1 feat: 重构基础设施架构并完善Consul集群配置

2 3 主要变更: 4 - 重构Terraform/OpenTofu目录结构，统一迁移至infrastructure/opentofu 5 - 添加"7天创造世界"文档，记录基础设施建设演进逻辑 6 - 更新Consul集群配置管理经验，添加实际案例和解决方案 7 - 修正README中的Sticky Note，反映Consul集群健康状态 8 - 添加Ansible部署配置和inventory文件 9 - 完善项目文档结构，添加各组件配置指南 10 11 技术架构演进: 12 - 第1天: Tailscale网络连接基础 ✅ 13 - 第2天: Ansible分布式控制 ✅ 14 - 第3天: Nomad服务感知与任务调度 ✅ 15 - 第4天: Consul配置集中管理 ✅ 16 - 第5天: OpenTofu状态一致性 ✅ 17 - 第6天: Vault密钥管理 ⏳ 18 - 第7天: Waypoint应用部署 ⏳
2025-09-30 03:46:33 +00:00
parent c0064b2cad
commit e8bfc76038
119 changed files with 1772 additions and 631 deletions
--- a/deployment/terraform/environments/production/variables.tf
+++ b/deployment/terraform/environments/production/variables.tf
@@ -0,0 +1,81 @@
+# Nomad 多数据中心生产环境变量
+
+# 部署控制
+variable "deploy_korea_node" {
+  description = "是否部署韩国节点 (Oracle Cloud)"
+  type        = bool
+  default     = true
+}
+
+variable "deploy_us_node" {
+  description = "是否部署美国节点 (华为云)"
+  type        = bool
+  default     = true
+}
+
+# Oracle Cloud 配置
+variable "oracle_tenancy_ocid" {
+  description = "Oracle Cloud 租户 OCID"
+  type        = string
+  sensitive   = true
+}
+
+variable "oracle_user_ocid" {
+  description = "Oracle Cloud 用户 OCID"
+  type        = string
+  sensitive   = true
+}
+
+variable "oracle_fingerprint" {
+  description = "Oracle Cloud API 密钥指纹"
+  type        = string
+  sensitive   = true
+}
+
+variable "oracle_private_key_path" {
+  description = "Oracle Cloud 私钥文件路径"
+  type        = string
+  sensitive   = true
+}
+
+# 华为云配置
+variable "huawei_access_key" {
+  description = "华为云访问密钥"
+  type        = string
+  sensitive   = true
+}
+
+variable "huawei_secret_key" {
+  description = "华为云秘密密钥"
+  type        = string
+  sensitive   = true
+}
+
+# Nomad 配置
+variable "nomad_encrypt_key" {
+  description = "Nomad 集群加密密钥"
+  type        = string
+  sensitive   = true
+  default     = "NVOMDvXblgWfhtzFzOUIHnKEOrbXOkPrkIPbRGGf1YQ="
+}
+
+# Vault 配置
+variable "vault_config" {
+  description = "Vault 配置"
+  type = object({
+    address = string
+    token   = string
+  })
+  default = {
+    address = "http://100.116.158.95:8200"
+    token   = ""
+  }
+  sensitive = true
+}
+
+variable "vault_token" {
+  description = "Vault 访问令牌"
+  type        = string
+  default     = ""
+  sensitive   = true
+}