init
This commit is contained in:
commit
8bf2179f53
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
.terraform
|
||||
*tfstate*
|
24
.terraform.lock.hcl
Normal file
24
.terraform.lock.hcl
Normal file
@ -0,0 +1,24 @@
|
||||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/hetznercloud/hcloud" {
|
||||
version = "1.31.1"
|
||||
constraints = "1.31.1"
|
||||
hashes = [
|
||||
"h1:Rg94ZvIoKP2IkMl+WflNsIgNOS1P29/Fwa39WZHPQvU=",
|
||||
"zh:1ac55d8db278a85ee24a9269b0d85ee138242d9f8d9b9ba8b95dc4a02d659137",
|
||||
"zh:4720d6d96f0603c988bd95c963aa014b0e1b07fdc0b2c76fe3cb521a7ba54f1a",
|
||||
"zh:4c69e86d325de13247b887007b53f712ce53528d98c73f06ff0d757d1c6b52ac",
|
||||
"zh:560517e62d6f14feda622268adc9cfc3045440367b58b73fdd954804b72ae4a3",
|
||||
"zh:792e1b647dd583e42a5b65c104ffde7e8b77f173e08e62bf5ca6b4e901c10ff1",
|
||||
"zh:8046990a2d7b5cb304a4d959196a5dc642b81fd158b1da50d1dd72039ba2093d",
|
||||
"zh:885bb88cd934f68cbc2016c812b99a49fc3a358c19c82d14b9f3adde6d2497af",
|
||||
"zh:9f8728f650a30afc5bba6c97d40decdb3fd846db35e68659a7967262427ffa6b",
|
||||
"zh:a78b7369b6a077c8a82266515f1bbdfd1eaa98fc82fa3e34c1aa1bbadf4e5514",
|
||||
"zh:aaf306f40b7c3f48732437f15366f4ce042e3885b914f19f4652ac9b600899b1",
|
||||
"zh:af533eee1f85ce3126931f0c3c1fe455918f3525079e92e9d85ee391e42ff4fc",
|
||||
"zh:b0ce67d5ee900127a14e616c1f7463b211204627742b4051c1b33f464b97679e",
|
||||
"zh:b743cd1355ba7b37b60a66f79b0e779d8d6c8adc7bdec151d2b14994dec7b809",
|
||||
"zh:cdb210a89af1bf1563f0c933acd14b86a6a01e6289231e317cf5704abf54c9e6",
|
||||
]
|
||||
}
|
42
README.md
Normal file
42
README.md
Normal file
@ -0,0 +1,42 @@
|
||||
# terraform-tester
|
||||
|
||||
Testing out a potential infra tooling switch. For infra circle hackers.
|
||||
Terraform is really good for creating infrastructure, not configuring it.
|
||||
However, it allows some hooks to run bash scripts and the like. It's wayyyy
|
||||
easier to setup than Ansible.
|
||||
|
||||
## setup
|
||||
|
||||
Install Terraform:
|
||||
|
||||
```
|
||||
sudo apt-get update && sudo apt-get install -y gnupg software-properties-common curl
|
||||
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
|
||||
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
|
||||
sudo apt-get update && sudo apt-get install terraform
|
||||
```
|
||||
|
||||
## test
|
||||
|
||||
```
|
||||
$ terraform init
|
||||
$ terraform apply
|
||||
$ terraform destroy
|
||||
```
|
||||
|
||||
## files / commands
|
||||
|
||||
- **init**: downloads dependencies, stores them in `.terraform` (downloads hetzner plugin)
|
||||
- **apply**: generates a plan of what it will do, asks, then does it (creates the hetzner server)
|
||||
- **destroy**: reads the `.tfstate` files & reverses the state (destroys the hetzner server)
|
||||
- **newhetzner.tf**: the file that `terraform` reads to implement stuff
|
||||
- **.terraform.lock.hcl**: state file that makes us all get the same results for `terraform init`
|
||||
- **user_data.yml**: a `cloud-init` script which runs when the new hetzner VPS is created, provisioning commands!
|
||||
|
||||
## notes
|
||||
|
||||
- `*.tf` files are rough equivalent of ansible roles. once you run `terraform apply` it generates a state file. the next time someone runs `terraform apply`, the state file is read, `terraform plan` then automatically knows what servers are created, destroyed, etc. instead of having an inventory listing like we have for ansible, we have the actual `.tf` files & the state files (e.g. [this](https://git.autonomic.zone/autonomic-cooperative/terraform-tester/src/commit/f71daa1ea969bff2b08d846c361edae56e14fa75/newhetzner.tf#L16-L24))
|
||||
|
||||
- we can wire up minio as a "backend" (see [this](https://dickingwithdocker.com/2019/02/terraform-s3-remote-state-with-minio-and-docker/)) so that `terraform apply` will store the state files it generates there.
|
||||
|
||||
- unsure how to test but there is [this](https://www.hashicorp.com/blog/testing-hashicorp-terraform). i'd rather skip all the testing work, it somehow is not really worth it at our scale? i think tool usability is more important for us. can people using it understand what it is doing? then they'll probably be able to fix things.
|
29
newhetzner.tf
Normal file
29
newhetzner.tf
Normal file
@ -0,0 +1,29 @@
|
||||
terraform {
|
||||
required_providers {
|
||||
hcloud = {
|
||||
source = "hetznercloud/hcloud"
|
||||
version = "1.31.1"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
variable "hcloud_token" {}
|
||||
|
||||
provider "hcloud" {
|
||||
token = var.hcloud_token
|
||||
}
|
||||
|
||||
resource "hcloud_server" "web" {
|
||||
name = "terraform-test"
|
||||
image = "debian-10"
|
||||
server_type = "cx11"
|
||||
ssh_keys = [
|
||||
"lukewm@riseup.net"
|
||||
]
|
||||
user_data = file("user_data.yml")
|
||||
}
|
||||
|
||||
output "ipv4_addresses" {
|
||||
value = hcloud_server.web.ipv4_address
|
||||
description = "The ipv4 address of your new Hetzner Cloud VPS"
|
||||
}
|
13
user_data.yml
Normal file
13
user_data.yml
Normal file
@ -0,0 +1,13 @@
|
||||
#cloud-config
|
||||
package_update: true
|
||||
package_upgrade: true
|
||||
packages:
|
||||
- htop
|
||||
- ctop
|
||||
- ncdu
|
||||
write_files:
|
||||
- path: /etc/docker/daemon.json
|
||||
content: |
|
||||
{ "log-driver": "journald" }
|
||||
runcmd:
|
||||
- curl -fsSL https://get.docker.com | bash
|
Loading…
Reference in New Issue
Block a user