更新时间:2025-05-21 GMT+08:00
TF模板包
运维中心集成华为云资源编排服务RFS,用于管理系统资源及服务资源。RFS主要包含模板和资源栈两部分,TF模板是用来创建、更新资源栈的脚本。
研发包结构
Service下所有的main.tf文件中的Resource实例不能有重叠,否则会导致资源被覆盖或删除。
图1 研发包结构
|
文件名 |
说明 |
|---|---|
|
Service(推荐方式) |
按云服务维度的资源模板,整个云服务涉及资源的生命周期都在同一个RFS资源模板中管理。 |
|
MicroService |
按微服务维度的资源模板管理,当一个云服务的每个微服务有单独的资源时使用。 |
|
envXname |
云服务/微服务部署环境,每个环境的RFS包资源都是与环境配套,每个环境都有单独的资源模板。 |
|
package.json |
固定名称与格式,发布包版本信息,类型,软件包名称,版本。 {
"type": "rfstemplate", // 固定
"name": "templatename", // RFS模板名称,服务下唯一
"envid": "envid1", // 云服务的环境ID
"version": "1.0.0", // RFS模板版本号
"maintf": "main.tf", // 实际创建资源的TF文件
"variablestf": "variable.tf" // 存储参数变量的TF文件
} |
|
main.tf |
RFS实际使用的模板文件,通过此文件来管理华为云资源。当前支持的华为云资源有CCE、DCS、DNS、ECS、Kafka、RDS及VPC,模板文件样例分别参考CCE资源RFS模板文件、DCS资源RFS模板文件、DNS资源RFS模板文件、ECS资源RFS模板文件、Kafka资源RFS模板文件、RDS资源RFS模板文件及VPC资源RFS模板文件。 详细的开发规范请参考Terraform文档。 |
|
variable.tf |
RFS资源模板中涉及到的变量值,可能多个云服务变量名称不一致,提取出来单独设置。样例如下: CCE-Name-1234: "CCE-Cluster-ERS" 建议敏感数据不在此文件设置,敏感数据在界面手动输入。 |
发布包结构
发布包作为package发布,以服务或微服务加上环境名称命名为发布包。
图2 发布包结构
CCE资源RFS模板文件
{
"terraform": {
"required_providers": {
"huaweicloud": {
"source": "huawei.com/provider/huaweicloud",
"version": "1.56.0"
}
}
},
"provider": {
"huaweicloud": {
"auth_url": "https://iam.cn-north-4.myhuaweicloud.com/v3",
"insecure": true,
"region": "cn-north-4"
}
},
"resource": {
"huaweicloud_cce_cluster": {
"cce-cluster-yfclf": {
"vpc_id": "18b117f8-****-****-****-6d022db472a1",
"name": "cce-cluster-rfs-001",
"cluster_version": "v1.27",
"charging_mode": "postPaid",
"flavor_id": "cce.s2.small",
"container_network_type": "vpc-router",
"enterprise_project_id": "2191bb05-****-****-****-96f098494b8d",
"subnet_id": "bef6af2f-****-****-****-9e78ef03eb6a"
}
},
"huaweicloud_cce_node": {
"cce-node-pmqnn": {
"name": "cce-node-rfs-001",
"charging_mode": "postPaid",
"flavor_id": "c7.large.2",
"os": "Huawei Cloud EulerOS 2.0",
"runtime": "containerd",
"root_volume": {
"size": 50,
"volumetype": "SAS"
},
"password": "${var.CCE-Node-Password-u9fi}",
"cluster_id": "d6eb9020-****-****-****-0255ac1000ac",
"availability_zone": "cn-north-4c",
"data_volumes": [{
"volumetype": "SAS",
"size": 100
}],
"storage": {
"selectors": [{
"name": "cceUse",
"type": "evs",
"match_label_count": 1,
"match_label_size": 100,
"match_label_volume_type": "SAS"
}],
"groups": [{
"name": "vgpaas",
"cce_managed": true,
"selector_names": ["cceUse"],
"virtual_spaces": [{
"name": "runtime",
"size": "90%",
"runtime_lv_type": "linear"
}, {
"name": "kubernetes",
"size": "10%",
"lvm_lv_type": "linear"
}]
}]
},
"depends_on": ["huaweicloud_cce_cluster.cce-cluster-yfclf"],
"subnet_id": "bef6af2f-****-****-****-9e78ef03eb6a"
}
}
},
"variable": {
"CCE-Node-Password-u9fi": {
"description": "Password for cce-node-pmqnn",
"type": "string",
"sensitive": true,
"nullable": false,
"default": ""
}
}
}
DCS资源RFS模板文件
{
"terraform": {
"required_providers": {
"huaweicloud": {
"source": "huawei.com/provider/huaweicloud",
"version": "1.56.0"
}
}
},
"provider": {
"huaweicloud": {
"auth_url": "https://iam.cn-north-4.myhuaweicloud.com/v3",
"insecure": true,
"region": "cn-north-4"
}
},
"resource": {
"huaweicloud_dcs_instance": {
"dcs-cx83b": {
"charging_mode": "postPaid",
"availability_zones": ["cn-north-4a", "cn-north-4a"],
"vpc_id": "18b117f8-****-****-****-6d022db472a1",
"subnet_id": "bef6af2f-****-****-****-9e78ef03eb6a",
"maintain_begin": "18:00:00",
"maintain_end": "22:00:00",
"engine_version": "5.0",
"capacity": 1,
"flavor": "redis.ha.xu1.large.r2.1",
"enterprise_project_id": "2191bb05-****-****-****-96f098494b8d",
"password": "${var.DCS-Password-qvwu}",
"name": "dcs-rfs-001",
"engine": "Redis"
}
}
},
"variable": {
"DCS-Password-qvwu": {
"description": "dcs password for dcs-cx83b",
"type": "string",
"sensitive": true,
"nullable": true,
"default": null
}
}
}
DNS资源RFS模板文件
{
"terraform": {
"required_providers": {
"huaweicloud": {
"source": "huawei.com/provider/huaweicloud",
"version": "1.56.0"
}
}
},
"provider": {
"huaweicloud": {
"auth_url": "https://iam.cn-north-4.myhuaweicloud.com/v3",
"insecure": true,
"region": "cn-north-4"
}
},
"resource": {
"huaweicloud_dns_zone": {
"dns-zone-iz7r1": {
"enterprise_project_id": "2191bb05-****-****-****-96f098494b8d",
"zone_type": "private",
"router": {
"router_id": "c6131e37-****-****-****-5fffa75982f3"
},
"name": "exampleninenine.com"
}
}
}
}
ECS资源RFS模板文件
{
"terraform": {
"required_providers": {
"huaweicloud": {
"source": "huawei.com/provider/huaweicloud",
"version": "1.56.0"
}
}
},
"provider": {
"huaweicloud": {
"auth_url": "https://iam.cn-north-4.myhuaweicloud.com/v3",
"insecure": true,
"region": "cn-north-4"
}
},
"resource": {
"huaweicloud_compute_instance": {
"ecs-qh7h5": {
"name": "ecs-rfs-001",
"charging_mode": "postPaid",
"admin_pass": "${var.ECS-Password-ia2c}",
"flavor_id": "s6.small.1",
"system_disk_type": "SAS",
"availability_zone": "cn-north-4a",
"network": {
"uuid": "bef6af2f-****-****-****-9e78ef03eb6a"
},
"security_group_ids": ["986d4460-****-****-****-f5f237df42c0"],
"enterprise_project_id": "2191bb05-****-****-****-96f098494b8d",
"system_disk_size": 40,
"image_id": "86405805-****-****-****-09f30b497c98"
}
}
},
"variable": {
"ECS-Password-ia2c": {
"description": "Ecs password for ecs-qh7h5",
"type": "string",
"sensitive": true,
"nullable": true,
"default": null
}
}
}
Kafka资源RFS模板文件
{
"terraform": {
"required_providers": {
"huaweicloud": {
"source": "huawei.com/provider/huaweicloud",
"version": "1.56.0"
}
}
},
"provider": {
"huaweicloud": {
"auth_url": "https://iam.cn-north-4.myhuaweicloud.com/v3",
"insecure": true,
"region": "cn-north-4"
}
},
"resource": {
"huaweicloud_dms_kafka_instance": {
"kafka-gq8ef": {
"manager_password": "${var.Kafka-Manager-Password-nsbl}",
"name": "kafka-rfs-001",
"charging_mode": "postPaid",
"manager_user": "kafka-manager-rfs",
"flavor_id": "s6.2u4g.cluster.small",
"engine_version": "3.x",
"broker_num": 3,
"storage_spec_code": "dms.physical.storage.high.v2",
"availability_zones": ["cn-north-4a"],
"storage_space": 300,
"vpc_id": "18b117f8-****-****-****-6d022db472a1",
"network_id": "bef6af2f-****-****-****-9e78ef03eb6a",
"security_group_id": "32ed0723-****-****-****-7c0fb748d436",
"enterprise_project_id": "2191bb05-****-****-****-96f098494b8d",
"retention_policy": "time_base"
}
}
},
"variable": {
"Kafka-Manager-Password-nsbl": {
"description": "Manager Password for kafka-gq8ef",
"type": "string",
"sensitive": true,
"nullable": false,
"default": ""
}
}
}
RDS资源RFS模板文件
{
"terraform": {
"required_providers": {
"huaweicloud": {
"source": "huawei.com/provider/huaweicloud",
"version": "1.56.0"
}
}
},
"provider": {
"huaweicloud": {
"auth_url": "https://iam.cn-north-4.myhuaweicloud.com/v3",
"insecure": true,
"region": "cn-north-4"
}
},
"resource": {
"huaweicloud_rds_instance": {
"rds-instance-yaqsb": {
"name": "rds-rfs-001",
"charging_mode": "postPaid",
"db": {
"type": "MySQL",
"version": "8.0",
"password": "${var.RDS-Password-u6z0}"
},
"ha_replication_mode": "async",
"volume": {
"size": 40,
"type": "ULTRAHIGH"
},
"vpc_id": "18b117f8-****-****-****-6d022db472a1",
"subnet_id": "bef6af2f-****-****-****-9e78ef03eb6a",
"security_group_id": "32ed0723-****-****-****-7c0fb748d436",
"enterprise_project_id": "2191bb05-****-****-****-96f098494b8d",
"availability_zone": ["cn-north-4c", "cn-north-4c"],
"flavor": "rds.mysql.c6.large.2.ha"
}
}
},
"variable": {
"RDS-Password-u6z0": {
"description": "Password for rds-instance-yaqsb",
"type": "string",
"sensitive": true,
"nullable": false,
"default": ""
}
}
}
VPC资源RFS模板文件
{
"terraform": {
"required_providers": {
"huaweicloud": {
"source": "huawei.com/provider/huaweicloud",
"version": "1.56.0"
}
}
},
"provider": {
"huaweicloud": {
"auth_url": "https://iam.cn-north-4.myhuaweicloud.com/v3",
"insecure": true,
"region": "cn-north-4"
}
},
"resource": {
"huaweicloud_vpc": {
"vpc-krkup": {
"name": "vpc-rfs-001",
"cidr": "192.168.0.0/16",
"enterprise_project_id": "2191bb05-****-****-****-96f098494b8d"
}
},
"huaweicloud_vpc_subnet": {
"vpc-subnet-ppnwk": {
"name": "subnet-rfs-001",
"cidr": "192.168.3.0/24",
"gateway_ip": "192.168.3.1",
"vpc_id": "c6131e37-****-****-****-5fffa75982f3",
"depends_on": ["huaweicloud_vpc.vpc-krkup"]
}
},
"huaweicloud_vpcep_endpoint": {
"vpcep_endpoint-4epnv": {
"service_id": "ebc591db-****-****-****-15354c9bef25",
"network_id": "${huaweicloud_vpc_subnet.vpc-subnet-ppnwk.id}",
"vpc_id": "${huaweicloud_vpc_subnet.vpc-subnet-ppnwk.vpc_id}"
}
},
"huaweicloud_networking_secgroup": {
"sg-rmo7v": {
"name": "sg-rfs-all-deny",
"enterprise_project_id": "2191bb05-****-****-****-96f098494b8d",
"description": "通用Web服务器,默认放通22、3389、80、443端口和ICMP协议。 适用于需要远程管理、公网ping及用于网站服务的云服务器场景。",
"depends_on": ["huaweicloud_vpc.vpc-krkup"]
}
},
"huaweicloud_networking_secgroup_rule": {
"sg-rule-d28sj": {
"action": "allow",
"direction": "ingress",
"ethertype": "IPv4",
"protocol": "icmp",
"remote_ip_prefix": "0.0.0.0/0",
"priority": 1,
"security_group_id": "${huaweicloud_networking_secgroup.sg-rmo7v.id}"
}
}
}
}
父主题: 打包规范
