基础架构代码(IaC)是一种软件,使开发人员能够使用高级配置语法构建,管理和配置计算环境。一些好处包括能够实施DevOps最佳实践,流程自动化以及使用版本控制系统在团队中实现更高可见性和协作的机会。
Terraform从其他IaC解决方案中脱颖而出,因为它是一个编排工具,这意味着它专为裸机服务器和虚拟机而设计。应从运行Ubuntu 16.04的客户端计算机运行本指南中的命令。
警告本指南中使用的配置和命令将导致多个Linode添加到您的帐户。请务必在Linode Manager中密切监控您的帐户,以避免产生不必要的费用。
从Terraform的网站下载以下内容:
.zip
存档。.zip
存档的校验和:
sha256sum -c terraform*SHA256SUMS 2>&1 | grep OK
输出应显示文件中给出的terraform*SHA256SUMS
文件名:
terraform_0.11.3_linux_amd64.zip: OK从项目的下载页面下载并解压缩Go 。Terraform需要1.9版本: wget -c https://storage.googleapis.com/golang/go1.9.linux-amd64.tar.gz sudo tar -C /usr/local -xzf go*.linux-amd64.tar.gz
为项目可执行文件和源代码创建单独的目录: mkdir -p ~/go_projects/{bin,src,pkg}
将特定PATH
于Go的位置添加到用户的环境中。将这些行添加到用户~/.profile
文件的底部:
〜/ .profile文件1 2 3 4
export PATH=$PATH:/usr/local/go/bin export PATH=$PATH:$HOME/go_projects/bin export GOPATH="$HOME/go_projects" export GOBIN="$GOPATH/bin"注意您可以将变量更改为适合您的任何位置,只要它包含在PATH
变量中即可。
重新加载用户的环境配置文件: source ~/.profile
下载Terraform存储库: go get github.com/hashicorp/terraform
下载自定义terraform-provider-linode
存储库:
go get github.com/LinodeContent/terraform-provider-linode
源代码src
默认存储在Go的目录中。将目录更改为Terraform Linode插件的位置并构建包。依赖关系将由godeps
插件文件夹中已有的自动处理。
cd ~/go_projects/src/github.com/LinodeContent/terraform-provider-linode/bin/terraform-provider-linode go build -o terraform-provider-linode
将新创建的二进制文件和Terraform配置文件移动到~/go_projects/bin
:
mv ~/go_projects/src/github.com/LinodeContent/terraform-provider-linode/bin/terraform-provider-linode/terraform-provider-linode ~/go_projects/bin mv ~/go_projects/src/github.com/LinodeContent/terraform-provider-linode/linode-template.tf ~/go_projects/bin
此时,您需要所有二进制文件。如果其余客户端使用相同的操作系统,则可以在这些文件中分发这些文件。每个客户端都不需要安装Go
或构建相同的包。
下载Terraform存储库: go get github.com/hashicorp/terraform
获取Terraform的Linode插件: wget https://github.com/linode/docs-scripts/raw/master/hosted_scripts/terraform-linode-plugin/terraform-provider-linode
将插件移动到~go_projects/bin
:
mv terraform-provider-linode ~/go_projects/bin/ chmod 750 ~/go_projects/bin/terraform-provider-linode
Terraform可以理解两种类型的配置文件:JSON和HashiCorp配置语言(HCL)。本指南使用扩展名指定的HCL格式.tf
。
linode-template.tf
在文本编辑器中打开并添加下面显示的代码段。在指示的位置填写您的Linode API密钥,公共SSH密钥和所需的root密码:
〜/ go_projects /斌/ linode-template.tf 1 2 3 4 5 6 7 8 9 10 11 12 13 14
provider "linode" { key = "your-linode-API-key-here" } resource "linode_linode" "terraform-example" { image = "Ubuntu 16.04 LTS" kernel = "Grub 2" name = "linode-example" group = "terraform-test" region = "Atlanta, GA, USA" size = 1024 ssh_key = "your-ssh-id_rsa.pub-here" root_password = "your-server-password-here" }有关配置语法的特定信息,请参阅Terraform的文档。
导航~/go_projects/bin
并初始化Terraform配置:
cd ~/go_projects/bin terraform init
Terraform将确认初始化成功:
Terraform has been successfully initialized!
如果发生错误,请在调试模式下再次运行该命令: TF_LOG=debug terraform init
检查您的Terraform计划:
terraform plan
你会看见:
Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. ------------------------------------------------------------------------ An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: + linode_linode.your-terraform-name-here id: disk_expansion: "false" group: "your-linode-group-name-here" helper_distro: "true" image: "Ubuntu 16.04 LTS" ip_address: kernel: "Grub 2" manage_private_ip_automatically: "true" name: "TFtest" plan_storage: plan_storage_utilized: private_ip_address: region: "Atlanta, GA, USA" root_password: "wAZ9SvTofwDbrGO2FWgoI3BZFy0bvqxnQnNF1qn9pIQ=" size: "1024" ssh_key: "QLWOVauEwNxWGbj2ErWF9vFYIXsxW/2duL/og8gtV84=" status: swap_size: "512" Plan: 1 to add, 0 to change, 0 to destroy. ------------------------------------------------------------------------ Note: You didn't specify an "-out" parameter to save this plan, so Terraform can't guarantee that exactly these actions will be performed if "terraform apply" is subsequently run.
如果您需要解决任何问题,请激活调试模式:
TF_LOG=debug terraform plan
该terraform plan
命令不会对您的Linode帐户采取任何操作或进行任何更改。Terraform使用声明性方法,其中您的配置文件指定所需的基础结构最终状态。运行时terraform plan
,将执行分析以确定实现此状态所需的操作。
如果没有错误,请开始部署:
terraform apply
系统会要求您确认操作,输入yes
并按Enter键:
An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: + linode_linode.your-terraform-name-here id: disk_expansion: "false" group: "your-linode-group-name-here" helper_distro: "true" image: "Ubuntu 16.04 LTS" ip_address: kernel: "Grub 2" manage_private_ip_automatically: "true" name: "your-linode-name-here" plan_storage: plan_storage_utilized: private_ip_address: region: "Atlanta, GA, USA" root_password: "wAZ9SvTofwDbrGO2FWgoI3BZFy0bvqxnQnNF1qn9pIQ=" size: "1024" ssh_key: "QLWOVauEwNxWGbj2ErWF9vFYIXsxW/2duL/og8gtV84=" status: swap_size: "512" Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value:
返回Linode经理。您应该会看到linode-test
Linode已添加到您的帐户中。
现在您已经linode-example
使用Terraform创建了Linode,想象您需要实现Web和数据库服务器部署。
重要的是要记住:
linode-template.tf
。swap_size
用于覆盖默认值512Mb。您可以terraform-provider-linode
在插件GitHub存储库readme.md中检查所有可用选项。linode-template.tf
创建另一个名为linode-www.tf
(不要删除linode-template.tf
)的文件:
〜/ go_projects /斌/ linode-www.tf 1 2 3 4 5 6 7 8 9 10 11
resource "linode_linode" "terraform-www" { image = "CentOS 7" kernel = "Grub 2" name = "www" group = "web" region = "Dallas, TX, USA" size = 2048 swap_size = 1024 ssh_key = "your-ssh-id_rsa.pub-here" root_password = "your-server-password-here" }www
Linode已添加到web
您帐户的显示组中。想象一下,您想要将第一个服务器名称和标记更改为更相关的内容,并且还要增加大小以匹配新创建的Linode。
修改 linode-template.tf
〜/ go_projects /斌/ linode-template.tf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
provider "linode" { key = "your-linode-API-key-here" } resource "linode_linode" "terraform-example" { image = "Ubuntu 16.04 LTS" kernel = "Grub 2" name = "database" group = "web" region = "Atlanta, GA, USA" size = 2048 swap_size = 1024 ssh_key = "your-ssh-id_rsa.pub-here" root_password = "your-server-password-here" }
检查你的计划: terraform plan
应用您的更改: terraform apply 警告更改Linode的大小将强制关闭服务器并将其迁移到同一数据中心的其他主机。每3-5千兆字节的数据,相关的磁盘迁移大约需要1分钟。有关调整大小的更多信息,请阅读调整大小Linode指南。
返回Linode Manager以验证更改。
到目前为止,向基础结构添加新节点的过程是创建新文件并运行该terraform apply
命令。但是当您计划的基础架构有数十台服务器时会发生什么?在此示例中,您将使用非常简单的Terraform配置文件版本,该文件使用变量。
出于此示例的目的,您将需要删除以前的节点: terraform plan -destroy 返回: Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. linode_linode.your-terraform-name-here: Refreshing state... (ID: 6630470) ------------------------------------------------------------------------ An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: - linode_linode.TFtest Plan: 0 to add, 0 to change, 1 to destroy. ------------------------------------------------------------------------ Note: You didn't specify an "-out" parameter to save this plan, so Terraform can't guarantee that exactly these actions will be performed if "terraform apply" is subsequently run.
与之类似terraform plan
,上述命令会在进行任何更改之前检查您的基础结构。要执行删除,请运行:
terraform destroy
那会回来:
linode_linode.your-terraform-name-here: Refreshing state... (ID: 6630470) An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: - linode_linode.TFtest Plan: 0 to add, 0 to change, 1 to destroy. Do you really want to destroy? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value: yes linode_linode.your-terraform-name-here: Destroying... (ID: 6630470) linode_linode.your-terraform-name-here: Destruction complete after 0s Destroy complete! Resources: 1 destroyed.
验证Linode管理器中的删除。
删除(或移动到其他位置)所有Terraform文件。 rm *.tf*
创建一个新文件来定义变量。您可以使用任何名称,但对于此示例,我们将使用variables.tf
:
〜/ go_projects /斌/ variables.tf1 2 3 4 5 6
variable "linode_key" {} variable "ssh_key" {} variable "root_password" {} variable "region" { default = "Atlanta, GA, USA" }
创建文件terraform.tfvars
以存储变量。创建后,您无法更改此文件名:
〜/ go_projects /斌/ terraform.tfvars1 2 3
linode_key = "your-linode-API-key-here" ssh_key = "your-ssh-id_rsa.pub-here" root_password ="your-root-password-here"
创建一个名为的新配置文件linode-mod-template.tf
:
〜/ go_projects /斌/ linode-mod-template.tf 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
# Linode Provider definition provider "linode" { key = "${var.linode_key}" } # Example Web Server resource "linode_linode" "www-01" { image = "CentOS 7" kernel = "Latest 64 bit" name = "www" group = "web" region = "Dallas, TX, USA" size = 2048 swap_size = 1024 ssh_key = "${var.ssh_key}" root_password = "${var.root_password}" } # Example Database Server resource "linode_linode" "db-01" { image = "Ubuntu 16.04 LTS" kernel = "Latest 64 bit" name = "database" group = "web" region = "${var.region}" size = 2048 swap_size = 1024 ssh_key = "${var.ssh_key}" root_password = "${var.root_password}" }
检查新部署是否有错误: terraform plan
应用所有更改: terraform apply 最终结果与以前相同。变量的使用为Terraform提供了极大的灵活性,不仅可以存储重复数据(作为键),还可以为任何字段分配默认值。
任何代码驱动的解决方案背后的想法是避免重复的块。Terraform使用称为模块的概念来对通用服务器要求和配置进行分组。将模块视为与编程语言中的函数类似。
看一下以下文件结构:
有一个名为modules
包含可重用代码块的目录(在本例中appserver
)和一个testing
包含要实现的特定配置的目录。这是一个最小的布局,但足以突出优势。
模块结构非常灵活,因此您可以根据需要使用尽可能多的Terraform文件来描述您的基础架构。此示例仅包含一个描述可重用代码的主配置文件:
〜/ go_projects / bin中/模块/应用服务器/ main.tf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | # Application Server resource "linode_linode" "appserver" { image = "Ubuntu 16.04 LTS" kernel = "Latest 64 bit" name = "${var.appserver_name}" group = "web" region = "${var.region}" size = 2048 swap_size = 1024 ssh_key = "${var.ssh_key}" root_password = "${var.root_password}" } # Database Server resource "linode_linode" "dbserver" { image = "CentOS 7" kernel = "Latest 64 bit" name = "${var.dbserver_name}" group = "web" region = "${var.region}" size = "${var.db_size}" swap_size = 1024 ssh_key = "${var.ssh_key}" root_password = "${var.root_password}" } |
---|
上面的配置使用变量再现了前面的示例。下一个文件包含变量定义:
〜/ go_projects / bin中/模块/应用服务器/ variables.tf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | variable "appserver_name" { description = "The name for the Application Server" default = "default-app" } variable "dbserver_name" { description = "The name for the Database Server" default = "default-db" } variable "db_size" { description = "The size (plan) for your Database Linode" default = "1024" } variable "region" { description = "The default Linode region to deploy the infrastructure" default = "default-region" } variable "ssh_key" { description = "The Public id_rsa.pub key used for secure SSH connections" default = "default-ssh-key" } variable "root_password" { description = "The default root password for the Linode server" default = "default-root-pwd" } |
---|
注意为每个变量分配默认值。如果在调用模块时未覆盖该值,则将使用该值。
创建main.tf
使用刚刚创建的模块的配置文件:
〜/ go_projects /斌/测试/ main.tf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | # Newark Testing Environment Infrastructure provider "linode" { key = "your-linode-API-key-here" } module "appserver" { source = "/your/absolute/path/to/modules/appserver" # Variables Specific to this Deployment region = "Newark, NJ, USA" ssh_key = "your-ssh-id_rsa" root_password ="your-root-password-here" # Variables Specific to Servers appserver_name = "NJ-app" dbserver_name = "NJ-db" db_size = "8192" } |
---|
要使用模块,请使用命令按名称调用它,module
并指出保存它的绝对路径。然后,您可以为变量定义的每个字段分配值。最终结果与粘贴在主配置文件中的所有可重用代码中的结果相同。
cd ~/go_projects/bin/testing/
terraform init
terraform planned
terraform apply
模块的可能性是无穷无尽的。您可以一次使用多个模块,可以将模块的使用与传统resource
定义混合使用,或者甚至可以从远程源调用模块。有关更多信息,请阅读Terraform 模块文档。
Terraform提供了许多方法来设置和配置您的Linode,使用: