I-ProHoster > Π‘Π»ΠΎΠ³ > Ukuphatha > Sethula Indawo Yokuhlala ye-AWS ehlelekayo kumojuli ye-Terraform

Sethula Indawo Yokuhlala ye-AWS ehlelekayo kumojuli ye-Terraform

Sanibonani nonke! NgoDisemba, i-OTUS yethula isifundo esisha - Cloud Solution Architecture. Njengoba silindele ukuqala kwalesi sifundo, sabelana nawe ngokuhumusha kwezinto ezithakazelisayo ngesihloko.

Sethula Indawo Yokuhlala ye-AWS ehlelekayo kumojuli ye-Terraform

I-AWS Landing Zone yisixazululo esisiza amakhasimende ukuthi asethe ngokushesha indawo ye-AWS evikelekile, enama-akhawunti amaningi ngokususelwe ezenzweni ezihamba phambili.

Ngaphezu kweminyaka emihlanu, ithimba lethu eMitoc Group lisebenze ngokuzikhandla ukuze lisize izinhlangano ezinkulu ngempumelelo ukuguqula nokwakha noma ukuthuthela umkhondo wazo wedijithali efwini le-AWS. Ngamanye amazwi, ukucaphuna abangani bethu kwa-AWS: "Amakhasimende ethu azisungula kabusha nge-AWS." Kungumzamo ongapheli wokusungula kabusha nokwenza lula ubunjiniyela egameni lamakhasimende ngokwawo, futhi i-AWS yenza umsebenzi omuhle kakhulu wokuxazulula izinkinga eziyinkimbinkimbi ngezisombululo ezifundeka kalula.

Sethula Indawo Yokuhlala ye-AWS ehlelekayo kumojuli ye-Terraform
I-AWS Landing Zone (umthombo)

Iyini i-AWS Landing Zone?

Ngokolwazi oluvela emthonjeni osemthethweni:

I-AWS Landing Zone iyisixazululo esisiza amakhasimende ukuthi asethe ngokushesha indawo evikelekile ye-AWS enama-akhawunti amaningi asuselwe kuzinqubo ezihamba phambili ze-AWS. Ngezinketho eziningi kangaka, ukusetha indawo enama-akhawunti amaningi kungase kudle isikhathi, kuhilele ukuhlela ama-akhawunti amaningi namasevisi, futhi kudinga ukuqonda okujulile kwezinsizakalo ze-AWS.

I-AWS Landing Zone inciphise kakhulu inkimbinkimbi nokuvumelana kwamaphethini wokuklama afanayo alethwa kumakhasimende ahlukene. Ngakolunye uhlangothi, ithimba lethu bekufanele lilungise kabusha ezinye izingxenye ze-CloudFormation njengezingxenye ze-Terraform ukuze lizisebenzisele ukuzenzela.

Ngakho-ke sazibuza, kungani singakhi sonke isixazululo se-AWS Landing Zone eTerraform? Singakwenza lokhu futhi kuzoxazulula izinkinga zamakhasimende ethu? Spoiler: izokwenza futhi isivele inquma! πŸ™‚

Kunini lapho akufanele usebenzise i-AWS Landing Zone?

Uma usebenzelana nezinsiza ezijwayelekile zamafu nezinsiza zamafu ngaphakathi kwe-akhawunti eyodwa noma amabili e-AWS, lezi zinyathelo zingase zeqile. Noma ubani ongahlobene naleli phuzu angaqhubeka nokufunda :)

Yini okufanele uyicabangele ngaphambi kokuqala umsebenzi?

Iningi lezinhlangano ezinkulu esisebenze nazo sezivele zinamasu amafu akhona. Izinkampani zilwela ukusebenzisa ngempumelelo izinsizakalo zamafu ngaphandle kombono ocacile kanye nezilindelwe. Sicela uthathe isikhathi sokuchaza isu lakho futhi uqonde ukuthi i-AWS ingena kanjani kuyo.

Lapho usetha isu, amakhasimende aphumelele we-AWS Landing Zone agxila kakhulu kokulandelayo:

  • I-Automation ayiyona inketho. I-Cloud native automation iyakhethwa.
  • Amaqembu asebenzisa ngokuqhubekayo okokusebenza okufanayo ngesethi efanayo yamathuluzi ukuze anikeze izinsiza zamafu. Kungcono ukusebenzisa i-Terraform.
  • Abasebenzisi bamafu abakhiqiza kakhulu banekhono lokudala izinqubo ezisebenziseka kabusha futhi bazilethe njengamasevisi asebenziseka kabusha esikhundleni sekhodi esebenziseka kabusha. I-architecture engenaseva iyakhethwa.

Sethula i-Terraform Module ye-AWS Landing Zone

Ngemva kwezinyanga ezimbalwa zokusebenza kanzima, ngiyajabula ukwethula kini Imojula ye-Terraform ye-AWS Landing Zone. Umthombo igcinwa ku-GitHub, futhi izinguqulo ezinzile ishicilelwe ku-Terraform Module Registry.

Ukuze uqalise, vele uvule main.tf kukhodi yakho:

module "landing_zone" {
  source     = "TerraHubCorp/landing-zone/aws"
  version    = "0.0.6"
  root_path  = "${path.module}"
  account_id = "${var.account_id}"
  region     = "${var.region}"
  landing_zone_components = "${var.landing_zone_components}"
}

Qaphela: Qinisekisa ukunika amandla variables.tf nakho konke ongadinga kukho outputs.tf.

Ukwenza kube lula ukukuqonda, sengeze amanani azenzakalelayo ku terraform.tfvars:

account_id = "123456789012"
region = "us-east-1"
landing_zone_components = {
  landing_zone_pipeline_s3_bucket = "s3://terraform-aws-landing-zone/mycompany/landing_zone_pipeline_s3_bucket/default.tfvars"
  [...]
}

Lokhu kusho ukuthi uma usebenzisa le moduli terraform uzodinga:

  1. Shintsha amanani account_id ΠΈ region kweyakho, ehambisana nedatha yeNhlangano ye-AWS;
  2. Shintsha amanani landing_zone_components lawo afana nekesi lakho lokusebenzisa i-AWS Landing Zone;
  3. Hlela s3://terraform-aws-landing-zone/mycompany ku-block yakho S3 kanye nesiqalo esiyinhloko S3lapho uzogcina khona amafayela .tfvars (noma indlela ephelele eya kumafayela .tfvars endaweni yakho yokugcina indawo).

Le mojula ingaba namashumi, amakhulu, noma izinkulungwane zezingxenye ezisebenzisekayo, kodwa akuzona zonke okufanele noma ezizosetshenziswa. Ngesikhathi sokusebenza, izingxenye ezingeyona ingxenye yemephu eguquguqukayo landing_zone_components ngeke indiva.

isiphetho

Sijabulile futhi siyaziqhenya ukwabelana ngezithelo zemizamo yethu yokusiza amakhasimende akhe i-cloud native automation. Imojula ye-Terraform ye-AWS Landing Zone ingesinye isixazululo esiza izinhlangano zisethe ngokushesha indawo evikelekile ye-AWS enama-akhawunti amaningi asekelwe kuzenzo ezihamba phambili ze-AWS. Sazi kahle ukuthi i-AWS ikhula ngesivinini esimangalisayo, futhi sizibophezele ekuthuthukiseni ngokushesha isisombululo se-terraform esihlanganisa zonke izisekelo futhi sihlanganise nezinye izixazululo zokukhiqiza ze-AWS.

Yilokho kuphela. Silindele ukuphawula kwakho futhi sikumema ukuba wenze kanjalo i-webinar yamahhala phakathi kwethu Ake sifunde ukuklama kwesizinda sesizinda se-Cloud Landing Zone futhi sicabangele amaphethini ezakhiwo ezizindeni eziyinhloko..

Source: www.habr.com

Engeza amazwana