Terraform部署IBM Cloud经典基础架构
本文上篇描述了使用IBM Cloud Schematics服务,自动化供给IBM Cloud经典基础架构资源的过程。本文将描述作为IBM Cloud Schematics的Terraform-as-a-Server的支撑层面,Terraform通过IBM Cloud Provider plugin连接IBM Cloud Restful API部署经典基础架构虚拟机的具体过程。
完成文中所述操作需要具备的先决条件仍然如下: 1 IBM Cloud的账号 2 Terraform基础知识
安装Terraform
安装IBM Cloud Terraform Provider v1.8.0
2020/06/30 00:21:06 IBM Cloud Provider version 1.8.0
This binary is a plugin. These are not meant to be executed directly.
Please execute the program that consumes these plugins,
which will
load any plugins automatically
配置IBM Cloud Provider plug-in
Terraform通过IBM Cloud Provider Plugin跟IBM Cloud REST API进行安全通信,因此在自动化部署和使用IBM Cloud资源之前,需要为IBM Cloud Provider Plugin配置访问资源所需的IBM Cloud凭证。各种资源类型需要各自不同的凭据,例如,本文描述的部署经典基础架构资源需要IBM Cloud API key,以及经典基础架构用户名和API密钥。以下内容在本文的上篇讲到过,如果已经做过这两部操作,可以直接把此前的记录拿出来备用。
获取IBM Cloud经典基础架构用户名和API密钥
登录IBM Cloud进入如下IAM界面可以看到IBM Cloud经典基础架构用户名和API密钥:
后续使用此邮箱和API密钥在IBM Cloud中部署经典基础架构虚拟服务器。 注意:在配置Terraform参数文件时,用户名是“账号_邮箱”,如1234567_mail@xdomain.com 。
创建或者获取IBM Cloud API key
这里需要注意,IBM Cloud API key字符串只在创建时出现一次,这时务必要妥善保存,以后回到这个页面的“详细信息”是看不到的,官方文档上提到,这是出于安全考虑的设计。
生成SSH key
接受默认路径,在/root/.ssh文件夹下创建相关文件:id_rsa,id_rsa.pub 上传SSH public key 即id_rsa.pub内容到IBM Cloud账户:
创建项目和配置文件
创建项目:
创建Terraform变量文件terraform.tfvars,内容是IBM Cloud经典基础结构凭证和IBM Cloud API密钥。Terraform CLI初始化时会自动加载terraform.tfvars文件中定义的变量,后续也可以在Terraform配置文件中引用。
ibmcloud_api_key
= "<ibmcloud_api_key>"
ssh_key
= "<ssh_key_name>" //上传到IBM Cloud时的SSH key名称
iaas_classic_username
= "<classic_infrastructure_username>" //记得这里是“账号_邮箱”
iaas_classic_api_key
= "<classic_infrastructure_apikey>"
创建配置文件provider.tf,这个文件通过引用terraform.tfvars中的参数来配置IBM Cloud Provider plugin,以便访问和部署IBM Cloud资源。引用terraform.tfvars文件中变量的语法是var.<variable_name>。
variable
"ibmcloud_api_key" {}
variable
"iaas_classic_username" {}
variable
"iaas_classic_api_key" {}
provider
"ibm" {
ibmcloud_api_key
= var.ibmcloud_api_key
generation
= 1
region
= "us-south"
iaas_classic_username
= var.iaas_classic_username
iaas_classic_api_key
= var.iaas_classic_api_key
}
创建经典基础架构虚拟服务器实例的配置文件classic-vsi.tf:
resource
"ibm_compute_vm_instance" "vm1" {
hostname = "vm1"
domain
= "xdomain.com"
os_reference_code
= "DEBIAN_8_64"
datacenter
= "dal10"
network_speed
= 10
hourly_billing
= true
private_network_only
= false
cores
= 1
memory
= 1024
disks
= [25
]
local_disk
= false
}
部署虚拟机
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ resource
"ibm_compute_vm_instance" "vm1" {
+ block_storage_ids
= (known after apply
)
+ cores
= 1
+ datacenter
= "dal10"
+ disks
= [
+ 25,
]
+ domain
= "xdomain.com"
+ file_storage_ids
= (known after apply
)
+
hostname = "vm1"
+ hourly_billing
= true
+
id = (known after apply
)
+ ip_address_id
= (known after apply
)
+ ip_address_id_private
= (known after apply
)
+ ipv4_address
= (known after apply
)
+ ipv4_address_private
= (known after apply
)
+ ipv6_address
= (known after apply
)
+ ipv6_address_id
= (known after apply
)
+ ipv6_enabled
= false
+ ipv6_static_enabled
= false
+ local_disk
= false
+ memory
= 1024
+ network_speed
= 10
+ os_reference_code
= "DEBIAN_8_64"
+ private_interface_id
= (known after apply
)
+ private_network_only
= false
+ private_security_group_ids
= (known after apply
)
+ private_subnet
= (known after apply
)
+ private_subnet_id
= (known after apply
)
+ private_vlan_id
= (known after apply
)
+ public_bandwidth_limited
= (known after apply
)
+ public_bandwidth_unlimited
= false
+ public_interface_id
= (known after apply
)
+ public_ipv6_subnet
= (known after apply
)
+ public_ipv6_subnet_id
= (known after apply
)
+ public_security_group_ids
= (known after apply
)
+ public_subnet
= (known after apply
)
+ public_subnet_id
= (known after apply
)
+ public_vlan_id
= (known after apply
)
+ resource_controller_url
= (known after apply
)
+ resource_name
= (known after apply
)
+ resource_status
= (known after apply
)
+ secondary_ip_addresses
= (known after apply
)
+ wait_time_minutes
= 90
}
Plan: 1 to add, 0 to change, 0 to destroy.
Warning: Value
for undeclared variable
The root module does not
declare a variable named
"ssh_key" but a value was
found
in file "terraform.tfvars". To use this value, add a
"variable" block to
the configuration.
Using a variables
file to
set an undeclared variable is deprecated and will
become an error
in a future release. If you wish to provide certain
"global"
settings to all configurations
in your organization, use TF_VAR_
...
environment variables to
set these instead.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only
'yes' will be accepted to approve.
Enter a value:
yes
ibm_compute_vm_instance.vm1: Creating
...
ibm_compute_vm_instance.vm1: Still creating
...
[10s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[20s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[30s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[40s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[50s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[1m0s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[1m10s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[1m20s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[1m30s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[1m40s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[1m50s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[2m0s elapsed
]
ibm_compute_vm_instance.vm1: Still creating
...
[2m10s elapsed
]
ibm_compute_vm_instance.vm1: Creation complete after 2m13s
[id
=104963438
]
Apply complete
! Resources: 1 added, 0 changed, 0 destroyed.
2分钟多部署成功,速度可。
检查结果
resource
"ibm_compute_vm_instance" "vm1" {
block_storage_ids
= []
cores
= 1
datacenter
= "dal10"
dedicated_acct_host_only
= false
disks
= [
25,
]
domain
= "xdomain.com"
file_storage_ids
= []
hostname = "vm1"
hourly_billing
= true
id = "104963438"
ip_address_id
= 153916656
ip_address_id_private
= 155453044
ipv4_address
= "169.60.227.123"
ipv4_address_private
= "10.93.12.3"
ipv6_enabled
= false
ipv6_static_enabled
= false
local_disk
= false
memory
= 1024
network_speed
= 10
os_reference_code
= "DEBIAN_8_64"
private_interface_id
= 71032868
private_network_only
= false
private_security_group_ids
= []
private_subnet
= "10.93.12.0/26"
private_subnet_id
= 1531719
private_vlan_id
= 2902518
public_bandwidth_unlimited
= false
public_interface_id
= 71032870
public_security_group_ids
= []
public_subnet
= "169.60.227.112/28"
public_subnet_id
= 1628949
public_vlan_id
= 2882918
resource_controller_url
= "https://cloud.ibm.com/gen1/infrastructure/virtual-server/104963438/details#main"
resource_name
= "vm1"
resource_status
= "Active"
secondary_ip_addresses
= []
transient
= false
wait_time_minutes
= 90
}
登录IBM Cloud门户也可以查看虚拟机详细信息:
销毁虚拟机
……
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only
'yes' will be accepted to confirm.
Enter a value:
yes
ibm_compute_vm_instance.vm1: Destroying
...
[id
=104963438
]
ibm_compute_vm_instance.vm1: Still destroying
...
[id
=104963438, 10s elapsed
]
ibm_compute_vm_instance.vm1: Destruction complete after 14s
Destroy complete
! Resources: 1 destroyed.
14秒极速销毁。
一些有用的链接
IBM Cloud的Git Hub repository有很多example,比如Load Balancer,CIS,IAM,可以作为底稿定制自己的项目,能节约不少时间:https://github.com/IBM-Cloud/terraform-provider-ibm/tree/master/examples
IBM Cloud的Terraform resources 和 data sources索引: https://cloud.ibm.com/docs/terraform?topic=terraform-infrastructure-resources#vm
IBM Cloud Classic Infrastructure API 官方文档: https://sldn.softlayer.com/reference/services/SoftLayer_Virtual_Guest
大家吃好喝好。
