111

2025-10-09 01:22:22 +00:00
parent 1c994f9f60
commit eab95c8c80
136 changed files with 11001 additions and 849 deletions
--- a/infrastructure/opentofu/environments/dev/cloudflare.tf
+++ b/infrastructure/opentofu/environments/dev/cloudflare.tf
@@ -0,0 +1,42 @@
+# Cloudflare 配置
+# 使用 Consul 存储的 Cloudflare token 进行 API 调用
+
+# 从 Consul 获取 Cloudflare 配置
+data "consul_keys" "cloudflare_config" {
+  key {
+    name = "token"
+    path = "config/dev/cloudflare/token"
+  }
+}
+
+# Cloudflare Provider 配置
+provider "cloudflare" {
+  api_token = data.consul_keys.cloudflare_config.var.token
+}
+
+# 测试 Cloudflare API 连通性 - 获取可用区域
+data "cloudflare_zones" "available" {
+  filter {
+    status = "active"
+  }
+}
+
+# 测试 Cloudflare API 连通性 - 获取账户信息
+data "cloudflare_accounts" "available" {}
+
+# 输出 Cloudflare 连通性测试结果
+output "cloudflare_connectivity_test" {
+  description = "Cloudflare API 连通性测试结果"
+  value = {
+    zones_count = length(data.cloudflare_zones.available.zones)
+    accounts_count = length(data.cloudflare_accounts.available.accounts)
+    zones = [for zone in data.cloudflare_zones.available.zones : {
+      name = zone.name
+      id   = zone.id
+    }]
+    accounts = [for account in data.cloudflare_accounts.available.accounts : {
+      name = account.name
+      id   = account.id
+    }]
+  }
+}
--- a/infrastructure/opentofu/environments/dev/kr_instances.tf
+++ b/infrastructure/opentofu/environments/dev/kr_instances.tf
@@ -0,0 +1,66 @@
+# 韩国区域实例配置 - 导入现有资源
+
+# ch4 实例 (原ARM)
+resource "oci_core_instance" "ch4" {
+  # 基本配置 - 匹配现有实例
+  compartment_id      = data.consul_keys.oracle_config.var.tenancy_ocid
+  availability_domain = "CSRd:AP-CHUNCHEON-1-AD-1"
+  shape              = "VM.Standard.A1.Flex"
+  display_name       = "ch4"
+  
+  shape_config {
+    ocpus         = 4
+    memory_in_gbs = 24
+  }
+  
+  # 防止意外重建
+  lifecycle {
+    prevent_destroy = true
+    ignore_changes = [
+      source_details,
+      metadata,
+      create_vnic_details,
+      time_created
+    ]
+  }
+}
+
+# ch2 实例
+resource "oci_core_instance" "ch2" {
+  # 基本配置 - 匹配现有实例
+  compartment_id      = data.consul_keys.oracle_config.var.tenancy_ocid
+  availability_domain = "CSRd:AP-CHUNCHEON-1-AD-1"
+  shape              = "VM.Standard.E2.1.Micro"
+  display_name       = "ch2"
+  
+  # 防止意外重建
+  lifecycle {
+    prevent_destroy = true
+    ignore_changes = [
+      source_details,
+      metadata,
+      create_vnic_details,
+      time_created
+    ]
+  }
+}
+
+# ch3 实例
+resource "oci_core_instance" "ch3" {
+  # 基本配置 - 匹配现有实例
+  compartment_id      = data.consul_keys.oracle_config.var.tenancy_ocid
+  availability_domain = "CSRd:AP-CHUNCHEON-1-AD-1"
+  shape              = "VM.Standard.E2.1.Micro"
+  display_name       = "ch3"
+  
+  # 防止意外重建
+  lifecycle {
+    prevent_destroy = true
+    ignore_changes = [
+      source_details,
+      metadata,
+      create_vnic_details,
+      time_created
+    ]
+  }
+}
--- a/infrastructure/opentofu/environments/dev/kr_test.tf
+++ b/infrastructure/opentofu/environments/dev/kr_test.tf
@@ -0,0 +1,4 @@
+# 测试韩国区域连接
+data "oci_identity_availability_domains" "kr_test" {
+  compartment_id = data.consul_keys.oracle_config.var.tenancy_ocid
+}
--- a/infrastructure/opentofu/environments/dev/main.tf
+++ b/infrastructure/opentofu/environments/dev/main.tf
@@ -44,6 +44,12 @@ terraform {
      source  = "digitalocean/digitalocean"
      version = "~> 2.0"
    }
+    
+    # Cloudflare Provider
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~> 4.0"
+    }
  }
  
  # 后端配置
@@ -65,64 +71,7 @@ provider "vault" {
  token   = var.vault_token
 }

-# 从Consul获取Oracle Cloud配置
-data "consul_keys" "oracle_config" {
-  key {
-    name = "tenancy_ocid"
-    path = "config/dev/oracle/kr/tenancy_ocid"
-  }
-  key {
-    name = "user_ocid"
-    path = "config/dev/oracle/kr/user_ocid"
-  }
-  key {
-    name = "fingerprint"
-    path = "config/dev/oracle/kr/fingerprint"
-  }
-  key {
-    name = "private_key"
-    path = "config/dev/oracle/kr/private_key"
-  }
-}
-
-# 从Consul获取Oracle Cloud美国区域配置
-data "consul_keys" "oracle_config_us" {
-  key {
-    name = "tenancy_ocid"
-    path = "config/dev/oracle/us/tenancy_ocid"
-  }
-  key {
-    name = "user_ocid"
-    path = "config/dev/oracle/us/user_ocid"
-  }
-  key {
-    name = "fingerprint"
-    path = "config/dev/oracle/us/fingerprint"
-  }
-  key {
-    name = "private_key"
-    path = "config/dev/oracle/us/private_key"
-  }
-}
-
-# 使用从Consul获取的配置的OCI Provider
-provider "oci" {
-  tenancy_ocid     = data.consul_keys.oracle_config.var.tenancy_ocid
-  user_ocid        = data.consul_keys.oracle_config.var.user_ocid
-  fingerprint      = data.consul_keys.oracle_config.var.fingerprint
-  private_key      = data.consul_keys.oracle_config.var.private_key
-  region           = "ap-chuncheon-1"
-}
-
-# 美国区域的OCI Provider
-provider "oci" {
-  alias           = "us"
-  tenancy_ocid    = data.consul_keys.oracle_config_us.var.tenancy_ocid
-  user_ocid       = data.consul_keys.oracle_config_us.var.user_ocid
-  fingerprint     = data.consul_keys.oracle_config_us.var.fingerprint
-  private_key     = data.consul_keys.oracle_config_us.var.private_key
-  region          = "us-ashburn-1"
-}
+# Oracle Cloud 配置已移至 oracle.tf

 # Oracle Cloud 基础设施 - 暂时注释掉以避免VCN数量限制问题
 # module "oracle_cloud" {
--- a/infrastructure/opentofu/environments/dev/oracle.tf
+++ b/infrastructure/opentofu/environments/dev/oracle.tf
@@ -0,0 +1,61 @@
+# Oracle Cloud Infrastructure 配置
+# 管理多个 Oracle Cloud 账户和区域
+
+# 从 Consul 获取 Oracle Cloud 韩国区域配置
+data "consul_keys" "oracle_config" {
+  key {
+    name = "tenancy_ocid"
+    path = "config/dev/oracle/kr/tenancy_ocid"
+  }
+  key {
+    name = "user_ocid"
+    path = "config/dev/oracle/kr/user_ocid"
+  }
+  key {
+    name = "fingerprint"
+    path = "config/dev/oracle/kr/fingerprint"
+  }
+  key {
+    name = "private_key"
+    path = "config/dev/oracle/kr/private_key"
+  }
+}
+
+# 从 Consul 获取 Oracle Cloud 美国区域配置
+data "consul_keys" "oracle_config_us" {
+  key {
+    name = "tenancy_ocid"
+    path = "config/dev/oracle/us/tenancy_ocid"
+  }
+  key {
+    name = "user_ocid"
+    path = "config/dev/oracle/us/user_ocid"
+  }
+  key {
+    name = "fingerprint"
+    path = "config/dev/oracle/us/fingerprint"
+  }
+  key {
+    name = "private_key"
+    path = "config/dev/oracle/us/private_key"
+  }
+}
+
+# 韩国区域的 OCI Provider
+provider "oci" {
+  tenancy_ocid     = data.consul_keys.oracle_config.var.tenancy_ocid
+  user_ocid        = data.consul_keys.oracle_config.var.user_ocid
+  fingerprint      = data.consul_keys.oracle_config.var.fingerprint
+  private_key      = data.consul_keys.oracle_config.var.private_key
+  region           = "ap-chuncheon-1"
+}
+
+# 美国区域的 OCI Provider
+provider "oci" {
+  alias           = "us"
+  tenancy_ocid    = data.consul_keys.oracle_config_us.var.tenancy_ocid
+  user_ocid       = data.consul_keys.oracle_config_us.var.user_ocid
+  fingerprint     = data.consul_keys.oracle_config_us.var.fingerprint
+  private_key     = data.consul_keys.oracle_config_us.var.private_key
+  region          = "us-ashburn-1"
+}
--- a/infrastructure/opentofu/environments/dev/us_instances.tf
+++ b/infrastructure/opentofu/environments/dev/us_instances.tf
@@ -0,0 +1,72 @@
+# 导入现有的美国区实例 - 不创建新资源，只管理现有的
+
+# ash1d 实例
+resource "oci_core_instance" "ash1d" {
+  provider = oci.us
+  
+  # 基本配置 - 匹配现有实例
+  compartment_id      = data.consul_keys.oracle_config_us.var.tenancy_ocid
+  availability_domain = "TZXJ:US-ASHBURN-AD-1"
+  shape              = "VM.Standard.E2.1.Micro"
+  display_name       = "ash1d"
+  
+  # 防止意外重建
+  lifecycle {
+    prevent_destroy = true
+    ignore_changes = [
+      source_details,
+      metadata,
+      create_vnic_details,
+      time_created
+    ]
+  }
+}
+
+# ash2e 实例
+resource "oci_core_instance" "ash2e" {
+  provider = oci.us
+  
+  # 基本配置 - 匹配现有实例
+  compartment_id      = data.consul_keys.oracle_config_us.var.tenancy_ocid
+  availability_domain = "TZXJ:US-ASHBURN-AD-1"
+  shape              = "VM.Standard.E2.1.Micro"
+  display_name       = "ash2e"
+  
+  # 防止意外重建
+  lifecycle {
+    prevent_destroy = true
+    ignore_changes = [
+      source_details,
+      metadata,
+      create_vnic_details,
+      time_created
+    ]
+  }
+}
+
+# ash3c 实例  
+resource "oci_core_instance" "ash3c" {
+  provider = oci.us
+  
+  # 基本配置 - 匹配现有实例
+  compartment_id      = data.consul_keys.oracle_config_us.var.tenancy_ocid
+  availability_domain = "TZXJ:US-ASHBURN-AD-1"
+  shape              = "VM.Standard.A1.Flex"
+  display_name       = "ash3c"
+  
+  shape_config {
+    ocpus         = 4
+    memory_in_gbs = 24
+  }
+  
+  # 防止意外重建
+  lifecycle {
+    prevent_destroy = true
+    ignore_changes = [
+      source_details,
+      metadata,
+      create_vnic_details,
+      time_created
+    ]
+  }
+}
--- a/infrastructure/opentofu/environments/dev/us_test.tf
+++ b/infrastructure/opentofu/environments/dev/us_test.tf
@@ -0,0 +1,5 @@
+# 测试美国区域连接
+data "oci_identity_availability_domains" "us_test" {
+  provider       = oci.us
+  compartment_id = data.consul_keys.oracle_config_us.var.tenancy_ocid
+}
--- a/infrastructure/opentofu/modules/nomad-cluster/outputs.tf
+++ b/infrastructure/opentofu/modules/nomad-cluster/outputs.tf
@@ -17,7 +17,7 @@ output "cluster_overview" {
        name     = "dc2"
        location = "Korea (KR)"
        provider = "oracle"
-        node     = "master"
+        node     = "ch4"
        ip       = try(module.oracle_korea_node[0].public_ip, "pending")
        status   = "deployed"
      } : null