes                  = (known after apply)
      + numvcpus               = (known after apply)
      + ovf_properties_timer   = (known after apply)
      + ovf_source             = "/root/create-and-deploy-esxi/output-packer-centos7-x86_64/packer-centos7-x86_64.ova"
      + power                  = "on"
      + resource_pool_name     = (known after apply)
      + virthwver              = (known after apply)

      + network_interfaces {
          + mac_address     = (known after apply)
          + nic_type        = (known after apply)
          + virtual_network = "VM Network"
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

Tugatish:

terraform apply

Agar hamma narsa to'g'ri bajarilgan bo'lsa, 2-3 daqiqadan so'ng avval yaratilgan tasvirdan yangi virtual mashina o'rnatiladi.

Bularning barchasidan foydalanish faqat sizning tasavvuringiz bilan cheklangan.

Men faqat eng yaxshi tajribalarni baham ko'rishni va ushbu mahsulotlar bilan ishlashda asosiy fikrlarni ko'rsatishni xohladim.

E'tiboringiz uchun tashakkur!

PS: Konstruktiv tanqiddan xursand bo'laman.

Manba: www.habr.com

a Izoh qo'shish