Molweni nonke! NgoDisemba, i-OTUS isungula ikhosi entsha - . Ukulindela ukuqala kwesi sifundo, sabelana nawe ngenguqulelo yezinto ezinomdla kwisihloko.
sisisombululo esinceda abathengi ngokukhawuleza ukuseka indawo ekhuselekileyo, i-akhawunti ye-AWS eninzi ngokusekelwe kwiindlela ezilungileyo zokusebenza.
Ngaphezu kweminyaka emihlanu, iqela lethu leMitoc Group lisebenze ngokuzimisela ekuncedeni imibutho emikhulu ngempumelelo ukuguqula nokwakha okanye ukufudusela indawo yabo yedijithali kwilifu le-AWS. Ngamanye amazwi, ukucaphula abahlobo bethu kwi-AWS: "Abathengi bethu bazihlaziya nge-AWS." Ngumzamo ongapheliyo wokuqamba ngokutsha kunye nokwenza lula oomatshini egameni labathengi ngokwabo, kwaye i-AWS yenza umsebenzi omkhulu wokusombulula iingxaki ezintsonkothileyo ezinezisombululo ekulula ukuzifunda.
Indawo yokuHlala ye-AWS ()
Yintoni i-AWS Landing Zone?
Ngokolwazi oluvela kumthombo osemthethweni:
I-AWS Landing Zone isisombululo esinceda abathengi ngokukhawuleza ukuseta indawo ekhuselekileyo ye-AWS kunye neeakhawunti ezininzi ezisekelwe kwiindlela ezilungileyo ze-AWS. Ngeenketho ezininzi, ukuseta indawo ye-akhawunti eninzi kunokuchitha ixesha, kubandakanya ukuqwalasela iiakhawunti ezininzi kunye neenkonzo, kwaye kufuna ukuqonda okunzulu kweenkonzo ze-AWS.
I-AWS Landing Zone inciphise kakhulu ubunzima kunye nokuhambelana kweepatheni zoyilo ezifanayo ezinikezelwe kubathengi abahlukeneyo. Kwelinye icala, iqela lethu kuye kwafuneka liphinde lihlengahlengise amanye amacandelo e-CloudFormation njengamacandelo eTerraform ukuze liwasebenzisele ukuzenzela.
Ke sizibuze, kutheni singakhe sonke isisombululo se-AWS Landing Zone kwiTerraform? Ngaba singayenza le nto kwaye iya kusombulula iingxaki zabathengi bethu? Spoiler: iyakwenza kwaye sele ithatha isigqibo! π
Kunini apho kufuneka ungasebenzisi i-AWS Landing Zone?
Ukuba ujongene neenkonzo zelifu eziqhelekileyo kunye nezixhobo zamafu ngaphakathi kweakhawunti enye okanye ezimbini ze-AWS, la manyathelo anokuba ngaphezulu. Nabani na ongahambelaniyo nale ngongoma unokuqhubeka nokufunda :)
Yintoni omele uyiqwalasele ngaphambi kokuba uqale umsebenzi?
Uninzi lwemibutho emikhulu esisebenze nayo sele inalo uhlobo lweqhinga lelifu endaweni. Iinkampani zizama ukuphumeza ngempumelelo iinkonzo zefu ngaphandle kombono ocacileyo kunye nokulindela. Nceda uthathe ixesha lokuchaza isicwangciso sakho kwaye uqonde ukuba i-AWS ingena njani kuyo.
Xa useta isicwangciso, abathengi abaphumeleleyo be-AWS Landing Zone bagxile koku kulandelayo:
- Ukuzenzekela ayisiyonto ikhethiweyo. I-automation yendalo yamafu iyakhethwa.
- Amaqela ahlala esebenzisa oomatshini abafana kunye neseti efanayo yezixhobo zokubonelela ngezixhobo zamafu. Kungcono ukusebenzisa iTerraform.
- Abona basebenzisi bamafu abavelisa kakhulu banamandla okwenza iinkqubo ezinokusetyenziswa kwakhona kwaye bazinikezele njengeenkonzo ezisebenzisekayo kwakhona endaweni yekhowudi enokusetyenziswa kwakhona. Uyilo olungenaseva luyakhethwa.
Ukwazisa iModyuli yeTerraform ye-AWS Landing Zone
Emva kweenyanga eziliqela ndisebenza nzima, ndiyakuvuyela ukunibonisa . igcinwe kwi-GitHub, kwaye ipapashwe kwiRegistry yeModyuli yeTerraform.
Ukuqalisa, vula ngokulula main.tf kwikhowudi yakho:
module "landing_zone" {
source = "TerraHubCorp/landing-zone/aws"
version = "0.0.6"
root_path = "${path.module}"
account_id = "${var.account_id}"
region = "${var.region}"
landing_zone_components = "${var.landing_zone_components}"
}
Qaphela: Qiniseka ukuba uyavula variables.tf kunye nayo yonke into onokuyidinga kuyo outputs.tf.
Ukwenza kube lula ukuqonda, songeze amaxabiso angagqibekanga terraform.tfvars:
account_id = "123456789012"
region = "us-east-1"
landing_zone_components = {
landing_zone_pipeline_s3_bucket = "s3://terraform-aws-landing-zone/mycompany/landing_zone_pipeline_s3_bucket/default.tfvars"
[...]
}
Oku kuthetha ukuba xa usebenzisa le modyuli terraform uzakufuna:
- Guqula amaxabiso
account_idΠΈregionkweyakho, ehambelana neenkcukacha ezikuMbutho we-AWS; - Guqula amaxabiso
landing_zone_componentsezo zihambelana nemeko yakho yokusetyenziswa kwe-AWS Landing Zone; - Hlela
s3://terraform-aws-landing-zone/mycompanykwibhloko yakho S3 kunye nesimaphambili esingundoqo S3apho uya kugcina iifayile.tfvars(okanye indlela epheleleyo yeefayile.tfvarskwindawo yakho yokugcina indawo).
Le modyuli inokuba ngamashumi, amakhulu, okanye amawaka ezinto ezinokusasazwa, kodwa ayizizo zonke ezimele okanye ziya kuthunyelwa. Ngexesha lokuqhuba, amacandelo angeyonxalenye yemephu eguquguqukayo landing_zone_components ayizukuhoywa.
isiphelo
Siyavuya kwaye sinebhongo ukwabelana ngeziqhamo zemizamo yethu yokunceda abathengi bakhe i-automation yendalo yamafu. Imodyuli ye-Terraform ye-AWS Landing Zone sesinye isisombululo esinceda imibutho imise ngokukhawuleza indawo ekhuselekileyo ye-AWS kunye neeakhawunti ezininzi ezisekelwe kwi-AWS eyona ndlela isebenzayo. Siyazi kakuhle ukuba i-AWS ikhula ngokukhawuleza ngokukhawuleza, kwaye sizimisele ukuphuhlisa ngokukhawuleza isisombululo se-terraform esigubungela zonke iziseko kwaye sidibanisa nezinye izisombululo zemveliso ye-AWS.
Kuko konke. Silindele izimvo zakho kwaye sikumema ukuba phakathi kwethu Masifunde uyilo loyilo lwesizinda se-Cloud Landing Zone kwaye siqwalasele iipateni zoyilo lweendawo eziphambili..
umthombo: www.habr.com