A ti ṣe ifilọlẹ olupese Terraform osise kan lati ṣiṣẹ pẹlu Selectel. Ọja yii ngbanilaaye awọn olumulo lati ni kikun imuse iṣakoso awọn orisun nipasẹ ilana ilana Amayederun-bi-koodu.
Olupese n ṣe atilẹyin lọwọlọwọ iṣakoso awọn orisun iṣẹ (lẹhinna tọka si bi VPC). Ni ọjọ iwaju, a gbero lati ṣafikun iṣakoso awọn orisun fun awọn iṣẹ miiran ti Selectel pese.
Bi o ti mọ tẹlẹ, iṣẹ VPC ti wa ni itumọ ti lori OpenStack. Bibẹẹkọ, nitori otitọ pe OpenStack ko pese awọn irinṣẹ abinibi fun sisin awọsanma ti gbogbo eniyan, a ṣe imuse iṣẹ ṣiṣe ti o padanu ni akojọpọ awọn API afikun ti o rọrun iṣakoso ti awọn nkan idapọpọ eka ati jẹ ki iṣẹ naa rọrun diẹ sii. Diẹ ninu awọn iṣẹ ṣiṣe ti o wa ni OpenStack ti wa ni pipade lati lilo taara, ṣugbọn o wa nipasẹ .
Olupese Selectel Terraform ni bayi pẹlu agbara lati ṣakoso awọn orisun VPC wọnyi:
- ise agbese ati awọn ipin wọn;
- awọn olumulo, wọn ipa ati àmi;
- awọn subnets ti gbogbo eniyan, pẹlu agbekọja-agbegbe ati VRRP;
- awọn iwe-aṣẹ software.
Olupese naa nlo ile-ikawe Go ti gbogbo eniyan lati ṣiṣẹ pẹlu API VPC. Mejeeji ile-ikawe ati olupese funrararẹ jẹ orisun ṣiṣi, idagbasoke wọn ni a ṣe lori Github:
- ibi ipamọ ìkàwé ,
- ibi ipamọ olupese .
Lati ṣakoso awọn orisun awọsanma miiran, gẹgẹbi awọn ẹrọ foju, awọn disiki, awọn iṣupọ Kubernetes, o le lo olupese OpenStack Terraform. Awọn iwe aṣẹ osise fun awọn olupese mejeeji wa ni awọn ọna asopọ wọnyi:
- Awọn iwe ohun elo yiyan: ,
- Awọn iwe orisun orisun OpenStack: .
Bibẹrẹ
Lati bẹrẹ, o nilo lati fi sori ẹrọ Terraform (awọn itọnisọna ati awọn ọna asopọ si awọn idii fifi sori ẹrọ ni a le rii ni ).
Lati ṣiṣẹ, olupese nilo bọtini API Selectel, eyiti o ṣẹda ninu .
Awọn afihan fun ṣiṣẹ pẹlu Selectel ni a ṣẹda nipa lilo Terraform tabi lilo awọn apẹẹrẹ ti a ti ṣetan ti o wa ni ibi ipamọ Github wa: .
Ibi ipamọ pẹlu awọn apẹẹrẹ ti pin si awọn ilana meji:
- modulu, ti o ni awọn modulu kekere ti o tun ṣe atunṣe ti o mu awọn ipilẹ ti o wa gẹgẹbi titẹ sii ati ṣakoso awọn ohun elo kekere kan;
- Apeere, ti o ni awọn apẹẹrẹ ti eto pipe ti awọn modulu asopọ pọ.
Lẹhin fifi Terraform sori ẹrọ, ṣiṣẹda bọtini API Selectel ati mimọ ararẹ pẹlu awọn apẹẹrẹ, jẹ ki a lọ si awọn apẹẹrẹ to wulo.
Apeere ti ṣiṣẹda olupin pẹlu disk agbegbe kan
Jẹ ki a wo apẹẹrẹ ti ṣiṣẹda iṣẹ akanṣe kan, olumulo kan pẹlu ipa kan ati ẹrọ foju kan pẹlu disiki agbegbe kan: .
Ninu faili vars.tf gbogbo awọn paramita ti yoo ṣee lo nigbati pipe awọn module ti wa ni apejuwe. Diẹ ninu wọn ni awọn iye aiyipada, fun apẹẹrẹ, olupin naa yoo ṣẹda ni agbegbe naa ru-3a pẹlu iṣeto ni atẹle:
variable "server_vcpus" {
default = 4
}
variable "server_ram_mb" {
default = 8192
}
variable "server_root_disk_gb" {
default = 8
}
variable "server_image_name" {
default = "Ubuntu 18.04 LTS 64-bit"
}
Ninu faili akọkọ.tf Olupese Selectel ti wa ni ipilẹṣẹ:
provider "selectel" {
token = "${var.sel_token}"
}
Faili yii tun ni iye aiyipada fun bọtini SSH ti yoo fi sii sori olupin naa:
module "server_local_root_disk" {
...
server_ssh_key = "${file("~/.ssh/id_rsa.pub")}"
}
Ti o ba jẹ dandan, o le pato bọtini ita gbangba ti o yatọ. Bọtini naa ko ni lati ṣalaye bi ọna faili; o tun le ṣafikun iye bi okun.
Siwaju sii ninu faili yii awọn modulu ti ṣe ifilọlẹ project_with_user и server_local_root_disk, eyiti o ṣakoso awọn orisun pataki.
Jẹ ki a wo awọn modulu wọnyi ni awọn alaye diẹ sii.
Ṣiṣẹda ise agbese kan ati olumulo pẹlu ipa kan
Module akọkọ ṣẹda iṣẹ akanṣe kan ati olumulo kan pẹlu ipa kan ninu iṣẹ akanṣe yẹn: .
Olumulo ti o ṣẹda yoo ni anfani lati wọle si OpenStack ati ṣakoso awọn orisun rẹ. Module naa rọrun ati ṣakoso awọn nkan mẹta nikan:
- selectel_vpc_project_v2,
- selectel_vpc_user_v2,
- selectel_vpc_role_v2.
Ṣiṣẹda olupin foju kan pẹlu disk agbegbe
Ẹya keji ṣe pẹlu ṣiṣakoso awọn nkan OpenStack, eyiti o jẹ pataki lati ṣẹda olupin pẹlu disiki agbegbe kan.
O yẹ ki o san ifojusi si diẹ ninu awọn ariyanjiyan ti o ti wa ni pato ni yi module fun awọn oluşewadi openstack_compute_intance_v2:
resource "openstack_compute_instance_v2" "instance_1" {
...
lifecycle {
ignore_changes = ["image_id"]
}
vendor_options {
ignore_resize_confirmation = true
}
}
Ariyanjiyan foju_ayipada faye gba o lati foju awọn iyipada abuda id fun aworan ti a lo lati ṣẹda ẹrọ foju. Ninu iṣẹ VPC, ọpọlọpọ awọn aworan ti gbogbo eniyan ni imudojuiwọn laifọwọyi lẹẹkan ni ọsẹ kan ati ni akoko kanna wọn id tun yipada. Eyi jẹ nitori awọn iyasọtọ ti paati OpenStack - Glance, ninu eyiti awọn aworan jẹ awọn nkan ti ko yipada.
Ti o ba n ṣẹda tabi ṣatunṣe olupin ti o wa tẹlẹ tabi disk ti o ni bi ariyanjiyan aworan_id o ti lo id aworan ti gbogbo eniyan, lẹhinna lẹhin ti aworan naa ti ni imudojuiwọn, ṣiṣiṣẹ ifihan Terraform lẹẹkansi yoo tun ṣe olupin tabi disk naa. Lilo ohun ariyanjiyan foju_ayipada faye gba o lati yago fun iru ipo.
Akiyesi: ariyanjiyan foju_ayipada han ni Terraform ni igba pipẹ sẹhin: .
Ariyanjiyan foju_resize_confirmation nilo lati ṣe atunṣe iwọn disk agbegbe, awọn ohun kohun, tabi iranti olupin ni aṣeyọri. Iru awọn iyipada bẹẹ ni a ṣe nipasẹ paati OpenStack Nova nipa lilo ibeere kan resize. Aiyipada Nova lẹhin ìbéèrè resize fi olupin sinu ipo verify_resize ati ki o duro fun afikun ìmúdájú lati olumulo. Sibẹsibẹ, ihuwasi yii le yipada ki Nova ko duro fun awọn iṣe afikun lati ọdọ olumulo.
Awọn ariyanjiyan pato gba Terraform laaye lati ma duro fun ipo naa verify_resize fun olupin naa ki o mura silẹ fun olupin lati wa ni ipo ti nṣiṣe lọwọ lẹhin iyipada awọn aye rẹ. Ariyanjiyan naa wa lati ẹya 1.10.0 ti olupese OpenStack Terraform: .
Ṣiṣẹda Resources
Ṣaaju ṣiṣe awọn ifihan, jọwọ ṣe akiyesi pe ninu apẹẹrẹ wa, awọn olupese oriṣiriṣi meji ti ṣe ifilọlẹ, ati olupese OpenStack da lori awọn orisun ti olupese Selectel, nitori laisi ṣiṣẹda olumulo kan ninu iṣẹ akanṣe, ko ṣee ṣe lati ṣakoso awọn nkan ti o jẹ tirẹ. . Laanu, fun idi kanna a ko le kan ṣiṣe aṣẹ naa terraform waye inu apẹẹrẹ wa. A nilo akọkọ lati ṣe waye fun module project_with_user ati lẹhin naa fun ohun gbogbo miiran.
Akiyesi: Ọrọ yii ko tii yanju ni Terraform, o le tẹle ijiroro lori Github ni и .
Lati ṣẹda awọn orisun, lọ si liana , awọn akoonu inu rẹ yẹ ki o jẹ bi eleyi:
$ ls
README.md main.tf vars.tf
A bẹrẹ awọn modulu nipa lilo aṣẹ:
$ terraform init
Ijade fihan pe Terraform ṣe igbasilẹ awọn ẹya tuntun ti awọn olupese ti o nlo ati ṣayẹwo gbogbo awọn modulu ti a ṣalaye ninu apẹẹrẹ.
Ni akọkọ jẹ ki a lo module naa project_with_user. Eyi nilo awọn iye gbigbe pẹlu ọwọ fun awọn oniyipada ti ko ti ṣeto:
- sel_iroyin pẹlu nọmba akọọlẹ Selectel rẹ;
- sel_tokini pẹlu bọtini rẹ fun API Selectel;
- olumulo_iwọle pẹlu ọrọ igbaniwọle kan fun olumulo OpenStack.
Awọn iye fun awọn oniyipada meji akọkọ gbọdọ gba lati .
Fun awọn ti o kẹhin oniyipada, o le wá soke pẹlu eyikeyi ọrọigbaniwọle.
Lati lo module o nilo lati ropo awọn iye SEL_ACCOUNT, SEL_TOKEN и USER_PASSWORD nṣiṣẹ aṣẹ:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply -target=module.project_with_user
Lẹhin ṣiṣe aṣẹ naa, Terraform yoo ṣafihan kini awọn orisun ti o fẹ ṣẹda ati beere fun ijẹrisi:
Plan: 3 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
Ni kete ti iṣẹ akanṣe naa, olumulo ati ipa ti ṣẹda, o le bẹrẹ ṣiṣẹda awọn orisun to ku:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
Nigbati o ba ṣẹda awọn orisun, san ifojusi si iṣelọpọ Terraform pẹlu adiresi IP ita nibiti olupin ti o ṣẹda yoo wa:
module.server_local_root_disk.openstack_networking_floatingip_associate_v2.association_1: Creating...
floating_ip: "" => "x.x.x.x"
O le ṣiṣẹ pẹlu ẹrọ foju ti o ṣẹda nipasẹ SSH nipa lilo IP ti a ti sọ tẹlẹ.
Nsatunkọ awọn Resources
Ni afikun si ṣiṣẹda awọn orisun nipasẹ Terraform, wọn tun le ṣe atunṣe.
Fun apẹẹrẹ, jẹ ki a pọ si nọmba awọn ohun kohun ati iranti fun olupin wa nipa yiyipada awọn iye fun awọn paramita server_vcpus и server_ram_mb ninu faili apeere/vpc/server_local_root_disk/main.tf:
- server_vcpus = "${var.server_vcpus}"
- server_ram_mb = "${var.server_ram_mb}"
+ server_vcpus = 8
+ server_ram_mb = 10240
Lẹhin eyi, a ṣayẹwo kini awọn iyipada eyi yoo yorisi lilo aṣẹ atẹle:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform plan
Bi abajade, Terraform ṣe iyipada awọn orisun openstack_compute_intance_v2 и openstack_compute_flavor_v2.
Jọwọ ṣe akiyesi pe eyi yoo fa atunbere ẹrọ foju ti o ṣẹda.
Lati lo iṣeto ẹrọ foju foju tuntun, lo aṣẹ naa terraform waye, eyiti a ti ṣe ifilọlẹ tẹlẹ.
Gbogbo awọn nkan ti o ṣẹda yoo han ni :
Ninu wa O tun le wo awọn ifihan fun ṣiṣẹda awọn ẹrọ foju pẹlu awọn awakọ nẹtiwọọki.
Apẹẹrẹ ti ṣiṣẹda iṣupọ Kubernetes
Ṣaaju ki a to lọ si apẹẹrẹ atẹle, a yoo nu awọn orisun ti a ṣẹda tẹlẹ. Lati ṣe eyi ni root ti ise agbese Jẹ ki a ṣiṣẹ aṣẹ lati pa awọn nkan OpenStack rẹ:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform destroy -target=module.server_local_root_disk
Lẹhinna ṣiṣe aṣẹ naa lati ko awọn ohun elo API Selectel VPC kuro:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform destroy -target=module.project_with_user
Ni awọn ọran mejeeji, iwọ yoo nilo lati jẹrisi piparẹ gbogbo awọn nkan:
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
Apẹẹrẹ atẹle wa ninu ilana .
Apeere yii ṣẹda iṣẹ akanṣe kan, olumulo ti o ni ipa ninu iṣẹ akanṣe, o si gbe iṣupọ Kubernetes kan. Ninu faili vars.tf o le wo awọn iye aiyipada, gẹgẹbi nọmba awọn apa, awọn abuda wọn, ẹya Kubernetes, ati bẹbẹ lọ.
Lati ṣẹda awọn orisun ti o jọra si apẹẹrẹ akọkọ, ni akọkọ gbogbo a yoo bẹrẹ ipilẹṣẹ awọn modulu ati ṣiṣẹda awọn orisun module project_with_userati lẹhinna ṣẹda ohun gbogbo miiran:
$ terraform init
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply -target=module.project_with_user
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
A yoo gbe ẹda ati iṣakoso ti awọn iṣupọ Kubernetes nipasẹ paati OpenStack Magnum. O le wa diẹ sii nipa bi o ṣe le ṣiṣẹ pẹlu iṣupọ ninu ọkan ninu wa bi daradara bi ninu .
Nigbati o ba ngbaradi iṣupọ, awọn disiki ati awọn ẹrọ foju yoo ṣẹda ati gbogbo awọn paati pataki yoo fi sii. Igbaradi gba to iṣẹju 4, lakoko eyiti Terraform yoo ṣe afihan awọn ifiranṣẹ bii:
module.kubernetes_cluster.openstack_containerinfra_cluster_v1.cluster_1: Still creating... (3m0s elapsed)
Ni kete ti fifi sori ẹrọ ti pari, Terraform yoo fihan pe iṣupọ ti ṣetan ati ṣafihan ID rẹ:
module.kubernetes_cluster.openstack_containerinfra_cluster_v1.cluster_1: Creation complete after 4m20s (ID: 3c8...)
Apply complete! Resources: 6 added, 0 changed, 0 destroyed.
Lati ṣakoso iṣupọ Kubernetes ti o ṣẹda nipasẹ ohun elo naa kubectl o nilo lati gba faili wiwọle iṣupọ. Lati ṣe eyi, lọ si iṣẹ akanṣe ti a ṣẹda nipasẹ Terraform ninu atokọ awọn iṣẹ akanṣe ninu akọọlẹ rẹ:
Nigbamii, tẹle ọna asopọ bi eyi ti o han ni isalẹ orukọ ise agbese:
Fun alaye wiwọle, lo orukọ olumulo ati ọrọ igbaniwọle ti o ṣẹda nipasẹ Terraform. Ti o ko ba ti iyanjẹ vars.tf tabi akọkọ.tf fun apẹẹrẹ wa, olumulo yoo ni orukọ tf_olumulo. O gbọdọ lo iye ti oniyipada bi ọrọ igbaniwọle Ọrọigbaniwọle TF_VAR_olumulo, eyi ti a ti pato ni ibẹrẹ terraform waye sẹyìn.
Ninu iṣẹ akanṣe o nilo lati lọ si taabu Kubernetes:
Eyi ni ibi ti iṣupọ ti a ṣẹda nipasẹ Terraform wa. Ṣe igbasilẹ faili fun kubectl o le lori taabu "Wiwọle":
Awọn ilana fifi sori ẹrọ wa lori taabu kanna. kubectl ati lilo awọn gbaa lati ayelujara konfigi.yaml.
Lẹhin ifilọlẹ kubectl ati ṣeto iyipada ayika KUBECONFIG O le lo Kubernetes:
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-9578f5c87-g6bjf 1/1 Running 0 8m
kube-system coredns-9578f5c87-rvkgd 1/1 Running 0 6m
kube-system heapster-866fcbc879-b6998 1/1 Running 0 8m
kube-system kube-dns-autoscaler-689688988f-8cxhf 1/1 Running 0 8m
kube-system kubernetes-dashboard-7bdb5d4cd7-jcjq9 1/1 Running 0 8m
kube-system monitoring-grafana-84c97bb64d-tc64b 1/1 Running 0 8m
kube-system monitoring-influxdb-7c8ccc75c6-dzk5f 1/1 Running 0 8m
kube-system node-exporter-tf-cluster-rz6nggvs4va7-minion-0 1/1 Running 0 8m
kube-system node-exporter-tf-cluster-rz6nggvs4va7-minion-1 1/1 Running 0 8m
kube-system openstack-cloud-controller-manager-8vrmp 1/1 Running 3 8m
prometeus-monitoring grafana-76bcb7ffb8-4tm7t 1/1 Running 0 8m
prometeus-monitoring prometheus-75cdd77c5c-w29gb 1/1 Running 0 8m
Nọmba awọn apa iṣupọ le yipada ni irọrun nipasẹ Terraform.
Ninu faili akọkọ.tf iye wọnyi ti wa ni pato:
cluster_node_count = "${var.cluster_node_count}"
Yi iye ti wa ni aropo lati vars.tf:
variable "cluster_node_count" {
default = 2
}
O le yipada boya iye aiyipada ni vars.tf, tabi pato iye ti a beere taara ni akọkọ.tf:
- cluster_node_count = "${var.cluster_node_count}"
+ cluster_node_count = 3
Lati lo awọn ayipada, bi ninu ọran ti apẹẹrẹ akọkọ, lo aṣẹ naa terraform waye:
$ env
TF_VAR_sel_account=SEL_ACCOUNT
TF_VAR_sel_token=SEL_TOKEN
TF_VAR_user_password=USER_PASSWORD
terraform apply
Nigbati nọmba awọn apa ba yipada, iṣupọ yoo wa. Lẹhin fifi ipade kan kun nipasẹ Terraform, o le lo laisi iṣeto ni afikun:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
tf-cluster-rz6nggvs4va7-master-0 Ready,SchedulingDisabled master 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-0 Ready <none> 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-1 Ready <none> 8m v1.12.4
tf-cluster-rz6nggvs4va7-minion-2 Ready <none> 3m v1.12.4
ipari
Ninu nkan yii a ti mọ awọn ọna akọkọ lati ṣiṣẹ pẹlu nipasẹ Terraform. A yoo ni idunnu ti o ba lo olupese iṣẹ Selectel Terraform ati pese esi.
Eyikeyi awọn idun ti a rii ni olupese Selectel Terraform le jẹ ijabọ nipasẹ .
orisun: www.habr.com