terraform的實踐（二）

不是說繼續GitLab的CI/CD嗎，對，但是CI/CD想搞的是用terraform對接OpenStack做IaC，多復雜的系統也是一個一個簡單的模塊組合起來的，把每個模塊都整明白，整體系統成功也就是水到渠成的事兒，

以前實踐過terraform，但是再次實踐發現有了不同，這里記錄一下，

在GitLab所在主機安裝terraform，

curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -

sudo apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main"，

sudo apt install terraform，

對接OpenStack實現一個最簡單的IaC，就創建一個虛機，

需要準備以下文件，

sudo vim provider.tf

terraform {

 required_providers {

   openstack = {

     source = "terraform-provider-openstack/openstack"

   }

 }

}

provider "openstack" {

 user_name = "${var.openstack_user_name}"

 tenant_name = "${var.openstack_tenant_name}"

 password = "${var.openstack_password}"

 auth_url = "${var.openstack_auth_url}"

}

sudo vim variables.tf

variable "openstack_user_name" {}

variable "openstack_tenant_name" {}

variable "openstack_password" {}

variable "openstack_auth_url" {}

variable "image" {

 default = "cirros-0.5.2-x86_64-disk"

}

variable "flavor" {

 default = "m1.tiny"

}

variable "availability_zone" {

       default = "nova"

}

variable "security_group" {

       default = "default"

}

variable "network" {

       default = "ext-net"

}

sudo vim terraform.tfvars

openstack_user_name = "admin"

openstack_tenant_name = "admin"

openstack_password = "password"

openstack_auth_url = "http://10.90.11.100/identity/v3"

sudo vim deploy.tf

resource "openstack_compute_instance_v2" "cirros-vm" {

 count = "1"

 name = "cirros-1"

 image_name = "${var.image}"

 availability_zone = "${var.availability_zone}"

 flavor_name = "${var.flavor}"

 security_groups = ["${var.security_group}"]

 network {

   name = "${var.network}"

 }

}

連續執行，terraform init，terraform plan，terraform apply，

在OpenStack那邊查看，虛機出來了，沒問題，下周繼續奔著CI/CD前進。