我们将介绍如何使用Terraform在Hetzner Cloud上配置VM,在本文中,我将使用Terraform在Hetzner Cloud上创建三个实例,我们将为用于远程访问的实例添加一个ssh密钥,创建的三个VM将来自CentOS 7、Ubuntu 18.04和Debian 9 templates,我们将确保terraform输出创建的虚拟机的公共IP地址。
简介 Hetzner是一家位于德国的托管服务提供商,为专用物理服务器提供灵活的云端服务器和高端硬件,我将Hetzner用于我的部分托管服务和构建测试实验室,使用Terraform可确保将服务投入生产的效率和更快的方式,Terraform是一个开源基础架构,是HashiCorp创建的代码软件工具。Terraform允许你安全,可预测地创建,更改和改进基础架构,你的所有基础结构代码都可以保存在Git存储库中并进行版本控制。 安装Terraform参考文章: 在Linux操作系统中下载及安装Terraform 0.12.3的方法。 在Ubuntu 18.04/CentOS 7中安装Terraform 0.11.11的方法。
一、创建Terraform项目 让我们为Terraform项目创建一个文件夹: $ mkdir -p ~/automation/terraform/hetzner $ cd ~/automation/terraform/hetzner 现在创建Terraform主配置文件: touch main.tf
二、生成Hetzner API令牌 从Hetzner控制台获取API令牌,Terraform将使用该令牌与平台进行交互,导航到 https://console.hetzner.cloud/projects 并单击Access> API TOKENS> GENERATE API
为令牌指定一个描述性名称,然后点击生成按钮,请注意,生成的API令牌将会被使用。
三、将SSH密钥添加到Hetzner 如果你没有ssh密钥,请生成它: $ ssh-keygen -q -N "" Enter file in which to save the key (/home/myuser/.ssh/id_rsa): 复制~/.ssh/id_rsa.pub中的内容: $ xclip -sel clip ~/.ssh/id_rsa.pub 登录Hetzner控制台并将你的ssh密钥添加到Access> SSH KEYS> ADD SSH KEY
复制添加密钥后生成的指纹,如de:c7:80:23:5b:3e:28:52:1a:5d:0f:84:1b:fe:38:ec。
四、创建并修改Terraform配置文件 编辑Terraform配置文件并添加用于创建资源的数据: ############## Variables ############### # Token variable variable "hcloud_token" { default = "PASTE_API_TOKEN_HERE" } # Define Hetzner provider provider "hcloud" { token = "${var.hcloud_token}" } # Obtain ssh key data data "hcloud_ssh_key" "ssh_key" { fingerprint = "PASTE_ADDED_SSH_KEY_FINGERPRINT_HERE" } # Create an Ubuntu 18.04 server resource "hcloud_server" "ubuntu18" { name = "ubuntu18" image = "ubuntu-18.04" server_type = "cx11" ssh_keys = ["${data.hcloud_ssh_key.ssh_key.id}"] } # Create Debian 9 server resource "hcloud_server" "debian9" { name = "debian9" image = "debian-9" server_type = "cx21" ssh_keys = ["${data.hcloud_ssh_key.ssh_key.id}"] } # Create CentOS 7 server resource "hcloud_server" "centos7" { name = "centos7" image = "centos-7" server_type = "cx31" ssh_keys = ["${data.hcloud_ssh_key.ssh_key.id}"] } # Output server IPs output "server_ip_ubuntu18" { value = "${hcloud_server.ubuntu18.ipv4_address}" } output "server_ip_centos7" { value = "${hcloud_server.centos7.ipv4_address}" } output "server_ip_debian9" { value = "${hcloud_server.debian9.ipv4_address}" } 初始化Terraform工作目录: $ terraform init Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... - Downloading plugin for provider "hcloud" (terraform-providers/hcloud) 1.10.0... The following providers do not have any version constraints in configuration, so the latest version was installed. To prevent automatic upgrades to new major versions that may contain breaking changes, it is recommended to add version = "..." constraints to the corresponding provider blocks in configuration, with the constraint strings suggested below. * provider.hcloud: version = "~> 1.10" Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. Terraform会自动将提供程序下载到.terraform目录: $ tree .terraform/ .terraform/ └── plugins └── linux_amd64 ├── lock.json └── terraform-provider-hcloud_v1.10.0_x4 2 directories, 2 files 要使用Terraform构建基础架构,请运行terraform apply: $ terraform apply 样本输出如下: data.hcloud_ssh_key.ssh_key: Refreshing state... An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # hcloud_server.centos7 will be created + resource "hcloud_server" "centos7" { + backup_window = (known after apply) + backups = false + datacenter = (known after apply) + id = (known after apply) + image = "centos-7" + ipv4_address = (known after apply) + ipv6_address = (known after apply) + ipv6_network = (known after apply) + keep_disk = false + location = (known after apply) + name = "centos7" + server_type = "cx31" + ssh_keys = [ + "421205", ] + status = (known after apply) } # hcloud_server.debian9 will be created + resource "hcloud_server" "debian9" { + backup_window = (known after apply) + backups = false + datacenter = (known after apply) + id = (known after apply) + image = "debian-9" + ipv4_address = (known after apply) + ipv6_address = (known after apply) + ipv6_network = (known after apply) + keep_disk = false + location = (known after apply) + name = "debian9" + server_type = "cx21" + ssh_keys = [ + "421205", ] + status = (known after apply) } # hcloud_server.ubuntu18 will be created + resource "hcloud_server" "ubuntu18" { + backup_window = (known after apply) + backups = false + datacenter = (known after apply) + id = (known after apply) + image = "ubuntu-18.04" + ipv4_address = (known after apply) + ipv6_address = (known after apply) + ipv6_network = (known after apply) + keep_disk = false + location = (known after apply) + name = "ubuntu16" + server_type = "cx11" + ssh_keys = [ + "421205", ] + status = (known after apply) } Plan: 3 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes hcloud_server.ubuntu18: Creating... hcloud_server.centos7: Creating... hcloud_server.debian9: Creating... hcloud_server.centos7: Creation complete after 8s [id=2869955] hcloud_server.debian9: Creation complete after 8s [id=2869956] hcloud_server.ubuntu18: Creation complete after 8s [id=2869954] Apply complete! Resources: 3 added, 0 changed, 0 destroyed. Outputs: server_ip_centos7 = 116.203.44.172 server_ip_debian9 = 116.203.87.93 server_ip_ubuntu18 = 116.203.48.203 使用打印的IP地址测试对实例的访问: $ ssh root@116.203.44.172 Warning: Permanently added '116.203.44.172' (ECDSA) to the list of known hosts. [root@centos7 ~]# $ ssh root@116.203.87.93 Warning: Permanently added '116.203.87.93' (ECDSA) to the list of known hosts. Linux debian9 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1+deb9u3 (2019-06-16) x86_64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. root@debian9:~# $ ssh root@116.203.48.203 Warning: Permanently added '116.203.48.203' (ECDSA) to the list of known hosts. Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.15.0-50-generic x86_64) System information as of Sun Jun 30 21:25:40 CEST 2019 System load: 0.65 Processes: 87 Usage of /: 8.4% of 18.72GB Users logged in: 0 Memory usage: 6% IP address for eth0: 116.203.48.203 Swap usage: 0% 73 packages can be updated. 40 updates are security updates. root@ubuntu18:~#
五、销毁Terraform基础设施 要销毁Terraform管理的基础架构,请运行该命令: terraform destroy data.hcloud_ssh_key.ssh_key: Refreshing state... hcloud_server.centos7: Refreshing state... [id=2869955] hcloud_server.ubuntu18: Refreshing state... [id=2869954] hcloud_server.debian9: Refreshing state... [id=2869956] An execution plan has been generated and is shown below. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: # hcloud_server.centos7 will be destroyed - resource "hcloud_server" "centos7" { - backups = false -> null - datacenter = "nbg1-dc3" -> null - id = "2869955" -> null - image = "centos-7" -> null - ipv4_address = "116.203.44.172" -> null - ipv6_address = "2a01:4f8:c2c:83a2::" -> null - ipv6_network = "2a01:4f8:c2c:83a2::/64" -> null - keep_disk = false -> null - location = "nbg1" -> null - name = "centos7" -> null - server_type = "cx31" -> null - ssh_keys = [ - "421205", ] -> null - status = "running" -> null } # hcloud_server.debian9 will be destroyed - resource "hcloud_server" "debian9" { - backups = false -> null - datacenter = "nbg1-dc3" -> null - id = "2869956" -> null - image = "debian-9" -> null - ipv4_address = "116.203.87.93" -> null - ipv6_address = "2a01:4f8:c2c:44a6::" -> null - ipv6_network = "2a01:4f8:c2c:44a6::/64" -> null - keep_disk = false -> null - location = "nbg1" -> null - name = "debian9" -> null - server_type = "cx21" -> null - ssh_keys = [ - "421205", ] -> null - status = "running" -> null } # hcloud_server.ubuntu18 will be destroyed - resource "hcloud_server" "ubuntu18" { - backups = false -> null - datacenter = "nbg1-dc3" -> null - id = "2869954" -> null - image = "ubuntu-18.04" -> null - ipv4_address = "116.203.48.203" -> null - ipv6_address = "2a01:4f8:c2c:1006::" -> null - ipv6_network = "2a01:4f8:c2c:1006::/64" -> null - keep_disk = false -> null - location = "nbg1" -> null - name = "ubuntu16" -> null - server_type = "cx11" -> null - ssh_keys = [ - "421205", ] -> null - status = "running" -> null } Plan: 0 to add, 0 to change, 3 to destroy. Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value: yes hcloud_server.debian9: Destroying... [id=2869956] hcloud_server.centos7: Destroying... [id=2869955] hcloud_server.ubuntu18: Destroying... [id=2869954] hcloud_server.centos7: Destruction complete after 0s hcloud_server.ubuntu18: Destruction complete after 0s hcloud_server.debian9: Destruction complete after 0s 提示接受时,输入“yes”。 如果你不想要确认提示,请使用: terraform destroy -auto-approve 至此,目的达到。
相关主题 |