Terraform 1

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,7 +1,7 @@
 # Выполнено ДЗ №
 
- - [ ] Основное ДЗ
- - [ ] Задание со *
+ - [x] Основное ДЗ
+ - [x] Задание со *
 
 ## В процессе сделано:
  - Пункт 1
@@ -14,5 +14,5 @@
  - Например, перейти по ссылке http://localhost:8080
 
 ## PR checklist
- - [ ] Выставил label с номером домашнего задания
- - [ ] Выставил label с темой домашнего задания
+ - [x] Выставил label с номером домашнего задания
+ - [x] Выставил label с темой домашнего задания

.gitignore

@@ -0,0 +1,7 @@
+variables.json
+*.tfstate
+*.tfstate.*.backup
+*.tfstate.backup
+*.tfvars
+.terraform/
+key.json

README.md

@@ -5,3 +5,15 @@ HW3
 Развернут OpenVPN
 bastion_IP = 158.160.105.122
 someinternalhost_IP = 10.128.0.34
+
+HW4
+Содана ВМ
+Развернуты ruby mongodb и произведен деплой приложения
+testapp_IP = 51.250.67.144
+testapp_port = 9292
+
+HW5
+Создан файл ubuntu16.json
+Развернут образ виртуальной машины
+Создана ВМ из образа
+Создан файл параметров

config-scripts/deploy.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+sudo apt install -y git
+git clone -b monolith https://github.com/express42/reddit.git
+cd reddit && bundle install

config-scripts/install_mongodb.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+wget -qO - https://www.mongodb.org/static/pgp/server-4.2.asc | sudo apt-key add -
+echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/4.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.2.list
+sudo apt-get update
+sudo apt-get install -y mongodb-org
+sudo systemctl start mongod
+sudo systemctl enable mongod

config-scripts/install_ruby.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+sudo apt update
+sudo apt install -y ruby-full ruby-bundler build-essential

packer/key.json.examples

@@ -0,0 +1,8 @@
+{
+   "id": "ajedvhcc2n3jeuh5fllf",
+   "service_account_id": "aheo0hipk2g26kakeof3",
+   "created_at": "2023-08-29T10:55:18.260640087Z",
+   "key_algorithm": "RSA_2048",
+   "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhjiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuov+kHQdnk+hTFgOOqu0\nfenUzhvbphpksAr5emCO7pZKcULteESBRlKrriMWEgz/eM+GczHn2tJ9sLQjZBSRl\n08PkAK1fLKJWzYPs9ZFBphOmqONKL/3OYE9uRe+BYWuqOmT9O1mSkJ55/GlgX1yL\nMUlG9f531TkpKFgTVlH08YqL9lGMgHckSVYUxTmw2f4HeDTe6EwtYKp89aCjoibs\nFHGf/5jBIyAjP9bWjAOFfX5n9aR6XwrWSmL1hTZGCB4RsGEJNV9o6B/uzzohIyy/\nM2N+EgqN53cJ8IkkuVNs1moHXX8Z32Ym2Djjl4kiYcOf8E6fNlD+fLxwDoKygy3X\nBwIDAQAB\n-----END PUBLIC KEY-----\n",
+   "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADVNBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6i/6QdB2eT6FM\nWA46q7R96dTOG9umGmSwCvl6YI7ulkpxQu15IFGUquuIxYSDP94z4ZzMefa0n2wt\nCNkFJGXTw+QArV8solbNg+z1kUGmE6ao40ov/c5gT25F74Fha6o6ZP07WZKQnnn8\naWBfXIsxSUb1/nfVOSkoWBNWUfTxiov2UYyAdyRJVhTFObDZ/gd4NN7oTC1gqnz1\noKOiJuwUcZ//mMEjICM/1taMA4V9fmf1pHpfCtZKYvWFNkYIHhGwYQk1X2joH+7P\nOiEjLL8zY34SCo3ndwnwiSS5U2zWagddfxnfZibYOOOXiSJhw5/wTp82UP58vHAO\ngrKDLdcHAgMBAAECggEADmMmroBuGlwc3hT6f/bnNEDZC05lueFWO6eVByW0UF1h\n/2tAgnOGJzepc8J8Dl1aJ1kyrSiI6PRUtQJ2LmnYuqTkjFLSwNACbtZKa8QYspTY\naTUibyIdjRsDL7yhl2Bk4B0S1MV7QtEeKmP8LU6nY5U5tlY6asT+UiC82Q74G7rI\nheuYqn2bbGiQao1bDNYqyL+RcHYJKMVo1t9snPABM3dWSJpCji2y4Fb4xs+TU4rN\nVJGs8FuJLgFB0GTv0RwzOg5NtLlYVYAkvEpsPwA4A+F63B1yzG1fhKJEOxbWr9NW\nRqaYWR7P12LKe92DoFMgYNQfk8IOGp2+V03Z7CZFzQKBgQDjCqZ+BqBLZxCg7u6W\n2B2LVbZ14jOaTcLdwbMVe94ExyIyFtkikaxDWMNfFpL+VTbyS+R/4UKCbkfObQa4\n8QtlK/hxTfL1j4fFyZ30eejl58tAywxRS9PmHcUcU01zwV9pFr4wdIMB0r8kPXpI\n99ob5cy10VW3EQG4r558mV1vnQKBgQDSVxya16AZ48QbRfVS+f15h9kJBOgzGxS3\n4SFrYwF1JJzbfTIGbMVJ1LLTEQmauhAOptZdTcUCHKj54i6t7tURpe+bhiBZXxqR\nFNjZTG3cR0o0O1qSg15C8jQmHGCx3OWj36QRXiqi2J7AnC3SJ2YMfSYkdLnzPDq0\nrxUs+VPp8wKBgFcEV/dpVrpPkCH+MVeDER+8BCh+P8TeFNelS5vqU5eFMuf7tdD4\nAAv30zl4j3IG+v42dCdHEJSo68CELNVpHTLzfU7/zySqlCEMOwveRZMIGfCFYf0u\nkNJbipZmnwLElGrUmqQ7o5JpUXT0Uw/wXpneo2z0BGQbkotUU+vxY8xJAoGAdCKm\n55OwkTrh91EMH/Fpk6V/Huy3rCgCq3hBNIKotl4twT6B1WxPDfHDfqhEjkq3PO+/\nIisjYIQkhDvvHBfnSuQ8xLksuUu6ZmqFRI1fhyVRgj9XRdgEvp/uTTCT7wCRRobf\nlrtQfTNvi9dvsT4RqUmcOrq8ROF3ZHXbEkbjnyMCgYEA2ViitK9zyPAuWcz6PM0i\n8m13eHQry1aPgXIzR0zAfBJ6rA4f8tAzzsQeVeLG02WFnXbCeeuMtCcBZeH2dXGU\nzqyt1LzUPN3HbrMjkpSOydWcT0eEJ4n47qG1N11UBHC0fOC/4+08BRnyQbn0HUmI\nFoeLAuLzVogvrMlHJpZ7GnA=\n-----END PRIVATE KEY-----\n"
+}

packer/scripts/install_mongodb.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+wget -qO - https://www.mongodb.org/static/pgp/server-3.2.asc | sudo apt-key add - # После пайпа sudo не убрано - а то не отработает добавление ключа
+echo "deb http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 multiverse" | tee /etc/apt/sources.list.d/mongodb-org-3.2.list
+sudo apt-get update
+sleep 10
+sudo apt install -y mongodb-org
+systemctl start mongod
+systemctl enable mongod

packer/scripts/install_ruby.sh

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+echo "####### Installing Ruby: ${0} script START"
+sleep 10
+apt-get update && \
+sleep 10
+apt-get install -y ruby-full ruby-bundler build-essential
+echo "####### Installing Ruby: ${0} script END"
+exit 0

packer/ubuntu16.json

@@ -0,0 +1,29 @@
+{
+    "builders": [
+        {
+            "type": "yandex",
+            "service_account_key_file": "{{ user `service_account_key_file` }}",
+            "folder_id": "{{ user `folder_id` }}",
+            "source_image_family": "{{ user `source_image_family`}}",
+            "image_name": "reddit-base-{{timestamp}}",
+            "image_family": "reddit-base",
+            "ssh_username": "ubuntu",
+            "use_ipv4_nat": "true",
+            "platform_id": "standard-v1",
+            "disk_name": "{{ user `disk_name` }}",
+            "disk_size_gb": "{{ user `disk_size_gb` }}"
+        }
+    ],
+     "provisioners": [
+        {
+            "type": "shell",
+            "script": "scripts/install_ruby.sh",
+            "execute_command": "sudo {{.Path}}"
+        },
+        {
+            "type": "shell",
+            "script": "scripts/install_mongodb.sh",
+            "execute_command": "sudo {{.Path}}"
+        }
+    ]
+}

packer/variables.json.example

@@ -0,0 +1,7 @@
+{
+    "folder_id": "b1gk63ipniaqhnvrgv07",
+    "source_image_family": "ubuntu-1604-lts",
+    "service_account_key_file": "./key.json.examples",
+    "disk_name": "reddit-app",
+    "disk_size_gb": "10"
+  }

terraform/files/deploy.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+set -e
+APP_DIR=${1:-$HOME}
+sudo apt-get install -y git
+git clone -b monolith https://github.com/express42/reddit.git $APP_DIR/reddit
+cd $APP_DIR/reddit
+bundle install
+sudo mv /tmp/puma.service /etc/systemd/system/puma.service
+sudo systemctl start puma
+sudo systemctl enable puma

terraform/files/puma.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Puma HTTP Server
+After=network.target
+
+[Service]
+Type=simple
+User=ubuntu
+WorkingDirectory=/home/ubuntu/reddit
+ExecStart=/bin/bash -lc 'puma'
+Restart=always
+
+[Install]
+WantedBy=multi-user.target

terraform/main.tf

@@ -0,0 +1,55 @@
+#terraform {
+#  required_providers {
+#    yandex = {
+#      source = "yandex-cloud/yandex"
+#    }
+#  }
+#  required_version = ">= 0.13"
+#}
+
+provider "yandex" {
+  service_account_key_file = var.service_account_key_file
+  cloud_id  = var.cloud_id
+  folder_id = var.folder_id
+  zone      = var.zone
+}
+
+resource "yandex_compute_instance" "app" {
+  name = "reddit-app"
+
+  resources {
+    cores  = 2
+    memory = 2
+  }
+
+  boot_disk {
+    initialize_params {
+      image_id = var.image_id
+    }
+  }
+
+  metadata = {
+    ssh-keys = "ubuntu:${file(var.public_key_path)}"
+  }
+  network_interface {
+    subnet_id =  var.subnet_id
+    nat       = true
+  }
+  connection {
+    type = "ssh"
+    host = yandex_compute_instance.app.network_interface.0.nat_ip_address
+    user = "ubuntu"
+    agent = false
+    # путь до приватного ключа
+    private_key = file(var.private_key_path)
+  }
+  provisioner "file" {
+    source = "files/puma.service"
+    destination = "/tmp/puma.service"
+  }
+
+  provisioner "remote-exec" {
+    script = "files/deploy.sh"
+  }
+
+}

terraform/outputs.tf

@@ -0,0 +1,3 @@
+output "external_ip_address_app" {
+  value = yandex_compute_instance.app.network_interface.0.nat_ip_address
+}

terraform/terraform.tfvars.example

@@ -0,0 +1,8 @@
+cloud_id                 = "b1gi94g2i1l8jasdsadsv2f"
+folder_id                = "b1gk62ipniasdfdsfvrgv06"
+zone                     = "ru-central1-a"
+image_id                 = "fd8gqckji8hhad123u9srd"
+public_key_path          = "~/.ssh/appuser.pub"
+private_key_path         = "~/.ssh/appuser"
+subnet_id                = "e9b4oubg4btja6kasccsdr2"
+service_account_key_file = "key.json"

terraform/variables.tf

@@ -0,0 +1,29 @@
+variable "cloud_id" {
+  description = "Cloud"
+}
+variable "folder_id" {
+  description = "Folder"
+}
+variable "zone" {
+  description = "Zone"
+  default     = "ru-central1-a"
+}
+variable "public_key_path" {
+  description = "Path to the public key used for ssh access"
+}
+variable "image_id" {
+  description = "Disk image"
+}
+variable "subnet_id" {
+  description = "Subnet"
+}
+variable "service_account_key_file" {
+  description = "key .json"
+}
+variable "private_key_path" {
+  description = "Path to private_key"
+}
+variable "app_disk_image" {
+  description = "Disk image for reddit app"
+  default     = "reddit-app-base"
+}