乾貨 | 運維福音——Terraform自動化管理京東雲
Terraform是一個高度可擴展的IT基礎架構自動化編排工具,主張基礎設施即代碼,可經過代碼集中管理雲資源和基礎架構,這意味着用戶可以在京東雲上輕鬆使用簡單模板語言來定義、預覽和部署雲基礎架構,可以快速將環境部署到京東雲或本地數據中心,實現多雲管理和跨雲遷移。京東雲成爲國內少數擁有Terraform Provider產品的雲廠商之一。應用場景:基礎設施即代碼、快速部署多雲環境、自動化管理下降成本。html
官網連接:
https://www.terraform.io/docs...linux
Terraform 是 Hashicorp 公司一款開源的資源編排工具,表明了業界前沿的技術和標準。相對於其餘雲上資源管理方式,具備快速建立基礎設施、高效部署多雲環境和大幅下降管理成本三大功能特性。json
Terraform 經過代碼管理維護雲資源,可保存基礎設施資源的狀態,快速建立和維護管理雲主機、網絡、負載均衡等雲資源,並經過代碼與其餘人共享雲資源的編排配置。c#
Terraform支持200多個基礎設施提供商,適用於多雲方案,可快速將用戶的環境部署到京東雲、其餘雲廠商或者本地的數據中心。開發者可同時管理不一樣雲廠商的資源,也可快速方便地遷移到另一個雲廠商。Terraform經過代碼批量按計劃地管理資源,可編排、重複地自動化管理雲資源,減小人爲因素形成的不肯定管理錯誤,同時能快速建立相同的開發、測試、預發和生成環境,下降開發者的管理成本。bash
本文經過簡單demo作一個技術入門的演示,目的是幫助你們瞭解如何採用Terraform來自動化管理京東雲上的資源。網絡
Terraform安裝
Terraform 是一個 IT 基礎架構自動化編排工具,它的口號是 「Write, Plan, and create Infrastructure as Code」, 其程序安裝在客戶的終端PC上,能夠運行於多種操做系統平臺。本文實例採用的是CentOS操做系統。
登陸到主機後先下載一下安裝包架構
1 [jdc@mysandbox ~]$ mkdir tf 2 [jdc@mysandbox ~]$ cd tf 3 [jdc@mysandbox tf]$ wget https://releases.hashicorp.com/terraform/0.11.13/terraform_0.11.13_linux_amd64.zip 4 --2019-05-16 14:41:57-- https://releases.hashicorp.com/terraform/0.11.13/terraform_0.11.13_linux_amd64.zip 5 Resolving releases.hashicorp.com (releases.hashicorp.com)... 151.101.109.183, 2a04:4e42:1a::439 6 Connecting to releases.hashicorp.com (releases.hashicorp.com)|151.101.109.183|:443... connected. 7 HTTP request sent, awaiting response... 200 OK 8 Length: 21128942 (20M) [application/zip] 9 Saving to: ‘terraform_0.11.13_linux_amd64.zip’ 10 11 100%[============================================================================================================================================================>] 21,128,942 4.30MB/s in 66s 12 132019-05-16 14:43:05 (312 KB/s) - ‘terraform_0.11.13_linux_amd64.zip’ saved [21128942/21128942]
解壓縮app
1 [jdc@mysandbox tf]$ ls 2 terraform_0.11.13_linux_amd64.zip[jdc@mysandbox tf]$ unzip terraform_0.11.13_linux_amd64.zip 3 Archive: terraform_0.11.13_linux_amd64.zip 4 inflating: terraform
直接運行程序能夠看到如下命令行的幫助信息:負載均衡
1 $ terraform 2 Usage: terraform [--version] [--help] <command> [args] 3 4 The available commands for execution are listed below. 5 The most common, useful commands are shown first, followed byless common or more advanced commands. If you're just gettingstarted with Terraform, stick with the common commands. For theother commands, please read the help and docs before usage. 6 7 Common commands: 8 apply Builds or changes infrastructure 9 console Interactive console for Terraform interpolations destroy Destroy Terraform-managed infrastructure 10 fmt Rewrites config files to canonical format 11 get Download and install modules for the configuration 12 graph Create a visual graph of Terraform resources import Import existing infrastructure into Terraform init Initialize a new or existing Terraform configuration 13 output Read an output from a state file 14 plan Generate and show an execution plan 15 providers Prints a tree of the providers used in the configuration 16 push Upload this Terraform module to Terraform Enterprise to run 17 refresh Update local state file against real resources 18 show Inspect Terraform state or plan 19 taint Manually mark a resource for recreation 20 untaint Manually unmark a resource as tainted 21 validate Validates the Terraform files 22 version Prints the Terraform version 23 workspace Workspace management 24 25 All other commands: 26 debug Debug output management (experimental) 27 force-unlock Manually unlock the terraform state 28 state Advanced state management
舉例:查看Terraform版本less
1 [jdc@mysandbox tf]$ ./terraform version 2 Terraform v0.11.13
初始化環境
Terraform訪問京東雲的服務,首先須要身份認證鑑權。認證採用Access Key與Secret key來完成。從控制檯取得AK、SK身份鑑權信息兩種方法保存:
方法1:將AK,SK加入運行環境
1 [jdc@mysandbox tf]$ cat >> ~/.bash_profile <<EOF 2 > #### add Hongwei 20190516 3 > export access_key="D4xxxxxxxxxxxxxxxxxxxxxxxxxxxx8D" 4 > export secret_key="7xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxE" 5 > export region="cn-north-1"> EOF 6 [jdc@mysandbox tf]$ . ~/.bash_profile
方法2:將AK,SK放入json文件
1 cat >> jdcloud.tf <<EOF
2 provider "jdcloud" {
3 access_key = "D4xxxxxxxxxxxxxxxxxxxxxxxxxxxx8D"
4 secret_key = "7xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxE "
5 region
初始化環境
1 [jdc@mysandbox tf]$ ./terraform init 2 3 Initializing provider plugins... 4 - Checking for available provider plugins on https://releases.hashicorp.com... 5 - Downloading plugin for provider "jdcloud" (0.0.1)... 6 7 The following providers do not have any version constraints in configuration,so the latest version was installed. 8 9 To prevent automatic upgrades to new major versions that may contain breakingchanges, it is recommended to add version = "..." constraints to thecorresponding provider blocks in configuration, with the constraint stringssuggested below. 10 11 * provider.jdcloud: version = "~> 0.0" 12 13 Terraform has been successfully initialized! 14 15 You may now begin working with Terraform. Try running "terraform plan" to seeany changes that are required for your infrastructure. All Terraform commandsshould now work. 16 17 If you ever set or change modules or backend configuration for Terraform,rerun this command to reinitialize your working directory. If you forget, othercommands will detect it and remind you to do so if necessary.
演示:建立一個雲主機實例
參考Terraform的聯機文檔(https://www.terraform.io/docs...),建立如下tf文件:jdcloud_instance.tf
1 resource "jdcloud_instance" "vm-1" {
2 az = "cn-north-1a"
3 instance_name = "vm-1"
4 instance_type = "g.n2.medium"
5 image_id = "bba85cab-dfdc-4359-9218-7a2de429dd80"
6 password = "cNXOxJywMU6IY7c0CgIj"
7 subnet_id = "subnet-35h6keqh4m"
8 network_interface_name = "example_ni_name"
9 primary_ip = "10.0.0.27"
10 secondary_ip_count = 0
11 security_group_ids = ["sg-chx9tv75xa"]
12
13 system_disk = {
14 disk_category = "local"
15 device_name = "vda"
16 disk_type="ssd"
17 disk_size_gb = 40
18}
19
20 data_disk = {
21 disk_category = "cloud"
22 device_name = "vdc"
23 disk_type = "ssd"
24 disk_name = "exampleDisk"
25 disk_size_gb = 50
26 az = "cn-north-1a"
27
28 auto_delete = true
29 disk_name = "vm1-datadisk-1"
30 description = "test"
31 }
32 }
plan命令能夠顯示執行計劃:
1 [jdc@mysandbox tf]$ ./terraform plan 2 Refreshing Terraform state in-memory prior to plan... 3 The refreshed state will be used to calculate this plan, but will not bepersisted to local or remote state storage. 4 5 jdcloud_instance.vm-1: Refreshing state... (ID: i-y8ye9jd6ny) 6 7------------------------------------------------------------------------ 8 9 An execution plan has been generated and is shown below. 10 Resource actions are indicated with the following symbols:-/+ destroy and then create replacement 11 12 Terraform will perform the following actions: 13 14 -/+ jdcloud_instance.vm-1 (new resource required) 15 id: "i-y8ye9jd6ny" => <computed> (forces new resource) 16 az: "cn-north-1a" => "cn-north-1a" 17 data_disk.#: "1" => "1" 18 data_disk.0.auto_delete: "true" => "true" 19 data_disk.0.az: "cn-north-1a" => "cn-north-1a" 20 data_disk.0.description: "test" => "test" 21 data_disk.0.device_name: "vdc" => "vdc" 22 data_disk.0.disk_category: "cloud" => "cloud" 23 data_disk.0.disk_id: "vol-fhvqnjyxw7" => <computed> 24 data_disk.0.disk_name: "vm1-datadisk-1" => "vm1-datadisk-1" 25 data_disk.0.disk_size_gb: "50" => "50" 26 data_disk.0.disk_type: "ssd" => "ssd" image_id: "bba85cab-dfdc-4359-9218-7a2de429dd80" => "bba85cab-dfdc-4359-9218-7a2de429dd80" 27 instance_name: "vm-1" => "vm-1" 28 instance_type: "g.n2.medium" => "g.n2.medium" 29 ip_addresses.#: "0" => <computed> 30 network_interface_name: "example_ni_name" => "example_ni_name" 31 password: <sensitive> => <sensitive> (attribute changed) 32 primary_ip: "10.0.0.27" => "10.0.0.27" 33 secondary_ip_count: <sensitive> => <sensitive> (attribute changed) 34 security_group_ids.#: "1" => "1" 35 security_group_ids.4008937636: "sg-chx9tv75xa" => "sg-chx9tv75xa" 36 subnet_id: "subnet-35h6keqh4m" => "subnet-35h6keqh4m" 37 system_disk.#: "1" => "1" 38 system_disk.0.auto_delete: "true" => <computed> 39 system_disk.0.az: "" => <computed> 40 system_disk.0.device_name: "vda" => "vda" 41 system_disk.0.disk_category: "local" => "local" 42 system_disk.0.disk_id: "" => <computed> 43 system_disk.0.disk_name: "" => <computed> 44 system_disk.0.disk_size_gb: "40" => "40" 45 system_disk.0.disk_type: "" => "ssd" (forces new resource)
提交執行:
1 [jdc@mysandbox tf]$ ./terraform apply -auto-approve 2 jdcloud_instance.vm-1: Creating... 3 az: "" => "cn-north-1a" 4 data_disk.#: "" => "1" 5 data_disk.0.auto_delete: "" => "true" 6 data_disk.0.az: "" => "cn-north-1a" 7 data_disk.0.description: "" => "test" 8 data_disk.0.device_name: "" => "vdc" 9 data_disk.0.disk_category: "" => "cloud" 10 data_disk.0.disk_id: "" => "<computed>" 11 data_disk.0.disk_name: "" => "vm1-datadisk-1" 12 data_disk.0.disk_size_gb: "" => "50" 13 data_disk.0.disk_type: "" => "ssd" 14 image_id: "" => "bba85cab-dfdc-4359-9218-7a2de429dd80" 15 instance_name: "" => "vm-1" 16 instance_type: "" => "g.n2.medium" 17 ip_addresses.#: "" => "<computed>" 18 network_interface_name: "" => "example_ni_name" 19 password: "<sensitive>" => "<sensitive>" 20 primary_ip: "" => "10.0.0.27" 21 secondary_ip_count: "<sensitive>" => "<sensitive>" 22 security_group_ids.#: "" => "1" 23 security_group_ids.4008937636: "" => "sg-chx9tv75xa" 24 subnet_id: "" => "subnet-35h6keqh4m" 25 system_disk.#: "" => "1" 26 system_disk.0.auto_delete: "" => "<computed>" 27 system_disk.0.az: "" => "<computed>" 28 system_disk.0.device_name: "" => "vda" 29 system_disk.0.disk_category: "" => "local" 30 system_disk.0.disk_id: "" => "<computed>" 31 system_disk.0.disk_name: "" => "<computed>" 32 system_disk.0.disk_size_gb: "" => "40" system_disk.0. 33 disk_type: "" => "ssd"jdcloud_instance.vm-1: Still creating... (10s elapsed) 34 jdcloud_instance.vm-1: Still creating... (20s elapsed) 35 jdcloud_instance.vm-1: Still creating... (30s elapsed) 36 jdcloud_instance.vm-1: Still creating... (40s elapsed) 37 jdcloud_instance.vm-1: Still creating... (50s elapsed) 38 jdcloud_instance.vm-1: Still creating... (1m0s elapsed) 39 jdcloud_instance.vm-1: Creation complete after 1m1s (ID: i-y8ye9jd6ny) 40 Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
成功提交後,咱們能夠在控制檯看到正在運行的實例建立過程:
建立完成後登陸主機查看是否與定義文件符合:
查看磁盤劃分是否一致:
查看IP地址是否一致:
演示:銷燬實例
經過destroy命令能夠方便的刪除實例。
1 [jdc@mysandbox tf]$ ./terraform destroy 2 jdcloud_instance.vm-1: Refreshing state... (ID: i-y8ye9jd6ny) 3 4 An execution plan has been generated and is shown below. 5 Resource actions are indicated with the following symbols: - destroy 6 7 Terraform will perform the following actions: 8 - jdcloud_instance.vm-1 9 10 Plan: 0 to add, 0 to change, 1 to destroy. 11 12 Do you really want to destroy all resources? 13 Terraform will destroy all your managed infrastructure, as shown above. 14 There is no undo. Only 'yes' will be accepted to confirm. 15 16 Enter a value: yesjdcloud_instance.vm-1: Destroying... (ID: i-y8ye9jd6ny) 17 18 jdcloud_instance.vm-1: Still destroying... (ID: i-y8ye9jd6ny, 10s elapsed) 19 jdcloud_instance.vm-1: Still destroying... (ID: i-y8ye9jd6ny, 20s elapsed) 20 jdcloud_instance.vm-1: Still destroying... (ID: i-y8ye9jd6ny, 30s elapsed) 21 jdcloud_instance.vm-1: Still destroying... (ID: i-y8ye9jd6ny, 40s elapsed) 22 jdcloud_instance.vm-1: Destruction complete after 41s 23 24 Destroy complete! Resources: 1 destroyed.
在控制檯上查看刪除進度:
Terraform自動編排的流程
以上只是演示了Terraform管理京東雲最簡單的流程。實際上經過Terraform完成複雜的編排,徹底能夠完成一個複雜的大型環境的部署與管理。如下是Terraform的流程:
到此,咱們的演示就結束了。
你們能夠本身動手試一下這種簡潔高效的京東雲自動化管理工具了。
點擊京東雲瞭解更多詳情
京東雲618大促,正在進行時!
最低1折!
歡迎點擊「連接」瞭解京東雲更多精彩
推薦閱讀
RECOMMEND
Developer Friendly | 基礎設施即代碼的事實標準Terraform已支持京東雲!
相關文章
- 1. 乾貨 | 運維福音——Terraform自動化管理京東雲
- 2. 【技術乾貨】雲端自動化運維
- 3. 乾貨 | 京東雲帳號安全管理最佳實踐
- 4. 乾貨:IT運維管理規劃
- 5. 運維的福音,深度剖析騰訊雲自動運維平臺
- 6. 乾貨 | 京東雲數據庫 RDS助力企業便捷運維
- 7. shell + ansible + gateone 自動化運維管理
- 8. 京東數據庫運維自動化體系建設之路
- 9. 技術沙龍|京東雲DevOps自動化運維技術實踐
- 10. 自動化運維管理工具ansible
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • Swarm 集羣管理 - Docker教程
- • SpringBoot中properties文件不能自動提示解決方法
- • IntelliJ IDEA中SpringBoot properties文件不能自動提示問題解決
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
