User Tools
технология_terraform
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
технология_terraform [2024/07/17 12:57] val [Технология Terraform] |
технология_terraform [2024/07/21 07:05] (current) val [Multi-Machine проект] |
||
|---|---|---|---|
| Line 2: | Line 2: | ||
| * [[https://releases.hashicorp.com/terraform/]] | * [[https://releases.hashicorp.com/terraform/]] | ||
| + | * [[https://mirror.selectel.ru/3rd-party/hashicorp-releases/terraform/]] | ||
| * [[https://hashicorp-releases.yandexcloud.net/terraform/]] | * [[https://hashicorp-releases.yandexcloud.net/terraform/]] | ||
| * [[https://www.linuxtechi.com/how-to-install-terraform-on-debian/|How to Install Terraform on Debian 12]] | * [[https://www.linuxtechi.com/how-to-install-terraform-on-debian/|How to Install Terraform on Debian 12]] | ||
| + | |||
| + | * [[https://habr.com/ru/companies/otus/articles/696694/|Основы Terraform]] Язык HCL | ||
| * [[https://stackoverflow.com/questions/69860280/how-to-properly-reset-terraform-default-tfstate|How to properly reset Terraform default tfstate?]] | * [[https://stackoverflow.com/questions/69860280/how-to-properly-reset-terraform-default-tfstate|How to properly reset Terraform default tfstate?]] | ||
| Line 11: | Line 14: | ||
| # VER=1.9.2 | # VER=1.9.2 | ||
| - | # wget https://hashicorp-releases.yandexcloud.net/terraform/$VER/terraform_${VER}_linux_amd64.zip | + | # wget https://mirror.selectel.ru/3rd-party/hashicorp-releases/terraform/$VER/terraform_${VER}_linux_amd64.zip |
| # unzip terraform_${VER}_linux_amd64.zip | # unzip terraform_${VER}_linux_amd64.zip | ||
| Line 20: | Line 23: | ||
| </code> | </code> | ||
| - | ===== kvm libvirt ===== | + | |
| + | |||
| + | ===== terraform-provider-libvirt ===== | ||
| * Технология KVM [[Технология KVM#Интеграция с Cloud-init]] | * Технология KVM [[Технология KVM#Интеграция с Cloud-init]] | ||
| Line 35: | Line 40: | ||
| * [[https://github.com/dmacvicar/terraform-provider-libvirt/releases/]] | * [[https://github.com/dmacvicar/terraform-provider-libvirt/releases/]] | ||
| - | ==== Установка terraform-provider-libvirt ==== | + | ==== Установка ==== |
| <code> | <code> | ||
| ~# wget https://github.com/dmacvicar/terraform-provider-libvirt/releases/download/v0.7.6/terraform-provider-libvirt_0.7.6_linux_amd64.zip | ~# wget https://github.com/dmacvicar/terraform-provider-libvirt/releases/download/v0.7.6/terraform-provider-libvirt_0.7.6_linux_amd64.zip | ||
| Line 70: | Line 75: | ||
| ==== Простой проект ==== | ==== Простой проект ==== | ||
| <code> | <code> | ||
| - | ~/nodes# cp network-config network-config.tftpl | ||
| - | |||
| ~/nodes# cat meta-data.tftpl | ~/nodes# cat meta-data.tftpl | ||
| </code><code> | </code><code> | ||
| local-hostname: ${name} | local-hostname: ${name} | ||
| </code><code> | </code><code> | ||
| + | ~/nodes# cp network-config network-config.tftpl | ||
| + | |||
| ~/nodes# cat network-config.tftpl | ~/nodes# cat network-config.tftpl | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
| + | ens3: | ||
| dhcp4: true | dhcp4: true | ||
| # dhcp4: false | # dhcp4: false | ||
| Line 176: | Line 182: | ||
| description = "Interface IPs" | description = "Interface IPs" | ||
| } | } | ||
| - | </code><code> | + | </code> |
| + | |||
| + | ==== Управление проектом ==== | ||
| + | |||
| + | <code> | ||
| ~/nodes# terraform validate | ~/nodes# terraform validate | ||
| Line 182: | Line 192: | ||
| ~/nodes# terraform apply #-auto-approve | ~/nodes# terraform apply #-auto-approve | ||
| - | |||
| - | ~/nodes# terraform state list | ||
| - | |||
| - | ~/nodes# terraform state show libvirt_domain.domain-node1 | ||
| ~/nodes# virsh console --domain domain-node1 | ~/nodes# virsh console --domain domain-node1 | ||
| ~/nodes# virsh vncdisplay domain-node1 | ~/nodes# virsh vncdisplay domain-node1 | ||
| + | |||
| + | ~/nodes# terraform state list | ||
| + | |||
| + | ~/nodes# terraform state show libvirt_domain.domain-node1 | ||
| + | ... | ||
| + | network_interface { | ||
| + | addresses | ||
| + | ... | ||
| ~/nodes# terraform destroy #-auto-approve | ~/nodes# terraform destroy #-auto-approve | ||
| Line 231: | Line 245: | ||
| local-hostname: ${name} | local-hostname: ${name} | ||
| </code><code> | </code><code> | ||
| + | home-computer:~/nodes# ip r | ||
| + | home-computer:~/nodes# cat /etc/resolv.conf | ||
| + | |||
| home-computer:~/nodes# cat network-config.tftpl | home-computer:~/nodes# cat network-config.tftpl | ||
| </code><code> | </code><code> | ||
| Line 246: | Line 263: | ||
| addresses: [192.168.X.10] | addresses: [192.168.X.10] | ||
| </code><code> | </code><code> | ||
| + | home-computer:~/nodes# mv node1.tf nodes.tf | ||
| + | |||
| home-computer:~/nodes# cat nodes.tf | home-computer:~/nodes# cat nodes.tf | ||
| </code><code> | </code><code> | ||
| Line 329: | Line 348: | ||
| } | } | ||
| </code> | </code> | ||
| + | |||
| + | * [[#Управление проектом]] | ||
| + | |||
| + | ===== Провайдеры Selectel и OpenStack ===== | ||
| + | |||
| + | * [[https://docs.selectel.ru/terraform/examples/cloud-servers/create-custom-server-with-boot-network-volume/|Создать облачный сервер произвольной конфигурации с загрузочным сетевым диском и дополнительным сетевым диском]] | ||
| + | |||
| + | <code> | ||
| + | # cat ~/.terraformrc | ||
| + | </code><code> | ||
| + | provider_installation { | ||
| + | network_mirror { | ||
| + | url = "https://mirror.selectel.ru/3rd-party/terraform-registry/" | ||
| + | include = ["registry.terraform.io/*/*"] | ||
| + | } | ||
| + | direct { | ||
| + | exclude = ["registry.terraform.io/*/*"] | ||
| + | } | ||
| + | } | ||
| + | </code><code> | ||
| + | home-computer:~# mkdir -p selectel; cd $_ | ||
| + | |||
| + | home-computer:~/selectel# cat main.tf | ||
| + | </code><code> | ||
| + | terraform { | ||
| + | required_providers { | ||
| + | selectel = { | ||
| + | source = "selectel/selectel" | ||
| + | version = "5.1.0" | ||
| + | } | ||
| + | openstack = { | ||
| + | source = "terraform-provider-openstack/openstack" | ||
| + | version = "2.0.0" | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | |||
| + | provider "selectel" { | ||
| + | domain_name = "NNNNNN" | ||
| + | username = "Cerys" | ||
| + | password = "xxxxxxxxxxx" | ||
| + | } | ||
| + | |||
| + | resource "selectel_vpc_project_v2" "project_1" { | ||
| + | name = "project" | ||
| + | } | ||
| + | |||
| + | resource "selectel_iam_serviceuser_v1" "serviceuser_1" { | ||
| + | name = "prCerys" | ||
| + | password = "xxxxxxxxxxx" | ||
| + | role { | ||
| + | role_name = "member" | ||
| + | scope = "project" | ||
| + | project_id = selectel_vpc_project_v2.project_1.id | ||
| + | } | ||
| + | } | ||
| + | |||
| + | provider "openstack" { | ||
| + | auth_url = "https://cloud.api.selcloud.ru/identity/v3" | ||
| + | domain_name = "NNNNNN" | ||
| + | tenant_id = selectel_vpc_project_v2.project_1.id | ||
| + | user_name = selectel_iam_serviceuser_v1.serviceuser_1.name | ||
| + | password = selectel_iam_serviceuser_v1.serviceuser_1.password | ||
| + | region = "ru-9" | ||
| + | } | ||
| + | |||
| + | resource "selectel_vpc_keypair_v2" "keypair_1" { | ||
| + | name = "keypair" | ||
| + | public_key = file("~/.ssh/id_rsa.pub") | ||
| + | user_id = selectel_iam_serviceuser_v1.serviceuser_1.id | ||
| + | } | ||
| + | |||
| + | resource "openstack_compute_flavor_v2" "flavor_1" { | ||
| + | # name = "custom-flavor-with-network-volume" | ||
| + | name = "custom-flavor-with-network-volume-1234" | ||
| + | vcpus = 2 | ||
| + | ram = 2048 | ||
| + | disk = 0 | ||
| + | is_public = false | ||
| + | |||
| + | lifecycle { | ||
| + | create_before_destroy = true | ||
| + | } | ||
| + | } | ||
| + | |||
| + | resource "openstack_networking_network_v2" "network_1" { | ||
| + | name = "private-network" | ||
| + | admin_state_up = "true" | ||
| + | |||
| + | depends_on = [ | ||
| + | selectel_vpc_project_v2.project_1, | ||
| + | selectel_iam_serviceuser_v1.serviceuser_1 | ||
| + | ] | ||
| + | |||
| + | } | ||
| + | |||
| + | resource "openstack_networking_subnet_v2" "subnet_1" { | ||
| + | name = "private-subnet" | ||
| + | network_id = openstack_networking_network_v2.network_1.id | ||
| + | cidr = "192.168.199.0/24" | ||
| + | } | ||
| + | |||
| + | data "openstack_networking_network_v2" "external_network_1" { | ||
| + | external = true | ||
| + | |||
| + | depends_on = [ | ||
| + | selectel_vpc_project_v2.project_1, | ||
| + | selectel_iam_serviceuser_v1.serviceuser_1 | ||
| + | ] | ||
| + | |||
| + | } | ||
| + | |||
| + | resource "openstack_networking_router_v2" "router_1" { | ||
| + | name = "router" | ||
| + | external_network_id = data.openstack_networking_network_v2.external_network_1.id | ||
| + | } | ||
| + | |||
| + | resource "openstack_networking_router_interface_v2" "router_interface_1" { | ||
| + | router_id = openstack_networking_router_v2.router_1.id | ||
| + | subnet_id = openstack_networking_subnet_v2.subnet_1.id | ||
| + | } | ||
| + | |||
| + | resource "openstack_networking_port_v2" "port_1" { | ||
| + | name = "port" | ||
| + | network_id = openstack_networking_network_v2.network_1.id | ||
| + | |||
| + | fixed_ip { | ||
| + | subnet_id = openstack_networking_subnet_v2.subnet_1.id | ||
| + | } | ||
| + | } | ||
| + | |||
| + | data "openstack_images_image_v2" "image_1" { | ||
| + | # name = "Ubuntu 20.04 LTS 64-bit" | ||
| + | name = "Debian 12 (Bookworm) 64-bit" | ||
| + | most_recent = true | ||
| + | visibility = "public" | ||
| + | |||
| + | depends_on = [ | ||
| + | selectel_vpc_project_v2.project_1, | ||
| + | selectel_iam_serviceuser_v1.serviceuser_1 | ||
| + | ] | ||
| + | |||
| + | } | ||
| + | |||
| + | resource "openstack_blockstorage_volume_v3" "volume_1" { | ||
| + | name = "boot-volume-for-server" | ||
| + | size = "5" | ||
| + | image_id = data.openstack_images_image_v2.image_1.id | ||
| + | volume_type = "fast.ru-9a" | ||
| + | availability_zone = "ru-9a" | ||
| + | enable_online_resize = true | ||
| + | |||
| + | lifecycle { | ||
| + | ignore_changes = [image_id] | ||
| + | } | ||
| + | |||
| + | } | ||
| + | |||
| + | resource "openstack_blockstorage_volume_v3" "volume_2" { | ||
| + | name = "additional-volume-for-server" | ||
| + | size = "7" | ||
| + | volume_type = "universal.ru-9a" | ||
| + | availability_zone = "ru-9a" | ||
| + | enable_online_resize = true | ||
| + | } | ||
| + | |||
| + | resource "openstack_compute_instance_v2" "server_1" { | ||
| + | name = "server" | ||
| + | flavor_id = openstack_compute_flavor_v2.flavor_1.id | ||
| + | key_pair = selectel_vpc_keypair_v2.keypair_1.name | ||
| + | availability_zone = "ru-9a" | ||
| + | |||
| + | network { | ||
| + | port = openstack_networking_port_v2.port_1.id | ||
| + | } | ||
| + | |||
| + | lifecycle { | ||
| + | ignore_changes = [image_id] | ||
| + | } | ||
| + | |||
| + | block_device { | ||
| + | uuid = openstack_blockstorage_volume_v3.volume_1.id | ||
| + | source_type = "volume" | ||
| + | destination_type = "volume" | ||
| + | boot_index = 0 | ||
| + | } | ||
| + | |||
| + | block_device { | ||
| + | uuid = openstack_blockstorage_volume_v3.volume_2.id | ||
| + | source_type = "volume" | ||
| + | destination_type = "volume" | ||
| + | boot_index = -1 | ||
| + | } | ||
| + | |||
| + | vendor_options { | ||
| + | ignore_resize_confirmation = true | ||
| + | } | ||
| + | } | ||
| + | |||
| + | resource "openstack_networking_floatingip_v2" "floatingip_1" { | ||
| + | pool = "external-network" | ||
| + | } | ||
| + | |||
| + | resource "openstack_networking_floatingip_associate_v2" "association_1" { | ||
| + | port_id = openstack_networking_port_v2.port_1.id | ||
| + | floating_ip = openstack_networking_floatingip_v2.floatingip_1.address | ||
| + | } | ||
| + | |||
| + | output "public_ip_address" { | ||
| + | # value = openstack_networking_floatingip_v2.floatingip_1.fixed_ip | ||
| + | value = openstack_networking_floatingip_v2.floatingip_1.address | ||
| + | } | ||
| + | </code> | ||
| + | |||
| + | * [[#Управление проектом]] | ||
технология_terraform.1721210260.txt.gz · Last modified: 2024/07/17 12:57 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
