Use Terraform to manage OpenStack clusters
After having an OpenStack production environment and home lab for a while, I can say with certainty that provisioning workloads and management from both an admin and tenant perspective It is very important.
Terraform is an open source Infrastructure as Code (IaC) software tool for provisioning networks, servers, cloud platforms, etc. Terraform is a declarative language that serves as a blueprint for the infrastructure you are building. You can use Git to manage it, which has a powerful GitOps usage scenario.
This article introduces the basics of using Terraform to manage OpenStack clusters. I recreated the OpenStack demo project using Terraform.
Installing Terraform
I use CentOS as a springboard to run Terraform. According to the official documentation, the first step is to add the Hashicorp repository:
$ sudo dnf config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo
Next, install Terraform:
$ sudo dnf install terraform -y
Verify the installation:
$ terraform –version
If you see the version number returned , then you have Terraform installed.
Create a Terraform script for the OpenStack provider
In Terraform, you need a provider, which is a converter that Terraform calls your .tf Converts to an API call to the platform you are coordinating.
There are three types of providers: official, partner and community:
- Official providers are maintained by Hashicorp.
- Partner providers are maintained by technology companies that work with Hashicorp.
- Community providers are maintained by open source community members.
There is a good community provider of OpenStack in this link. To use this provider, create a .tf file and name it main.tf.
$ vi main.tf
Add the following content in main.tf:
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source= "terraform-provider-openstack/openstack"
version = "1.49.0"
}
}
}
provider "openstack" {
user_name = “OS_USERNAME”
tenant_name = “OS_TENANT”
password= “OS_PASSWORD”
auth_url= “OS_AUTH_URL”
region= “OS_REGION”
}You need to modify OS_USERNAME, OS_TENANT, OS_PASSWORD, OS_AUTH_URL and OS_REGION variables To work.
Create a Terraform management file
The focus of the OpenStack management file is to provision external networks, routes, users, images, tenant profiles, and quotas.
This example provides styles, routes to external networks, test images, tenant profiles and users.
First, create an AdminTF directory for provisioning resources:
$ mkdir AdminTF $ cd AdminTF
In main.tf, add The following:
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source= "terraform-provider-openstack/openstack"
version = "1.49.0"
}
}
}
provider "openstack" {
user_name = “OS_USERNAME”
tenant_name = “admin”
password= “OS_PASSWORD”
auth_url= “OS_AUTH_URL”
region= “OS_REGION”
}
resource "openstack_compute_flavor_v2" "small-flavor" {
name= "small"
ram = "4096"
vcpus = "1"
disk= "0"
flavor_id = "1"
is_public = "true"
}
resource "openstack_compute_flavor_v2" "medium-flavor" {
name= "medium"
ram = "8192"
vcpus = "2"
disk= "0"
flavor_id = "2"
is_public = "true"
}
resource "openstack_compute_flavor_v2" "large-flavor" {
name= "large"
ram = "16384"
vcpus = "4"
disk= "0"
flavor_id = "3"
is_public = "true"
}
resource "openstack_compute_flavor_v2" "xlarge-flavor" {
name= "xlarge"
ram = "32768"
vcpus = "8"
disk= "0"
flavor_id = "4"
is_public = "true"
}
resource "openstack_networking_network_v2" "external-network" {
name = "external-network"
admin_state_up = "true"
external = "true"
segments {
network_type = "flat"
physical_network = "physnet1"
}
}
resource "openstack_networking_subnet_v2" "external-subnet" {
name= "external-subnet"
network_id= openstack_networking_network_v2.external-network.id
cidr= "10.0.0.0/8"
gateway_ip= "10.0.0.1"
dns_nameservers = ["10.0.0.254", "10.0.0.253"]
allocation_pool {
start = "10.0.0.1"
end = "10.0.254.254"
}
}
resource "openstack_networking_router_v2" "external-router" {
name= "external-router"
admin_state_up= true
external_network_id = openstack_networking_network_v2.external-network.id
}
resource "openstack_images_image_v2" "cirros" {
name = "cirros"
image_source_url = "https://download.cirros-cloud.net/0.6.1/cirros-0.6.1-x86_64-disk.img"
container_format = "bare"
disk_format= "qcow2"
properties = {
key = "value"
}
}
resource "openstack_identity_project_v3" "demo-project" {
name = "Demo"
}
resource "openstack_identity_user_v3" "demo-user" {
name = "demo-user"
default_project_id = openstack_identity_project_v3.demo-project.id
password = "demo"
}Creating a Tenant Terraform File
As a Tenant, you would typically create virtual machines. You also create network and security groups for these virtual machines.
This example uses the user created by the Admin file above.
First, create a TenantTF directory for tenant-related provisioning:
$ mkdir TenantTF $ cd TenantTF
在 main.tf 中,添加以下内容:
terraform {
required_version = ">= 0.14.0"
required_providers {
openstack = {
source= "terraform-provider-openstack/openstack"
version = "1.49.0"
}
}
}
provider "openstack" {
user_name = “demo-user”
tenant_name = “demo”
password= “demo”
auth_url= “OS_AUTH_URL”
region= “OS_REGION”
}
resource "openstack_compute_keypair_v2" "demo-keypair" {
name = "demo-key"
public_key = "ssh-rsa ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ"
}
resource "openstack_networking_network_v2" "demo-network" {
name = "demo-network"
admin_state_up = "true"
}
resource "openstack_networking_subnet_v2" "demo-subnet" {
network_id = openstack_networking_network_v2.demo-network.id
name = "demo-subnet"
cidr = "192.168.26.0/24"
}
resource "openstack_networking_router_interface_v2" "demo-router-interface" {
router_id = “XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”
subnet_id = openstack_networking_subnet_v2.demo-subnet.id
}
resource "openstack_compute_instance_v2" "demo-instance" {
name= "demo"
image_id= "YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"
flavor_id = "3"
key_pair= "demo-key"
security_groups = ["default"]
metadata = {
this = "that"
}
network {
name = "demo-network"
}
}初始化你的 Terraform
创建 Terraform 文件后,你需要初始化 Terraform。
对于管理员:
$ cd AdminTF $ terraform init $ terraform fmt
对于租户:
$ cd TenantTF $ terraform init $ terraform fmt
命令解释:
-
terraform init 从镜像源下载提供者用于置备此项目。 -
terraform fmt 格式化文件,以便在仓库中使用。
创建一个 Terraform 计划
接下来,为你创建一个 计划plan,看看将创建哪些资源。
对于管理员:
$ cd AdminTF $ terraform validate $ terraform plan
对于租户:
$ cd TenantTF $ terraform validate $ terraform plan
命令解释:
-
terraform validate 验证 .tf 语法是否正确。 -
terraform plan 在缓存中创建一个计划文件,所有管理的资源在创建和销毁时都可以被跟踪。
应用你的第一个 TF
要部署资源,使用 terraform apply 命令。该命令应用计划文件中的所有资源状态。
对于管理员:
$ cd AdminTF $ terraform apply
对于租户:
$ cd TenantTF $ terraform apply
接下来的步骤
之前,我写了一篇关于在树莓派上部署最小 OpenStack 集群的 文章。你可以找到更详细的 Terraform 和 Ansible 配置,并通过 GitLab 实现一些 CI/CD。
The above is the detailed content of Use Terraform to manage OpenStack clusters. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1658
14
1415
52
1309
25
1257
29
1231
24
Having worked in operation and maintenance for more than ten years, there have been countless moments when I felt like I was still a novice...
Jun 09, 2023 pm 09:53 PM
Once upon a time, when I was a fresh graduate majoring in computer science, I browsed many job postings on recruitment websites. I was confused by the dazzling technical positions: R&D engineer, operation and maintenance engineer, test engineer... During college, my professional courses were so-so, not to mention having any technical vision, and I had no clear ideas about which technical direction to pursue. Until a senior student said to me: "Do operation and maintenance. You don't have to write code every day to do operation and maintenance. You just need to be able to play Liunx! It's much easier than doing development!" I chose to believe... I have been in the industry for more than ten years , I have suffered a lot, shouldered a lot of blame, killed servers, and experienced department layoffs. If someone tells me now that operation and maintenance is easier than development, then I will
Spring Cloud microservice architecture deployment and operation
Jun 23, 2023 am 08:19 AM
With the rapid development of the Internet, the complexity of enterprise-level applications is increasing day by day. In response to this situation, the microservice architecture came into being. With its modularity, independent deployment, and high scalability, it has become the first choice for enterprise-level application development today. As an excellent microservice architecture, Spring Cloud has shown great advantages in practical applications. This article will introduce the deployment and operation and maintenance of SpringCloud microservice architecture. 1. Deploy SpringCloud microservice architecture SpringCloud
Spring Boot Actuator Endpoint Revealed: Easily Monitor Your Application
Jun 09, 2023 pm 10:56 PM
1. Introduction to SpringBootActuator endpoint 1.1 What is Actuator endpoint SpringBootActuator is a sub-project used to monitor and manage SpringBoot applications. It provides a series of built-in endpoints (Endpoints) that can be used to view the status, operation status and operation indicators of the application. Actuator endpoints can be exposed to external systems in HTTP, JMX or other forms to facilitate operation and maintenance personnel to monitor, diagnose and manage applications. 1.2 The role and function of the endpoint The Actuator endpoint is mainly used to implement the following functions: providing health check of the application, including database connection, caching,
What is observability? Everything a beginner needs to know
Jun 08, 2023 pm 02:42 PM
The term observability originates from the engineering field and has become increasingly popular in the software development field in recent years. Simply put, observability is the ability to understand the internal state of a system based on external outputs. IBM defines observability as: Generally, observability refers to the degree to which the internal state or condition of a complex system can be understood based on knowledge of its external output. The more observable the system is, the faster and more accurate the process of locating the root cause of a performance issue can be without the need for additional testing or coding. In cloud computing, observability also refers to software tools and practices that aggregate, correlate, and analyze data from distributed application systems and the infrastructure that supports their operation in order to more effectively monitor, troubleshoot, and debug application systems. , thereby achieving customer experience optimization and service level agreement
What capabilities should PG database operation and maintenance tools cover?
Jun 08, 2023 pm 06:56 PM
Before the holidays, I collaborated with the PG China community to conduct an online live broadcast on how to use D-SMART to operate and maintain the PG database. It happened that one of my clients in the financial industry listened to my introduction and called over to chat. They are selecting database Xinchuang and have tried several domestic databases. Finally, they are going to choose TDSQL. I felt a little surprised at the time. They had been selecting domestic databases since 2020, but it seemed that the initial experience after using TDSQL was not very good. Later, after communication, I learned that they had just started using TDSQL's distributed database and found that the research and development requirements were too high, so they all chose TDSQL's centralized MYSQL instance. After using it, they found that it was very easy to use. The entire database cloud
Tuyou Zou Yi: How to operate and maintain small and medium-sized companies?
Jun 09, 2023 pm 01:56 PM
Through interviews and submissions, veterans in the field of operation and maintenance are invited to provide profound insights and collide together, with a view to forming some advanced consensus and promoting the industry to move forward better. In this issue, we invite Zou Yi, the operation and maintenance director of Tuyou Games. Mr. Zou often jokingly calls himself the operation and maintenance representative of the world's top 5 million companies. It can be seen that in his heart, he feels that the operation and maintenance construction ideas of small and medium-sized companies are different from those of large enterprises. There are differences. Today we have a few questions and ask Mr. Zou to share his journey of integrating research and operations for small and medium-sized companies. This is the 6th issue of the down-to-earth and high-level "Operation and Maintenance Forum", starting now! Question Preview Tuyou is a game company. What do you think are the unique features of game operation and maintenance? What are the biggest operational challenges you face? How did you solve these challenges? Game operation and maintenance people
Do you need to learn golang for operation and maintenance?
Jul 17, 2023 pm 01:27 PM
Don’t learn golang for operation and maintenance. The reasons are: 1. Golang is mainly used to develop applications with high performance and concurrent performance requirements; 2. The tools and scripting languages commonly used by operation and maintenance engineers can already meet most management and Maintenance requirements; 3. Learning golang requires a certain programming foundation and experience; 4. The main goal of the operation and maintenance engineer is to ensure the stability and high availability of the system, not to develop applications.
Du Xiaoman and Chen Cunli: 20-year-old 'commander' talks about operation and maintenance, performance and growth
Jun 09, 2023 am 09:56 AM
Through interviews and submissions, veterans in the field of operation and maintenance are invited to provide profound insights and collide together, with a view to forming some advanced consensus and promoting the industry to move forward better. In this issue, we invite Chen Cunli, general manager of Du Xiaoman System Operation and Maintenance Department. He has spent most of his 20-year career in the Internet field. During his time in the Baidu Operations and Maintenance Department, his team members called him "Commander Chen" due to his excellent leadership style. Today we invite "Commander Chen" to talk about his views. This is the 5th issue of the down-to-earth and high-level "Operation and Maintenance Forum", starting now! Question preview: You joined Baidu very early and later became independent with Du Xiaoman. We understand that many employees around you have been following you for a long time and have experienced many business operation and maintenance tests. I believe everyone is very interested.
