# infrastructure

**Repository Path**: denisgit/infrastructure

## Basic Information

- **Project Name**: infrastructure
- **Description**: No description available
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: huaweicloud
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 2
- **Created**: 2023-12-28
- **Last Updated**: 2023-12-28

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

## Introduction

- The general idea is to use the environment as a differentiator, switch to a directory named after a different environment, execute terraform-related commands to create corresponding resources.
- It should be noted that some resources have dependencies, and can be introduced in the data resource. 
- When creating some resources, you need to modify some necessary information, such as the disk size and ImageID of the ECS.
- At the beginning of creation, you can create all the required instances at once, or you can create them temporarily each time you need them.

#### Install Terraform

```bash
https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
```

#### Get Code

```bash
git clone -b branch https://github.com/xxx.git
```

#### Set global variables for all resources

```bash
export TF_VAR_HW_ACCESS_KEY="xxxxxxxxxx"
export TF_VAR_HW_SECRET_KEY="xxxxxxxxxx"
export TF_VAR_REGION="xxxxxxxxxx"
```

NOTE: Singapore is ap-southeast-3

#### Create Resources

##### Ⅰ. Create Network Resources (Including VPC,Subnets,SecurityGroups,EIPs,NAT-Gateway,ELB)

```bash
1. Create vpc
    ~]# cd terraform/envs/dev/vpc
    ~]# terraform init
    ~]# terraform apply
2. Create Subnet (Depends on VPC)
    ~]# cd terraform/envs/dev/subnet
    ~]# terraform init
    ~]# terraform apply
3. Create Security Groups
    ~]# cd terraform/envs/dev/vsg
    ~]# terraform init
    ~]# terraform apply
4. Create EIP
    ~]# cd terraform/envs/dev/eip
    ~]# terraform init
    ~]# terraform apply
5. Create NatGateway NatRule And Bind with EIP (Depends on VPC,Subnet,EIPs)
    ~]# cd terraform/envs/dev/nat-gw
    ~]# terraform init
    ~]# terraform apply
```

##### Ⅱ. Create Certification Resources (Including Keypairs,IAM Account)

```bash
#Since an IAM account needs to specify an enterprise project ID when authorizing, we can set to a project id. If we don't specified it ,it will use the default project.
export TF_VAR_enterprise_project_id="xxxxxxxxxx"
```
NOTE: We can set TF_VAR_enterprise_project_id=0 for default projectId.

```bash
1. Create Keypair For ECS And CCE-NodePool
    ~]# cd terraform/envs/dev/keypair
    ~]# terraform init
    ~]# terraform apply
2. Create IAM Account For OBS
    ~]# cd terraform/envs/dev/iam
    ~]# terraform init
    ~]# terraform apply
```

##### Ⅲ. Create Computing Resources (Including ECS,CCE)

```bash
1. Create ECS (Depends on VPC,Subnet,SecGroup,Keypair)
    ~]# cd terraform/envs/dev/ecs
    ~]# terraform init
    ~]# terraform apply
2. Create CCE CLuster (Depends on VPC,Subnet)
    ~]# cd terraform/envs/dev/cce
    ~]# terraform init
    ~]# terraform apply
3. Create CCE NODEs (Depends on CCE,Keypair)
    ~]# cd terraform/envs/dev/cce-nodes
    ~]# terraform init
    ~]# terraform apply
```

Note!!!
> #Because the elb_member objects in ELB resources depend on ECS IPs, the order of ELB resources is adjusted
```bash
#Create LoadBalancer (Depends on VPC,Subnet,ECS,EIPs)
    ~]# cd terraform/envs/dev/elb
    ~]# terraform init
    ~]# terraform apply
```


##### Ⅳ. Create Databases Resources (Including RDS,DCS)

```bash
# Set the corresponding Root PassWord variable for the MySQL And Redis instance to be created
# The value cannot be empty and should contain 8 to 32 characters, including uppercase and lowercase letters, digits
export TF_VAR_pwd_rds_myapp="xxxxxxxxxx"
export TF_VAR_pwd_rds_miniapp="xxxxxxxxxx"
export TF_VAR_pwd_redis_myapp="xxxxxxxxxx"
export TF_VAR_pwd_redis_miniapp="xxxxxxxxxx"

```
```bash
1. Create RDS FOR MySQL (Depends on VPC,Subnet)
    ~]# cd terraform/envs/dev/rds
    ~]# terraform init
    ~]# terraform apply
2. Create DCS FOR Redis (Depends on VPC,Subnet)
    ~]# cd terraform/envs/dev/dcs
    ~]# terraform init
    ~]# terraform apply
3. Create DDS FOR MongoDb (Depends on VPC,Subnet)
    ~]# cd terraform/envs/dev/dds
    ~]# terraform init
    ~]# terraform apply
```

##### Ⅴ. Create Storage Resources (Including OBS,SFS)

```bash
1. Create OBS
    ~]# cd terraform/envs/dev/obs
    ~]# terraform init
    ~]# terraform apply
2. Create SFS
    ~]# cd terraform/envs/dev/sfs
    ~]# terraform init
    ~]# terraform apply
```





#### Destroy Resources

Note!!!

When deleting resources, we need to follow dependencies. Computing and Database Resources Depend on Network Resources

##### Ⅰ. Destroy Computing and Database Resources

```bash
1. Destroy ECS
    ~]# cd terraform/envs/dev/ecs
    ~]# terraform destroy
2. Destroy CCE
    ~]# cd terraform/envs/dev/cce
    ~]# terraform destroy
3. Destroy CCE NodePool
    ~]# cd terraform/envs/dev/cce-node
    ~]# terraform destroy
4. Destroy MySQL
    ~]# cd terraform/envs/dev/rds
    ~]# terraform destroy
5. Destroy Redis
    ~]# cd terraform/envs/dev/dcs
    ~]# terraform destroy
```

##### Ⅱ. Destroy Storage Resources

```bash
1. Destroy OBS
    ~]# cd terraform/envs/dev/obs
    ~]# terraform destroy
2. Destroy SFS
    ~]# cd terraform/envs/dev/sfs
    ~]# terraform destroy
```

##### Ⅲ. Destroy Network Resources

```bash
1. Destroy EIPs
    ~]# cd terraform/envs/dev/eip
    ~]# terraform destroy
2. Destroy ELB
    ~]# cd terraform/envs/dev/elb
    ~]# terraform destroy
3. Destroy Subnets
    ~]# cd terraform/envs/dev/subnet
    ~]# terraform destroy
4. Destroy SecGroups
    ~]# cd terraform/envs/dev/vsg
    ~]# terraform destroy
5. Destroy VPC
    ~]# cd terraform/envs/dev/vpc
    ~]# terraform destroy
```

#### Create middleware and database services

##### Ⅰ.Configure ansible

```bash
1. Install ansible
  ~]# brew install ansible jq
2.Set up an SSH tunnel to jumpserver so we can login to all ECS:
  ~]# export PROJECT_ENV="dev"
  ~]# source ansible/ssh_tunnel.sh
```
##### 2.Create ansible inventory and linux hosts
```bash
1. Create ansible inventory 
  ~]# cd ansible
  ~]# sh create_hosts.sh
2. Add linux hosts
  ~]# cd ansible
  ~]# ansible-playbook -i ansible_hosts add_to_hosts.yml
```
##### 3.Create kafka,zookeeper,elasticsearch,mongodb and rabbitmq 
```bash
1. Create kafka and zookeeper 
  ~]# cd ansible
  ~]# ansible-playbook -i ansible_hosts --extra-vars "ssh_args=$ssh_args" yml/kafka_zk.yml
2. Create elasticsearch
  ~]# cd ansible
  ~]# ansible-playbook -i ansible_hosts --extra-vars "ssh_args=$ssh_args" yml/elasticsearch.yml
3. Create mongodb
  ~]# cd ansible
  ~]# ansible-playbook -i ansible_hosts --extra-vars "ssh_args=$ssh_args" yml/mongodb.yml
4. Create rabbitmq
  ~]# cd ansible
  ~]# ansible-playbook -i ansible_hosts --extra-vars "ssh_args=$ssh_args" yml/rabbitmq.yml
5. Create nginx
   #Considering security concerns, the operator is required to pre-copy the certificate files into the "ansible/init-nginx-conf/ssl" directory.
  ~]# cd ansible
  ~]# ansible-playbook -i ansible_hosts --extra-vars "ssh_args=$ssh_args" yml/nginx.yml
  ```