资源编排与自动化
编排引擎
CVM 内置资源编排引擎,支持基于模板的自动化部署,兼容 Terraform 和 Ansible。
Terraform 集成
H3C 提供官方 Terraform Provider,支持通过 Terraform 管理 CloudOS 资源:
hcl
# main.tf:使用 Terraform 部署三层应用
terraform {
required_providers {
h3c = {
source = "h3c/cloudos"
version = "~> 1.0"
}
}
}
provider "h3c" {
auth_url = "http://cloudos.example.com:5000/v3"
username = "terraform-svc"
password = var.cloudos_password
tenant_name = "production"
domain_name = "Default"
}
# 创建网络
resource "h3c_network" "app_net" {
name = "app-network"
admin_state_up = true
}
resource "h3c_subnet" "app_subnet" {
name = "app-subnet"
network_id = h3c_network.app_net.id
cidr = "192.168.10.0/24"
ip_version = 4
dns_nameservers = ["8.8.8.8", "114.114.114.114"]
}
# 创建安全组
resource "h3c_security_group" "web_sg" {
name = "web-security-group"
description = "Web 服务器安全组"
}
resource "h3c_security_group_rule" "http" {
direction = "ingress"
ethertype = "IPv4"
protocol = "tcp"
port_range_min = 80
port_range_max = 80
remote_ip_prefix = "0.0.0.0/0"
security_group_id = h3c_security_group.web_sg.id
}
# 创建 Web 服务器(2 台)
resource "h3c_compute_instance" "web" {
count = 2
name = "web-server-${count.index + 1}"
image_name = "CentOS-7.9"
flavor_name = "c1.large"
key_pair = "my-keypair"
security_groups = [h3c_security_group.web_sg.name]
network {
uuid = h3c_network.app_net.id
}
user_data = <<-EOF
#!/bin/bash
yum install -y nginx
systemctl enable nginx
systemctl start nginx
EOF
tags = {
env = "production"
role = "web"
}
}
# 创建负载均衡
resource "h3c_lb_loadbalancer" "web_lb" {
name = "web-lb"
vip_subnet_id = h3c_subnet.app_subnet.id
}
resource "h3c_lb_listener" "http" {
name = "http-listener"
protocol = "HTTP"
protocol_port = 80
loadbalancer_id = h3c_lb_loadbalancer.web_lb.id
}
resource "h3c_lb_pool" "web_pool" {
name = "web-pool"
protocol = "HTTP"
lb_method = "ROUND_ROBIN"
listener_id = h3c_lb_listener.http.id
}
resource "h3c_lb_member" "web" {
count = 2
address = h3c_compute_instance.web[count.index].access_ip_v4
protocol_port = 80
pool_id = h3c_lb_pool.web_pool.id
subnet_id = h3c_subnet.app_subnet.id
}
output "load_balancer_ip" {
value = h3c_lb_loadbalancer.web_lb.vip_address
}bash
# 执行部署
terraform init
terraform plan
terraform apply -auto-approve
# 销毁资源
terraform destroy -auto-approveAnsible 自动化
yaml
# playbook.yml:配置 Web 服务器
---
- name: 配置 Nginx Web 服务器
hosts: web_servers
become: yes
vars:
nginx_port: 80
app_name: "myapp"
tasks:
- name: 安装 Nginx
yum:
name: nginx
state: present
- name: 配置 Nginx
template:
src: nginx.conf.j2
dest: /etc/nginx/conf.d/{{ app_name }}.conf
notify: reload nginx
- name: 启动并设置开机自启
systemd:
name: nginx
state: started
enabled: yes
- name: 开放防火墙端口
firewalld:
port: "{{ nginx_port }}/tcp"
permanent: yes
state: enabled
notify: reload firewalld
handlers:
- name: reload nginx
systemd:
name: nginx
state: reloaded
- name: reload firewalld
systemd:
name: firewalld
state: reloaded自动化工作流
CVM 支持可视化工作流设计,实现复杂的自动化场景:
示例:自动扩容工作流
触发条件:CPU 利用率 > 80%,持续 5 分钟
工作流步骤:
1. 检查当前实例数量(是否已达上限)
2. 从镜像模板创建新 VM
3. 等待 VM 启动完成(健康检查)
4. 将新 VM 注册到负载均衡
5. 发送通知(邮件/企业微信)
6. 记录扩容事件到审计日志
触发条件:CPU 利用率 < 20%,持续 30 分钟
缩容工作流:
1. 检查当前实例数量(是否已达下限)
2. 从负载均衡摘除一台 VM
3. 等待连接排空(Connection Draining,60 秒)
4. 关闭并删除 VM
5. 发送通知定时任务
python
# CVM API:创建定时任务(每天凌晨 2 点创建快照)
import requests
task = {
"name": "daily-snapshot",
"schedule": "0 2 * * *", # Cron 表达式
"action": "create_snapshot",
"targets": {
"tag": "backup=required" # 对所有打了此标签的 VM 执行
},
"params": {
"retention_days": 7 # 保留 7 天
}
}
response = requests.post(
"https://cvm.example.com/api/v1/scheduled-tasks",
json=task,
headers={"Authorization": f"Bearer {token}"}
)