• T4_953273
  • 16.4KB
  • zip
  • 0
  • VIP专享
  • 0
  • 2022-06-15 03:56
Azure Terraform快速入门模板 使用此模板可以轻松创建新的Git存储库,以管理Jenkins X云基础架构需求。 我们建议使用Terraform来管理运行Jenkins X所需的基础架构。可能需要创建许多云资源,例如: Kubernetes集群 长期存储日志的存储桶 IAM绑定以管理使用云资源的应用程序的权限 Jenkins X喜欢使用GitOps来管理基础架构和集群资源的生命周期。 这需要两个Git存储库来实现: 基础设施git信息库:基础设施资源将由Terraform管理,并将保持资源同步。 集群git仓库:Kubernetes特定的集群资源将由Jenkins X管理,并保持资源同步。 先决条件 一个Git组织,将用于创建下面的Jenkins X使用的GitOps存储库。 例如 。 创建一个git bot用户(不同于您自己的个人用户),例如并生成一个个人访问令牌,
  • jx3-terraform-azure-master
  • jx-requirements.yml.tpl
  • bin
  • configure.sh
  • create.sh
  • set_kube_context.sh
  • requirements.tf
  • local.tf
  • .gitignore
  • .lighthouse
  • Kptfile
  • jenkins-x
  • release.yaml
  • pullrequest.yaml
  • triggers.yaml
  • README.md
  • main.tf
  • variables.tf
# Azure Terraform Quickstart template Use this template to easily create a new Git Repository for managing Jenkins X cloud infrastructure needs. We recommend using Terraform to manange the infrastructure needed to run Jenkins X. There are a number of cloud resources which may need to be created such as: - Kubernetes cluster - Storage buckets for long term storage of logs - IAM Bindings to manage permissions for applications using cloud resources Jenkins X likes to use GitOps to manage the lifecycle of both infrastructure and cluster resources. This requires two Git Repositories to achieve this: - **Infrastructure git repository**: infrastructure resources will be managed by Terraform and will keep resources in sync. - **Cluster git repository**: the Kubernetes specific cluster resources will be managed by Jenkins X and keep resources in sync. # Prerequisites - A Git organisation that will be used to create the GitOps repositories used for Jenkins X below. e.g. https://github.com/organizations/plan. - Create a git bot user (different from your own personal user) e.g. https://github.com/join and generate a personal access token, this will be used by Jenkins X to interact with git repositories. e.g. https://github.com/settings/tokens/new?scopes=repo,read:user,read:org,user:email,write:repo_hook,delete_repo,admin:repo_hook - __This bot user needs to have write permission to write to any git repository used by Jenkins X. This can be done by adding the bot user to the git organisation level or individual repositories as a collaborator__ Add the new `bot` user to your Git Organisation, for now give it Owner permissions, we will reduce this to member permissions soon. - Install `terraform` CLI - [see here](https://learn.hashicorp.com/tutorials/terraform/install-cli#install-terraform) - Install `jx` CLI - [see here](https://github.com/jenkins-x/jx-cli/releases) # Git repositories We use 2 git repositories: * **Infrastructure** git repository for the Terraform configuration to setup/upgrade/modify your cloud infrastructure (kubernetes cluster, IAM accounts, IAM roles, buckets etc) * **Cluster** git repository to contain the `helmfile.yaml` file to define the helm charts to deploy in your cluster We use separate git repositories since the infrastructure tends to change rarely; whereas the cluster git repository changes a lot (every time you add a new quickstart, import a project, release a project etc). Often different teams look after infrastructure; or you may use tools like Terraform Cloud to process changes to infrastructure & review changes to infrastructure more closely than promotion of applications. # Getting started __Note: remember to create the Git repositories below in your Git Organisation rather than your personal Git account else this will lead to issues with ChatOps and automated registering of webhooks__. 1. Create and clone your **Infrastructure** git repo from this GitHub Template https://github.com/jx3-gitops-repositories/jx3-terraform-azure/generate Note: Ensure **Owner** is the name of the Git Organisation that will hold the GitOps repositories used for Jenkins X. 2. Create a **Cluster** git repository; choosing your desired secrets store, either Vault or Azure Key Vault: - __Vault__: https://github.com/jx3-gitops-repositories/jx3-azure-vault/generate - __Azure Key Vault__: https://github.com/jx3-gitops-repositories/jx3-azure-akv/generate Note: Ensure **Owner** is the name of the Git Organisation that will hold the GitOps repositories used for Jenkins X. 3. You need to configure the git URL of your **Cluster** git repository (which contains `helmfile.yaml`) into the **Infrastructure** git repository (which contains `main.tf`). So from inside a git clone of the **Infrastructure** git repository (which already has the files `main.tf` and `values.auto.tfvars` inside) you need to link to the other **Cluster** repository (which contains `helmfile.yaml`) by committing the required terraform values from below to your `values.auto.tfvars`, e.g. ```sh cat <<EOF >> values.auto.tfvars jx_git_url = "https://github.com/$git_owner_from_cluster_template_above/$git_repo_from_cluster_template_above" EOF ``` The contents of your `values.auto.tfvars` file should look something like this .... ```terraform jx_git_url = "https://github.com/myowner/myname-cluster" jx_bot_username = "bot_user" jx_bot_token = "abcdef12345" ``` 4. commit and push any changes to your **Infrastructure** git repository: ```sh git commit -a -m "fix: configure cluster repository and project" git push ``` 5. Now define 2 environment variables to pass the bot user and token into Terraform: ```sh export TF_VAR_jx_bot_username=my-bot-username export TF_VAR_jx_bot_token=my-bot-token ``` 6. Now, initialise, plan and apply Terraform: ```sh terraform init ``` ```sh terraform plan ``` ```sh terraform apply ``` Connect to the cluster ``` $(terraform output connect) ``` Tail the Jenkins X installation logs ``` $(terraform output follow_install_logs) ``` Once finished you can now move into the Jenkins X Developer namespace ```sh jx ns jx ``` and create or import your applications ```sh jx project ``` ## Terraform Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | apex\_domain\_integration\_enabled | Flag that when set attempts to create delegation records in apex domain to point to domain created by this module | `bool` | `false` | no | | apex\_domain\_name | The name of the parent/apex domain in which to create this domain zone, e.g. jenkins-x.io. Required if dns\_enabled set to true | `string` | `""` | no | | apex\_resource\_group\_name | The resource group in which the Azure DNS apex domain resides. Required if apex\_domain\_integration\_enabled is true | `string` | `""` | no | | cluster\_name | Variable to provide your desired name for the cluster. The script will create a random name if this is empty | `string` | `""` | no | | cluster\_network\_model | Variable to define the network model for the cluster. Valid values are either `kubenet` or `azure` | `string` | `"kubenet"` | no | | cluster\_node\_resource\_group\_name | Resource group name in which to provision AKS cluster nodes. The script will create a random name if this is empty | `string` | `""` | no | | cluster\_resource\_group\_name | The name of the resource group in to which to provision AKS managed cluster. The script will create a random name if this is empty | `string` | `""` | no | | cluster\_version | Kubernetes version to use for the AKS cluster | `string` | `"1.18.10"` | no | | dns\_enabled | Flag that when set creates an Azure DNS zone for JX | `bool` | `false` | no | | dns\_prefix | DNS prefix for the cluster. The script will create a random name if this is empty | `string` | `""` | no | | dns\_resource\_group\_name | Resource group in which to create the Azure DNS zone. The script will create a random name if this is empty | `string` | `""` | no | | domain\_name | The domain name of the zone to create, e.g. dev-subdomain. Required if dns\_enabled set to true | `string` | `""` | no | | enable\_log\_analytics | Flag to indicate whether to enable Log Analytics integration for cluster | `bool` | `false` | no | | jx\_bot\_token | Bot token used to interact with the Jenkins X cluster git repository | `string` | n/a | yes | | jx\_bot\_username | Bot username used to interact with the Jenkins X cluster git repository | `string` | n/a | yes | | jx\_git\_url | URL for the Jenkins X cluster git repository | `string` | n/a | yes | | key\_vault\_enabled | Flag to indicate whether to provision Azure Key Vault for secret storage | `string` | `false` | no | | key\_vault\_name | Name of Azure Key Vault to create | `string` | `""` | no | | key\_vault\_resource\_group\_name | Resouce group to create in which to place key vault | `string` | `""` | no | | key\_vault\_sku | SKU of the Key Vault resource to crea
    • jx3-terraform-azure
      Azure Terraform快速入门模板 使用此模板可以轻松创建新的Git存储库,以管理Jenkins X云基础架构需求。 我们建议使用Terraform来管理运行Jenkins X所需的基础架构。可能需要创建许多云资源,例如: Kubernetes集群 ...
    • azure-container-agents-plugin:用于JenkinsAzure容器代理插件
      Azure容器代理插件可以帮助您在Jenkins中将容器作为代理运行 我们有两个不同的协调器: Azure容器服务(Kubernetes) Azure容器实例 如何安装 您可以在Jenkins更新中心(管理Jenkins->管理插件,搜索Azure容器代理...
    • jx3-azure-akv
      适用于AKS和Azure Key Vault的Jenkins X 3.x GitOps存储库 此git存储库使用Azure Key Vault安装JenkinsX。 创建/升级云资源 修改jx-requirements.yml文件 现在git commit并推送所有更改... git add * git commit -a...
    • azure-artifact-manager-plugin:Jenkins Azure工件管理器插件
      Azure Artifact Manager插件 重要说明:该插件由Jenkins社区维护,并且自2024年2月29日起不受Microsoft支持。 使用凭证绑定和Az CLI 建议使用和Az CLI与Azure服务集成。 确保已2.0.67或更高版本的 。 使用Az CLI...
    • freebsd-ports-testing:使用自托管的Jenkins基础结构测试我的FreeBSD端口提交
      FreeBSD端口的补丁测试 通过利用卷云CI 自配置的Jenkins基础设施,此配置允许在提交之前轻松测试我的各个端口... 最初使用Cirrus CI,但由于社区回购协议有2小时的严格限制,因此改用Microsoft Azure上托管的Jenkins
    • azure-ad-plugin:使用Azure AD进行身份验证和授权
      一个支持通过Azure Active Directory进行身份验证和授权的Jenkins插件。 在Azure Active Directory中安装 确保您的Jenkins服务器已启用HTTPS。 如果您的Jenkins实例是由创建的,则可以在/etc/nginx/sites-available/...
    • azure-redis-voting-app-jenkins:带有詹金斯构建的azure-redis-voting-app
      本示例在Azure Kubernetes服务(AKS)群集中创建一个多容器应用程序。 Azure投票应用 本示例在Azure Kubernetes服务(AKS)群集中创建一个多容器应用程序。 应用程序界面已使用Python / Flask构建。 数据组件正在...
    • azure-devops-utils:Azure DevOps实用工具
      :有关如何设置Windows Azure Jenkins代理以通过JNLP与Jenkins主服务器通信的示例脚本。 :将图像从经典图像模型迁移到新的Azure资源管理器模型。 脚本,用于在Linux VM上安装Jenkins并将其通过端口80公开给公众...
    • azure-cli-plugin:Jenkins插件,可使用Azure CLI来管理Azure资源
      Azure CLI Jenkins插件 一个Jenkins插件,可使用Azure CLI来管理Azure资源。 :red_exclamation_mark: 这不是官方的Microsoft插件 :glowing_star: 此插件的优点是,您可以将每个命令的CLI结果导出到环境变量和下一...
    • GaussDB_100_1.0.1-DATABASE-REDHAT-64bit.tar.gz