1 feat: 重构基础设施架构并完善Consul集群配置

2 3 主要变更: 4 - 重构Terraform/OpenTofu目录结构，统一迁移至infrastructure/opentofu 5 - 添加"7天创造世界"文档，记录基础设施建设演进逻辑 6 - 更新Consul集群配置管理经验，添加实际案例和解决方案 7 - 修正README中的Sticky Note，反映Consul集群健康状态 8 - 添加Ansible部署配置和inventory文件 9 - 完善项目文档结构，添加各组件配置指南 10 11 技术架构演进: 12 - 第1天: Tailscale网络连接基础 ✅ 13 - 第2天: Ansible分布式控制 ✅ 14 - 第3天: Nomad服务感知与任务调度 ✅ 15 - 第4天: Consul配置集中管理 ✅ 16 - 第5天: OpenTofu状态一致性 ✅ 17 - 第6天: Vault密钥管理 ⏳ 18 - 第7天: Waypoint应用部署 ⏳
2025-09-30 03:46:33 +00:00
parent c0064b2cad
commit e8bfc76038
119 changed files with 1772 additions and 631 deletions
--- a/deployment/terraform/providers/huawei-cloud/main.tf
+++ b/deployment/terraform/providers/huawei-cloud/main.tf
@@ -0,0 +1,137 @@
+# 华为云模块
+
+terraform {
+  required_providers {
+    huaweicloud = {
+      source  = "huaweicloud/huaweicloud"
+      version = "~> 1.60"
+    }
+  }
+}
+
+# 获取可用区
+data "huaweicloud_availability_zones" "zones" {}
+
+# 获取镜像
+data "huaweicloud_images_image" "ubuntu" {
+  name        = "Ubuntu 22.04 server 64bit"
+  most_recent = true
+}
+
+# VPC
+resource "huaweicloud_vpc" "main" {
+  name = "${var.project_name}-${var.environment}-vpc"
+  cidr = var.vpc_cidr
+
+  tags = merge(var.common_tags, {
+    Name = "${var.project_name}-${var.environment}-vpc"
+  })
+}
+
+# 子网
+resource "huaweicloud_vpc_subnet" "public" {
+  count      = length(var.availability_zones)
+  name       = "${var.project_name}-${var.environment}-public-${var.availability_zones[count.index]}"
+  cidr       = cidrsubnet(var.vpc_cidr, 8, count.index)
+  gateway_ip = cidrhost(cidrsubnet(var.vpc_cidr, 8, count.index), 1)
+  vpc_id     = huaweicloud_vpc.main.id
+
+  tags = merge(var.common_tags, {
+    Name = "${var.project_name}-${var.environment}-public-${var.availability_zones[count.index]}"
+    Type = "public"
+  })
+}
+
+# 安全组
+resource "huaweicloud_networking_secgroup" "main" {
+  name        = "${var.project_name}-${var.environment}-sg"
+  description = "Security group for ${var.project_name} ${var.environment}"
+
+  tags = merge(var.common_tags, {
+    Name = "${var.project_name}-${var.environment}-sg"
+  })
+}
+
+# 安全组规则 - SSH
+resource "huaweicloud_networking_secgroup_rule" "ssh" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 22
+  port_range_max    = 22
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = huaweicloud_networking_secgroup.main.id
+}
+
+# 安全组规则 - HTTP
+resource "huaweicloud_networking_secgroup_rule" "http" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 80
+  port_range_max    = 80
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = huaweicloud_networking_secgroup.main.id
+}
+
+# 安全组规则 - HTTPS
+resource "huaweicloud_networking_secgroup_rule" "https" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 443
+  port_range_max    = 443
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = huaweicloud_networking_secgroup.main.id
+}
+
+# 弹性IP
+resource "huaweicloud_vpc_eip" "main" {
+  count = var.environment == "production" ? 2 : 1
+  
+  publicip {
+    type = "5_bgp"
+  }
+  
+  bandwidth {
+    name        = "${var.project_name}-${var.environment}-bandwidth-${count.index}"
+    size        = var.environment == "production" ? 10 : 5
+    share_type  = "PER"
+    charge_mode = "traffic"
+  }
+
+  tags = merge(var.common_tags, {
+    Name = "${var.project_name}-${var.environment}-eip-${count.index}"
+  })
+}
+
+# 输出
+output "vpc_id" {
+  description = "VPC ID"
+  value       = huaweicloud_vpc.main.id
+}
+
+output "subnet_ids" {
+  description = "子网 ID 列表"
+  value       = huaweicloud_vpc_subnet.public[*].id
+}
+
+output "security_group_id" {
+  description = "安全组 ID"
+  value       = huaweicloud_networking_secgroup.main.id
+}
+
+output "availability_zones" {
+  description = "可用区列表"
+  value       = data.huaweicloud_availability_zones.zones.names
+}
+
+output "ubuntu_image_id" {
+  description = "Ubuntu 镜像 ID"
+  value       = data.huaweicloud_images_image.ubuntu.id
+}
+
+output "eip_addresses" {
+  description = "弹性IP地址列表"
+  value       = huaweicloud_vpc_eip.main[*].address
+}
--- a/deployment/terraform/providers/huawei-cloud/variables.tf
+++ b/deployment/terraform/providers/huawei-cloud/variables.tf
@@ -0,0 +1,54 @@
+# 华为云提供商变量定义
+
+variable "environment" {
+  description = "环境名称"
+  type        = string
+}
+
+variable "project_name" {
+  description = "项目名称"
+  type        = string
+}
+
+variable "owner" {
+  description = "项目所有者"
+  type        = string
+}
+
+variable "vpc_cidr" {
+  description = "VPC CIDR 块"
+  type        = string
+}
+
+variable "availability_zones" {
+  description = "可用区列表"
+  type        = list(string)
+}
+
+variable "common_tags" {
+  description = "通用标签"
+  type        = map(string)
+}
+
+variable "huawei_config" {
+  description = "华为云配置"
+  type = object({
+    access_key = string
+    secret_key = string
+    region     = string
+    project_id = string
+  })
+  sensitive = true
+}
+
+variable "instance_count" {
+  description = "实例数量"
+  type        = number
+  default     = 1
+}
+
+variable "instance_size" {
+  description = "实例规格"
+  type        = string
+  default     = "s6.small.1"
+}