markdown 盐与Terraform一起使用的例子

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了markdown 盐与Terraform一起使用的例子相关的知识,希望对你有一定的参考价值。

In this example I am spinning up 2 web servers and 2 file servers using Terraform. During the provision process, Terraform will run a `remote-exec` script to bind the 4 new servers to the salt master server. 

## Export Variables

Substitute actual user and API key for `SL_USERNAME` and `SL_API_KEY`
```
export TF_VAR_slusername="SL_USERNAME"
export TF_VAR_slapikey="SL_API_KEY"
```

## Create terraform file
You will need to change the default values specified for `pub_vlan` and `priv_vlan` to specify the vlans you would like the VSIs deployed on. You will also need to change the `label` value specified for the sshkey. This needs to match the sshkey of the server you are running terraform from. This sshkey is used to log in to the remote hosts and run the post install script. 

```
variable slusername {}
variable slapikey {}
# The target operating system for the web nodes
variable os {
  default = "UBUNTU_LATEST_64"
}

# The number of cores each web virtual guest will recieve
variable vm_cores {
  default = 1
}
# The amount of memory each web virtual guest will recieve
variable vm_memory {
  default = 2048
}

variable pub_vlan {
  default = xxxxx
}

# The private vlan to deploy the virtual guests on to
variable priv_vlan {
  default = xxxxx
}

provider "ibm" {
  softlayer_username = "${var.slusername}"
  softlayer_api_key  = "${var.slapikey}"
}

data "ibm_compute_ssh_key" "sshkey" {
    label = "xxxxx"
}

resource "ibm_compute_vm_instance" "web" {
    count = "${var.node_count}"
    hostname = "web${count.index+1}"
    domain = "${var.domainname}"
    os_reference_code = "${var.os}"
    datacenter = "${var.datacenter}"
    network_speed = 1000
    hourly_billing = true
    private_network_only = false
    cores = "${var.vm_cores}"
    memory = "${var.vm_memory}"
    disks = [100]
    local_disk = false
    public_vlan_id = "${var.pub_vlan}"
    private_vlan_id = "${var.priv_vlan}"
    ssh_key_ids = ["${data.ibm_compute_ssh_key.sshkey.id}"]
    provisioner "file" {
    source      = "postinstall.sh"
    destination = "/tmp/postinstall.sh"
    }
    provisioner "remote-exec" {
    inline = [
      "chmod +x /tmp/postinstall.sh",
      "/tmp/postinstall.sh",
    ]
    }
    provisioner "file" {
    source      = "minion"
    destination = "/etc/salt/minion"
    }
}

resource "ibm_compute_vm_instance" "file" {
    count = "${var.node_count}"
    hostname = "file${count.index+1}"
    domain = "${var.domainname}"
    os_reference_code = "${var.os}"
    datacenter = "${var.datacenter}"
    network_speed = 1000
    hourly_billing = true
    private_network_only = false
    cores = "${var.vm_cores}"
    memory = "${var.vm_memory}"
    disks = [100]
    local_disk = false
    public_vlan_id = "${var.pub_vlan}"
    private_vlan_id = "${var.priv_vlan}"
    ssh_key_ids = ["${data.ibm_compute_ssh_key.sshkey.id}"]
    provisioner "file" {
    source      = "postinstall.sh"
    destination = "/tmp/postinstall.sh"
    }
    provisioner "remote-exec" {
    inline = [
      "chmod +x /tmp/postinstall.sh",
      "/tmp/postinstall.sh",
    ]
    }
    provisioner "file" {
    source      = "minion"
    destination = "/etc/salt/minion"
    }
}
```

## Post install script

This simple script installs the salt-minion deamon and sends its generated keys to the Salt master server

 ```
 #!/usr/bin/env bash

curl -L https://bootstrap.saltstack.com -o install_salt.sh
sh install_salt.sh -P -A saltmaster.cde.services
mv /etc/salt/minion /etc/salt/minion.bak
 ```

## minion file
This is the minion file that will be put on the salt-minion machines. Needs to be adjusted to match your salt-master server name (or IP) and salt-master key fringerprint. You can get the correct key by running the following command on your salt-master server `salt-key -F SALT_MASTER_NAME`. 

```
master: saltmaster.cde.services
master_finger: 'b8:3d:c0:83:42:b8:e1:f3:f9:db:59:59:d4:44:0f:ca:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx'
```
For instance on my testing box it looks like this (The key you are interested in is the `master.pub` key):

```
root@saltmaster:~# salt-key -F saltmaster
Local Keys:
master.pem:  73:4c:a4:4c:5d:79:79:d9:72:c8:cd:6a:3f:a1:56:cb:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
master.pub:  b8:3d:c0:83:42:b8:e1:f3:f9:db:59:59:d4:44:0f:ca:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
```

## Terraform apply

Running terraform apply will now provision the 4 new nodes and run the post install script. Once it completes you can run the following on the Salt-master server to verify the minions have had their keys sent:

```
root@saltmaster:~# salt-key --list all
Accepted Keys:
saltmaster.cde.services
Denied Keys:
Unaccepted Keys:
db1.cde.services
db2.cde.services
web1.cde.services
web2.cde.services
Rejected Keys:
```

You can now accept the minion keys.

```
root@saltmaster:/srv/salt# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
db1.cde.services
db2.cde.services
web1.cde.services
web2.cde.services
Proceed? [n/Y] y
Key for minion db1.cde.services accepted.
Key for minion db2.cde.services accepted.
Key for minion web1.cde.services accepted.
Key for minion web2.cde.services accepted.
```

## Apply the default states

So in my test I have 2 web servers and 2 db servers. I have set up the following `/srv/salt/top.sls` file:

```
root@saltmaster:/srv/salt# cat /srv/salt/top.sls
base:
  '*':
    - zsh
  'web*':
    - nginx
  'db*':
    - mysql
```

All hosts get zsh installed. Hosts that begin with web get nginx installed and hosts that begin with db get mysql-server and mysql-client installed. 

```
root@saltmaster:/srv/salt# tree -L 2 /srv/salt
/srv/salt
├── mysql
│   └── init.sls
├── nginx
│   └── init.sls
├── top.sls
└── zsh
    └── init.sls
```

To target all the machines run `salt '*' state.apply`

**snippet of output**
```
----------
          ID: mysql-server
    Function: pkg.installed
      Result: True
     Comment: The following packages were installed/updated: mysql-server
     Started: 19:57:43.961452
    Duration: 32283.098 ms
     Changes:
              ----------
              libaio1:
                  ----------
                  new:
                      0.3.110-2
                  old:
              libcgi-fast-perl:
                  ----------
                  new:
                      1:2.10-1
                  old:
              libcgi-pm-perl:
                  ----------
                  new:
                      4.26-1
                  old:
              libencode-locale-perl:
                  ----------
                  new:
                      1.05-1
                  old:
              libevent-core-2.0-5:
                  ----------
                  new:
                      2.0.21-stable-2ubuntu0.16.04.1
                  old:
              libfcgi-perl:
                  ----------
                  new:
                      0.77-1build1
                  old:
              libhtml-parser-perl:
                  ----------
                  new:
                      3.72-1
                  old:
              libhtml-tagset-perl:
                  ----------
                  new:
                      3.20-2
                  old:
              libhtml-template-perl:
                  ----------
                  new:
                      2.95-2
                  old:
              libhttp-date-perl:
                  ----------
                  new:
                      6.02-1
                  old:
              libhttp-message-perl:
                  ----------
                  new:
                      6.11-1
                  old:
              libio-html-perl:
                  ----------
                  new:
                      1.001-1
                  old:
              liblwp-mediatypes-perl:
                  ----------
                  new:
                      6.02-1
                  old:
              libtimedate-perl:
                  ----------
                  new:
                      2.3000-2
                  old:
              liburi-perl:
                  ----------
                  new:
                      1.71-1
                  old:
              mysql-client-5.7:
                  ----------
                  new:
                      5.7.20-0ubuntu0.16.04.1
                  old:
              mysql-client-core-5.7:
                  ----------
                  new:
                      5.7.20-0ubuntu0.16.04.1
                  old:
              mysql-common:
                  ----------
                  new:
                      5.7.20-0ubuntu0.16.04.1
                  old:
              mysql-common-5.6:
                  ----------
                  new:
                      1
                  old:
              mysql-server:
                  ----------
                  new:
                      5.7.20-0ubuntu0.16.04.1
                  old:
              mysql-server-5.7:
                  ----------
                  new:
                      5.7.20-0ubuntu0.16.04.1
                  old:
              mysql-server-core-5.7:
                  ----------
                  new:
                      5.7.20-0ubuntu0.16.04.1
                  old:
              timedate:
                  ----------
                  new:
                      1
                  old:
              virtual-mysql-client:
                  ----------
                  new:
                      1
                  old:
              virtual-mysql-client-core:
                  ----------
                  new:
                      1
                  old:
              virtual-mysql-server:
                  ----------
                  new:
                      1
                  old:
              virtual-mysql-server-core:
                  ----------
                  new:
                      1
                  old:
----------
          ID: mysql-common
    Function: pkg.installed
      Result: True
     Comment: All specified packages are already installed
     Started: 19:58:16.256561
    Duration: 1363.267 ms
     Changes:
----------
          ID: mysql-client
    Function: pkg.installed
      Result: True
     Comment: The following packages were installed/updated: mysql-client
     Started: 19:58:17.624257
    Duration: 2444.284 ms
     Changes:
              ----------
              mysql-client:
                  ----------
                  new:
                      5.7.20-0ubuntu0.16.04.1
                  old:

Summary for db2.cde.services
------------
Succeeded: 4 (changed=3)
Failed:    0
------------
Total states run:     4
Total run time:  49.533 s
```












以上是关于markdown 盐与Terraform一起使用的例子的主要内容,如果未能解决你的问题,请参考以下文章

javascript 这是Sequelize用户模型,具有令牌授权。通用盐与密码一起存储。

markdown Terraformについて调べた

markdown 用于将VSI部署到专用主机的Terraform示例

如何使 Azure 备份与 Terraform 一起使用?

markdown 用于在Centos 7上创建VSI和安装Docker Engine的Terraform示例文件

在 github 操作上将 terraform cloud 与 google 提供程序一起使用会出错