使用IBM Cloud Schematics(作为Terraform服务)来创建Classic VSI
首先
2019年10月,IBM宣布正式推出IBM Cloud Schematics(作为一项服务的Terraform)。
IBM 云构建:实现基础设施即代码 | IBM
随着IBM Cloud VPC服务的推出,我们将采用Terraform进行基于代码的多云资源管理,同时提供托管服务作为执行环境。
关于Terraform,您可以在这篇文章中进行复习。
在IBM Bluemix IaaS上尝试使用Terraform – Qiita
IBM Cloud Schematics(Terraform作为服务)的价值
以下是重点要点。
关于IBM云计划
-
- Terraform 実行環境を用意する必要がなくマネージドで提供される
-
- このサービス自体は無料で使える(注文したリソースには費用発生)
-
- API Key などの公開したくない変数を GUI からセキュアに格納できる
-
- テンプレート例が豊富に公開されている
- Terraform statefile terraform.tfstate などをマルチリージョンで保管してくれる
当我决定使用Schematics创建工作空间时,会存储哪些信息?
默认情况下,所有信息在传输和静态状态下都会进行加密。为了使您的数据高度可用,所有数据存储在美国南部地区并复制到美国东部地区。在开始使用Schematics之前,请确保您的数据可以存储在这些地区。
请首先查看模板示例
我们来看看IBM Cloud的Github。
terraform-provider-ibm/examples在IBM-Cloud/terraform-provider-ibm的主分支上。
经典的 VSI 提供了类似的示例,但我想稍微定制一下并尝试一下。
IBM-VSI
# Create single VSI in dal09. Hourly billed with private network connection only.
resource "ibm_compute_vm_instance" "vm1" {
hostname = "vm1"
domain = "example.com"
os_reference_code = "CENTOS_7_64"
datacenter = "dal09"
network_speed = 100
hourly_billing = true
private_network_only = true
cores = 1
memory = 1024
disks = [25]
local_disk = false
}
接下来查看提供商文档。
IBM Cloud提供给Terraform的文档
为了在多云环境中进行云资源管理,需要进行各个云服务提供商的独立配置。例如,注册 API Key 就是其中一种配置方式。
在通常的本地环境中,我们会将变量存储和管理在 terraform.tfvars 文件中,但在 IBM Cloud Schematics 中,您可以通过图形用户界面(GUI)安全地存储变量。
# Configure the IBM Cloud Provider
provider "ibm" {
ibmcloud_api_key = "${var.ibm_bmx_api_key}"
iaas_classic_username = "${var.ibm_sl_username}"
iaas_classic_api_key = "${var.ibm_sl_api_key}"
}
如果启用了IAM服务,则不需要注册API密钥。
对于Cloud Foundry / Classic Infra服务,注册API密钥是必需的。
在Schematics中,API密钥会自动获取所有启用IAM的资源,包括IBM Cloud Kubernetes服务集群和VPC基础架构资源。但是,对于Cloud Foundry和经典基础架构资源,API密钥不会被获取,必须在提供程序部分提供。
准备tf文件并放入Github存储库中。
在文件中,最少需要写下provider和resource的描述。不需要terraform.tfvars文件。
terraform.tfvars 文件
在 IBM Cloud Schematics 中,您无需使用本地的 terraform.tfvars 文件。相反,您可以在 Terraform 配置文件中声明变量,并在创建工作区时输入变量的值。您以后可以通过更新工作区详细信息页面的变量来更改变量的值。
这次我们准备了这样的文件。
以下是一个选项,用中文来表述。
请访问这个网址:https://github.com/khayama/schematics-classic-vsi
variable "iaas_classic_username" {
description = "Enter the user name to access IBM Cloud classic infrastructure. You can retrieve the user name by following the instructions for retrieving your classic infrastructure API key."
}
variable "iaas_classic_api_key" {
description = "Enter the API key to access IBM Cloud classic infrastructure. For more information for how to create an API key and retrieve it, see [Managing classic infrastructure API keys](https://cloud.ibm.com/docs/iam?topic=iam-classic_keys)."
}
provider "ibm" {
iaas_classic_username = "${var.iaas_classic_username}"
iaas_classic_api_key = "${var.iaas_classic_api_key}"
}
variable "datacenter" {
type = "string"
description = "Ex) tok02, tok04, tok05, ..."
default = "tok04"
}
variable "os_reference_code" {
type = "string"
description = "Ex) CENTOS_LATEST_64, CENTOS_7_64, CENTOS_6_64, REDHAT_LATEST, UBUNTU_LATEST, WIN_LATEST_64, WIN_2016-STD_64, ..."
default = "CENTOS_7_64"
}
variable "flavor_key_name" {
type = "string"
description = "Ex) C1_1X1X100, B1_1X4X100, B1_2X4X100, B1_2X8X100, U1_1X2X100, U1_2X4X100, U1_4X8X100, ..."
default = "B1_1X2X100"
}
resource "ibm_compute_vm_instance" "khayama-test" {
hostname = "khayama-test"
domain = "ibmcloud.com"
os_reference_code = "${var.os_reference_code}"
datacenter = "${var.datacenter}"
network_speed = 100
hourly_billing = true
transient = true
local_disk = false
private_network_only = false
flavor_key_name = "${var.flavor_key_name}"
public_security_group_ids = [1287613]
tags = ["user:khayama"]
notes = "khayama's Resource created by Schematics"
}
创建 IBM Cloud Schematics 工作区
可以通过IBM Cloud 控制台 > Schematics > 创建工作区进行创建。
请键入工作区名称。
接下来,我们要设置之前准备好的tf文件的Github仓库URL,并点击“检索输入变量”。
在这里,您可以设置预先在文件中设置的变量,但是变量还可以在后来进行设置。
如果您不想将API密钥等始终显示在门户上,您可以在这个时机进行设置,并选择”敏感”选项。
IBM Cloud Schematics的使用方法
这是创建工作空间后的屏幕。Terraform 的版本是v0.11.14。
刚刚配置的安全变量对于显示是受保护的。
从这里开始,可以像以前一样按照 Terraform 的方式进行操作。
-
- Generate Plan = terraform plan
Apply Plan = terraform apply
Actions > Destroy resources = terraform destroy
如果要更改资源,请按照以下流程进行。
-
- Github の tf ファイル変更 –> Pull Latest
-
- もしくは変数の中身変更
-
- Generate Plan
- Apply Plan
您可以通过这种形式来查看工作日志。
最后
实际上,你可以从 Apply Plan 中确认到 Classic VSI 的订单。
这次的配置很简单,但除此之外,我们还支持 IBM Cloud 的各种资源类型,可以像教程中一样管理 VPC 的一系列配置。希望你能尝试一下。
开始使用IBM云规划
请参考
$ ibmcloud terraform version
Terraform version v0.11.14
Terraform provider for IBM Cloud version v0.19.1
Helm Version v2.14.2
Terraform provider for Helm version v0.10.0
环境
2019/12/10 16:16:56 Terraform apply | null_resource.example1: Creating...
2019/12/10 16:16:56 Terraform apply | null_resource.example1: Provisioning with 'local-exec'...
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): Executing: ["/bin/sh" "-c" "env"]
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): OC_CLIENT_INSTALL_FILE=openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_MCCP_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): HOSTNAME=engine-1521-72d8n
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): TERRAFORM_GIT_URL=https://releases.hashicorp.com/terraform
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_UAA_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_IAM_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_CF_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): HOME=/home/nobody
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): OS_GIT_ASSET_ID=9096997
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_CSE_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_ACCOUNT_MANAGEMENT_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_CIS_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): OC_CLIENT_SHA256SUM=4b0f07428ba854174c58d2e38287e5402964c9a9355f6c359d1242efd0990da3
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_CR_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_CS_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): ANSIBLE_RECV_KEYS=93C4A3FD7BB9C367
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): PATH=/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): TERRAFORM_SHA256SUM=9b9a4492738c69077b079e595f5b2a9ef1bc4e8fb5596610f69a6f322a8af8dd
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_GS_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_GT_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_IS_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_RESOURCE_CONTROLLER_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_RESOURCE_MANAGEMENT_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): TF_LOG=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): cccf35992f8f3cd8d1d28f0109dd953e26664531=7c28215aca87789f95b406b8dd91aa5198406750
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): GOPATH=/go
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): TERRAFORM_VERSION=0.11.14
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): OC_CLIENT_URL=https://api.github.com/repos/openshift/origin/releases/assets
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IC_IAM_REFRESH_TOKEN=ReXwyUl0PTn9v95vIiydYJ4uy07wIh1eA96ZY10o52DSR-xpjLyBD7Nzn9NbyNLBS1W4RLCCmERCzX9bCGnZcBTygtnv7yayUI6IfAODh-rxR1Nz0SjLKQS2CMi4AZdhGVaOIuLZCFKdry5CnxUxYOdlbZjFyhZhI-BjPq9667sB1jNmuK_MUXceYA7LmjVomXOoBxlFb_2j9EM2RvUs7jWbxMsbV07HJtdAts-HPlqqYXA206V9H35S2Byqx4kWokeY0tqlJsqFoh2NN9hKiwlzNKMPOdpMXadc1VVnpcD8rgm-4pNaU81MMJPHbCiG4qDXxRQmLHtEBTBE-XdSZEnJ71xjUvvLkoodGZHZyK4gNjvMkxEBzLt0afZjlhexBJ_jK_AC1EDbXCPQa0xL7C-uYd_6Il5MAU3l6CfyGPrIKwW5UezYTBZjiFUGaKD4VcDtH2LlDEoRWkgHjV_cj3yDmewlRLVJti8G9bPjP2xO2AQJtbW_lbZu8_MbLvnvqIFRWdUtnDQR_k2ztNQeSpeOYbIdU6ZJIgL3mIw5s-Zg7CSr-AcDDP6v5Sq7W2LIRbTpookLVkPnM3GgOON12NMtL1VPeUWDyoakszXXXlj7yO7UdSvbr94cO-bDiH6Nzoc-GfcZSDZWTqVuLjodLo7hG163fZWhY8jesmCnBOjG25I7CDlJEA4r05SFCzOF3YcaYWBteYSSYrbPxUFIKyZwUqBQv-sXl6xO0RRs5jaVkDLAkHtAFIn8PAFuaZ455_7lW1caEsyamtEn56SzVEmtA_LKhzGr6Agem8F0htygKCBcfjI1YnT0l30y7QLbidAY_AvAAJntc47FS_bTz-iNnN6FkD7FvndyXBBeJqEkTL7-Q_UeZWv2fKSJCRhtlHvUyEJiwD2T3qVOURnz5hJWFJdRyD9DL-SQN_TCYgsDcAq_-xYb82_CBxcabMvGJEQWB7NFVqhBjEvF3l4u5OnsbudQrm10x7eUUu3npyQ7kyvou5-K1pqKCANNPbewap0
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): PLUGIN_MIN_PORT=10000
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IC_IAM_TOKEN=eyJraWQiOiIyMDE5MDcyNCIsImFsZyI6IlJTMjU2In0.eyJpYW1faWQiOiJJQk1pZC0zMTAwMDBGR1lHIiwiaWQiOiJJQk1pZC0zMTAwMDBGR1lHIiwicmVhbG1pZCI6IklCTWlkIiwiaWRlbnRpZmllciI6IjMxMDAwMEZHWUciLCJnaXZlbl9uYW1lIjoiS3lvdWhlaSIsImZhbWlseV9uYW1lIjoiSGF5YW1hIiwibmFtZSI6Ikt5b3VoZWkgSGF5YW1hIiwiZW1haWwiOiJraGF5YW1hQGpwLmlibS5jb20iLCJzdWIiOiJLSEFZQU1BQGpwLmlibS5jb20iLCJhY2NvdW50Ijp7InZhbGlkIjp0cnVlLCJic3MiOiIwMzlkYmU2Nzk0MDg0YzdjYjUxNGEyNzZkZDIzNDVkYSIsImltc191c2VyX2lkIjoiNzQwNTk0NSIsImltcyI6IjE3NTY2MjMifSwiaWF0IjoxNTc1OTk0NTA5LCJleHAiOjE1NzU5OTgxMDksImlzcyI6Imh0dHBzOi8vaWFtLmNsb3VkLmlibS5jb20vaWRlbnRpdHkiLCJncmFudF90eXBlIjoiYXV0aG9yaXphdGlvbl9jb2RlIiwic2NvcGUiOiJpYm0gb3BlbmlkIiwiY2xpZW50X2lkIjoiYngiLCJhY3IiOjEsImFtciI6WyJwd2QiXX0.pbDWctLa_lQ18ajtdodcrVC84LnmpPgQbC7g_kMF2lHtBljIseaRiILDq7fbsH1GUUWfQ66hMGbUxTnoaeYObUFlaw3FN33DE5OAYWmgwZMVeeqTgDXLUjd0qNFiU68-U0ZeU4EZG5U_Jevncb5focO4oEE8M0VzNJ3dkyGRIdefrsAZPzpfD1COar_PiAQhh4dQiWCBL7HiOTrZ7FFWNj0mciQl6VLppL_oYC0RGpLmLJyjWkxA7Z2ddAke8smxaPgyklxHf997b80u5IoRCH7KA0JC8qDEXl07e8VoyozjbipdF1GOOpV_mYwHPvT72T8R-dsEdiwlFj4uS98H2w
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): PLUGIN_MAX_PORT=25000
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_RESOURCE_CATALOG_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): PWD=/tmp/tfws-978443656
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_IS_NG_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): TF_IN_AUTOMATION=1
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_IAMPAP_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): GOLANG_VERSION=1.12.13
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): IBMCLOUD_ICD_API_ENDPOINT=
2019/12/10 16:16:56 Terraform apply | null_resource.example1 (local-exec): TF_PLUGIN_MAGIC_COOKIE=d602bf8f470bc67ca7faa0386276bbdd4330efaf76d1a219cb4d6991ca9872b2
2019/12/10 16:16:56 Terraform apply | null_resource.example1: Creation complete after 1s (ID: 5367055281924629584)
乒乓球
2019/12/10 16:22:50 Terraform apply | null_resource.ping (local-exec): Executing: ["/bin/sh" "-c" "ping 10.0.80.11"]
2019/12/10 16:22:51 Terraform apply | null_resource.ping (local-exec): 64 bytes from 10.0.80.11: icmp_seq=2 ttl=251 time=0.344 ms
2019/12/10 16:22:52 Terraform apply | null_resource.ping (local-exec): 64 bytes from 10.0.80.11: icmp_seq=3 ttl=251 time=0.510 ms
2019/12/10 16:22:53 Terraform apply | null_resource.ping (local-exec): 64 bytes from 10.0.80.11: icmp_seq=4 ttl=251 time=0.394 ms
2019/12/10 16:22:54 Terraform apply | null_resource.ping (local-exec): 64 bytes from 10.0.80.11: icmp_seq=5 ttl=251 time=0.456 ms
