From d059ea4db8939e1f72ca3fa3ba8fb5d91669bb32 Mon Sep 17 00:00:00 2001 From: adrianAriasMorago <83167546+adrianAriasMorago@users.noreply.github.com> Date: Thu, 22 Jul 2021 10:40:59 +0200 Subject: [PATCH 1/5] Create README.md --- README.md | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..7d06ddc --- /dev/null +++ b/README.md @@ -0,0 +1,97 @@ +UNIR Caso Práctico +Este cáso práctico está diseñado para funcionar con Terraform-Ansible-Azure. Desplegará un ambiente Kubernetes conformado por: + +1 Master +2 Workers +1 Servidor nfs + + + + +Preparación del entorno de ejecución +*) Clonamos repositorio + +git clone git@github.com:adrianAriasMorago/Azure.git +*) Creamos los directorios donde persistiremos los datos + + + +az login +*) Definimos el subscription id que utilizaremos. Reemplzar por el valor correspondiente a la subscripción que se quiere utilizar dentro de nuestra mv + +az account set --subscription="927d0301-3031-467c-9b95-a3d0135304a7" +*) Creación de un Service Principal que utilizaremos en Terraform + +az ad sp create-for-rbac --role="Contributor" +Habiendo creado nuestro Service Principal crearemos el archivo /SAFE_VOLUME/terraform/credentials.tf, el que contendrá los siguientes campos + +provider "azurerm" { + subscription_id = "Valor del id de subscripción que utilizaremos" + client_id = "Valor de appId obtenido en el paso anterior" + client_secret = "Valor de password obtenido en el paso anterior" + tenant_id = "Valor de tenant obtenido en el paso anterior" + + features {} +} + + +Estado local/remoto de Terraform +Es posible guardar nuestro estado de Terraform de forma remota. De esta manera, si tenemos cualquier problema con nuestro directorio de trabajo, o si trabajamos con otras personas en la misma solución el estado queda almacenado en la nube y podemos recuperar los últimos cambios de forma automática. + + + + +provider "azurerm" { + features {} + subscription_id = "XXXXXXX" + client_id = "XXXXXXX" + client_secret = "XXXXXXXX" + tenant_id = "XXXXXXXX" +} + +Ubicación geográfica de la solución +Actualmente la solución está pensada para ejecutarse en "West Europe", si quisieras ejecutarla en otra ubicación sólo deberís cambiar el valor de "location" dentro de /SAFE_VOLUME/terraform/correccion-vars.tf + +Nombre de la cuenta de almacenamiento +Deberás ingresar un valor para storage_account dentro de correccion-vars.tf + +Generacion de clave publica privada + +ssh-keygen -t rsa + +user@localhost: ssh-keygen -t rsa +Generating public/private rsa key pair. +Enter file in which to save the key (/home/youruser/.ssh/id_rsa): +Enter passphrase (empty for no passphrase): +Enter same passphrase again: +Your identification has been saved in id_rsa. +Your public key has been saved in id_rsa.pub. +The key fingerprint is: +16:8e:e8:f2:1d:c9:b9:cf:43:9a:b3:3c:c1:1f:95:93 user@localhost + +Esto creará una clave privada escrita en /home/user/.ssh/id_dsa y una clave pública escrita en /home/user/.ssh/id_dsa.pub. + +continuación, tendrás que escribir la ubicación del archivo en el que deseas guardar la clave privada. +Enter file in which to save the key (/home/youruser/.ssh/id_rsa): + +La key pública se guardará en la misma ubicación, con el mismo nombre de archivo, pero con la extensión .pub. + + + + +Nombre de usuario para la conexión SSH +Si quisieras podrís elegir el nombre de usuario para conectarte a los servidores via SSH. Para poder seleccionar el nombre sólo debes cambiar el valor de "ssh_user" dentro de correccion-vars.tf + +Prefijo de identificación único +Deberás ingresar un valor para prefix dentro de /variables.tf. Es un prefijo de texto que se utilizará para identificar recursos únicos. + +A +Dirección IP pública con permisos de acceso +Deberás ingresar un valor para my_ip dentro de variables.tf. Es la dirección IP pública de la máquina desde la que se ejecuta Terraform + Ansible para poder conectar vía SSH + +Ejecución + +terraforn ini en la ruta donde esta el directorio con los ficheros .tf y una vez lanzado luego se lanza el terraforn apply + + + From 92a8a7a4c51b9c50018b275fcf945930441e44a3 Mon Sep 17 00:00:00 2001 From: adrianAriasMorago <83167546+adrianAriasMorago@users.noreply.github.com> Date: Thu, 22 Jul 2021 10:59:18 +0200 Subject: [PATCH 2/5] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7d06ddc..4b66fb0 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ az account set --subscription="927d0301-3031-467c-9b95-a3d0135304a7" *) Creación de un Service Principal que utilizaremos en Terraform az ad sp create-for-rbac --role="Contributor" -Habiendo creado nuestro Service Principal crearemos el archivo /SAFE_VOLUME/terraform/credentials.tf, el que contendrá los siguientes campos +Habiendo creado nuestro Service Principal crearemos el archivo credentials.tf, el que contendrá los siguientes campos provider "azurerm" { subscription_id = "Valor del id de subscripción que utilizaremos" From 3faf96864cf6d51cee5707f7890ee60cac7aa8a0 Mon Sep 17 00:00:00 2001 From: adrianAriasMorago <83167546+adrianAriasMorago@users.noreply.github.com> Date: Thu, 22 Jul 2021 11:08:38 +0200 Subject: [PATCH 3/5] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4b66fb0..e454d53 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ provider "azurerm" { } Ubicación geográfica de la solución -Actualmente la solución está pensada para ejecutarse en "West Europe", si quisieras ejecutarla en otra ubicación sólo deberís cambiar el valor de "location" dentro de /SAFE_VOLUME/terraform/correccion-vars.tf +Actualmente la solución está pensada para ejecutarse en "West Europe", si quisieras ejecutarla en otra ubicación sólo deberís cambiar el valor de "location" dentro de correccion-vars.tf Nombre de la cuenta de almacenamiento Deberás ingresar un valor para storage_account dentro de correccion-vars.tf From b72ffc0d1f0abe680b466111ca64d3891b8cf4ea Mon Sep 17 00:00:00 2001 From: adrianAriasMorago <83167546+adrianAriasMorago@users.noreply.github.com> Date: Fri, 23 Jul 2021 15:15:11 +0200 Subject: [PATCH 4/5] Add files via upload --- ansible/ansible.cfg | 18 + ansible/hosts | 23 + ansible/playbooks/KUBERNETES/k8s-master.yml | 11 + ansible/playbooks/NFS/exports.j2 | 11 + ansible/playbooks/NFS/nfs-client.yml | 31 + ansible/playbooks/NFS/nfs-server.yml | 51 ++ ansible/playbooks/NFS/variables.yml | 30 + terraform/credentials.tf | 9 + terraform/terraform.tfstate | 664 +++++++++++++++++++- 9 files changed, 845 insertions(+), 3 deletions(-) create mode 100644 ansible/ansible.cfg create mode 100644 ansible/hosts create mode 100644 ansible/playbooks/KUBERNETES/k8s-master.yml create mode 100644 ansible/playbooks/NFS/exports.j2 create mode 100644 ansible/playbooks/NFS/nfs-client.yml create mode 100644 ansible/playbooks/NFS/nfs-server.yml create mode 100644 ansible/playbooks/NFS/variables.yml create mode 100644 terraform/credentials.tf diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg new file mode 100644 index 0000000..92d6cae --- /dev/null +++ b/ansible/ansible.cfg @@ -0,0 +1,18 @@ +# config file for ansible -- https://ansible.com/ +[defaults] +inventory = hosts +ansible.host_key_checking = false +host_key_checking = False +command_warnings = False +private_key_file = ~/.ssh/id_rsa +ansible_ssh_user=adminCP2 + +[inventory] +[privilege_escalation] +[paramiko_connection] +[ssh_connection] +[persistent_connection] +[accelerate] +[selinux] +[colors] +[diff] diff --git a/ansible/hosts b/ansible/hosts new file mode 100644 index 0000000..d52134b --- /dev/null +++ b/ansible/hosts @@ -0,0 +1,23 @@ +[master] +51.144.114.109 + +[nfs] +51.136.22.196 + +[workers] +104.46.60.220 +40.91.221.238 + +[all:children] +master +workers +nfs + +[k8s:children] +master +workers + +#Usuario SSH para el grupo nfs +[all:vars] +ansible_ssh_user=adminCP2 + diff --git a/ansible/playbooks/KUBERNETES/k8s-master.yml b/ansible/playbooks/KUBERNETES/k8s-master.yml new file mode 100644 index 0000000..6879940 --- /dev/null +++ b/ansible/playbooks/KUBERNETES/k8s-master.yml @@ -0,0 +1,11 @@ +--- +- hosts: k8s + become: yes + gather_facts: false + vars_files: + - variables.yml + tasks: + # + - name: Pulling images + shell: firewall-cmd --permanent --add-service=nfs + \ No newline at end of file diff --git a/ansible/playbooks/NFS/exports.j2 b/ansible/playbooks/NFS/exports.j2 new file mode 100644 index 0000000..152d298 --- /dev/null +++ b/ansible/playbooks/NFS/exports.j2 @@ -0,0 +1,11 @@ +# /etc/exports: the access control list for filesystems which may be exported +# to NFS clients. See exports(5). +# +# Example for NFSv2 and NFSv3: +# /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) +# +# Example for NFSv4: +# /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) +# /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) +# +/nfsdir *(rw,sync,no_root_squash,no_subtree_check) \ No newline at end of file diff --git a/ansible/playbooks/NFS/nfs-client.yml b/ansible/playbooks/NFS/nfs-client.yml new file mode 100644 index 0000000..f7cd158 --- /dev/null +++ b/ansible/playbooks/NFS/nfs-client.yml @@ -0,0 +1,31 @@ +- hosts: workers + become: yes + gather_facts: false + vars_files: + - variables.yml + #instalamos NFS utils en los clientes + tasks: + - name: Ensure NFS utils is installed. + yum: + name: nfs-utils + state: installed + + # Creamos un directorio para el cliente NFS + - name: Create mountable dir + file: + path: "{{ item }}" + state: directory + mode: 644 + owner: root + group: root + with_items: "{{ nfs_directory_client }}" + + # Montamos el FS en el cliente + - name: Mount NFS volume + mount: + src: 10.0.10.22:/nfsdir + path: "{{ item }}" + opts: rw,sync + state: mounted + fstype: nfs + with_items: "{{ nfs_directory_client }}" \ No newline at end of file diff --git a/ansible/playbooks/NFS/nfs-server.yml b/ansible/playbooks/NFS/nfs-server.yml new file mode 100644 index 0000000..8796f7d --- /dev/null +++ b/ansible/playbooks/NFS/nfs-server.yml @@ -0,0 +1,51 @@ +--- +- hosts: nfs + become: yes + gather_facts: false + vars_files: + - variables.yml + tasks: + # Creamos un directorio para exportar el NFS + - name: Create mountable dir + file: + path: "{{ item }}" + state: directory + mode: 644 + owner: root + group: root + with_items: "{{ nfs_directory }}" + # Instalamos los paquetes requeridos para el NFS server + - name: Ensure NFS utilities are installed. + yum: + name: "{{ item }}" + state: installed + with_items: "{{ nfs_packages }}" + # Copiamos el archivo de exports en en la configuracion del NFS + - name: copy /etc/exports + template: + src: "{{ item }}" + dest: /etc/exports + owner: root + group: root + with_items: "{{ nfs_exports }}" + #Habilitamos los puertos indicados en el archivo env + - name: Allow Network Ports in Firewalld for nfs + firewalld: + port: "{{ item }}" + state: enabled + permanent: yes + with_items: "{{ nfs_ports }}" + # Permitimos el trafico para los servicios de NFS + - name: Permit traffic NFS services + firewalld: + service: "{{ item }}" + permanent: yes + state: enabled + with_items: "{{ nfs_firewall }}" + # Reiniciamos los servicios de NFS + - name: restart nfs server + service: + name: "{{ item }}" + state: restarted + enabled: yes + with_items: "{{ nfs_services }}" \ No newline at end of file diff --git a/ansible/playbooks/NFS/variables.yml b/ansible/playbooks/NFS/variables.yml new file mode 100644 index 0000000..128eb72 --- /dev/null +++ b/ansible/playbooks/NFS/variables.yml @@ -0,0 +1,30 @@ +--- +## SERVER +nfs_directory: +- /nfsdir + +nfs_packages: +- nfs-utils + +nfs_exports: +- exports.j2 + +nfs_ports: +- "2049/tcp" +- "2049/udp" +- "111/tcp" +- "111/udp" + +nfs_firewall: +- rpc-bind +- mountd + +nfs_services: +- rpcbind.service +- nfs-server.service +- firewalld.service + +##CLIENT + +nfs_directory_client: +- /nfsmount \ No newline at end of file diff --git a/terraform/credentials.tf b/terraform/credentials.tf new file mode 100644 index 0000000..cd05723 --- /dev/null +++ b/terraform/credentials.tf @@ -0,0 +1,9 @@ +# +# provider "azurerm" { +# features {} +# subscription_id = "927d0301-3031-467c-9b95-a3d0135304a7" +# client_id = "6d28fbbe-54d5-4540-9241-b218ff1a9a59" +# client_secret = "e~tD~rjfHWELBfhBKkC1hMCAtNbPNbKAfD" +# tenant_id = "899789dc-202f-44b4-8472-a6d40f9eb440" +# } +# diff --git a/terraform/terraform.tfstate b/terraform/terraform.tfstate index 05f4150..6508b63 100644 --- a/terraform/terraform.tfstate +++ b/terraform/terraform.tfstate @@ -1,8 +1,666 @@ { "version": 4, "terraform_version": "1.0.2", - "serial": 106, - "lineage": "735f5f33-65fa-0665-3c92-8edccedaf9ed", + "serial": 18, + "lineage": "01f49f9e-8225-60c6-f32d-3c0efa7ca25e", "outputs": {}, - "resources": [] + "resources": [ + { + "mode": "managed", + "type": "azurerm_linux_virtual_machine", + "name": "Mastername", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [] + }, + { + "mode": "managed", + "type": "azurerm_linux_virtual_machine", + "name": "workers", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [] + }, + { + "mode": "managed", + "type": "azurerm_network_interface", + "name": "myNic1", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "applied_dns_servers": [], + "dns_servers": [], + "enable_accelerated_networking": false, + "enable_ip_forwarding": false, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnicks8master.azure", + "internal_dns_name_label": "", + "internal_domain_name_suffix": "tuurhtc41qnureb0u2eyqy5y4e.ax.internal.cloudapp.net", + "ip_configuration": [ + { + "name": "myipconfigurationks8master.azure", + "primary": true, + "private_ip_address": "10.0.10.10", + "private_ip_address_allocation": "Static", + "private_ip_address_version": "IPv4", + "public_ip_address_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/publicIPAddresses/PublicIPks8master.azure", + "subnet_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/virtualNetworks/kubernetesnet/subnets/terraformsubnet" + } + ], + "location": "westeurope", + "mac_address": "", + "name": "vmnicks8master.azure", + "private_ip_address": "10.0.10.10", + "private_ip_addresses": [ + "10.0.10.10" + ], + "resource_group_name": "kubernetes_rg", + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "virtual_machine_id": "" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_public_ip.myPublicIp1", + "azurerm_resource_group.rg", + "azurerm_subnet.mySubnet", + "azurerm_virtual_network.myNet" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_network_interface", + "name": "myNic2", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "applied_dns_servers": [], + "dns_servers": [], + "enable_accelerated_networking": false, + "enable_ip_forwarding": false, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnick8sworker01.azure", + "internal_dns_name_label": "", + "internal_domain_name_suffix": "tuurhtc41qnureb0u2eyqy5y4e.ax.internal.cloudapp.net", + "ip_configuration": [ + { + "name": "myipconfigurationk8sworker01.azure", + "primary": true, + "private_ip_address": "10.0.10.20", + "private_ip_address_allocation": "Static", + "private_ip_address_version": "IPv4", + "public_ip_address_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/publicIPAddresses/PublicIPk8sworker01.azure", + "subnet_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/virtualNetworks/kubernetesnet/subnets/terraformsubnet" + } + ], + "location": "westeurope", + "mac_address": "", + "name": "vmnick8sworker01.azure", + "private_ip_address": "10.0.10.20", + "private_ip_addresses": [ + "10.0.10.20" + ], + "resource_group_name": "kubernetes_rg", + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "virtual_machine_id": "" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_public_ip.myPublicIp2", + "azurerm_resource_group.rg", + "azurerm_subnet.mySubnet", + "azurerm_virtual_network.myNet" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "applied_dns_servers": [], + "dns_servers": [], + "enable_accelerated_networking": false, + "enable_ip_forwarding": false, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnick8sworker02.azure", + "internal_dns_name_label": "", + "internal_domain_name_suffix": "tuurhtc41qnureb0u2eyqy5y4e.ax.internal.cloudapp.net", + "ip_configuration": [ + { + "name": "myipconfigurationk8sworker02.azure", + "primary": true, + "private_ip_address": "10.0.10.21", + "private_ip_address_allocation": "Static", + "private_ip_address_version": "IPv4", + "public_ip_address_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/publicIPAddresses/PublicIPk8sworker02.azure", + "subnet_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/virtualNetworks/kubernetesnet/subnets/terraformsubnet" + } + ], + "location": "westeurope", + "mac_address": "", + "name": "vmnick8sworker02.azure", + "private_ip_address": "10.0.10.21", + "private_ip_addresses": [ + "10.0.10.21" + ], + "resource_group_name": "kubernetes_rg", + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "virtual_machine_id": "" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_public_ip.myPublicIp2", + "azurerm_resource_group.rg", + "azurerm_subnet.mySubnet", + "azurerm_virtual_network.myNet" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "applied_dns_servers": [], + "dns_servers": [], + "enable_accelerated_networking": false, + "enable_ip_forwarding": false, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnicnfsserver.azure", + "internal_dns_name_label": "", + "internal_domain_name_suffix": "tuurhtc41qnureb0u2eyqy5y4e.ax.internal.cloudapp.net", + "ip_configuration": [ + { + "name": "myipconfigurationnfsserver.azure", + "primary": true, + "private_ip_address": "10.0.10.22", + "private_ip_address_allocation": "Static", + "private_ip_address_version": "IPv4", + "public_ip_address_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/publicIPAddresses/PublicIPnfsserver.azure", + "subnet_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/virtualNetworks/kubernetesnet/subnets/terraformsubnet" + } + ], + "location": "westeurope", + "mac_address": "", + "name": "vmnicnfsserver.azure", + "private_ip_address": "10.0.10.22", + "private_ip_addresses": [ + "10.0.10.22" + ], + "resource_group_name": "kubernetes_rg", + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "virtual_machine_id": "" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_public_ip.myPublicIp2", + "azurerm_resource_group.rg", + "azurerm_subnet.mySubnet", + "azurerm_virtual_network.myNet" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_network_interface_security_group_association", + "name": "mySecGroupAssociation1", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnicks8master.azure|/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "network_interface_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnicks8master.azure", + "network_security_group_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_network_interface.myNic1", + "azurerm_network_security_group.mySecGroup", + "azurerm_public_ip.myPublicIp1", + "azurerm_resource_group.rg", + "azurerm_subnet.mySubnet", + "azurerm_virtual_network.myNet" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_network_interface_security_group_association", + "name": "mySecGroupAssociation2", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnick8sworker01.azure|/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "network_interface_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnick8sworker01.azure", + "network_security_group_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_network_interface.myNic2", + "azurerm_network_security_group.mySecGroup", + "azurerm_public_ip.myPublicIp2", + "azurerm_resource_group.rg", + "azurerm_subnet.mySubnet", + "azurerm_virtual_network.myNet" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnick8sworker02.azure|/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "network_interface_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnick8sworker02.azure", + "network_security_group_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_network_interface.myNic2", + "azurerm_network_security_group.mySecGroup", + "azurerm_public_ip.myPublicIp2", + "azurerm_resource_group.rg", + "azurerm_subnet.mySubnet", + "azurerm_virtual_network.myNet" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnicnfsserver.azure|/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "network_interface_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkInterfaces/vmnicnfsserver.azure", + "network_security_group_id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_network_interface.myNic2", + "azurerm_network_security_group.mySecGroup", + "azurerm_public_ip.myPublicIp2", + "azurerm_resource_group.rg", + "azurerm_subnet.mySubnet", + "azurerm_virtual_network.myNet" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_network_security_group", + "name": "mySecGroup", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/networkSecurityGroups/sshtraffic", + "location": "westeurope", + "name": "sshtraffic", + "resource_group_name": "kubernetes_rg", + "security_rule": [ + { + "access": "Allow", + "description": "", + "destination_address_prefix": "*", + "destination_address_prefixes": [], + "destination_application_security_group_ids": [], + "destination_port_range": "22", + "destination_port_ranges": [], + "direction": "Inbound", + "name": "SSH", + "priority": 1001, + "protocol": "Tcp", + "source_address_prefix": "*", + "source_address_prefixes": [], + "source_application_security_group_ids": [], + "source_port_range": "*", + "source_port_ranges": [] + } + ], + "tags": { + "environment": "CP2" + }, + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.rg" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_public_ip", + "name": "myPublicIp1", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "allocation_method": "Dynamic", + "domain_name_label": null, + "fqdn": null, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/publicIPAddresses/PublicIPks8master.azure", + "idle_timeout_in_minutes": 4, + "ip_address": "", + "ip_version": "IPv4", + "location": "westeurope", + "name": "PublicIPks8master.azure", + "public_ip_prefix_id": null, + "resource_group_name": "kubernetes_rg", + "reverse_fqdn": null, + "sku": "Basic", + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "zones": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.rg" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_public_ip", + "name": "myPublicIp2", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "allocation_method": "Dynamic", + "domain_name_label": null, + "fqdn": null, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/publicIPAddresses/PublicIPk8sworker01.azure", + "idle_timeout_in_minutes": 4, + "ip_address": "", + "ip_version": "IPv4", + "location": "westeurope", + "name": "PublicIPk8sworker01.azure", + "public_ip_prefix_id": null, + "resource_group_name": "kubernetes_rg", + "reverse_fqdn": null, + "sku": "Basic", + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "zones": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.rg" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "allocation_method": "Dynamic", + "domain_name_label": null, + "fqdn": null, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/publicIPAddresses/PublicIPk8sworker02.azure", + "idle_timeout_in_minutes": 4, + "ip_address": "", + "ip_version": "IPv4", + "location": "westeurope", + "name": "PublicIPk8sworker02.azure", + "public_ip_prefix_id": null, + "resource_group_name": "kubernetes_rg", + "reverse_fqdn": null, + "sku": "Basic", + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "zones": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.rg" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "allocation_method": "Dynamic", + "domain_name_label": null, + "fqdn": null, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/publicIPAddresses/PublicIPnfsserver.azure", + "idle_timeout_in_minutes": 4, + "ip_address": "", + "ip_version": "IPv4", + "location": "westeurope", + "name": "PublicIPnfsserver.azure", + "public_ip_prefix_id": null, + "resource_group_name": "kubernetes_rg", + "reverse_fqdn": null, + "sku": "Basic", + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "zones": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.rg" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_resource_group", + "name": "rg", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg", + "location": "westeurope", + "name": "kubernetes_rg", + "tags": { + "environment": "CP2" + }, + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwLCJkZWxldGUiOjU0MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjo1NDAwMDAwMDAwMDAwfX0=" + } + ] + }, + { + "mode": "managed", + "type": "azurerm_storage_account", + "name": "stAccount", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "status": "tainted", + "schema_version": 2, + "attributes": { + "access_tier": "Hot", + "account_kind": "StorageV2", + "account_replication_type": "LRS", + "account_tier": "Standard", + "allow_blob_public_access": false, + "blob_properties": [], + "custom_domain": [], + "enable_https_traffic_only": true, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Storage/storageAccounts/storageaccoutaarias", + "identity": [], + "is_hns_enabled": false, + "large_file_share_enabled": null, + "location": "westeurope", + "min_tls_version": "TLS1_0", + "name": "storageaccoutaarias", + "network_rules": [ + { + "bypass": [ + "AzureServices" + ], + "default_action": "Allow", + "ip_rules": [], + "virtual_network_subnet_ids": [] + } + ], + "primary_access_key": "fGfS7yEZiMjSlPAc1zE3dE3OHF4ouEi7bgNVpAQyHpPMYh7wctNe+/7UwD7uGQkEUMllllweG4m3o38k3Lk+wg==", + "primary_blob_connection_string": "DefaultEndpointsProtocol=https;BlobEndpoint=https://storageaccoutaarias.blob.core.windows.net/;AccountName=storageaccoutaarias;AccountKey=fGfS7yEZiMjSlPAc1zE3dE3OHF4ouEi7bgNVpAQyHpPMYh7wctNe+/7UwD7uGQkEUMllllweG4m3o38k3Lk+wg==", + "primary_blob_endpoint": "https://storageaccoutaarias.blob.core.windows.net/", + "primary_blob_host": "storageaccoutaarias.blob.core.windows.net", + "primary_connection_string": "DefaultEndpointsProtocol=https;AccountName=storageaccoutaarias;AccountKey=fGfS7yEZiMjSlPAc1zE3dE3OHF4ouEi7bgNVpAQyHpPMYh7wctNe+/7UwD7uGQkEUMllllweG4m3o38k3Lk+wg==;EndpointSuffix=core.windows.net", + "primary_dfs_endpoint": "https://storageaccoutaarias.dfs.core.windows.net/", + "primary_dfs_host": "storageaccoutaarias.dfs.core.windows.net", + "primary_file_endpoint": "https://storageaccoutaarias.file.core.windows.net/", + "primary_file_host": "storageaccoutaarias.file.core.windows.net", + "primary_location": "westeurope", + "primary_queue_endpoint": "https://storageaccoutaarias.queue.core.windows.net/", + "primary_queue_host": "storageaccoutaarias.queue.core.windows.net", + "primary_table_endpoint": "https://storageaccoutaarias.table.core.windows.net/", + "primary_table_host": "storageaccoutaarias.table.core.windows.net", + "primary_web_endpoint": "https://storageaccoutaarias.z6.web.core.windows.net/", + "primary_web_host": "storageaccoutaarias.z6.web.core.windows.net", + "queue_properties": null, + "resource_group_name": "kubernetes_rg", + "secondary_access_key": "HJxVAyrMjy0E3QvAGwzPaL7FFGMHhxDirAnl3nvgkIR+yDI4I6E9H0h+u3d4eSb+/4nX/6a3zdAUMkuEViOf8Q==", + "secondary_blob_connection_string": "", + "secondary_blob_endpoint": null, + "secondary_blob_host": null, + "secondary_connection_string": "DefaultEndpointsProtocol=https;AccountName=storageaccoutaarias;AccountKey=HJxVAyrMjy0E3QvAGwzPaL7FFGMHhxDirAnl3nvgkIR+yDI4I6E9H0h+u3d4eSb+/4nX/6a3zdAUMkuEViOf8Q==;EndpointSuffix=core.windows.net", + "secondary_dfs_endpoint": null, + "secondary_dfs_host": null, + "secondary_file_endpoint": null, + "secondary_file_host": null, + "secondary_location": "", + "secondary_queue_endpoint": null, + "secondary_queue_host": null, + "secondary_table_endpoint": null, + "secondary_table_host": null, + "secondary_web_endpoint": null, + "secondary_web_host": null, + "static_website": [], + "tags": { + "environment": "CP2" + }, + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozNjAwMDAwMDAwMDAwLCJkZWxldGUiOjM2MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjozNjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIyIn0=", + "dependencies": [ + "azurerm_resource_group.rg" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_subnet", + "name": "mySubnet", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "address_prefix": "10.0.10.0/24", + "address_prefixes": [ + "10.0.10.0/24" + ], + "delegation": [], + "enforce_private_link_endpoint_network_policies": false, + "enforce_private_link_service_network_policies": false, + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/virtualNetworks/kubernetesnet/subnets/terraformsubnet", + "name": "terraformsubnet", + "resource_group_name": "kubernetes_rg", + "service_endpoint_policy_ids": null, + "service_endpoints": null, + "timeouts": null, + "virtual_network_name": "kubernetesnet" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.rg", + "azurerm_virtual_network.myNet" + ] + } + ] + }, + { + "mode": "managed", + "type": "azurerm_virtual_network", + "name": "myNet", + "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "address_space": [ + "10.0.0.0/16" + ], + "bgp_community": "", + "ddos_protection_plan": [], + "dns_servers": null, + "guid": "cc13299d-dc5e-481b-903a-a7098863f8f4", + "id": "/subscriptions/927d0301-3031-467c-9b95-a3d0135304a7/resourceGroups/kubernetes_rg/providers/Microsoft.Network/virtualNetworks/kubernetesnet", + "location": "westeurope", + "name": "kubernetesnet", + "resource_group_name": "kubernetes_rg", + "subnet": [], + "tags": { + "environment": "CP2" + }, + "timeouts": null, + "vm_protection_enabled": false + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInJlYWQiOjMwMDAwMDAwMDAwMCwidXBkYXRlIjoxODAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "azurerm_resource_group.rg" + ] + } + ] + } + ] } From ffa8240059a3e1a3504b08e3c24b61fc84bf0aff Mon Sep 17 00:00:00 2001 From: adrianAriasMorago <83167546+adrianAriasMorago@users.noreply.github.com> Date: Fri, 23 Jul 2021 15:16:13 +0200 Subject: [PATCH 5/5] Delete README.md --- README.md | 97 ------------------------------------------------------- 1 file changed, 97 deletions(-) delete mode 100644 README.md diff --git a/README.md b/README.md deleted file mode 100644 index e454d53..0000000 --- a/README.md +++ /dev/null @@ -1,97 +0,0 @@ -UNIR Caso Práctico -Este cáso práctico está diseñado para funcionar con Terraform-Ansible-Azure. Desplegará un ambiente Kubernetes conformado por: - -1 Master -2 Workers -1 Servidor nfs - - - - -Preparación del entorno de ejecución -*) Clonamos repositorio - -git clone git@github.com:adrianAriasMorago/Azure.git -*) Creamos los directorios donde persistiremos los datos - - - -az login -*) Definimos el subscription id que utilizaremos. Reemplzar por el valor correspondiente a la subscripción que se quiere utilizar dentro de nuestra mv - -az account set --subscription="927d0301-3031-467c-9b95-a3d0135304a7" -*) Creación de un Service Principal que utilizaremos en Terraform - -az ad sp create-for-rbac --role="Contributor" -Habiendo creado nuestro Service Principal crearemos el archivo credentials.tf, el que contendrá los siguientes campos - -provider "azurerm" { - subscription_id = "Valor del id de subscripción que utilizaremos" - client_id = "Valor de appId obtenido en el paso anterior" - client_secret = "Valor de password obtenido en el paso anterior" - tenant_id = "Valor de tenant obtenido en el paso anterior" - - features {} -} - - -Estado local/remoto de Terraform -Es posible guardar nuestro estado de Terraform de forma remota. De esta manera, si tenemos cualquier problema con nuestro directorio de trabajo, o si trabajamos con otras personas en la misma solución el estado queda almacenado en la nube y podemos recuperar los últimos cambios de forma automática. - - - - -provider "azurerm" { - features {} - subscription_id = "XXXXXXX" - client_id = "XXXXXXX" - client_secret = "XXXXXXXX" - tenant_id = "XXXXXXXX" -} - -Ubicación geográfica de la solución -Actualmente la solución está pensada para ejecutarse en "West Europe", si quisieras ejecutarla en otra ubicación sólo deberís cambiar el valor de "location" dentro de correccion-vars.tf - -Nombre de la cuenta de almacenamiento -Deberás ingresar un valor para storage_account dentro de correccion-vars.tf - -Generacion de clave publica privada - -ssh-keygen -t rsa - -user@localhost: ssh-keygen -t rsa -Generating public/private rsa key pair. -Enter file in which to save the key (/home/youruser/.ssh/id_rsa): -Enter passphrase (empty for no passphrase): -Enter same passphrase again: -Your identification has been saved in id_rsa. -Your public key has been saved in id_rsa.pub. -The key fingerprint is: -16:8e:e8:f2:1d:c9:b9:cf:43:9a:b3:3c:c1:1f:95:93 user@localhost - -Esto creará una clave privada escrita en /home/user/.ssh/id_dsa y una clave pública escrita en /home/user/.ssh/id_dsa.pub. - -continuación, tendrás que escribir la ubicación del archivo en el que deseas guardar la clave privada. -Enter file in which to save the key (/home/youruser/.ssh/id_rsa): - -La key pública se guardará en la misma ubicación, con el mismo nombre de archivo, pero con la extensión .pub. - - - - -Nombre de usuario para la conexión SSH -Si quisieras podrís elegir el nombre de usuario para conectarte a los servidores via SSH. Para poder seleccionar el nombre sólo debes cambiar el valor de "ssh_user" dentro de correccion-vars.tf - -Prefijo de identificación único -Deberás ingresar un valor para prefix dentro de /variables.tf. Es un prefijo de texto que se utilizará para identificar recursos únicos. - -A -Dirección IP pública con permisos de acceso -Deberás ingresar un valor para my_ip dentro de variables.tf. Es la dirección IP pública de la máquina desde la que se ejecuta Terraform + Ansible para poder conectar vía SSH - -Ejecución - -terraforn ini en la ruta donde esta el directorio con los ficheros .tf y una vez lanzado luego se lanza el terraforn apply - - -