[root@terraform lab1]# vi main.tf
terraform {
required_providers {
libvirt = {
source = "multani/libvirt"
version = "0.6.3-1+4"
}
}
}
provider "libvirt" {
alias = "hypervisor" # hyperisor의 ip를 host에 등록해야함
uri = "qemu+ssh://root@hypervisor/system"
}
terraform init
[root@terraform lab1]# terraform init
Initializing the backend...
Initializing provider plugins...
- Finding multani/libvirt versions matching "0.6.3-1+4"...
- Installing multani/libvirt v0.6.3-1+4...
- Installed multani/libvirt v0.6.3-1+4 (self-signed, key ID D888B151BEF9257A)
Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
[root@terraform lab1]# ls -al
total 12
drwxr-xr-x 3 root root 66 Oct 24 11:53 .
dr-xr-x---. 19 root root 4096 Oct 24 11:53 ..
-rw-r--r-- 1 root root 246 Oct 24 11:53 main.tf
drwxr-xr-x 3 root root 23 Oct 24 11:53 .terraform
-rw-r--r-- 1 root root 364 Oct 24 11:53 .terraform.lock.hcl
[root@terraform ~]# cd /cloudimg/
[root@terraform cloudimg]# wget https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2
--2022-10-24 12:27:25-- https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2
Resolving cloud.centos.org (cloud.centos.org)... 3.137.219.52
Connecting to cloud.centos.org (cloud.centos.org)|3.137.219.52|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 858783744 (819M) [application/octet-stream]
Saving to: ‘CentOS-7-x86_64-GenericCloud.qcow2’
100%[=====================================================================================================================================================================>] 858,783,744 950KB/s in 25m 18s
2022-10-24 12:52:44 (552 KB/s) - ‘CentOS-7-x86_64-GenericCloud.qcow2’ saved [858783744/858783744]
[root@terraform cloudimg]# cp CentOS-7-x86_64-GenericCloud.qcow2 centos-base.qcoe2
[root@terraform cloudimg]# virt-customize \
> -a centos-base.qcow2 \
> --root-password password:test123
[ 0.0] Examining the guest ...
[ 55.9] Setting a random seed
[ 56.0] Setting passwords
[ 58.6] Finishing off
[root@terraform cloudimg]# ll
total 1677312
-rw-r--r-- 1 root root 858783744 Apr 22 2020 CentOS-7-x86_64-GenericCloud.qcow2
-rw-r--r-- 1 root root 858783744 Oct 24 13:57 centos-base.qcow2
[root@terraform lab1]# vi instance.tf
# volume define
resource "libvirt_volume" "centos7vol" {
name = "centos7-1.qcow2"
pool = "default"
source = "/cloudimg/centos-base.qcow2"
format = "qcow2"
}
# instance define
resource "libvirt_domain" "centos7-1" {
name = "centos7-1"
memory = 1024
vcpu = 1
network_interface {
network_name = "default"
}
disk {
volume_id = "${libvirt_volume.centos7vol.id}"
}
console {
type = "pty"
target_type = "serial"
target_port = "0"
}
graphics {
type = "spice"
listen_type = "address"
autoport = true
}
}
# result
output "ip" {
value = "${libvirt_domain.centos7-1.network_interface.0.addresses}"
// network_interface의 첫 번째 인터페이스의 첫 번째 IP를 출력
}
[root@terraform lab1]# terraform plan
provider.libvirt.uri
libvirt connection URI for operations. See https://libvirt.org/uri.html
Enter a value:
uri를 등록했으나, uri를 물으며 진행되지 않는다.
[root@terraform lab1]# vi /etc/hosts
211.183.3.160 hypervisor
[root@terraform lab1]# ping hypervisor -c 3
PING hypervisor (211.183.3.160) 56(84) bytes of data.
64 bytes from hypervisor (211.183.3.160): icmp_seq=1 ttl=64 time=0.744 ms
64 bytes from hypervisor (211.183.3.160): icmp_seq=2 ttl=64 time=0.389 ms
64 bytes from hypervisor (211.183.3.160): icmp_seq=3 ttl=64 time=0.816 ms
--- hypervisor ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2040ms
rtt min/avg/max/mdev = 0.389/0.649/0.816/0.188 ms
[root@terraform lab1]# terraform plan
provider.libvirt.uri
libvirt connection URI for operations. See https://libvirt.org/uri.html
Enter a value:
여전히 uri를 물으며 진행되지 않는다
[root@terraform lab1]# export LIBVIRT_DEFAULT_URI="qemu+ssh://root@hypervisor/system"
[root@terraform lab1]# terraform plan
The authenticity of host 'hypervisor (211.183.3.160)' can't be established.
ECDSA key fingerprint is SHA256:OWYoZwU81It4tsmzDIFnv48Ry3Jhy67/l4Y1DT9ezq0.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
root@hypervisor's password:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# libvirt_domain.centos7-1 will be created
+ resource "libvirt_domain" "centos7-1" {
+ arch = (known after apply)
+ disk = [
+ {
+ block_device = null
+ file = null
+ scsi = null
+ url = null
+ volume_id = (known after apply)
+ wwn = null
},
]
+ emulator = (known after apply)
+ fw_cfg_name = "opt/com.coreos/config"
+ id = (known after apply)
+ machine = (known after apply)
+ memory = 1024
+ name = "centos7-1"
+ qemu_agent = false
+ running = true
+ vcpu = 1
+ console {
+ source_host = "127.0.0.1"
+ source_service = "0"
+ target_port = "0"
+ target_type = "serial"
+ type = "pty"
}
+ graphics {
+ autoport = true
+ listen_address = "127.0.0.1"
+ listen_type = "address"
+ type = "spice"
}
+ network_interface {
+ addresses = (known after apply)
+ hostname = (known after apply)
+ mac = (known after apply)
+ network_id = (known after apply)
+ network_name = "default"
}
}
# libvirt_volume.centos7vol will be created
+ resource "libvirt_volume" "centos7vol" {
+ format = "qcow2"
+ id = (known after apply)
+ name = "centos7-1.qcow2"
+ pool = "default"
+ size = (known after apply)
+ source = "/cloudimg/centos-base.qcow2"
}
Plan: 2 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ ip = (known after apply)
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.
terraform apply -auto-approve
[root@terraform lab1]# terraform apply -auto-approve
root@hypervisor's password:
libvirt_volume.centos7vol: Refreshing state... [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_domain.centos7-1: Refreshing state... [id=45cc54f9-2ee3-4da7-8b36-224dcc005e76]
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:
# libvirt_domain.centos7-1 has changed
~ resource "libvirt_domain" "centos7-1" {
id = "45cc54f9-2ee3-4da7-8b36-224dcc005e76"
name = "centos7-1"
# (10 unchanged attributes hidden)
~ network_interface {
~ addresses = [
+ "192.168.122.60",
]
# (4 unchanged attributes hidden)
}
# (2 unchanged blocks hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes.
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Changes to Outputs:
+ ip = [
+ "192.168.122.60",
]
You can apply this plan to save these new output values to the Terraform state, without changing any real infrastructure.
root@hypervisor's password:
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Outputs:
ip = tolist([
"192.168.122.60",
])
192.168.122.60
[root@hypervisor cloudimg]# virsh list --all
Id Name State
----------------------------------------------------
4 centos7-1 running
[root@hypervisor cloudimg]# virsh domifaddr centos7-1
Name MAC address Protocol Address
-------------------------------------------------------------------------------
vnet0 52:54:00:82:63:db ipv4 192.168.122.60/24
192.168.122.60
[root@hypervisor cloudimg]# virsh edit centos7-1
Domain centos7-1 XML configuration not changed.
[root@hypervisor cloudimg]# virsh console centos7-1
Connected to domain centos7-1
Escape character is ^]
CentOS Linux 7 (Core)
Kernel 3.10.0-1127.el7.x86_64 on an x86_64
localhost login: root
Password:
[root@localhost ~]#
[root@terraform lab1]# terraform destroy
root@hypervisor's password:
libvirt_volume.centos7vol: Refreshing state... [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_domain.centos7-1: Refreshing state... [id=45cc54f9-2ee3-4da7-8b36-224dcc005e76]
root@hypervisor's password:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# libvirt_domain.centos7-1 will be destroyed
- resource "libvirt_domain" "centos7-1" {
- arch = "x86_64" -> null
- autostart = false -> null
- cmdline = [] -> null
- disk = [
- {
- block_device = ""
- file = ""
- scsi = false
- url = ""
- volume_id = "/var/lib/libvirt/images/centos7-1.qcow2"
- wwn = ""
},
] -> null
- emulator = "/usr/libexec/qemu-kvm" -> null
- fw_cfg_name = "opt/com.coreos/config" -> null
- id = "45cc54f9-2ee3-4da7-8b36-224dcc005e76" -> null
- machine = "pc" -> null
- memory = 1024 -> null
- name = "centos7-1" -> null
- qemu_agent = false -> null
- running = true -> null
- vcpu = 1 -> null
- console {
- source_host = "127.0.0.1" -> null
- source_service = "0" -> null
- target_port = "0" -> null
- target_type = "serial" -> null
- type = "pty" -> null
}
- graphics {
- autoport = true -> null
- listen_address = "127.0.0.1" -> null
- listen_type = "address" -> null
- type = "spice" -> null
}
- network_interface {
- addresses = [
- "192.168.122.60",
] -> null
- mac = "52:54:00:82:63:DB" -> null
- network_id = "9c7ac5f0-39b3-4254-b82a-548e03907305" -> null
- network_name = "default" -> null
- wait_for_lease = false -> null
}
}
# libvirt_volume.centos7vol will be destroyed
- resource "libvirt_volume" "centos7vol" {
- format = "qcow2" -> null
- id = "/var/lib/libvirt/images/centos7-1.qcow2" -> null
- name = "centos7-1.qcow2" -> null
- pool = "default" -> null
- size = 8589934592 -> null
- source = "/cloudimg/centos-base.qcow2" -> null
}
Plan: 0 to add, 0 to change, 2 to destroy.
Changes to Outputs:
- ip = [
- "192.168.122.60",
] -> null
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
root@hypervisor's password:
libvirt_domain.centos7-1: Destroying... [id=45cc54f9-2ee3-4da7-8b36-224dcc005e76]
libvirt_domain.centos7-1: Destruction complete after 0s
libvirt_volume.centos7vol: Destroying... [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_volume.centos7vol: Destruction complete after 0s
Destroy complete! Resources: 2 destroyed.
[root@terraform lab1]#
[root@terraform lab1]# vi instance.tf
...
# instance define
resource "libvirt_domain" "centos7-1" {
name = "centos7-1"
memory = 1024
vcpu = 1
network_interface {
# network_name = "default"
bridge = "br0"
}
...
br0를 추가
[root@terraform lab1]# terraform plan
root@hypervisor's password:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# libvirt_domain.centos7-1 will be created
+ resource "libvirt_domain" "centos7-1" {
+ arch = (known after apply)
+ disk = [
+ {
+ block_device = null
+ file = null
+ scsi = null
+ url = null
+ volume_id = (known after apply)
+ wwn = null
},
]
+ emulator = (known after apply)
+ fw_cfg_name = "opt/com.coreos/config"
+ id = (known after apply)
+ machine = (known after apply)
+ memory = 1024
+ name = "centos7-1"
+ qemu_agent = false
+ running = true
+ vcpu = 1
+ console {
+ source_host = "127.0.0.1"
+ source_service = "0"
+ target_port = "0"
+ target_type = "serial"
+ type = "pty"
}
+ graphics {
+ autoport = true
+ listen_address = "127.0.0.1"
+ listen_type = "address"
+ type = "spice"
}
+ network_interface {
+ addresses = (known after apply)
+ bridge = "br0"
+ hostname = (known after apply)
+ mac = (known after apply)
+ network_id = (known after apply)
+ network_name = (known after apply)
}
}
# libvirt_volume.centos7vol will be created
+ resource "libvirt_volume" "centos7vol" {
+ format = "qcow2"
+ id = (known after apply)
+ name = "centos7-1.qcow2"
+ pool = "default"
+ size = (known after apply)
+ source = "/cloudimg/centos-base.qcow2"
}
Plan: 2 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ ip = (known after apply)
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.
[root@terraform lab1]# terraform apply
libvirt_volume.centos7vol: Creating...
libvirt_volume.centos7vol: Creation complete after 7s [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_domain.centos7-1: Creating...
libvirt_domain.centos7-1: Creation complete after 0s [id=98981cf6-8fda-4639-9f0c-b3688a6d43fa]
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
Outputs:
ip = tolist([])
[root@hypervisor cloudimg]# virsh list --all
Id Name State
----------------------------------------------------
[root@hypervisor cloudimg]# virsh list --all
Id Name State
----------------------------------------------------
5 centos7-1 running
[root@hypervisor cloudimg]#
[root@hypervisor cloudimg]# virsh console centos7-1
Connected to domain centos7-1
Escape character is ^]
CentOS Linux 7 (Core)
Kernel 3.10.0-1127.el7.x86_64 on an x86_64
localhost login: root
Password:
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 211.183.3.184 netmask 255.255.255.0 broadcast 211.183.3.255
inet6 fe80::5054:ff:fe82:4238 prefixlen 64 scopeid 0x20<link>
ether 52:54:00:82:42:38 txqueuelen 1000 (Ethernet)
RX packets 57 bytes 6791 (6.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 45 bytes 4166 (4.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
211.183.3.184
[root@terraform lab1]# ping 211.183.3.184 -c 3
PING 211.183.3.184 (211.183.3.184) 56(84) bytes of data.
64 bytes from 211.183.3.184: icmp_seq=1 ttl=64 time=1.29 ms
64 bytes from 211.183.3.184: icmp_seq=2 ttl=64 time=1.42 ms
64 bytes from 211.183.3.184: icmp_seq=3 ttl=64 time=1.68 ms
--- 211.183.3.184 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2005ms
rtt min/avg/max/mdev = 1.292/1.463/1.680/0.167 ms
[root@terraform lab1]# vi instance.tf
# instance define
resource "libvirt_domain" "centos7-1" {
name = "centos7-1"
memory = 1024
vcpu = 1
network_interface {
addresses = ["211.183.3.199"]
# network_name = "default"
bridge = "br0"
[root@terraform lab1]# terraform plan
root@hypervisor's password:
libvirt_volume.centos7vol: Refreshing state... [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_domain.centos7-1: Refreshing state... [id=98981cf6-8fda-4639-9f0c-b3688a6d43fa]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# libvirt_domain.centos7-1 will be updated in-place
~ resource "libvirt_domain" "centos7-1" {
id = "98981cf6-8fda-4639-9f0c-b3688a6d43fa"
name = "centos7-1"
# (11 unchanged attributes hidden)
~ network_interface {
~ addresses = [
+ "211.183.3.199",
]
# (3 unchanged attributes hidden)
}
# (2 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
Changes to Outputs:
~ ip = [
+ "211.183.3.199",
]
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.
[root@terraform lab1]# terraform apply -auto-approve
libvirt_domain.centos7-1: Modifying... [id=98981cf6-8fda-4639-9f0c-b3688a6d43fa]
libvirt_domain.centos7-1: Modifications complete after 0s [id=98981cf6-8fda-4639-9f0c-b3688a6d43fa]
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.
Outputs:
ip = tolist([
"211.183.3.199",
])
[root@terraform lab1]# ping 211.183.3.199 -c 3
PING 211.183.3.199 (211.183.3.199) 56(84) bytes of data.
From 211.183.3.150 icmp_seq=1 Destination Host Unreachable
From 211.183.3.150 icmp_seq=2 Destination Host Unreachable
From 211.183.3.150 icmp_seq=3 Destination Host Unreachable
--- 211.183.3.199 ping statistics ---
3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2048ms
pipe 3
안 된다. terraform과 libvirt의 호환이 완벽하지 않다. aws나 openstack으로 한다면 될 것이다.
[root@terraform lab1]# terraform destroy
root@hypervisor's password:
libvirt_volume.centos7vol: Refreshing state... [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_domain.centos7-1: Refreshing state... [id=98981cf6-8fda-4639-9f0c-b3688a6d43fa]
root@hypervisor's password:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# libvirt_domain.centos7-1 will be destroyed
- resource "libvirt_domain" "centos7-1" {
- arch = "x86_64" -> null
- autostart = false -> null
- cmdline = [] -> null
- disk = [
- {
- block_device = ""
- file = ""
- scsi = false
- url = ""
- volume_id = "/var/lib/libvirt/images/centos7-1.qcow2"
- wwn = ""
},
] -> null
- emulator = "/usr/libexec/qemu-kvm" -> null
- fw_cfg_name = "opt/com.coreos/config" -> null
- id = "98981cf6-8fda-4639-9f0c-b3688a6d43fa" -> null
- machine = "pc" -> null
- memory = 1024 -> null
- name = "centos7-1" -> null
- qemu_agent = false -> null
- running = true -> null
- vcpu = 1 -> null
- console {
- source_host = "127.0.0.1" -> null
- source_service = "0" -> null
- target_port = "0" -> null
- target_type = "serial" -> null
- type = "pty" -> null
}
- graphics {
- autoport = true -> null
- listen_address = "127.0.0.1" -> null
- listen_type = "address" -> null
- type = "spice" -> null
}
- network_interface {
- addresses = [] -> null
- bridge = "br0" -> null
- mac = "52:54:00:82:42:38" -> null
- wait_for_lease = false -> null
}
}
# libvirt_volume.centos7vol will be destroyed
- resource "libvirt_volume" "centos7vol" {
- format = "qcow2" -> null
- id = "/var/lib/libvirt/images/centos7-1.qcow2" -> null
- name = "centos7-1.qcow2" -> null
- pool = "default" -> null
- size = 8589934592 -> null
- source = "/cloudimg/centos-base.qcow2" -> null
}
Plan: 0 to add, 0 to change, 2 to destroy.
Changes to Outputs:
- ip = [
- "211.183.3.199",
] -> null
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
root@hypervisor's password:
libvirt_domain.centos7-1: Destroying... [id=98981cf6-8fda-4639-9f0c-b3688a6d43fa]
libvirt_domain.centos7-1: Destruction complete after 0s
libvirt_volume.centos7vol: Destroying... [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_volume.centos7vol: Destruction complete after 0s
Destroy complete! Resources: 2 destroyed.
[root@terraform lab1]# terraform apply -auto-approve
root@hypervisor's password:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# libvirt_domain.centos7-1 will be created
+ resource "libvirt_domain" "centos7-1" {
+ arch = (known after apply)
+ disk = [
+ {
+ block_device = null
+ file = null
+ scsi = null
+ url = null
+ volume_id = (known after apply)
+ wwn = null
},
]
+ emulator = (known after apply)
+ fw_cfg_name = "opt/com.coreos/config"
+ id = (known after apply)
+ machine = (known after apply)
+ memory = 1024
+ name = "centos7-1"
+ qemu_agent = false
+ running = true
+ vcpu = 1
+ console {
+ source_host = "127.0.0.1"
+ source_service = "0"
+ target_port = "0"
+ target_type = "serial"
+ type = "pty"
}
+ graphics {
+ autoport = true
+ listen_address = "127.0.0.1"
+ listen_type = "address"
+ type = "spice"
}
+ network_interface {
+ addresses = [
+ "211.183.3.199",
]
+ bridge = "br0"
+ hostname = (known after apply)
+ mac = (known after apply)
+ network_id = (known after apply)
+ network_name = (known after apply)
}
}
# libvirt_volume.centos7vol will be created
+ resource "libvirt_volume" "centos7vol" {
+ format = "qcow2"
+ id = (known after apply)
+ name = "centos7-1.qcow2"
+ pool = "default"
+ size = (known after apply)
+ source = "/cloudimg/centos-base.qcow2"
}
Plan: 2 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ ip = [
+ "211.183.3.199",
]
root@hypervisor's password:
libvirt_volume.centos7vol: Creating...
libvirt_volume.centos7vol: Creation complete after 7s [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_domain.centos7-1: Creating...
libvirt_domain.centos7-1: Creation complete after 1s [id=ea78d9d7-c7cf-40e8-8a7e-8e547dbd14bb]
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
Outputs:
ip = tolist([
"211.183.3.199",
])
[root@hypervisor cloudimg]# virsh console centos7-1
Connected to domain centos7-1
Escape character is ^]
CentOS Linux 7 (Core)
Kernel 3.10.0-1127.el7.x86_64 on an x86_64
localhost login: root
Password:
[root@localhost ~]# ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 211.183.3.185 netmask 255.255.255.0 broadcast 211.183.3.255
inet6 fe80::5054:ff:fe42:40dc prefixlen 64 scopeid 0x20<link>
ether 52:54:00:42:40:dc txqueuelen 1000 (Ethernet)
RX packets 50 bytes 6143 (5.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 39 bytes 3602 (3.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
211.183.3.199로 설정했으나 211.183.3.185로 설정되었다. libvirt는 네트워크 관련하여 terraform으로 설정 시 잘 적용되지 않는다.
[root@terraform lab1]# ssh-keygen -q -f /root/.ssh/mykey.pem -N ""
[root@terraform lab1]# ls /root/.ssh/
known_hosts mykey.pem mykey.pem.pub
[root@terraform lab1]# vi /etc/ssh/ssh_config
Host hypervisor
User root
IdentityFile /root/.ssh/mykey.pem
[root@terraform lab1]# cat /root/.ssh/mykey.pem.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuWlsRPxtF+Ei0jyFWMt1D6qe5wQN6wgdFexL9POTukgh2FQbVJdPJHHIq/tiDjGsF9QOiPPaZgAamN+6tD9hQNlS5yw0l+Tv9edHareLvZfl/iB0ttMyN30/yn+5oXWHpk+OSUKa8n7Nq2HAlUlNAPzRxPcU79ThitwMkjcHW8BSemgiRmML2i2FUb8fisxnEZyV0czqLD+ZFY0LxwRH4+tK+c/B3VtDWhLqBL2gtj2GpalLzV0IfPzEo7gQaEzmqSqUc257PAvvkt7rZ1YJFUO6ZiXbi7PG+C2iGtQuRRnjjftuV+Z1i2WXBWOOOMFL25qoDmGKPF3Qoo4tWJxDeN2EiWscaJKz+GFCmpwyaqD/yiKHOTtXxhfLzzo9OPIrvfw+/LdWIMo6MW0/W/xt2F7bcEjuhDQrDRYOCAnXuRepQd7rhFQ4ONiRR2XGJGWincb5Gby0QItv/IN+wPG0X2YvB3etCCGBMd1F7hDCfmMHczo1cLQBGbobFDZsXX38= root@terraform
복사하기
[root@hypervisor .ssh]# echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuWlsRPxtF+Ei0jyFWMt1D6qe5wQN6wgdFexL9POTukgh2FQbVJdPJHHIq/tiDjGsF9QOiPPaZgAamN+6tD9hQNlS5yw0l+Tv9edHareLvZfl/iB0ttMyN30/yn+5oXWHpk+OSUKa8n7Nq2HAlUlNAPzRxPcU79ThitwMkjcHW8BSemgiRmML2i2FUb8fisxnEZyV0czqLD+ZFY0LxwRH4+tK+c/B3VtDWhLqBL2gtj2GpalLzV0IfPzEo7gQaEzmqSqUc257PAvvkt7rZ1YJFUO6ZiXbi7PG+C2iGtQuRRnjjftuV+Z1i2WXBWOOOMFL25qoDmGKPF3Qoo4tWJxDeN2EiWscaJKz+GFCmpwyaqD/yiKHOTtXxhfLzzo9OPIrvfw+/LdWIMo6MW0/W/xt2F7bcEjuhDQrDRYOCAnXuRepQd7rhFQ4ONiRR2XGJGWincb5Gby0QItv/IN+wPG0X2YvB3etCCGBMd1F7hDCfmMHczo1cLQBGbobFDZsXX38= root@terraform" >> authorized_keys
hypervisor의 authorized_keys에 넣기
[root@terraform lab1]# terraform apply -auto-approve
libvirt_volume.centos7vol: Refreshing state... [id=/var/lib/libvirt/images/centos7-1.qcow2]
libvirt_domain.centos7-1: Refreshing state... [id=ea78d9d7-c7cf-40e8-8a7e-8e547dbd14bb]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# libvirt_domain.centos7-1 will be updated in-place
~ resource "libvirt_domain" "centos7-1" {
id = "ea78d9d7-c7cf-40e8-8a7e-8e547dbd14bb"
name = "centos7-1"
# (11 unchanged attributes hidden)
~ network_interface {
~ addresses = [
+ "211.183.3.199",
]
# (3 unchanged attributes hidden)
}
# (2 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
libvirt_domain.centos7-1: Modifying... [id=ea78d9d7-c7cf-40e8-8a7e-8e547dbd14bb]
libvirt_domain.centos7-1: Modifications complete after 0s [id=ea78d9d7-c7cf-40e8-8a7e-8e547dbd14bb]
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.
Outputs:
ip = tolist([
"211.183.3.199",
])
yes나 비밀번호를 묻지 않고 바로 프로비전 된다.
오픈스택은 두 가지 타임아웃에 대비해야 한다.
1. token의 유효기간: 1시간 -> keystone -> 10시간으로 늘리기
[root@localhost ~]# vi /etc/keystone/keystone.conf
[root@localhost ~]# systemctl set-default multi-user.target
Removed /etc/systemd/system/default.target.
Created symlink /etc/systemd/system/default.target → /usr/lib/systemd/system/multi-user.target.
https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-2003.qcow2.xz
[root@localhost ~]# xz -d CentOS-7-x86_64-GenericCloud-2003.qcow2.xz
[root@localhost ~]# openstack image create \
> "CentOS7" \
> --file CentOS-7-x86_64-GenericCloud-2003.qcow2 \
> --disk-format qcow2 \
> --container-format bare \
> --public
+------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
| container_format | bare |
| created_at | 2022-10-24T08:46:01Z |
| disk_format | qcow2 |
| file | /v2/images/5112e14c-3355-459f-8bad-e2881dc838f5/file |
| id | 5112e14c-3355-459f-8bad-e2881dc838f5 |
| min_disk | 0 |
| min_ram | 0 |
| name | CentOS7 |
| owner | 24def67482ac43e6bd6f0891524cf7ee |
| properties | os_hidden='False', owner_specified.openstack.md5='', owner_specified.openstack.object='images/CentOS7', owner_specified.openstack.sha256='' |
| protected | False |
| schema | /v2/schemas/image |
| status | queued |
| tags | |
| updated_at | 2022-10-24T08:46:01Z |
| visibility | public |
+------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
[root@localhost ~(keystone_admin)]# openstack image list
+--------------------------------------+---------+--------+
| ID | Name | Status |
+--------------------------------------+---------+--------+
| 5112e14c-3355-459f-8bad-e2881dc838f5 | CentOS7 | active |
| 519f20f8-3da6-4fd6-bf3c-da1ceb452a26 | cirros | active |
+--------------------------------------+---------+--------+
유익한 글 고맙습니다