云网牛站
所在位置:首页 > Linux教程 > 使用Terraform在Hetzner Cloud上部署VM实例

使用Terraform在Hetzner Cloud上部署VM实例

2019-07-01 23:20:45作者:十寸稿源:云网牛站

我们将介绍如何使用Terraform在Hetzner Cloud上配置VM,在本文中,我将使用Terraform在Hetzner Cloud上创建三个实例,我们将为用于远程访问的实例添加一个ssh密钥,创建的三个VM将来自CentOS 7、Ubuntu 18.04和Debian 9 templates,我们将确保terraform输出创建的虚拟机的公共IP地址。

 

简介

Hetzner是一家位于德国的托管服务提供商,为专用物理服务器提供灵活的云端服务器和高端硬件,我将Hetzner用于我的部分托管服务和构建测试实验室,使用Terraform可确保将服务投入生产的效率和更快的方式,Terraform是一个开源基础架构,是HashiCorp创建的代码软件工具。Terraform允许你安全,可预测地创建,更改和改进基础架构,你的所有基础结构代码都可以保存在Git存储库中并进行版本控制。

安装Terraform参考文章:

在Linux操作系统中下载及安装Terraform 0.12.3的方法

在Ubuntu 18.04/CentOS 7中安装Terraform 0.11.11的方法

 

一、创建Terraform项目

让我们为Terraform项目创建一个文件夹:

$ mkdir -p  ~/automation/terraform/hetzner

$ cd ~/automation/terraform/hetzner

现在创建Terraform主配置文件:

touch main.tf

 

二、生成Hetzner API令牌

从Hetzner控制台获取API令牌,Terraform将使用该令牌与平台进行交互,导航到 https://console.hetzner.cloud/projects 并单击Access> API TOKENS> GENERATE API

使用Terraform在Hetzner Cloud上部署VM实例

为令牌指定一个描述性名称,然后点击生成按钮,请注意,生成的API令牌将会被使用。

 

三、将SSH密钥添加到Hetzner

如果你没有ssh密钥,请生成它:

$ ssh-keygen -q -N "" 

Enter file in which to save the key (/home/myuser/.ssh/id_rsa):

复制~/.ssh/id_rsa.pub中的内容:

$ xclip -sel clip ~/.ssh/id_rsa.pub

登录Hetzner控制台并将你的ssh密钥添加到Access> SSH KEYS> ADD SSH KEY

使用Terraform在Hetzner Cloud上部署VM实例

复制添加密钥后生成的指纹,如de:c7:80:23:5b:3e:28:52:1a:5d:0f:84:1b:fe:38:ec。

 

四、创建并修改Terraform配置文件

编辑Terraform配置文件并添加用于创建资源的数据:

############## Variables ###############

# Token variable

variable "hcloud_token" {

default = "PASTE_API_TOKEN_HERE"

}

# Define Hetzner provider

provider "hcloud" {

token = "${var.hcloud_token}"

}

# Obtain ssh key data

data "hcloud_ssh_key" "ssh_key" {

fingerprint = "PASTE_ADDED_SSH_KEY_FINGERPRINT_HERE"

}

# Create an Ubuntu 18.04 server

resource "hcloud_server" "ubuntu18" {

name = "ubuntu18"

image = "ubuntu-18.04"

server_type = "cx11"

ssh_keys  = ["${data.hcloud_ssh_key.ssh_key.id}"]

}

# Create Debian 9 server

resource "hcloud_server" "debian9" {

name = "debian9"

image = "debian-9"

server_type = "cx21"

ssh_keys  = ["${data.hcloud_ssh_key.ssh_key.id}"]

}

# Create CentOS 7 server

resource "hcloud_server" "centos7" {

name = "centos7"

image = "centos-7"

server_type = "cx31"

ssh_keys  = ["${data.hcloud_ssh_key.ssh_key.id}"]

}

# Output server IPs

output "server_ip_ubuntu18" {

value = "${hcloud_server.ubuntu18.ipv4_address}"

}

output "server_ip_centos7" {

value = "${hcloud_server.centos7.ipv4_address}"

}

output "server_ip_debian9" {

value = "${hcloud_server.debian9.ipv4_address}"

}

初始化Terraform工作目录:

$ terraform  init

Initializing the backend...

Initializing provider plugins...

- Checking for available provider plugins...

- Downloading plugin for provider "hcloud" (terraform-providers/hcloud) 1.10.0...

The following providers do not have any version constraints in configuration,

so the latest version was installed.

To prevent automatic upgrades to new major versions that may contain breaking changes, it is recommended to add version = "..." constraints to the corresponding provider blocks in configuration, with the constraint strings

suggested below.

* provider.hcloud: version = "~> 1.10"

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work.

If you ever set or change modules or backend configuration for Terraform,

rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary.

Terraform会自动将提供程序下载到.terraform目录:

$ tree .terraform/

.terraform/

└── plugins

  └── linux_amd64

    ├── lock.json

    └── terraform-provider-hcloud_v1.10.0_x4

2 directories, 2 files

要使用Terraform构建基础架构,请运行terraform apply:

$ terraform apply

样本输出如下:

data.hcloud_ssh_key.ssh_key: Refreshing state...

An execution plan has been generated and is shown below.

Resource actions are indicated with the following symbols:

+ create

Terraform will perform the following actions:

# hcloud_server.centos7 will be created

+ resource "hcloud_server" "centos7" {

+ backup_window = (known after apply)

+ backups       = false

+ datacenter    = (known after apply)

+ id            = (known after apply)

+ image         = "centos-7"

+ ipv4_address  = (known after apply)

+ ipv6_address  = (known after apply)

+ ipv6_network  = (known after apply)

+ keep_disk     = false

+ location      = (known after apply)

+ name          = "centos7"

+ server_type   = "cx31"

+ ssh_keys      = [

+ "421205",

]

+ status        = (known after apply)

}

# hcloud_server.debian9 will be created

+ resource "hcloud_server" "debian9" {

+ backup_window = (known after apply)

+ backups       = false

+ datacenter    = (known after apply)

+ id            = (known after apply)

+ image         = "debian-9"

+ ipv4_address  = (known after apply)

+ ipv6_address  = (known after apply)

+ ipv6_network  = (known after apply)

+ keep_disk     = false

+ location      = (known after apply)

+ name          = "debian9"

+ server_type   = "cx21"

+ ssh_keys      = [

+ "421205",

]

+ status        = (known after apply)

}

# hcloud_server.ubuntu18 will be created

+ resource "hcloud_server" "ubuntu18" {

+ backup_window = (known after apply)

+ backups       = false

+ datacenter    = (known after apply)

+ id            = (known after apply)

+ image         = "ubuntu-18.04"

+ ipv4_address  = (known after apply)

+ ipv6_address  = (known after apply)

+ ipv6_network  = (known after apply)

+ keep_disk     = false

+ location      = (known after apply)

+ name          = "ubuntu16"

+ server_type   = "cx11"

+ ssh_keys      = [

+ "421205",

]

+ status        = (known after apply)

}

Plan: 3 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?

Terraform will perform the actions described above.

Only 'yes' will be accepted to approve.

Enter a value: yes

hcloud_server.ubuntu18: Creating...

hcloud_server.centos7: Creating...

hcloud_server.debian9: Creating...

hcloud_server.centos7: Creation complete after 8s [id=2869955]

hcloud_server.debian9: Creation complete after 8s [id=2869956]

hcloud_server.ubuntu18: Creation complete after 8s [id=2869954]

Apply complete! Resources: 3 added, 0 changed, 0 destroyed.

Outputs:

server_ip_centos7 = 116.203.44.172

server_ip_debian9 = 116.203.87.93

server_ip_ubuntu18 = 116.203.48.203

使用打印的IP地址测试对实例的访问:

$ ssh root@116.203.44.172

Warning: Permanently added '116.203.44.172' (ECDSA) to the list of known hosts.

[root@centos7 ~]# 

$ ssh root@116.203.87.93

Warning: Permanently added '116.203.87.93' (ECDSA) to the list of known hosts.

Linux debian9 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1+deb9u3 (2019-06-16) x86_64

The programs included with the Debian GNU/Linux system are free software;

the exact distribution terms for each program are described in the

individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent

permitted by applicable law.

root@debian9:~# 

$ ssh root@116.203.48.203

Warning: Permanently added '116.203.48.203' (ECDSA) to the list of known hosts.

Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.15.0-50-generic x86_64)

System information as of Sun Jun 30 21:25:40 CEST 2019

System load:  0.65              Processes:           87

Usage of /:   8.4% of 18.72GB   Users logged in:     0

Memory usage: 6%                IP address for eth0: 116.203.48.203

Swap usage:   0%

73 packages can be updated.

40 updates are security updates.

root@ubuntu18:~#

 

五、销毁Terraform基础设施

要销毁Terraform管理的基础架构,请运行该命令:

terraform  destroy

data.hcloud_ssh_key.ssh_key: Refreshing state...

hcloud_server.centos7: Refreshing state... [id=2869955]

hcloud_server.ubuntu18: Refreshing state... [id=2869954]

hcloud_server.debian9: Refreshing state... [id=2869956]

An execution plan has been generated and is shown below.

Resource actions are indicated with the following symbols:

- destroy

Terraform will perform the following actions:

# hcloud_server.centos7 will be destroyed

- resource "hcloud_server" "centos7" {

- backups      = false -> null

- datacenter   = "nbg1-dc3" -> null

- id           = "2869955" -> null

- image        = "centos-7" -> null

- ipv4_address = "116.203.44.172" -> null

- ipv6_address = "2a01:4f8:c2c:83a2::" -> null

- ipv6_network = "2a01:4f8:c2c:83a2::/64" -> null

- keep_disk    = false -> null

- location     = "nbg1" -> null

- name         = "centos7" -> null

- server_type  = "cx31" -> null

- ssh_keys     = [

- "421205",

] -> null

- status       = "running" -> null

}

# hcloud_server.debian9 will be destroyed

- resource "hcloud_server" "debian9" {

- backups      = false -> null

- datacenter   = "nbg1-dc3" -> null

- id           = "2869956" -> null

- image        = "debian-9" -> null

- ipv4_address = "116.203.87.93" -> null

- ipv6_address = "2a01:4f8:c2c:44a6::" -> null

- ipv6_network = "2a01:4f8:c2c:44a6::/64" -> null

- keep_disk    = false -> null

- location     = "nbg1" -> null

- name         = "debian9" -> null

- server_type  = "cx21" -> null

- ssh_keys     = [

- "421205",

] -> null

- status       = "running" -> null

}

# hcloud_server.ubuntu18 will be destroyed

- resource "hcloud_server" "ubuntu18" {

- backups      = false -> null

- datacenter   = "nbg1-dc3" -> null

- id           = "2869954" -> null

- image        = "ubuntu-18.04" -> null

- ipv4_address = "116.203.48.203" -> null

- ipv6_address = "2a01:4f8:c2c:1006::" -> null

- ipv6_network = "2a01:4f8:c2c:1006::/64" -> null

- keep_disk    = false -> null

- location     = "nbg1" -> null

- name         = "ubuntu16" -> null

- server_type  = "cx11" -> null

- ssh_keys     = [

- "421205",

] -> null

- status       = "running" -> null

}

Plan: 0 to add, 0 to change, 3 to destroy.

Do you really want to destroy all resources?

Terraform will destroy all your managed infrastructure, as shown above.

There is no undo. Only 'yes' will be accepted to confirm.

Enter a value: yes

hcloud_server.debian9: Destroying... [id=2869956]

hcloud_server.centos7: Destroying... [id=2869955]

hcloud_server.ubuntu18: Destroying... [id=2869954]

hcloud_server.centos7: Destruction complete after 0s

hcloud_server.ubuntu18: Destruction complete after 0s

hcloud_server.debian9: Destruction complete after 0s

提示接受时,输入“yes”。

如果你不想要确认提示,请使用:

terraform destroy -auto-approve

至此,目的达到。

 

相关主题

在Linux系统下更改或更新SSH密钥密码的方法

精选文章
热门文章