[英]Private network creation with Terraform on OVH's Openstack
我正在嘗試使用 Terraform 在 OVH 的公共雲上部署一些 Openstack 實例。 關鍵是(目前)在兩個網絡上有兩個實例。 每個實例都應該有一個外部 IP 地址(這不是問題)和一個私有網絡上的內部 IP 地址(這會給我帶來麻煩)。
我的 terraform 文件是:
resource "openstack_compute_keypair_v2" "keypair" {
provider = "openstack.ovh"
name = "jpin"
public_key = "${file("~/.ssh/id_rsa.pub")}"
region = "GRA3"
}
resource "openstack_networking_network_v2" "network_1" {
provider = "openstack.ovh"
name = "network_1"
admin_state_up = "true"
region = "GRA3"
}
resource "openstack_networking_subnet_v2" "subnet_1" {
provider = "openstack.ovh"
name = "subnet_1"
network_id = "${openstack_networking_network_v2.network_1.id}"
cidr = "192.168.199.0/24"
ip_version = 4
region = "GRA3"
enable_dhcp = true
}
resource "openstack_networking_port_v2" "port_1" {
provider = "openstack.ovh"
name = "port_1"
network_id = "${openstack_networking_network_v2.network_1.id}"
admin_state_up = "true"
region = "GRA3"
fixed_ip {
"subnet_id" = "${openstack_networking_subnet_v2.subnet_1.id}"
}
}
resource "openstack_networking_port_v2" "port_2" {
provider = "openstack.ovh"
name = "port_2"
network_id = "${openstack_networking_network_v2.network_1.id}"
admin_state_up = "true"
region = "GRA3"
fixed_ip {
"subnet_id" = "${openstack_networking_subnet_v2.subnet_1.id}"
}
}
resource "openstack_compute_instance_v2" "instance_1" {
provider = "openstack.ovh"
name = "instance_1"
security_groups = ["default"]
region = "GRA3"
key_pair = "${openstack_compute_keypair_v2.keypair.name}"
flavor_name = "s1-2"
image_name = "Debian 8 - Docker"
network = [
{
name = "Ext-Net"
},
{
port = "${openstack_networking_port_v2.port_1.id}"
},
]
}
resource "openstack_compute_instance_v2" "instance_2" {
provider = "openstack.ovh"
name = "instance_2"
security_groups = ["default"]
region = "GRA3"
key_pair = "${openstack_compute_keypair_v2.keypair.name}"
flavor_name = "s1-2"
image_name = "Debian 8 - Docker"
network {
port = "${openstack_networking_port_v2.port_2.id}"
}
}
這
{
name = "Ext-Net"
},
部分允許我將實例連接到外部世界。 我的兩個實例應該在 192.168.199.0/24 網絡中有 IP 地址,但它們沒有。 他們沒有 IP 地址,也沒有與此網絡進行通信的路由。 但我知道他們有合適的 IP 地址:
在該屏幕截圖中,instance_1 與外部連接良好(如預期)。 instance_1 和 instance_2 都有一個私有 IP 地址。 但 :
root@instance-1:~# ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:16:3e:b1:7c:ae brd ff:ff:ff:ff:ff:ff
inet 145.239.XXX.YY/32 brd 145.239.XXX.YY scope global eth0
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:16:3e:6a:87:8e brd ff:ff:ff:ff:ff:ff
eth1 沒有該 IP 地址(192.168.199.2 或 .3)。 並且沒有到 192.168.199.0/24 子網的路由。
幾天后,一切正常。 盡管提供者的支持是這樣說的,但它似乎是一個錯誤:我沒有改變任何東西,它突然就憑空出現了。
編輯:幾周后,我得到了以下代碼:
小心復制/粘貼,我的compute_instance
在一個模塊中,因此所有這些var
resource "ovh_publiccloud_private_network" "network" {
provider = "ovh.ovh"
project_id = "${var.tenant_id}"
name = "Private Network"
regions = "${values(var.regions)}"
}
resource "ovh_publiccloud_private_network_subnet" "subnet" {
provider = "ovh.ovh"
project_id = "${var.tenant_id}"
network_id = "${element(ovh_publiccloud_private_network.network.*.id, count.index)}"
start = FIRST_PRIVATE_IP
end = LAST_PRIVATE_IP
network = PRIVATE_SUBNET
count = "${length(var.regions)}"
region = "${element(values(var.regions), count.index)}"
}
resource "openstack_compute_instance_v2" "compute_instance" {
provider = "openstack.ovh"
region = "${var.region_id}"
key_pair = "${var.keypair}"
flavor_name = "${var.instance_flavor}"
image_name = "${var.instance_image}"
network = [
{
name = "Ext-Net"
},
{
name = "${var.private_network}"
fixed_ip_v4 = MY_PRIVATE_IP
},
]
}
我不再使用端口了。 停止使用端口的選擇與該問題無關。
從 Debian 9 開始,實例可能會嘗試將私有接口配置為訪問 Internet 的接口。 這行不通。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.