|
本文档采用自动化机器翻译技术翻译。 尽管我们力求提供准确的译文,但不对翻译内容的完整性、准确性或可靠性作出任何保证。 若出现任何内容不一致情况,请以原始 英文 版本为准,且原始英文版本为权威文本。 |
Rancher Terraform
Rancher Terraform Provider 允许管理员使用 Terraform 创建和管理 RKE2 客户集群。
部署
使用 Rancher Terraform Provider 部署客户集群
-
创建一个 API 密钥。
在 Rancher UI 中,转到 账户与 API 密钥 > 创建 API 密钥 > 创建。
-
获取 Harvester 集群 ID。
在 Rancher UI 中,转到 虚拟化管理 > 管理 > 相关资源 > 管理集群名称。
-
获取 Harvester 云提供商和 Harvester CSI 驱动程序的 kubeconfig。
-
UI
-
外壳
在 Rancher UI 中,转到 虚拟化管理。在列表中找到目标 Harvester 集群,然后选择 ⋮ > 下载 KubeConfig。
# Generate harvester cloud provider kubeconfig RANCHER_SERVER_URL="<RANCHER_SERVER_URL>" # Pure server URL like https://192.168.0.181:6443 RANCHER_ACCESS_KEY="<RANCHER_ACCESS_KEY>" RANCHER_SECRET_KEY="<RANCHER_SECRET_KEY>" HARVESTER_CLUSTER_ID="<HARVESTER_CLUSTER_ID>" CLUSTER_NAME="rke2-demo" curl -k -X POST ${RANCHER_SERVER_URL}/k8s/clusters/${HARVESTER_CLUSTER_ID}/v1/harvester/kubeconfig \ -H 'Content-Type: application/json' \ -u ${RANCHER_ACCESS_KEY}:${RANCHER_SECRET_KEY} \ -d '{"clusterRoleName": "harvesterhci.io:cloudprovider", "namespace": "default", "serviceAccountName": "'${CLUSTER_NAME}'"}' | xargs | sed 's/\\n/\n/g' > ${CLUSTER_NAME}-kubeconfig -
-
准备一个
provider.tf文件,并包含以下内容:terraform { required_providers { rancher2 = { source = "rancher/rancher2" version = "4.2.0" } } } # Configure the Rancher2 provider to admin provider "rancher2" { api_url = "<api_url>" # API Endpoint on Account & API Keys page access_key = "<access_key>" secret_key = "<secret_key>" insecure = true # Set to true if the Rancher server uses a self-signed certificate } -
准备一个
main.tf文件,并包含以下内容:# Get imported harvester cluster info data "rancher2_cluster_v2" "harv" { name = "<harvester_cluster_name_in_rancher>" } # Create a new Cloud Credential for an imported Harvester cluster resource "rancher2_cloud_credential" "harv-cred" { name = "harv-cred" harvester_credential_config { cluster_id = data.rancher2_cluster_v2.harv.cluster_v1_id cluster_type = "imported" kubeconfig_content = data.rancher2_cluster_v2.harv.kube_config } } # Create a new rancher2 machine config v2 using harvester node_driver resource "rancher2_machine_config_v2" "rke2-machine" { generate_name = "rke2-machine" harvester_config { vm_namespace = "default" cpu_count = "2" memory_size = "4" disk_info = <<EOF { "disks": [{ "imageName": "default/<vmimage-name>", "size": 15, "bootOrder": 1 }] } EOF network_info = <<EOF { "interfaces": [{ "networkName": "default/<network-name>" }] } EOF ssh_user = "<ssh_user>" user_data = <<EOF package_update: true packages: - qemu-guest-agent - iptables runcmd: - - systemctl - enable - '--now' - qemu-guest-agent.service EOF } } resource "rancher2_cluster_v2" "rke2-demo" { name = "rke2-demo" kubernetes_version = "v1.28.10+rke2r1" rke_config { machine_pools { name = "pool1" cloud_credential_secret_name = rancher2_cloud_credential.harv-cred.id control_plane_role = true etcd_role = true worker_role = true quantity = 1 machine_config { kind = rancher2_machine_config_v2.rke2-machine.kind name = rancher2_machine_config_v2.rke2-machine.name } } machine_selector_config { config = yamlencode({ cloud-provider-config = file("${path.module}/rke2-demo-kubeconfig") cloud-provider-name = "harvester" }) } machine_global_config = <<EOF cni: "calico" disable-kube-proxy: false etcd-expose-metrics: false EOF upgrade_strategy { control_plane_concurrency = "1" worker_concurrency = "1" } etcd { snapshot_schedule_cron = "0 */5 * * *" snapshot_retention = 5 } chart_values = <<EOF harvester-cloud-provider: clusterName: rke2-demo cloudConfigPath: /var/lib/rancher/rke2/etc/config-files/cloud-provider-config EOF } } -
运行
terraform init。 -
运行
terraform apply。