本人在上一篇的文章中已經(jīng)介紹了如何去創(chuàng)建 google cloud的 vm 的image 和 instance template了
url:
但是里面的操作是基于gcloud CLI的。
在實(shí)際項(xiàng)目上���, 我們對google cloud infra的change 更常有的是terraform���。 這里也簡單介紹下如何利用terraform去創(chuàng)建vm instance template 和對應(yīng)的vm
下面的內(nèi)容都是參考自官方terraform 文檔:
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance_from_template
創(chuàng)建 實(shí)例模板 vm instance template
首先在terraform的vm module里新建1個tf 文件 instance_template.tf, 其實(shí)terraform的module folder 內(nèi)是支持把內(nèi)容寫在多個文件的�, 比起單一的main.tf 來講更加容易管理
接下來就簡單了����, 我們可以把vm module原來了定義vm的代碼塊抄過來, 只是下面的部分需要注意修改:
resource "google_compute_instance_template" "vm-template-vpc0-subnet0-e2-small-tomcat" {
name = "vm-template-vpc0-subnet0-e2-small-tomcat"
machine_type = "e2-small"
disk {
source_image = "https://compute.googleapis.com/compute/v1/projects/jason-hsbc/global/images/e2-small-tomcat-image"
auto_delete = true
disk_size_gb = 20
boot = true
}
network_interface {
network = var.vpc0
subnetwork = var.vpc0_subnet0
}
service_account {
email = "vm-common@jason-hsbc.iam.gserviceaccount.com"
scopes = ["https://www.googleapis.com/auth/cloud-platform"]
}
# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#provisioning_model
# to reduce cost
scheduling {
automatic_restart = false # Scheduling must have preemptible be false when AutomaticRestart is true.
provisioning_model = "SPOT"
preemptible = true
instance_termination_action = "STOP"
}
can_ip_forward = false
}
注意修改的部分:
當(dāng)執(zhí)行玩terraform 一套命令后(init/plan/apply) , 1個新的vm instance template 就會被創(chuàng)建vm-template-vpc0-subnet0-e2-small-tomcat
[gateman@manjaro-x13 ~]$ gcloud compute instance-templates list
NAME MACHINE_TYPE PREEMPTIBLE CREATION_TIMESTAMP
e2-small-tomcat e2-small true 2023-12-18T11:31:14.226-08:00
vm-template-vpc0-subnet0-e2-small-tomcat e2-small true 2023-12-21T08:47:49.748-08:00
[gateman@manjaro-x13 ~]$ gcloud compute instance-templates describe vm-template-vpc0-subnet0-e2-small-tomcat
creationTimestamp: '2023-12-21T08:47:49.748-08:00'
description: ''
id: '7261720283884147418'
kind: compute
name: vm-template-vpc0-subnet0-e2-small-tomcat
properties:
disks:
- autoDelete: true
boot: true
deviceName: persistent-disk-0
index: 0
initializeParams:
diskSizeGb: '20'
diskType: pd-standard
sourceImage: projects/jason-hsbc/global/images/e2-small-tomcat-image
interface: SCSI
kind: compute
mode: READ_WRITE
type: PERSISTENT
machineType: e2-small
metadata:
fingerprint: t09GrcHA4z0=
kind: compute
networkInterfaces:
- kind: compute
name: nic0
network: https://www.googleapis.com/compute/v1/projects/jason-hsbc/global/networks/tf-vpc0
subnetwork: https://www.googleapis.com/compute/v1/projects/jason-hsbc/regions/europe-west2/subnetworks/tf-vpc0-subnet0
scheduling:
automaticRestart: false
instanceTerminationAction: STOP
onHostMaintenance: TERMINATE
preemptible: true
provisioningModel: SPOT
serviceAccounts:
- email: vm-common@jason-hsbc.iam.gserviceaccount.com
scopes:
- https://www.googleapis.com/auth/cloud-platform
selfLink: https://www.googleapis.com/compute/v1/projects/jason-hsbc/global/instanceTemplates/vm-template-vpc0-subnet0-e2-small-tomcat
[gateman@manjaro-x13 ~]$
創(chuàng)建 基于vm instance template 創(chuàng)建vm
這個也很簡單
首先繼續(xù)在vm module里添加1個新的tf文件 vm_from_template.tf
resource "google_compute_instance_from_template" "tf-vpc0-subnet0-vm21" {
name = "tf-vpc0-subnet0-vm21"
project = var.project_id
zone = var.zone_id
# from a instance template
source_instance_template = google_compute_instance_template.vm-template-vpc0-subnet0-e2-small-tomcat.self_link_unique
}
注意的是resource 那么不能是google_compute_instance 而是 google_compute_instance_from_template
但執(zhí)行玩terraform 命令一套后�, 1個新的vm會被創(chuàng)建
[gateman@manjaro-x13 ~]$ gcloud compute ssh tf-vpc0-subnet0-vm21 │
No zone specified. Using zone [europe-west2-c] for instance: [tf-vpc0-subnet0-vm21]. │
External IP address was not found; defaulting to using IAP tunneling. │
WARNING: │
│
To increase the performance of the tunnel, consider installing NumPy. For instructions, │
please see https://cloud.google.com/iap/docs/using-tcp-forwarding
│
Warning: Permanently added 'compute.442217657071685871' (ED25519) to the list of known hosts. │
Linux tf-vpc0-subnet0-vm21 5.10.0-26-cloud-amd
│
The programs included with the Debian GNU/Linux system are free software; │
the exact distribution terms for each program are described in the │
individual files in /usr/share/doc/*/copyright. │
│
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent │
permitted by applicable law. │
Last login: Mon Dec 18 17:25:44 2023 from 35.235.242.0 │
gateman@tf-vpc0-subnet0-vm21:~$ ps -ef | grep java │
gateman 608 1 9 16:55 ? 00:00:06 /usr/bin/java -Djava.util.logging.config.file=/home/gateman/server/tomcat10/conf/logging.properties -Djava.util.logging.│
manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security│
.SecurityListener.UMASK=0027 --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=j│
ava.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED -classpath /home/gateman/server/tomcat10/bin/bootstrap.jar:/home/gateman/server│
/tomcat10/bin/tomcat-juli.jar -Dcatalina.base=/home/gateman/server/tomcat10 -Dcatalina.home=/home/gateman/server/tomcat10 -Djava.io.tmpdir=/home/gateman/server/tomcat10/tem│
p org.apache.catalina.startup.Bootstrap start │
gateman 981 976 0 16:57 pts/0 00:00:00 grep java │
gateman@tf-vpc0-subnet0-vm21
測試過, 可以正確加載我們的自定義鏡像����, 也就是tomcat 已經(jīng)被安裝和啟動了
創(chuàng)建 基于vm 的單獨(dú)設(shè)置 可以覆蓋 Instance template 上相應(yīng)的值
這里做個測試
我在terraform加多1個resource tf-vpc0-subnet1-vm1
resource "google_compute_instance_from_template" "tf-vpc0-subnet0-vm21" {
name = "tf-vpc0-subnet0-vm21"
project = var.project_id
zone = var.zone_id
# from a instance template
source_instance_template = google_compute_instance_template.vm-template-vpc0-subnet0-e2-small-tomcat.self_link_unique
}
# The custom properties of vm_from_template could overwrite the pre-defined properties in instance template
resource "google_compute_instance_from_template" "tf-vpc0-subnet1-vm1" {
name = "tf-vpc0-subnet1-vm1"
project = var.project_id
zone = var.zone_id
network_interface {
network = "tf-vpc0"
subnetwork = "tf-vpc0-subnet1" # here the subnet property will overwrite the setting in instance template
}
# from a instance template
source_instance_template = google_compute_instance_template.vm-template-vpc0-subnet0-e2-small-tomcat.self_link_unique
}
其中 subnetwork 我顯式設(shè)為了 tf-vpc0-subnet1 , 而 模板上的subnet 是 tf-vpc0-subnet0
當(dāng)資源創(chuàng)建后, 可以見到subnet的值被 覆蓋了���, 相當(dāng)方便����。
[gateman@manjaro-x13 ~]$ gcloud compute instances describe tf-vpc0-subnet1-vm1
No zone specified. Using zone [europe-west2-c] for instance: [tf-vpc0-subnet1-vm1].
cpuPlatform: Intel Broadwell
creationTimestamp: '2023-12-21T10:20:06.917-08:00'
deletionProtection: false
disks:
- architecture: X86_
autoDelete: true
boot: true
deviceName: persistent-disk-0
diskSizeGb: '20'
guestOsFeatures:
- type: UEFI_COMPATIBLE
- type: VIRTIO_SCSI_MULTIQUEUE
- type: GVNIC
- type: SEV_CAPABLE
index: 0
interface: SCSI
kind: compute
licenses:
- https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-11-bullseye
mode: READ_WRITE
source: https://www.googleapis.com/compute/v1/projects/jason-hsbc/zones/europe-west2-c/disks/tf-vpc0-subnet1-vm1
type: PERSISTENT
fingerprint: 5624YdVwPFw=
id: '9061352765349510970'
kind: compute
labelFingerprint: 42WmSpB8rSM=
lastStartTimestamp: '2023-12-21T10:20:12.479-08:00'
machineType: https://www.googleapis.com/compute/v1/projects/jason-hsbc/zones/europe-west2-c/machineTypes/e2-small
metadata:
fingerprint: t09GrcHA4z0=
kind: compute
name: tf-vpc0-subnet1-vm1
networkInterfaces:
- fingerprint: z9Z5YCAsnOo=
kind: compute
name: nic0
network: https://www.googleapis.com/compute/v1/projects/jason-hsbc/global/networks/tf-vpc0
networkIP: 192.168.1.5
stackType: IPV4_ONLY
subnetwork: https://www.googleapis.com/compute/v1/projects/jason-hsbc/regions/europe-west2/subnetworks/tf-vpc0-subnet1
satisfiesPzs: true
scheduling:
automaticRestart: false
instanceTerminationAction: STOP
onHostMaintenance: TERMINATE
preemptible: true
provisioningModel: SPOT
selfLink: https://www.googleapis.com/compute/v1/projects/jason-hsbc/zones/europe-west2-c/instances/tf-vpc0-subnet1-vm1
serviceAccounts:
- email: vm-common@jason-hsbc.iam.gserviceaccount.com
scopes:
- https://www.googleapis.com/auth/cloud-platform
shieldedInstanceConfig:
enableIntegrityMonitoring: true
enableSecureBoot: false
enableVtpm: true
shieldedInstanceIntegrityPolicy:
updateAutoLearnPolicy: true
startRestricted: false
status: RUNNING
tags:
fingerprint: 42WmSpB8rSM=
zone: https://www.googleapis.com/compute/v1/projects/jason-hsbc/zones/europe-west2-c
[gateman@manjaro-x13 ~]$
