diff --git a/iac-template/terraform-hcl-standard/Makefile b/iac-template/terraform-hcl-standard/Makefile index 550add1d..7e3b6cdd 100644 --- a/iac-template/terraform-hcl-standard/Makefile +++ b/iac-template/terraform-hcl-standard/Makefile @@ -2,9 +2,10 @@ # Root Makefile - orchestrate bootstrap modules # --------------------------------------------------------- -BOOTSTRAP_S3_DIR = bootstrap-s3 -BOOTSTRAP_DYNAMODB_DIR = bootstrap-dynamodb -BOOTSTRAP_IAM_DIR = bootstrap-iam +AWS_BOOTSTRAP_DIR = aws-cloud/bootstrap +BOOTSTRAP_S3_DIR = $(AWS_BOOTSTRAP_DIR)/state +BOOTSTRAP_DYNAMODB_DIR = $(AWS_BOOTSTRAP_DIR)/lock +BOOTSTRAP_IAM_DIR = $(AWS_BOOTSTRAP_DIR)/identity # -------------------------------------------- # Bootstrap targets diff --git a/iac-template/terraform-hcl-standard/ali-cloud/README.md b/iac-template/terraform-hcl-standard/ali-cloud/README.md index 3dea3f35..0ad0383e 100644 --- a/iac-template/terraform-hcl-standard/ali-cloud/README.md +++ b/iac-template/terraform-hcl-standard/ali-cloud/README.md @@ -3,9 +3,9 @@ 该目录提供与 AWS 目录对应的阿里云版本,用于在阿里云上快速引导基础设施。结构与 AWS 模板保持一致,包含引导阶段 (bootstrap)、环境示例 (envs) 与模块库 (modules)。 ## AWS → Alibaba Cloud 映射 -- **S3 → OSS**:`bootstrap-oss` 创建远端状态桶,开启版本化与服务器端加密。 -- **DynamoDB → TableStore (OTS)**:`bootstrap-ots` 创建状态锁表,用于 Terraform 后端锁定。 -- **IAM → RAM**:`bootstrap-ram` 建立基础访问控制(RAM 角色、策略与用户)。 +- **S3 → OSS**:`bootstrap/state` 创建远端状态桶,开启版本化与服务器端加密。 +- **DynamoDB → TableStore (OTS)**:`bootstrap/lock` 创建状态锁表,用于 Terraform 后端锁定。 +- **IAM → RAM**:`bootstrap/identity` 建立基础访问控制(RAM 角色、策略与用户)。 - **VPC**:`modules/vpc` 使用专有网络与交换机,替代 AWS VPC/Subnet。 - **ALB / NLB**:`modules/alb` 和 `modules/nlb` 分别映射到应用型负载均衡 (ALB) 与传统负载均衡 (SLB/NLB)。 - **EC2 → ECS**:`modules/ecs` 提供计算实例与安全组。 @@ -14,13 +14,13 @@ - **RDS / Redis / MSK**:`modules/rds`、`modules/redis` 提供 ApsaraDB 数据库与缓存,Kafka 类似需求可通过云消息队列/中间件扩展。 ## 使用方式 -1. 在 `config/backend.tf` 中配置远端状态(OSS 桶与可选 OTS 锁表)。 -2. 在 `config/provider.tf` 中设置 `region`、`access_key`、`secret_key` 或 RAM 角色扮演信息,可通过环境变量传入。 +1. 在 `templates/backend.tf` 中配置远端状态(OSS 桶与可选 OTS 锁表)。 +2. 在 `templates/provider.tf` 中设置 `region`、`access_key`、`secret_key` 或 RAM 角色扮演信息,可通过环境变量传入。 3. 运行引导阶段: ```bash - terraform -chdir=bootstrap-oss init && terraform -chdir=bootstrap-oss apply - terraform -chdir=bootstrap-ots init && terraform -chdir=bootstrap-ots apply - terraform -chdir=bootstrap-ram init && terraform -chdir=bootstrap-ram apply + terraform -chdir=bootstrap/state init && terraform -chdir=bootstrap/state apply + terraform -chdir=bootstrap/lock init && terraform -chdir=bootstrap/lock apply + terraform -chdir=bootstrap/identity init && terraform -chdir=bootstrap/identity apply ``` 4. 按需修改 `envs/dev` 下的示例,执行: ```bash diff --git a/iac-template/terraform-hcl-standard/ali-cloud/bootstrap-ram/main.tf b/iac-template/terraform-hcl-standard/ali-cloud/bootstrap/identity/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/bootstrap-ram/main.tf rename to iac-template/terraform-hcl-standard/ali-cloud/bootstrap/identity/main.tf diff --git a/iac-template/terraform-hcl-standard/ali-cloud/bootstrap-ram/variables.tf b/iac-template/terraform-hcl-standard/ali-cloud/bootstrap/identity/variables.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/bootstrap-ram/variables.tf rename to iac-template/terraform-hcl-standard/ali-cloud/bootstrap/identity/variables.tf diff --git a/iac-template/terraform-hcl-standard/ali-cloud/bootstrap-ots/main.tf b/iac-template/terraform-hcl-standard/ali-cloud/bootstrap/lock/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/bootstrap-ots/main.tf rename to iac-template/terraform-hcl-standard/ali-cloud/bootstrap/lock/main.tf diff --git a/iac-template/terraform-hcl-standard/ali-cloud/bootstrap-ots/variables.tf b/iac-template/terraform-hcl-standard/ali-cloud/bootstrap/lock/variables.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/bootstrap-ots/variables.tf rename to iac-template/terraform-hcl-standard/ali-cloud/bootstrap/lock/variables.tf diff --git a/iac-template/terraform-hcl-standard/ali-cloud/bootstrap-oss/main.tf b/iac-template/terraform-hcl-standard/ali-cloud/bootstrap/state/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/bootstrap-oss/main.tf rename to iac-template/terraform-hcl-standard/ali-cloud/bootstrap/state/main.tf diff --git a/iac-template/terraform-hcl-standard/ali-cloud/bootstrap-oss/variables.tf b/iac-template/terraform-hcl-standard/ali-cloud/bootstrap/state/variables.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/bootstrap-oss/variables.tf rename to iac-template/terraform-hcl-standard/ali-cloud/bootstrap/state/variables.tf diff --git a/iac-template/terraform-hcl-standard/ali-cloud/config/accounts/.gitkeep b/iac-template/terraform-hcl-standard/ali-cloud/config/accounts/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/iac-template/terraform-hcl-standard/ali-cloud/config/resources/.gitkeep b/iac-template/terraform-hcl-standard/ali-cloud/config/resources/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/iac-template/terraform-hcl-standard/ali-cloud/config/backend.tf b/iac-template/terraform-hcl-standard/ali-cloud/templates/backend.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/config/backend.tf rename to iac-template/terraform-hcl-standard/ali-cloud/templates/backend.tf diff --git a/iac-template/terraform-hcl-standard/ali-cloud/config/provider.tf b/iac-template/terraform-hcl-standard/ali-cloud/templates/provider.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/config/provider.tf rename to iac-template/terraform-hcl-standard/ali-cloud/templates/provider.tf diff --git a/iac-template/terraform-hcl-standard/ali-cloud/config/variables.tf b/iac-template/terraform-hcl-standard/ali-cloud/templates/variables.tf similarity index 100% rename from iac-template/terraform-hcl-standard/ali-cloud/config/variables.tf rename to iac-template/terraform-hcl-standard/ali-cloud/templates/variables.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/README.md b/iac-template/terraform-hcl-standard/aws-cloud/README.md index 57842b80..ac2eecfb 100644 --- a/iac-template/terraform-hcl-standard/aws-cloud/README.md +++ b/iac-template/terraform-hcl-standard/aws-cloud/README.md @@ -8,8 +8,9 @@ It creates: Both modules can be run independently. -- bootstrap-s3/ # S3 state bucket (versioning + SSE) -- bootstrap-dynamodb/ # DynamoDB lock table (LockID) +- bootstrap/state/ # S3 state bucket (versioning + SSE) +- bootstrap/lock/ # DynamoDB lock table (LockID) +- bootstrap/identity/ # IAM roles, policies and bootstrap users --- ** Note: S3 bucket must be emptied before deletion. ** @@ -46,7 +47,7 @@ Select profile if needed: export AWS_PROFILE=default ## 2. Bootstrap: Create S3 Bucket ``` -cd bootstrap-s3 +cd bootstrap/state terraform init terraform apply \ -var="bucket_name=svc-plus-iac-state" \ @@ -61,7 +62,7 @@ This creates: ## 3. Bootstrap: Create DynamoDB Lock Table ``` -cd bootstrap-dynamo-db +cd bootstrap/lock terraform init terraform plan \ -var="region=ap-northeast-1" \ @@ -82,7 +83,7 @@ PAY_PER_REQUEST billing mode Compatible with Terraform backend locking ## 4. Bootstrap IAM Role ``` -cd bootstrap-iam +cd bootstrap/identity terraform init terraform apply \ -var="account_name=dev" \ diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/.gitignore b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/.gitignore similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/.gitignore rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/.gitignore diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/Makefile b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/Makefile similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/Makefile rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/Makefile diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/locals.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/locals.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/locals.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/locals.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/main.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/main.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/main.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/outputs.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/outputs.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/outputs.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/outputs.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/provider.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/provider.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/provider.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/provider.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/variables.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/variables.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-iam/variables.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/identity/variables.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/.gitignore b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/.gitignore similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/.gitignore rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/.gitignore diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/Makefile b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/Makefile similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/Makefile rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/Makefile diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/locals.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/locals.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/locals.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/locals.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/main.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/main.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/main.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/outputs.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/outputs.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/outputs.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/outputs.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/provider.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/provider.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/provider.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/provider.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/variables.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/variables.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-dynamodb/variables.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/lock/variables.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/... b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/... similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/... rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/... diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/.gitignore b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/.gitignore similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/.gitignore rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/.gitignore diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/Makefile b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/Makefile similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/Makefile rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/Makefile diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/locals.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/locals.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/locals.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/locals.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/main.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/main.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/main.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/outputs.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/outputs.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/outputs.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/outputs.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/provider.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/provider.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/provider.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/provider.tf diff --git a/iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/variables.tf b/iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/variables.tf similarity index 100% rename from iac-template/terraform-hcl-standard/aws-cloud/bootstrap-s3/variables.tf rename to iac-template/terraform-hcl-standard/aws-cloud/bootstrap/state/variables.tf diff --git a/iac-template/terraform-hcl-standard/azure-cloud/README.md b/iac-template/terraform-hcl-standard/azure-cloud/README.md index 0ec9456c..f9fc1d82 100644 --- a/iac-template/terraform-hcl-standard/azure-cloud/README.md +++ b/iac-template/terraform-hcl-standard/azure-cloud/README.md @@ -3,9 +3,9 @@ 该目录提供与 `aws-cloud` 模板一一对应的 Azure 版本,延续相同的目录与模块命名(bootstrap、config、modules、envs),便于将 AWS 使用习惯映射到 Azure。 ## 模板映射(AWS → Azure) -- **bootstrap-s3 → Storage Account**:创建存储账户与容器用于 Terraform 远端状态。 -- **bootstrap-dynamodb → Cosmos DB Table API**:提供无服务器键值表存储。 -- **bootstrap-iam → RBAC 角色分配**:为指定主体分配内置角色,替代 AWS IAM 角色/策略。 +- **bootstrap/state → Storage Account**:创建存储账户与容器用于 Terraform 远端状态。 +- **bootstrap/lock → Cosmos DB Table API**:提供无服务器键值表存储。 +- **bootstrap/identity → RBAC 角色分配**:为指定主体分配内置角色,替代 AWS IAM 角色/策略。 - **modules**:保留 AWS 模块命名,内部实现替换为 Azure 服务: - `vpc`:虚拟网络 + 子网(Virtual Network/Subnet)。 - `alb`:应用程序网关(Application Gateway)。 @@ -22,8 +22,8 @@ - `msk`:事件中心命名空间与 Hub(Event Hubs)。 ## 使用方式 -1. 在 `config/backend.tf` 中配置 Azure 存储作为 Terraform 远端状态(资源组、存储账户、容器)。 -2. 在 `config/provider.tf` 中设置 `subscription_id`、`tenant_id`、`location` 等参数。 +1. 在 `templates/backend.tf` 中配置 Azure 存储作为 Terraform 远端状态(资源组、存储账户、容器)。 +2. 在 `templates/provider.tf` 中设置 `subscription_id`、`tenant_id`、`location` 等参数。 3. 参考 `envs/dev/main.tf`,按需修改变量后执行: ```bash terraform -chdir=envs/dev init diff --git a/iac-template/terraform-hcl-standard/azure-cloud/bootstrap-iam/main.tf b/iac-template/terraform-hcl-standard/azure-cloud/bootstrap/identity/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/azure-cloud/bootstrap-iam/main.tf rename to iac-template/terraform-hcl-standard/azure-cloud/bootstrap/identity/main.tf diff --git a/iac-template/terraform-hcl-standard/azure-cloud/bootstrap-dynamodb/main.tf b/iac-template/terraform-hcl-standard/azure-cloud/bootstrap/lock/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/azure-cloud/bootstrap-dynamodb/main.tf rename to iac-template/terraform-hcl-standard/azure-cloud/bootstrap/lock/main.tf diff --git a/iac-template/terraform-hcl-standard/azure-cloud/bootstrap-s3/main.tf b/iac-template/terraform-hcl-standard/azure-cloud/bootstrap/state/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/azure-cloud/bootstrap-s3/main.tf rename to iac-template/terraform-hcl-standard/azure-cloud/bootstrap/state/main.tf diff --git a/iac-template/terraform-hcl-standard/azure-cloud/config/accounts/.gitkeep b/iac-template/terraform-hcl-standard/azure-cloud/config/accounts/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/iac-template/terraform-hcl-standard/azure-cloud/config/resources/.gitkeep b/iac-template/terraform-hcl-standard/azure-cloud/config/resources/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/iac-template/terraform-hcl-standard/azure-cloud/config/backend.tf b/iac-template/terraform-hcl-standard/azure-cloud/templates/backend.tf similarity index 100% rename from iac-template/terraform-hcl-standard/azure-cloud/config/backend.tf rename to iac-template/terraform-hcl-standard/azure-cloud/templates/backend.tf diff --git a/iac-template/terraform-hcl-standard/azure-cloud/config/provider.tf b/iac-template/terraform-hcl-standard/azure-cloud/templates/provider.tf similarity index 100% rename from iac-template/terraform-hcl-standard/azure-cloud/config/provider.tf rename to iac-template/terraform-hcl-standard/azure-cloud/templates/provider.tf diff --git a/iac-template/terraform-hcl-standard/azure-cloud/config/variables.tf b/iac-template/terraform-hcl-standard/azure-cloud/templates/variables.tf similarity index 100% rename from iac-template/terraform-hcl-standard/azure-cloud/config/variables.tf rename to iac-template/terraform-hcl-standard/azure-cloud/templates/variables.tf diff --git a/iac-template/terraform-hcl-standard/gcp-cloud/README.md b/iac-template/terraform-hcl-standard/gcp-cloud/README.md index ca1af470..cc175b9e 100644 --- a/iac-template/terraform-hcl-standard/gcp-cloud/README.md +++ b/iac-template/terraform-hcl-standard/gcp-cloud/README.md @@ -3,8 +3,8 @@ 该目录提供与 `aws-cloud` 模板一一对应的 GCP 版本,用于在 GCP 上快速引导基础设施。结构与 AWS 目录保持一致,包括引导阶段 (bootstrap)、环境示例 (envs) 与模块库 (modules)。 ## 模板映射 -- **bootstrap-iam → IAM**:创建基础服务账号与自定义角色,替代 AWS IAM 角色与策略。 -- **bootstrap-gcs → Cloud Storage**:创建启用版本化和 generation-based locking 的 GCS 存储桶,对应 AWS S3 + DynamoDB 锁表。 +- **bootstrap/identity → IAM**:创建基础服务账号与自定义角色,替代 AWS IAM 角色与策略。 +- **bootstrap/state → Cloud Storage**:创建启用版本化和 generation-based locking 的 GCS 存储桶,对应 AWS S3 + DynamoDB 锁表。 - **modules**:保留原始模块命名(alb、nlb、vpc 等),内部实现改为 GCP 资源: - `alb`/`nlb`:使用 Google HTTP(S) / TCP 负载均衡。 - `ec2`:映射到 Compute Engine 实例或 MIG。 @@ -20,8 +20,8 @@ - `sg`:映射到 VPC 防火墙规则。 ## 使用方式 -1. 在 `config/backend.tf` 中配置远端状态(GCS 存储桶)。 -2. 在 `config/provider.tf` 中设置 `project`、`region`、`credentials` 等参数。 +1. 在 `templates/backend.tf` 中配置远端状态(GCS 存储桶)。 +2. 在 `templates/provider.tf` 中设置 `project`、`region`、`credentials` 等参数。 3. 按需修改 `envs` 下的环境示例,执行: ```bash terraform -chdir=envs/dev init diff --git a/iac-template/terraform-hcl-standard/gcp-cloud/bootstrap-iam/main.tf b/iac-template/terraform-hcl-standard/gcp-cloud/bootstrap/identity/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/gcp-cloud/bootstrap-iam/main.tf rename to iac-template/terraform-hcl-standard/gcp-cloud/bootstrap/identity/main.tf diff --git a/iac-template/terraform-hcl-standard/gcp-cloud/bootstrap-gcs/main.tf b/iac-template/terraform-hcl-standard/gcp-cloud/bootstrap/state/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/gcp-cloud/bootstrap-gcs/main.tf rename to iac-template/terraform-hcl-standard/gcp-cloud/bootstrap/state/main.tf diff --git a/iac-template/terraform-hcl-standard/gcp-cloud/templates/backend.tf b/iac-template/terraform-hcl-standard/gcp-cloud/templates/backend.tf new file mode 100644 index 00000000..d0d3e4e6 --- /dev/null +++ b/iac-template/terraform-hcl-standard/gcp-cloud/templates/backend.tf @@ -0,0 +1,6 @@ +terraform { + backend "gcs" { + bucket = "" + prefix = "terraform/state" + } +} diff --git a/iac-template/terraform-hcl-standard/gcp-cloud/templates/provider.tf b/iac-template/terraform-hcl-standard/gcp-cloud/templates/provider.tf new file mode 100644 index 00000000..2b575a29 --- /dev/null +++ b/iac-template/terraform-hcl-standard/gcp-cloud/templates/provider.tf @@ -0,0 +1,15 @@ +variable "project" { + description = "GCP project to deploy into" + type = string +} + +variable "region" { + description = "Default region" + type = string + default = "asia-east1" +} + +provider "google" { + project = var.project + region = var.region +} diff --git a/iac-template/terraform-hcl-standard/vultr-vps/README.md b/iac-template/terraform-hcl-standard/vultr-vps/README.md index 80e44ea9..29b30d74 100644 --- a/iac-template/terraform-hcl-standard/vultr-vps/README.md +++ b/iac-template/terraform-hcl-standard/vultr-vps/README.md @@ -10,21 +10,22 @@ - **RDS (aws_db_instance)** → `vultr_database`:托管数据库(MySQL/PostgreSQL/Redis),支持自动备份与高可用套餐。 ## 目录结构 -- `bootstrap-object-storage/`:初始化 Vultr 对象存储集群与访问密钥,可作为 Terraform 远端状态桶。 -- `bootstrap-iam/`:创建子账号与 SSH Key,实现最小权限访问与实例登录。 -- `config/`:包含通用的 `backend.tf` 与 `provider.tf`,用于配置 S3 兼容后端与 Vultr Provider。 +- `bootstrap/state/`:初始化 Vultr 对象存储集群与访问密钥,可作为 Terraform 远端状态桶。 +- `bootstrap/identity/`:创建子账号与 SSH Key,实现最小权限访问与实例登录。 +- `config/`:保留环境无关的账户与资源配置占位符(accounts/resources)。 +- `templates/`:包含通用的 `backend.tf` 与 `provider.tf`,用于配置 S3 兼容后端与 Vultr Provider。 - `modules/`:核心模块实现(vpc、compute、storage、iam、data_store),接口与 AWS 模块命名保持一致。 - `envs/`:示例环境(`dev`)展示如何组合模块。 ## 使用方式 -1. 在 `config/backend.tf` 中填写 Vultr 对象存储的 endpoint、bucket、访问密钥;在 `config/provider.tf` 设置 `vultr_api_key` 与默认 region。 +1. 在 `templates/backend.tf` 中填写 Vultr 对象存储的 endpoint、bucket、访问密钥;在 `templates/provider.tf` 设置 `vultr_api_key` 与默认 region。 2. 使用引导模板创建状态桶与基础身份: ```bash - terraform -chdir=bootstrap-object-storage init - terraform -chdir=bootstrap-object-storage apply + terraform -chdir=bootstrap/state init + terraform -chdir=bootstrap/state apply - terraform -chdir=bootstrap-iam init - terraform -chdir=bootstrap-iam apply + terraform -chdir=bootstrap/identity init + terraform -chdir=bootstrap/identity apply ``` 3. 根据需要复制 `envs/dev`,调整变量后运行: ```bash diff --git a/iac-template/terraform-hcl-standard/vultr-vps/bootstrap-iam/main.tf b/iac-template/terraform-hcl-standard/vultr-vps/bootstrap/identity/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/vultr-vps/bootstrap-iam/main.tf rename to iac-template/terraform-hcl-standard/vultr-vps/bootstrap/identity/main.tf diff --git a/iac-template/terraform-hcl-standard/vultr-vps/bootstrap-object-storage/main.tf b/iac-template/terraform-hcl-standard/vultr-vps/bootstrap/state/main.tf similarity index 100% rename from iac-template/terraform-hcl-standard/vultr-vps/bootstrap-object-storage/main.tf rename to iac-template/terraform-hcl-standard/vultr-vps/bootstrap/state/main.tf diff --git a/iac-template/terraform-hcl-standard/vultr-vps/config/accounts/.gitkeep b/iac-template/terraform-hcl-standard/vultr-vps/config/accounts/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/iac-template/terraform-hcl-standard/vultr-vps/config/resources/.gitkeep b/iac-template/terraform-hcl-standard/vultr-vps/config/resources/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/iac-template/terraform-hcl-standard/vultr-vps/config/backend.tf b/iac-template/terraform-hcl-standard/vultr-vps/templates/backend.tf similarity index 100% rename from iac-template/terraform-hcl-standard/vultr-vps/config/backend.tf rename to iac-template/terraform-hcl-standard/vultr-vps/templates/backend.tf diff --git a/iac-template/terraform-hcl-standard/vultr-vps/config/provider.tf b/iac-template/terraform-hcl-standard/vultr-vps/templates/provider.tf similarity index 100% rename from iac-template/terraform-hcl-standard/vultr-vps/config/provider.tf rename to iac-template/terraform-hcl-standard/vultr-vps/templates/provider.tf