IT Cloud. Eugeny Shtoltc
Чтение книги онлайн.

Читать онлайн книгу IT Cloud - Eugeny Shtoltc страница 50

СКАЧАТЬ list

      ID CREATE_TIME DURATION SOURCE IMAGES STATUS

      2b024d7e-87a9-4d2a-980b-4e7c108c5fad 2019-06-22T17: 13: 14 + 00: 00 28S [email protected] gcr.io/node-cluster-243923/nodejs:v0.0.2 SUCCESS

      6b4ae6ff-2f4a-481b-9f4e-219fafb5d572 2019-06-22T16: 57: 11 + 00: 00 29S [email protected] gcr.io/node-cluster-243923/nodejs:v0.0.1 SUCCESS

      e50df082-31a4-463b-abb2-d0f72fbf62cb 2019-06-22T16: 56: 48 + 00: 00 29S [email protected] gcr.io/node-cluster-243923/nodejs:v0.0.1 SUCCESS

      essh @ kubernetes-master: ~ / node-cluster / app / nodejs $ git tag -a latest -m 'fix'

      essh @ kubernetes-master: ~ / node-cluster / app / nodejs $ git push origin latest

      Counting objects: 1, done.

      Writing objects: 100% (1/1), 156 bytes | 156.00 KiB / s, done.

      Total 1 (delta 0), reused 0 (delta 0)

      To https://source.developers.google.com/p/node-cluster-243923/r/nodejs

      * [new tag] latest -> latest

      essh @ kubernetes-master: ~ / node-cluster / app / nodejs $ cd ../ ..

      Creating multiple environments with Terraform clusters

      When trying to create several clusters from the same configuration, we will encounter duplicate identifiers that must be unique, so we isolate them from each other by creating and placing them in different projects. To manually create a project, go to GCP -> Products -> IAM and administration -> Resource management and create a NodeJS-prod project and switch to the project, wait for its activation. Let's look at the state of the current project:

      essh @ kubernetes-master: ~ / node-cluster $ cat main.tf

      provider "google" {

      credentials = file ("./ kubernetes_key.json")

      project = "node-cluster-243923"

      region = "europe-west2"

      }

      module "kubernetes" {

      source = "./Kubernetes"

      }

      data "google_client_config" "default" {}

      module "Nginx" {

      source = "./nodejs"

      image = "gcr.io/node-cluster-243923/nodejs_cluster:latest"

      endpoint = module.kubernetes.endpoint

      access_token = data.google_client_config.default.access_token

      cluster_ca_certificate = module.kubernetes.cluster_ca_certificate

      }

      essh @ kubernetes-master: ~ / node-cluster $ gcloud config list project

      [core]

      project = node-cluster-243923

      Your active configuration is: [default]

      essh @ kubernetes-master: ~ / node-cluster $ gcloud config set project node-cluster-243923

      Updated property [core / project].

      essh @ kubernetes-master: ~ / node-cluster $ gcloud compute instances list

      NAME ZONE INTERNAL_IP EXTERNAL_IP STATUS

      gke-node-ks-default-pool-2e5073d4-csmg europe-north1-a 10.166.0.2 35.228.96.97 RUNNING

      gke-node-ks-node-ks-pool-ccbaf5c6-4xgc europe-north1-a 10.166.15.233 35.228.82.222 RUNNING

      gke-node-ks-default-pool-72a6d4a3-ldzg europe-north1-b 10.166.15.231 35.228.143.7 RUNNING

      gke-node-ks-node-ks-pool-9ee6a401-ngfn europe-north1-b 10.166.15.234 35.228.129.224 RUNNING

      gke-node-ks-default-pool-d370036c-kbg6 europe-north1-c 10.166.15.232 35.228.117.98 RUNNING

      gke-node-ks-node-ks-pool-d7b09e63-q8r2 europe-north1-c 10.166.15.235 35.228.85.157 RUNNING

      Switch gcloud and look at an empty project:

      essh @ kubernetes-master: ~ / node-cluster $ gcloud config set project node-cluster-prod-244519

      Updated property [core / project].

      essh @ kubernetes-master: ~ / node-cluster $ gcloud config list project

      [core]

      project = node-cluster-prod-244519

      Your active configuration is: [default]

      essh @ kubernetes-master: ~ / node-cluster $ gcloud compute instances list

      Listed 0 items.

      The previous time, for node-cluster-243923, we created a service account, on behalf of which we created a cluster. To work with multiple Terraform accounts, we will create a service account for the new project through IAM and Administration -> Service Accounts. We will need to make two separate folders to run Terraform separately in order to separate SSH connections that have different authorization keys. If we put both providers with different keys, we will get a successful connection for the first project, later when Terraform proceeds to create a cluster for the next project, it will be rejected due to the invalid key from the first project to the second. There is another possibility – to activate the account as a company account (you need a website and email, and check them by Google), then it will be possible to create projects from the code without using the admin panel. After dev environment:

      essh @ kubernetes-master: ~ / node-cluster $ ./terraform destroy

      essh @ kubernetes-master: ~ / node-cluster $ mkdir dev

      essh @ kubernetes-master: ~ / node-cluster $ cd dev /

      essh @ kubernetes-master: ~ / node-cluster / dev $ gcloud config set project node-cluster-243923

      Updated property [core / project].

      essh @ kubernetes-master: ~ / node-cluster / dev $ gcloud config list project

      [core]

      project = node-cluster-243923

      Your active configuration is: [default]

      essh @ kubernetes-master: ~ / node-cluster / dev $ ../kubernetes_key.json ../main.tf.

      essh @ kubernetes-master: ~ / node-cluster / dev $ cat main.tf

      provider "google" {

      alias = "dev"

      credentials = file ("./ kubernetes_key.json")

      project = "node-cluster-243923"

      region = "europe-west2"

      }

      module "kubernetes_dev" {

      source = "../Kubernetes"

СКАЧАТЬ