Terraform
Allikas: Imre kasutab arvutit
Mine navigeerimisribaleMine otsikasti
Sissejuhatus
Terraform https://www.terraform.io/ ...
Mõisted
- ias - infrastructure as code
Tööpõhimõte
töökohaarvuti 1 tf state arvuti töökohaarvuti 2
/usr/local/bin/terraform postgresql baas /usr/local/bin/terraform
_____ _____ _____
| | | | | |
| | | | | |
|_____| |_____| |_____|
| | |
| | |
----|---------|-------------|------------------------|-----
|
|
......
|
-----|------|--------------|----------------------|---------------------|------
| | | |
__|__ __|__ __|__ __|__
| | | | | | | |
| | | | | | | |
|_____| |_____| |_____| |_____|
proxmox 1 proxmox 2 proxmox 3 proxmox 4
https://192.168.10.191, 2, 3, 4:8006/api/
kus
- proxmox 1, 2, 3 ja 4 on host arvutid, millel töötavad virtuaalsed arvutid
- töötakoharvutites 1 ja 2 kasutatakse terraform tarkvara
- terraform state arvutis on salvestatud terraform ettekujutus serveritesse tekitatud virtuaalsete arvutite koosseisust
- terraform peab arvet nii virtuaalsete arvutite hulga ja asukoha üle kui ka virtuaalsete arvutite sisu üle (virtuaalse riistvara kooseis, ip seadistus jms)
Uus virtuaalne arvuti kujuneb kolme sisendi alusel
- varem ettevalmistatud cloud-init võimeline proxmox qemu (ehk kvm) template
- proxmox snippets cloud-init seadistused
- terraform
Paigaldamine
Terraform tarkvara jagatakse aadressil https://www.terraform.io/downloads.html ühe zipitud binary faili kujul. nt 2020 aasta suvel sobib kopeerida
# cd /var/tmp # wget https://releases.hashicorp.com/terraform/0.12.28/terraform_0.12.28_linux_amd64.zip
Paigaldamiseks tuleb see lahti pakkida
# unzip terraform_0.12.28_linux_amd64.zip
ja kopeerida nt kataloogi /usr/local/bin
# cp terraform /usr/local/bin # chmod 0755 /usr/local/bin/terraform
Tulemusena saab nt küsida tarkvara versiooni
imre@deb11-tookoht:~$ terraform -v Terraform v0.12.28 imre@deb11-tookoht:~$ ldd /usr/local/bin/terraform not a dynamic executable imre@deb11-tookoht:~$ file /usr/local/bin/terraform /usr/local/bin/terraform: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, Go BuildID=oMODVmlDWDtedK13OzTZ/3LrauOon2ma8s4bZsv2i/YIWvbuMZtz346Y44Ol4L/B0x9UGkPWCqOH_nEZK7-, not stripped
cloudinit template ettevalmistamine
TODO
valmis cloudinit template kasutamine
proxmox# wget https://cdimage.debian.org/cdimage/openstack/current-10/debian-10-openstack-amd64.qcow2
proxmox# cat /root/qm-create-9000 qm create 9000 -name debian-10-template -memory 1024 -net0 virtio,bridge=vmbr0 -cores 1 -sockets 1 -cpu cputype=kvm64 -description "Debian 10 cloud image" -kvm 1 -numa 1 qm importdisk 9000 debian-10-openstack-amd64.qcow2 vgdata qm set 9000 -scsihw virtio-scsi-pci -virtio0 vgdata:vm-9000-disk-0 qm set 9000 -serial0 socket qm set 9000 -boot c -bootdisk virtio0 qm set 9000 -agent 1 qm set 9000 -hotplug disk,network,usb,memory,cpu qm set 9000 -vcpus 1 qm set 9000 -vga qxl qm set 9000 -name debian-10-template qm set 9000 -ide2 vgdata:cloudinit
proxmox# sh qm-create-9000 importing disk 'debian-10-openstack-amd64.qcow2' to VM 9000 ... WARNING: dos signature detected on /dev/data/vm-9000-disk-0 at offset 510. Wipe it? [y/n]: [n] Aborted wiping of dos. Logical volume "vm-9000-disk-0" created. 1 existing signature left on the device. transferred: 0 bytes remaining: 2147483648 bytes total: 2147483648 bytes progression: 0.00 % transferred: 21474836 bytes remaining: 2126008812 bytes total: 2147483648 bytes progression: 1.00 % transferred: 42949672 bytes remaining: 2104533976 bytes total: 2147483648 bytes progression: 2.00 % ... Successfully imported disk as 'unused0:vgdata:vm-9000-disk-0' update VM 9000: -scsihw virtio-scsi-pci -virtio0 vgdata:vm-9000-disk-0 update VM 9000: -serial0 socket update VM 9000: -boot c -bootdisk virtio0 update VM 9000: -agent 1 update VM 9000: -hotplug disk,network,usb,memory,cpu update VM 9000: -vcpus 1 update VM 9000: -vga qxl update VM 9000: -name debian-10-template update VM 9000: -ide2 vgdata:cloudinit Logical volume "vm-9000-cloudinit" created. WARNING: iso9660 signature detected on /dev/data/vm-9000-cloudinit at offset 32769. Wipe it? [y/n]: [n] Aborted wiping of iso9660. 1 existing signature left on the device.
terraform seadistamine ja käivitamine
Terraformi faili sisu võib olla nt selline
# cat provider-proxmox.tf
provider "proxmox" {
pm_parallel = 1
pm_tls_insecure = true
pm_api_url = "https://192.168.110.171:8006/api2/json"
pm_password = "parool"
pm_user = "root@pam"
}
resource "proxmox_vm_qemu" "proxmox_vm" {
count = "5"
name = "tf-vm-${count.index + 1}"
target_node = "ceph-pm0"
desc = "Debian 10 cloud image"
clone = "debian-cloudinit"
os_type = "cloud-init"
cores = "1"
sockets = "1"
cpu = "kvm64"
memory = "2048"
scsihw = "virtio-scsi-pci"
bootdisk = "virtio0"
agent = "1"
network {
id = 0
model = "virtio"
bridge = "vmbr0"
}
disk {
id = 0
size = 2
type = "virtio"
storage = "vgdata"
storage_type = "lvm"
iothread = true
}
lifecycle {
ignore_changes = [
network,
]
}
# cicustom = "user=local:snippets/userconfig-${count.index + 1}.yaml"
ipconfig0 = "ip=192.168.110.6${count.index + 1 }/24,gw=192.168.110.189"
nameserver = "8.8.8.8"
searchdomain = "sise.moraal.ee"
ciuser = "debian"
cipassword = "parool123"
sshkeys = <<EOF
ssh-rsa ....
EOF
}
kus
- count - tekitatavate virtuaalsete arvutite arv
- TODO
Kasutamiseks sobib öelda
$ terraform apply
Tulemusena tekib
- 5 virtuaalset arvutit
- terraform.tfstate fail (json formaadis)
Kasutamine - PostgreSQL
# cat provider.tf
provider "postgresql" {
host = "192.168.110.51"
port = 5432
database = "postgres"
username = "postgres"
password = "parool"
sslmode = "require"
connect_timeout = 15
}
resource "postgresql_database" "my_db" {
name = "my_db"
# owner = "my_role"
template = "template0"
lc_collate = "C"
connection_limit = -1
allow_connections = true
}
resource "postgresql_database" "my_db2" {
name = "my_db2"
# owner = "my_role"
template = "template0"
lc_collate = "C"
connection_limit = -1
allow_connections = true
}
# terraform plan -out planfile # terraform apply --auto-approve
