Local PC からTerraform テンプレートで AIX を PowerSystems 筐体にVM(Virtual Machine)をデプロイを実施した記録です。IaC(Infrastructure as Code) の一環として記載します。
環境
・PowerVC v1.4 on (RHEL v7.5/PowerSystems S824 (Linux on Power)
以下がPowerVCに登録済み
・PowerSystems (S824, VIOS(v3.1 正副構成)
・HMC(v8.8.6)
・SAN switch
・Storage: V7000
・使用するネットワーク定義
・Local PC : Mac OS, Movaje
前提
- PowerVC と Local PC が疎通できるNW環境にあること
- デプロイに使用するAIXイメージは設定済みであること
- IDなどは一部の特定値は記載上変更しています。
環境概要図
デプロイ処理イメージ
手順
1) Mac 版のTerraform をダウンロード
https://www.terraform.io/downloads.html
2) 任意のディレクトリで圧縮ファイルを解凍
# ls -l
total 192024
-rwxrwxr-x@ 1 user staff 98302152 Mar 12 18:37 terraform #<=解凍した terraform コマンド本体
3) main.tf (terraformの実行ファイル)を作成
terraformがある同じディレクトリにmain.tf を作成
# vi main.tf
#(以下を入力)
provider "openstack" {
user_name = "root" #<= 実行ユーザー
password = "xxxxxxxx" #<= PowerVCサーバーのパスワード
tenant_name = "ibm-default"
domain_name = "Default"
auth_url = "https://<PowerVC_IP_address>:5000/v3/" #<= PowerVCサーバーのOpenStack KeyStone のendpoint
insecure = true
}
resource "openstack_compute_instance_v2" "test" {
name = "test0425" # <= VM名
image_id = "6adc26a0-a625-4162-8114-dxxxxxxxxxx" # <= イメージID
flavor_id = "2067438e-4920-4103-822f-exxxxxxxxxx" # <= 計算テンプレートID
network {
uuid = "857a9ad3-7515-4b5c-a152-dxxxxxxxxxx" # <= ネットワークID
name = "test_LAN"
}
}
(参考) OpenStackコマンドで定義情報確認
・PowerVCサーバーでOpenStackコマンド発行のための変数定義
source /opt/ibm/powervc/powervcrc
export OS_USERNAME=root #<=OpenStackコマンド実行ユーザー
export OS_PASSWORD="xxxxxxx" #<=ユーザーのパスワードを指定
・エンドポイント (KeyStone) を確認
# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------------------------+
| 046d4aec190e48ce9410e2c5xxxxxxxx | RegionOne | glance | image | True | public | https://<PowerVC_IP_address>:9292 |
| 08f5593c2c4748ccbbcc0537xxxxxxxx | RegionOne | cinderv2 | volumev2 | True | internal | https://<PowerVC_IP_address>:9000/v2/%(tenant_id)s |
| 0bfca6f9d7ea4f5ab83f37axxxxxxxx | RegionOne | swift | object-store | True | admin | https://<PowerVC_IP_address>:8080/v1/AUTH_%(tenant_id)s |
| 0db2bcb8ec9a4efd9d461e1xxxxxxxx | RegionOne | bumblebee | notification | True | admin | https://<PowerVC_IP_address>:5470 |
| 10bb508955ca43769fbaccexxxxxxxx | RegionOne | bumblebee | notification | True | public | https://<PowerVC_IP_address>:5470 |
| 118e6ad2b5d84cd188b62c8xxxxxxxxx | RegionOne | nova | compute | True | public | https://<PowerVC_IP_address>:8774/v2.1/%(tenant_id)s |
| 19e55ed46b2d4a1096b4e266xxxxxxxx | RegionOne | panko | event | True | admin | https://<PowerVC_IP_address>:8778 |
| 19f67d56bca94c1c8d579e0xxxxxxxx | RegionOne | glance | image | True | internal | https://<PowerVC_IP_address>:9292 |
| 21b36d68fd4040c4a9aef51dxxxxxxxx | RegionOne | panko | event | True | internal | https://<PowerVC_IP_address>7:8778 |
| 2b71bba8e8624db39eaf624exxxxxxxx | RegionOne | keystone | identity | True | public | https://<PowerVC_IP_address>:5000/v3 #<= main.tfのauth_urlで指定 |
4) terraform init
terraform plugin を導入します。
# ./terraform init
Initializing provider plugins...
- Checking for available provider plugins on https://releases.hashicorp.com...
- Downloading plugin for provider "openstack" (1.17.0)...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.openstack: version = "~> 1.17"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
確認
# tree .terraform/
.terraform/
└── plugins
└── darwin_amd64
├── lock.json
└── terraform-provider-openstack_v1.17.0_x4
2 directories, 2 files
5) デプロイ
# ./terraform apply
openstack_compute_instance_v2.test0425: Refreshing state... (ID: 6fb49b4d-4f02-432a-862f-exxxxxxxxxx)
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
+ openstack_compute_instance_v2.test0425
id: <computed>
access_ip_v4: <computed>
access_ip_v6: <computed>
all_metadata.%: <computed>
availability_zone: <computed>
flavor_id: "2067438e-4920-4103-822f-exxxxxxxxxx"
flavor_name: <computed>
force_delete: "false"
image_id: "6adc26a0-a625-4162-8114-dxxxxxxxxxx"
image_name: <computed>
name: "test0425"
network.#: "1"
network.0.access_network: "false"
network.0.fixed_ip_v4: <computed>
network.0.fixed_ip_v6: <computed>
network.0.floating_ip: <computed>
network.0.mac: <computed>
network.0.name: "test_LAN"
network.0.port: <computed>
network.0.uuid: "857a9ad3-7515-4b5c-a152-dxxxxxxxxxx"
power_state: "active"
region: <computed>
security_groups.#: <computed>
stop_before_destroy: "false"
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
openstack_compute_instance_v2.test0425: Creating...
access_ip_v4: "" => "<computed>"
access_ip_v6: "" => "<computed>"
all_metadata.%: "" => "<computed>"
availability_zone: "" => "<computed>"
flavor_id: "" => "2067438e-4920-4103-822f-xxxxxxxxxxx"
flavor_name: "" => "<computed>"
force_delete: "" => "false"
image_id: "" => "6adc26a0-a625-4162-8114-dxxxxxxxxxx"
image_name: "" => "<computed>"
name: "" => "test0425"
network.#: "" => "1"
network.0.access_network: "" => "false"
network.0.fixed_ip_v4: "" => "<computed>"
network.0.fixed_ip_v6: "" => "<computed>"
network.0.floating_ip: "" => "<computed>"
network.0.mac: "" => "<computed>"
network.0.name: "" => "test_LAN"
network.0.port: "" => "<computed>"
network.0.uuid: "" => "857a9ad3-7515-4b5c-a152-dxxxxxxxxxx"
power_state: "" => "active"
region: "" => "<computed>"
security_groups.#: "" => "<computed>"
stop_before_destroy: "" => "false"
openstack_compute_instance_v2.test0425: Still creating... (10s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (20s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (30s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (40s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (50s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (1m0s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (1m10s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (1m20s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (1m30s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (1m40s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (1m50s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (2m0s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (2m10s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (2m20s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (2m30s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (2m40s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (2m50s elapsed)
openstack_compute_instance_v2.test0425: Still creating... (3m0s elapsed)
openstack_compute_instance_v2.test0425: Creation complete after 3m10s (ID: 37c39dfd-1ac4-44ca-b1b4-267cf5353422)
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
6) 確認
CLI での確認結果です。
リスト
# openstack server list | grep test0425
| 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx | test0425 | ACTIVE | test_LAN=172.16.0.1 | AIX72TL03SP02-20G | test0425 |
詳細
# openstack server show test0425
+-------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | xxxxxxx_xxxxxxx |
| OS-EXT-SRV-ATTR:hostname | test0425 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | xxxxxxx_xxxxxxx |
| OS-EXT-SRV-ATTR:instance_name | test0425-37c39dfd-0xxxxxxx |
| OS-EXT-SRV-ATTR:kernel_id | |
| OS-EXT-SRV-ATTR:launch_index | 0 |
| OS-EXT-SRV-ATTR:ramdisk_id | |
| OS-EXT-SRV-ATTR:reservation_id | r-y1fugcmz |
| OS-EXT-SRV-ATTR:root_device_name | /dev/sda |
| OS-EXT-SRV-ATTR:user_data | |
| OS-EXT-STS:power_state | Running |
| OS-EXT-STS:task_state | None |
| OS-EXT-STS:vm_state | active |
| OS-SRV-USG:launched_at | 2019-04-25T07:07:49.000000 |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | test_LAN=172.16.0.1 |
| ame_expansion_factor | 0.0 |
| avail_priority | 127 |
| compliance_status | [{u'status': u'compliant', u'category': u'resource.allocation'}] |
| config_drive | True |
| cpu_utilization | 0.71 |
| cpus | 1 |
| created | 2019-04-25T07:04:51Z |
| current_compatibility_mode | POWER8 |
| dedicated_sharing_mode | |
| description | test0425 |
| desired_compatibility_mode | default |
| enable_lpar_metric | true |
| endianness | big-endian |
| ephemeral_gb | 0 |
| flavor | test0425 (2067438e-4920-4103-822f-exxxxxxxxxx) |
| health_status | {u'health_value': u'OK', u'id': u'37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxxx', u'value_reason': [], u'updated_at': u'2019-04-25T07:37:06.999217'} |
| hostId | 66730e21fb462a021c8bb18a9a8da37957c4c767b40b4xxxxxxxxxx |
| host_status | UP |
| id | 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx |
| image | AIX72TL03SP02-20G (6adc26a0-a625-4162-8114-dxxxxxxxxxx) |
| key_name | None |
| launched_at | 2019-04-25T07:07:49.000000 |
| locked | False |
| max_cpus | 1 |
| max_memory_mb | 4096 |
| max_vcpus | 0.30 |
| memory_mb | 4096 |
| memory_mode | dedicated |
| memory_utilization | None |
| min_cpus | 1 |
| min_memory_mb | 4096 |
| min_vcpus | 0.30 |
| name | test0425 |
| operating_system | AIX 7.2 7200-03-02-1846 |
| os_distro | aix |
| ppt_ratio | None |
| progress | 100 |
| project_id | eb9ad4afdd44447dba9ffxxxxxxxxxx |
| properties | |
| root_gb | 20 |
| shared_proc_pool_name | DefaultPool |
| shared_weight | 128 |
| srr_capability | False |
| srr_state | Invalid |
| status | ACTIVE
|
| tags | [] |
| uncapped | True |
| updated | 2019-04-25T07:24:18Z |
| user_id | 0688b01e6439ca32d698d20789d52169126fb41fb1a4ddafcebbxxxxxxxxxx |
| vcpu_mode | shared |
| vcpus | 0.30 |
| vm_pg_in_rate | None |
| vm_pg_out_rate | None |
| vm_pg_swap_in_rate | None |
| vm_pg_swap_out_rate | None |
| volumes_attached | delete_on_termination='True', id='ae36f1e6-1cec-404c-a435-0c9xxxxxxxxxx' |
+-------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
7) VM確認
VM にログイン
bristol:[/]# tn 172.16.0.1
Trying...
Connected to 172.16.0.1.
Escape character is '^T'.
telnet (test0425)
AIX Version 7
Copyright IBM Corporation, 1982, 2018.
login: root
root's Password:
*******************************************************************************
* *
* *
* Welcome to AIX Version 7.2! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
Last unsuccessful login: Thu Apr 25 16:30:03 JST 2019 on /dev/pts/0 from 172.16.81.4
Last login: Thu Apr 25 16:30:05 JST 2019 on /dev/pts/0 from 172.16.81.4
test0425:[/]# ifconfig -a
en0: flags=1e084863,14c0<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),LARGESEND,CHAIN>
inet 172.16.0.1 netmask 0xffff0000 broadcast 172.16.255.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1
lo0: flags=e08084b,c0<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,LARGESEND,CHAIN>
inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255
inet6 ::1%1/64
tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1
test0425:[/]# oslevel -s
7200-03-02-1846
test0425:[/]#
8) VM削除
# ./terraform destroy
openstack_compute_instance_v2.test0425: Refreshing state... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx)
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
- openstack_compute_instance_v2.test0425
Plan: 0 to add, 0 to change, 1 to destroy.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
openstack_compute_instance_v2.test0425: Destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 10s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 20s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 30s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 40s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 50s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 1m0s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 1m10s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 1m20s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 1m30s elapsed)
openstack_compute_instance_v2.test0425: Still destroying... (ID: 37c39dfd-1ac4-44ca-b1b4-2xxxxxxxxxx, 1m40s elapsed)
openstack_compute_instance_v2.test0425: Destruction complete after 1m49s
Destroy complete! Resources: 1 destroyed.
#
以上です。
参考資料
・Introduction to Cloud PowerVC Manager
https://www.ibm.com/support/knowledgecenter/en/SSVSPA_1.4.1/com.ibm.powervc.cloud.help.doc/powervc_cloud.html
・Setting environment variables (for openstack CLI)
https://www.ibm.com/support/knowledgecenter/SSVSPA_1.4.1/com.ibm.powervc.cloud.help.doc/powervc_setting_environment_variables_cloud.html