使用Terraform在Conoha上创建实例
首先
我在conoha上做了很多学习,但经常进行断电重建。
此外,我只在周末做这些,并且想尽快实现从Mac自动构建而不是使用GUI。
以这些原因为目标,在Conoha上使用Terraform创建实例!
机器配置
-
- OS : MacBook
- terraform: v0.11.13
– 参考网页
参考よりも完全にコピーする
– ConoHaのインスタンスをTerraformを使用して作成してみる
– terraformのオフィシャルサイト
得出结论
我的实施内容如本页面的起始部分所写,90%的内容是参考别人的。
个人的收获如下:
– 需要自己创建安全组(只提供了允许全部/拒绝全部的默认选项)。
– terraform会将tf文件中的资源应用/销毁到指定目标(我想)。
– key_pair说实话我本来就希望保留下来,但在销毁时成功删除了。
– 未来的行动 de
-
- tfファイルをもう少し勉強する。
access_keyとかを別ファイル&変数化
セキュリティグループも登録する形に作成する
– 对我来说不明白的事情
-
- CIとかでは使えそうなのは良く判った。
apply & destoryでリソース作成→削除が一貫されている。
どうやって実運用のプロビジョニングとかで使ってるのかな? が疑問
前述の通り。仮に複数Node管理でtfファイルをその数分定義してたとして、1node更新(destory→apply)したい場合、他のNodeも巻き込まれて消されると思う。
どうやって運用に使っているのかを知りたい
事先准备
事前准备大概是这样的。并不一定需要用Mac,只要能执行terraform就可以了。
-
- Macにterraformをインストール
- conohaのAPIを実行するためのUser/Pass/endpoint情報
创业公司
基于使用Terraform创建ConoHa实例的尝试,我们要开始开辟一条通往成功的道路。
– 指导原则
-
- main.tf, flavor/imageはもろぱくり。実行方法も。
セキュリティグループは自分で22番ポート用の作成が必要そう。今回は全許可で指定した
IPv4的には「gncs-ipv4-all」(全て許可)/「default」(全て拒否)のどちらかだった。
image_nameは定義したimage_nameが「そんなもんない」って言われたのでimage_id指定で実施した
– 日志
保留执行日志。成功生成实例。删除。可以进行ssh连接。
azuki@maki-mac:~/Deployments/terraform$ terraform init
Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...
- Downloading plugin for provider "openstack" (1.17.0)...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.openstack: version = "~> 1.17"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
azuki@maki-mac:~/Deployments/terraform$ echo $?
0
azuki@maki-mac:~/Deployments/terraform$
azuki@maki-mac:~/Deployments/terraform$ terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ openstack_compute_instance_v2.basic
id: <computed>
access_ip_v4: <computed>
access_ip_v6: <computed>
all_metadata.%: <computed>
availability_zone: <computed>
flavor_id: <computed>
flavor_name: "g-512mb"
force_delete: "false"
image_id: "de03b36d-21d8-4e58-9b8e-24581dda86fa"
image_name: <computed>
key_pair: "terraform-keypair"
metadata.%: "1"
metadata.instance_name_tag: "azuki-test"
name: "basic"
network.#: <computed>
power_state: "active"
region: <computed>
security_groups.#: "1"
security_groups.645319369: "gncs-ipv4-all"
stop_before_destroy: "false"
+ openstack_compute_keypair_v2.keypair
id: <computed>
fingerprint: <computed>
name: "terraform-keypair"
private_key: <computed>
public_key: "ssh-rsa XXXXXXX@YYYYYY"
region: <computed>
Plan: 2 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
openstack_compute_keypair_v2.keypair: Creating...
fingerprint: "" => "<computed>"
name: "" => "terraform-keypair"
private_key: "" => "<computed>"
public_key: "" => "ssh-rsa XXXXXXX@YYYYYY"
region: "" => "<computed>"
openstack_compute_instance_v2.basic: Creating...
access_ip_v4: "" => "<computed>"
access_ip_v6: "" => "<computed>"
all_metadata.%: "" => "<computed>"
availability_zone: "" => "<computed>"
flavor_id: "" => "<computed>"
flavor_name: "" => "g-512mb"
force_delete: "" => "false"
image_id: "" => "de03b36d-21d8-4e58-9b8e-24581dda86fa"
image_name: "" => "<computed>"
key_pair: "" => "terraform-keypair"
metadata.%: "" => "1"
metadata.instance_name_tag: "" => "azuki-test"
name: "" => "basic"
network.#: "" => "<computed>"
power_state: "" => "active"
region: "" => "<computed>"
security_groups.#: "" => "1"
security_groups.645319369: "" => "gncs-ipv4-all"
stop_before_destroy: "" => "false"
openstack_compute_keypair_v2.keypair: Creation complete after 1s (ID: terraform-keypair)
openstack_compute_instance_v2.basic: Still creating... (10s elapsed)
openstack_compute_instance_v2.basic: Still creating... (20s elapsed)
openstack_compute_instance_v2.basic: Creation complete after 23s (ID: 075fd2d1-2bd8-4e65-9314-eb020ee50929)
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
azuki@maki-mac:~/Deployments/terraform$
azuki@maki-mac:~/Deployments/terraform$ ssh root@118.27.39.152
The authenticity of host '118.27.39.152 (118.27.39.152)' can't be
~snip~
root@118-27-39-152:~#
azuki@maki-mac:~/Deployments/terraform$ terraform destroy
openstack_compute_instance_v2.basic: Refreshing state... (ID: 075fd2d1-2bd8-4e65-9314-eb020ee50929)
openstack_compute_keypair_v2.keypair: Refreshing state... (ID: terraform-keypair)
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
- openstack_compute_instance_v2.basic
- openstack_compute_keypair_v2.keypair
Plan: 0 to add, 0 to change, 2 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
openstack_compute_keypair_v2.keypair: Destroying... (ID: terraform-keypair)
openstack_compute_instance_v2.basic: Destroying... (ID: 075fd2d1-2bd8-4e65-9314-eb020ee50929)
openstack_compute_keypair_v2.keypair: Destruction complete after 0s
openstack_compute_instance_v2.basic: Still destroying... (ID: 075fd2d1-2bd8-4e65-9314-eb020ee50929, 10s elapsed)
openstack_compute_instance_v2.basic: Destruction complete after 12s
Destroy complete! Resources: 2 destroyed.
azuki@maki-mac:~/Deployments/terraform$