{"id":3634,"date":"2025-12-28T23:58:27","date_gmt":"2025-12-28T20:58:27","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/terraform-ve-ansible-ile-vps-otomasyonu-ayni-sunucuyu-tek-tusla-kurmak\/"},"modified":"2025-12-28T23:58:27","modified_gmt":"2025-12-28T20:58:27","slug":"terraform-ve-ansible-ile-vps-otomasyonu-ayni-sunucuyu-tek-tusla-kurmak","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/terraform-ve-ansible-ile-vps-otomasyonu-ayni-sunucuyu-tek-tusla-kurmak\/","title":{"rendered":"Terraform ve Ansible ile VPS Otomasyonu: Ayn\u0131 Sunucuyu Tek Tu\u015fla Kurmak"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Neden_Terraform_ve_Ansible_ile_VPS_Otomasyonu_Kurmalisiniz\"><span class=\"toc_number toc_depth_1\">1<\/span> Neden Terraform ve Ansible ile VPS Otomasyonu Kurmal\u0131s\u0131n\u0131z?<\/a><\/li><li><a href=\"#Genel_Mimarinin_Resmi_Terraform_Nerede_Ansible_Nerede\"><span class=\"toc_number toc_depth_1\">2<\/span> Genel Mimarinin Resmi: Terraform Nerede, Ansible Nerede?<\/a><\/li><li><a href=\"#Terraform_ile_VPS_Altyapisini_Kodlamak\"><span class=\"toc_number toc_depth_1\">3<\/span> Terraform ile VPS Altyap\u0131s\u0131n\u0131 Kodlamak<\/a><ul><li><a href=\"#Temel_Kavramlar_Provider_Resource_State\"><span class=\"toc_number toc_depth_2\">3.1<\/span> Temel Kavramlar: Provider, Resource, State<\/a><\/li><li><a href=\"#Ornek_Terraform_Yapilandirmasi\"><span class=\"toc_number toc_depth_2\">3.2<\/span> \u00d6rnek Terraform Yap\u0131land\u0131rmas\u0131<\/a><\/li><li><a href=\"#cloud-init_ile_Ilk_Nefes_Ansible8217a_Hazirlik\"><span class=\"toc_number toc_depth_2\">3.3<\/span> cloud-init ile \u0130lk Nefes: Ansible&#8217;a Haz\u0131rl\u0131k<\/a><\/li><\/ul><\/li><li><a href=\"#Ansible_ile_VPS_Konfigurasyonunu_Kodlamak\"><span class=\"toc_number toc_depth_1\">4<\/span> Ansible ile VPS Konfig\u00fcrasyonunu Kodlamak<\/a><ul><li><a href=\"#Envanter_Playbook_ve_Roller\"><span class=\"toc_number toc_depth_2\">4.1<\/span> Envanter, Playbook ve Roller<\/a><\/li><li><a href=\"#Basit_Bir_Inventory_Ornegi\"><span class=\"toc_number toc_depth_2\">4.2<\/span> Basit Bir Inventory \u00d6rne\u011fi<\/a><\/li><li><a href=\"#Guvenlik_Sertlestirmesini_Role_Haline_Getirmek\"><span class=\"toc_number toc_depth_2\">4.3<\/span> G\u00fcvenlik Sertle\u015ftirmesini Role Haline Getirmek<\/a><\/li><\/ul><\/li><li><a href=\"#Terraform_Ciktisini_Ansible_Envanterine_Baglamak\"><span class=\"toc_number toc_depth_1\">5<\/span> Terraform \u00c7\u0131kt\u0131s\u0131n\u0131 Ansible Envanterine Ba\u011flamak<\/a><ul><li><a href=\"#Terraform_Output_ile_Dinamik_Envanter_Uretmek\"><span class=\"toc_number toc_depth_2\">5.1<\/span> Terraform Output ile Dinamik Envanter \u00dcretmek<\/a><\/li><li><a href=\"#Makefile_ile_Tek_Komutluk_Akis\"><span class=\"toc_number toc_depth_2\">5.2<\/span> Makefile ile Tek Komutluk Ak\u0131\u015f<\/a><\/li><\/ul><\/li><li><a href=\"#Guvenlik_Secrets_ve_Erisim_Yonetimi\"><span class=\"toc_number toc_depth_1\">6<\/span> G\u00fcvenlik, Secrets ve Eri\u015fim Y\u00f6netimi<\/a><ul><li><a href=\"#API_Anahtarlari_ve_SSH_Anahtarlarini_Nasil_Saklamali\"><span class=\"toc_number toc_depth_2\">6.1<\/span> API Anahtarlar\u0131 ve SSH Anahtarlar\u0131n\u0131 Nas\u0131l Saklamal\u0131?<\/a><\/li><li><a href=\"#SSH_Erisimini_Standartlastirmak\"><span class=\"toc_number toc_depth_2\">6.2<\/span> SSH Eri\u015fimini Standartla\u015ft\u0131rmak<\/a><\/li><\/ul><\/li><li><a href=\"#Gercekci_Senaryolar_DCHost_Uzerinde_Terraform_Ansible_Kullanim_Ornekleri\"><span class=\"toc_number toc_depth_1\">7<\/span> Ger\u00e7ek\u00e7i Senaryolar: DCHost \u00dczerinde Terraform + Ansible Kullan\u0131m \u00d6rnekleri<\/a><ul><li><a href=\"#1_Staging_ve_Uretim_Ortamlarini_Ayni_Hale_Getirmek\"><span class=\"toc_number toc_depth_2\">7.1<\/span> 1. Staging ve \u00dcretim Ortamlar\u0131n\u0131 Ayn\u0131 Hale Getirmek<\/a><\/li><li><a href=\"#2_Ayni_Uygulamayi_Farkli_Bolgelerde_Cogaltmak\"><span class=\"toc_number toc_depth_2\">7.2<\/span> 2. Ayn\u0131 Uygulamay\u0131 Farkl\u0131 B\u00f6lgelerde \u00c7o\u011faltmak<\/a><\/li><li><a href=\"#3_Sifirdan_Kaldirmak_Gerekebilen_Riskli_Denemeler\"><span class=\"toc_number toc_depth_2\">7.3<\/span> 3. S\u0131f\u0131rdan Kald\u0131rmak Gerekebilen Riskli Denemeler<\/a><\/li><\/ul><\/li><li><a href=\"#Sik_Yapilan_Hatalar_ve_Iyilestirme_Ipuclari\"><span class=\"toc_number toc_depth_1\">8<\/span> S\u0131k Yap\u0131lan Hatalar ve \u0130yile\u015ftirme \u0130pu\u00e7lar\u0131<\/a><ul><li><a href=\"#Hata_1_Her_Seyi_Tek_Dev_VPS_Uzerine_Yigmak\"><span class=\"toc_number toc_depth_2\">8.1<\/span> Hata 1: Her \u015eeyi Tek Dev VPS \u00dczerine Y\u0131\u011fmak<\/a><\/li><li><a href=\"#Hata_2_State_Dosyasini_Ciddiye_Almamak\"><span class=\"toc_number toc_depth_2\">8.2<\/span> Hata 2: State Dosyas\u0131n\u0131 Ciddiye Almamak<\/a><\/li><li><a href=\"#Hata_3_Ansible_Rollerini_Spagetti_Hale_Getirmek\"><span class=\"toc_number toc_depth_2\">8.3<\/span> Hata 3: Ansible Rollerini Spagetti Hale Getirmek<\/a><\/li><li><a href=\"#Hata_4_Izleme_ve_Loglamayi_Unutmak\"><span class=\"toc_number toc_depth_2\">8.4<\/span> Hata 4: \u0130zleme ve Loglamay\u0131 Unutmak<\/a><\/li><\/ul><\/li><li><a href=\"#DCHost_ile_Terraform_ve_Ansible_Otomasyonunu_Hayata_Gecirmek\"><span class=\"toc_number toc_depth_1\">9<\/span> DCHost ile Terraform ve Ansible Otomasyonunu Hayata Ge\u00e7irmek<\/a><\/li><\/ul><\/div>\n<h2><span id=\"Neden_Terraform_ve_Ansible_ile_VPS_Otomasyonu_Kurmalisiniz\">Neden Terraform ve Ansible ile <a href=\"https:\/\/www.dchost.com\/tr\/vps\">VPS<\/a> Otomasyonu Kurmal\u0131s\u0131n\u0131z?<\/span><\/h2>\n<p>Yeni bir proje i\u00e7in VPS altyap\u0131s\u0131n\u0131 planlarken genellikle ayn\u0131 sorular etraf\u0131nda d\u00f6n\u00fcyoruz: Hangi boyutta VPS alaca\u011f\u0131z, hangi portlar a\u00e7\u0131lacak, hangi paketler kurulacak, SSH anahtarlar\u0131 nas\u0131l da\u011f\u0131t\u0131lacak, g\u00fcvenlik duvar\u0131 kurallar\u0131 nas\u0131l standart olacak? Bir projede elle yapt\u0131\u011f\u0131n\u0131z her ad\u0131m\u0131, birka\u00e7 ay sonra ba\u015fka bir ortamda tekrar yapmaya \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131zda aradaki k\u00fc\u00e7\u00fck farklar\u0131n nas\u0131l b\u00fcy\u00fck sorunlara d\u00f6n\u00fc\u015ft\u00fc\u011f\u00fcn\u00fc mutlaka ya\u015fam\u0131\u015fs\u0131n\u0131zd\u0131r. Bir yerde ufw a\u00e7\u0131k, di\u011ferinde kapal\u0131; birinde swap var, di\u011ferinde yok; PHP ayarlar\u0131 iki ortamda da farkl\u0131\u2026<\/p>\n<p>Tam da bu noktada <strong>Terraform + Ansible ikilisi<\/strong> hayat kurtar\u0131yor. Terraform ile VPS altyap\u0131n\u0131z\u0131 kod olarak tan\u0131mlay\u0131p, Ansible ile de i\u015fletim sistemi ve uygulama konfig\u00fcrasyonunu tekrar \u00fcretilebilir hale getirdi\u011finizde, ayn\u0131 sunucuyu her seferinde <strong>tek komutla<\/strong> aya\u011fa kald\u0131rabilirsiniz. DCHost taraf\u0131nda biz de g\u00fcnl\u00fck operasyonlar\u0131m\u0131zda bu yakla\u015f\u0131m\u0131 kullan\u0131yoruz: staging ve \u00fcretim ortamlar\u0131n\u0131 senkron tutmak, h\u0131zl\u0131 felaket kurtarma yapabilmek ve ekipteki herkesin ayn\u0131 oyunu oynamas\u0131n\u0131 sa\u011flamak i\u00e7in altyap\u0131 kodunu zorunlu g\u00f6r\u00fcyoruz.<\/p>\n<p>Bu yaz\u0131da, DCHost \u00fczerinde Terraform ve Ansible ile <strong>tamamen otomatik VPS kurulum ak\u0131\u015f\u0131n\u0131<\/strong> ad\u0131m ad\u0131m kurgulayaca\u011f\u0131z. Yap\u0131y\u0131 basitten ba\u015flay\u0131p geli\u015ftirece\u011fiz; sonunda elinizde tek tu\u015fla yeni VPS a\u00e7an, g\u00fcvenlik ayarlar\u0131n\u0131 yapan, Nginx veya Apache kuran, uygulaman\u0131z\u0131 deploy etmeye haz\u0131r hale getiren bir iskelet olacak.<\/p>\n<h2><span id=\"Genel_Mimarinin_Resmi_Terraform_Nerede_Ansible_Nerede\">Genel Mimarinin Resmi: Terraform Nerede, Ansible Nerede?<\/span><\/h2>\n<p>\u00d6nce rolleri netle\u015ftirelim. Terraform ve Ansible ayn\u0131 problemi \u00e7\u00f6zmez, birbirini tamamlar:<\/p>\n<ul>\n<li><strong>Terraform<\/strong>: Altyap\u0131y\u0131 kurar. Yani DCHost \u00fczerinde VPS olu\u015fturur, gerekirse ek disk, a\u011f, IP, DNS kayd\u0131 gibi nesneleri olu\u015fturup y\u00f6netir.<\/li>\n<li><strong>Ansible<\/strong>: Kurulan VPS&#8217;in i\u00e7ini haz\u0131rlar. Paketleri kurar, ayar dosyalar\u0131n\u0131 yerle\u015ftirir, servisleri ba\u015flat\u0131r, g\u00fcvenlik sertle\u015ftirmesini yapar.<\/li>\n<\/ul>\n<p>Bu ikili sayesinde \u00fc\u00e7 katman\u0131n\u0131z olur:<\/p>\n<ul>\n<li><strong>Katman 1<\/strong> \u2013 Altyap\u0131: VPS, a\u011f, IP, DNS (Terraform)<\/li>\n<li><strong>Katman 2<\/strong> \u2013 \u0130\u015fletim sistemi ve temel servisler: SSH, firewall, log, izleme (Ansible rolleri)<\/li>\n<li><strong>Katman 3<\/strong> \u2013 Uygulama: PHP\/Node.js\/Java, veritaban\u0131, cache, kodun deploy&#8217;u (Yine Ansible rolleri + CI\/CD)<\/li>\n<\/ul>\n<p>Terraform taraf\u0131ndaki ak\u0131\u015f\u0131n daha derinine girmek isterseniz, blogda yer alan <a href='https:\/\/www.dchost.com\/blog\/terraform-ile-vps-ve-dns-otomasyonu-cloudflare-proxmox-openstack-ve-sifir-kesinti-dagitim-nasil-bir-araya-gelir\/'>Terraform ile VPS ve DNS otomasyonu<\/a> yaz\u0131s\u0131nda DNS ve \u00e7ok b\u00f6lgeli yap\u0131larla birle\u015ftirilmi\u015f daha geli\u015fmi\u015f bir senaryoyu da inceleyebilirsiniz.<\/p>\n<h2><span id=\"Terraform_ile_VPS_Altyapisini_Kodlamak\">Terraform ile VPS Altyap\u0131s\u0131n\u0131 Kodlamak<\/span><\/h2>\n<h3><span id=\"Temel_Kavramlar_Provider_Resource_State\">Temel Kavramlar: Provider, Resource, State<\/span><\/h3>\n<p>Terraform&#8217;un \u00fc\u00e7 temel kavram\u0131n\u0131 netle\u015ftirelim:<\/p>\n<ul>\n<li><strong>Provider<\/strong>: Terraform&#8217;un konu\u015ftu\u011fu API katman\u0131n\u0131 temsil eder. \u00d6rne\u011fin bu yaz\u0131da \u00f6rneklerde <strong>dchost<\/strong> ad\u0131nda hayali bir provider ismi kullanaca\u011f\u0131z.<\/li>\n<li><strong>Resource<\/strong>: Olu\u015fturmak istedi\u011finiz nesneler: vps, disk, network, dns_record gibi.<\/li>\n<li><strong>State<\/strong>: Terraform&#8217;un &#8220;\u015fu an ne var&#8221; bilgisini tuttu\u011fu durum dosyas\u0131. Bu sayede sadece farklar\u0131 uygular.<\/li>\n<\/ul>\n<p>Basit bir dizin yap\u0131s\u0131yla ba\u015flayal\u0131m:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">infra\/\n  main.tf\n  variables.tf\n  outputs.tf\n  terraform.tfvars\n<\/code><\/pre>\n<h3><span id=\"Ornek_Terraform_Yapilandirmasi\">\u00d6rnek Terraform Yap\u0131land\u0131rmas\u0131<\/span><\/h3>\n<p>A\u015fa\u011f\u0131daki \u00f6rnek, DCHost \u00fczerinde tek bir VPS olu\u015fturmak i\u00e7in basitle\u015ftirilmi\u015f bir Terraform konfigurasyonudur. Provider isimleri \u00f6rnektir; siz kendi ortam\u0131n\u0131za g\u00f6re uyarlamal\u0131s\u0131n\u0131z.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># main.tf\nterraform {\n  required_version = &quot;&gt;= 1.5.0&quot;\n}\n\nprovider &quot;dchost&quot; {\n  api_token = var.dchost_api_token\n}\n\nresource &quot;dchost_vps&quot; &quot;app&quot; {\n  name       = var.instance_name\n  region     = var.region\n  plan       = var.plan           # \u00d6rn: &quot;nvme-2c-4g&quot;\n  image      = var.image          # \u00d6rn: &quot;ubuntu-22.04&quot;\n\n  ssh_keys = [\n    var.ssh_public_key\n  ]\n}\n\noutput &quot;app_ip&quot; {\n  value = dchost_vps.app.ip_address\n}\n<\/code><\/pre>\n<p>De\u011fi\u015fkenleri <code>variables.tf<\/code> i\u00e7inde tan\u0131mlayal\u0131m:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># variables.tf\nvariable &quot;dchost_api_token&quot; {\n  type      = string\n  sensitive = true\n}\n\nvariable &quot;instance_name&quot; {\n  type    = string\n  default = &quot;demo-app-01&quot;\n}\n\nvariable &quot;region&quot; {\n  type    = string\n  default = &quot;eu-tr&quot;\n}\n\nvariable &quot;plan&quot; {\n  type    = string\n  default = &quot;nvme-2c-4g&quot;\n}\n\nvariable &quot;image&quot; {\n  type    = string\n  default = &quot;ubuntu-22.04&quot;\n}\n\nvariable &quot;ssh_public_key&quot; {\n  type = string\n}\n<\/code><\/pre>\n<p>Son olarak da <code>terraform.tfvars<\/code> ile de\u011ferleri doldurun:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># terraform.tfvars\ninstance_name    = &quot;demo-app-01&quot;\nregion           = &quot;eu-tr&quot;\nplan             = &quot;nvme-2c-4g&quot;\nimage            = &quot;ubuntu-22.04&quot;\nssh_public_key   = &quot;ssh-ed25519 AAAA... senin_anahtar\u0131n&quot;\ndchost_api_token = &quot;xxxxxxxxxxxxxxx&quot;\n<\/code><\/pre>\n<p>Art\u0131k a\u015fa\u011f\u0131daki komutlar ile VPS&#8217;inizi koddan olu\u015fturabilirsiniz:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">cd infra\nterraform init\nterraform plan\nterraform apply\n<\/code><\/pre>\n<p><strong>Burada kritik nokta<\/strong>: Bu dosyalar\u0131 Git deposunda tutarak, hangi de\u011fi\u015fiklikle hangi sunucunun nas\u0131l evrildi\u011fini tarihsel olarak takip edebilirsiniz. Yani &#8220;ge\u00e7en ay bu sunucunun RAM&#8217;ini y\u00fckseltmi\u015ftik, Terraform&#8217;da hangi commit&#8217;ti&#8221; sorusunun cevab\u0131 hep kay\u0131tl\u0131d\u0131r.<\/p>\n<h3><span id=\"cloud-init_ile_Ilk_Nefes_Ansible8217a_Hazirlik\">cloud-init ile \u0130lk Nefes: Ansible&#8217;a Haz\u0131rl\u0131k<\/span><\/h3>\n<p>Terraform yaln\u0131zca VPS&#8217;i olu\u015fturmakla kalmayabilir; <strong>cloud-init<\/strong> user data ile VPS ilk a\u00e7\u0131l\u0131rken temel ayarlar\u0131n yap\u0131lmas\u0131n\u0131 da tetikleyebilir. \u00d6rne\u011fin bir kullan\u0131c\u0131 olu\u015fturmak, SSH anahtar\u0131 koymak, Ansible i\u00e7in Python kurmak gibi.<\/p>\n<p>Bu mimariyi daha derinlemesine anlatan <a href='https:\/\/www.dchost.com\/blog\/bulutun-ilk-nefesi-cloud-init-ve-ansible-ile-tekrar-uretilebilir-vps-nasil-kurulur\/'>cloud-init ve Ansible ile tekrar \u00fcretilebilir VPS kurulumu<\/a> yaz\u0131s\u0131na mutlaka g\u00f6z atman\u0131z\u0131 \u00f6neririm; burada ise daha \u00e7ok Terraform + Ansible entegrasyonuna odaklanaca\u011f\u0131z.<\/p>\n<h2><span id=\"Ansible_ile_VPS_Konfigurasyonunu_Kodlamak\">Ansible ile VPS Konfig\u00fcrasyonunu Kodlamak<\/span><\/h2>\n<h3><span id=\"Envanter_Playbook_ve_Roller\">Envanter, Playbook ve Roller<\/span><\/h3>\n<p>Ansible taraf\u0131nda temel yap\u0131 ta\u015flar\u0131m\u0131z:<\/p>\n<ul>\n<li><strong>Inventory<\/strong>: Hangi sunucular var, IP adresleri, gruplar, de\u011fi\u015fkenler.<\/li>\n<li><strong>Playbook<\/strong>: Hangi gruplara hangi rollerin uygulanaca\u011f\u0131n\u0131 s\u00f6yleyen orkestrasyon dosyas\u0131.<\/li>\n<li><strong>Role<\/strong>: Belirli bir i\u015fi \u00fcstlenen, yeniden kullan\u0131labilir g\u00f6rev paketleri (\u00f6rne\u011fin nginx, php, security_hardening rol\u00fc).<\/li>\n<\/ul>\n<p>\u00d6rnek dizin yap\u0131s\u0131 kural\u0131m:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">config\/\n  inventory\/\n    hosts.ini\n  playbooks\/\n    site.yml\n  roles\/\n    common\/\n      tasks\/main.yml\n    nginx\/\n      tasks\/main.yml\n<\/code><\/pre>\n<h3><span id=\"Basit_Bir_Inventory_Ornegi\">Basit Bir Inventory \u00d6rne\u011fi<\/span><\/h3>\n<p>Ba\u015flang\u0131\u00e7ta Terraform \u00e7\u0131kt\u0131s\u0131n\u0131 kullanmadan, IP&#8217;yi elle yazd\u0131\u011f\u0131m\u0131z basit bir inventory ile ba\u015flayal\u0131m:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># config\/inventory\/hosts.ini\n[app]\napp-01 ansible_host=1.2.3.4 ansible_user=ubuntu\n<\/code><\/pre>\n<p>Ard\u0131ndan basit bir playbook:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># config\/playbooks\/site.yml\n---\n- hosts: app\n  become: true\n  roles:\n    - role: common\n    - role: nginx\n<\/code><\/pre>\n<p><code>common<\/code> rol\u00fc temel i\u015fletim sistemi g\u00fcncellemeleri, ssh ayarlar\u0131, zaman dilimi, log ayarlar\u0131 gibi i\u015fleri \u00fcstlenebilir.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># config\/roles\/common\/tasks\/main.yml\n---\n- name: Paket listelerini g\u00fcncelle\n  apt:\n    update_cache: yes\n    cache_valid_time: 3600\n\n- name: Gerekli temel paketleri kur\n  apt:\n    name:\n      - htop\n      - curl\n      - git\n    state: present\n\n- name: Zaman dilimini ayarla\n  timezone:\n    name: &quot;Europe\/Istanbul&quot;\n<\/code><\/pre>\n<p>Basit bir Nginx kurulumu da \u015f\u00f6yle olabilir:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># config\/roles\/nginx\/tasks\/main.yml\n---\n- name: Nginx'i kur\n  apt:\n    name: nginx\n    state: present\n\n- name: Varsay\u0131lan siteyi kapat\n  file:\n    path: \/etc\/nginx\/sites-enabled\/default\n    state: absent\n\n- name: Uygulama site konfig\u00fcrasyonunu yerle\u015ftir\n  template:\n    src: app.conf.j2\n    dest: \/etc\/nginx\/sites-available\/app.conf\n\n- name: Siteyi etkinle\u015ftir\n  file:\n    src: \/etc\/nginx\/sites-available\/app.conf\n    dest: \/etc\/nginx\/sites-enabled\/app.conf\n    state: link\n\n- name: Nginx'i yeniden ba\u015flat\n  service:\n    name: nginx\n    state: restarted\n    enabled: yes\n<\/code><\/pre>\n<p>Bu iskelet ile <code>ansible-playbook<\/code> komutunu \u00e7al\u0131\u015ft\u0131rd\u0131\u011f\u0131n\u0131zda, VPS&#8217;iniz tekrarlanabilir bir \u015fekilde ayn\u0131 hale gelecektir:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">cd config\nansible-playbook -i inventory\/hosts.ini playbooks\/site.yml<\/code><\/pre>\n<h3><span id=\"Guvenlik_Sertlestirmesini_Role_Haline_Getirmek\">G\u00fcvenlik Sertle\u015ftirmesini Role Haline Getirmek<\/span><\/h3>\n<p>G\u00fcvenlik ayarlar\u0131n\u0131 da Ansible rol\u00fc olarak tan\u0131mlad\u0131\u011f\u0131n\u0131zda, yeni a\u00e7\u0131lan her VPS&#8217;in otomatik olarak sertle\u015ftirilmesini sa\u011flayabilirsiniz. \u00d6rne\u011fin:<\/p>\n<ul>\n<li>root ile SSH giri\u015fini kapatma<\/li>\n<li>parola ile giri\u015f yerine yaln\u0131zca anahtar ile oturum a\u00e7ma<\/li>\n<li>ufw veya nftables ile temel firewall kurallar\u0131<\/li>\n<li>fail2ban ile brute-force sald\u0131r\u0131lar\u0131na kar\u015f\u0131 koruma<\/li>\n<\/ul>\n<p>Bu konular\u0131 derinlemesine ele ald\u0131\u011f\u0131m\u0131z <a href='https:\/\/www.dchost.com\/blog\/vps-guvenlik-sertlestirme-kontrol-listesi-sshd_config-fail2ban-ve-root-erisimini-kapatmak\/'>VPS g\u00fcvenlik sertle\u015ftirme kontrol listesi<\/a> ve <a href='https:\/\/www.dchost.com\/blog\/vpste-ssh-guvenligi-nasil-saglamlasir-fido2-anahtarlari-ssh-ca-ve-rotasyonun-sicacik-yolculugu\/'>SSH g\u00fcvenli\u011fini sa\u011flamla\u015ft\u0131rma<\/a> yaz\u0131lar\u0131n\u0131, Ansible rol\u00fcn\u00fcz\u00fc tasarlarken referans rehber gibi kullanabilirsiniz.<\/p>\n<h2><span id=\"Terraform_Ciktisini_Ansible_Envanterine_Baglamak\">Terraform \u00c7\u0131kt\u0131s\u0131n\u0131 Ansible Envanterine Ba\u011flamak<\/span><\/h2>\n<p>\u015eimdi as\u0131l sihirli k\u0131sma gelelim: Terraform&#8217;un olu\u015fturdu\u011fu VPS&#8217;lerin IP adreslerini otomatik olarak Ansible envanterine aktararak <strong>tek komutla<\/strong> hem altyap\u0131y\u0131 kurmak hem de konfig\u00fcrasyonu uygulamak.<\/p>\n<h3><span id=\"Terraform_Output_ile_Dinamik_Envanter_Uretmek\">Terraform Output ile Dinamik Envanter \u00dcretmek<\/span><\/h3>\n<p>\u00d6nce Terraform \u00e7\u0131kt\u0131m\u0131z\u0131 biraz zenginle\u015ftirelim:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># outputs.tf\noutput &quot;app_ip&quot; {\n  value       = dchost_vps.app.ip_address\n  description = &quot;Uygulama sunucusunun IP adresi&quot;\n}\n\noutput &quot;ansible_inventory&quot; {\n  value = &lt;&lt;EOT\n[app]\napp-01 ansible_host=${dchost_vps.app.ip_address} ansible_user=ubuntu\nEOT\n}\n<\/code><\/pre>\n<p>\u015eimdi k\u00fc\u00e7\u00fck bir script ile Terraform \u00e7\u0131kt\u0131s\u0131n\u0131 Ansible inventory dosyas\u0131na yazd\u0131ral\u0131m. \u00d6rne\u011fin <code>scripts\/generate_inventory.sh<\/code>:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">#!\/usr\/bin\/env bash\nset -euo pipefail\n\ncd &quot;$(dirname &quot;$0&quot;)\/..&quot;  # proje k\u00f6k\u00fcne ge\u00e7\n\ncd infra\nterraform output -raw ansible_inventory &gt; ..\/config\/inventory\/hosts.ini\n<\/code><\/pre>\n<p>Art\u0131k ak\u0131\u015f\u0131m\u0131z \u015f\u00f6yle olabilir:<\/p>\n<ol>\n<li><code>terraform apply<\/code> ile VPS&#8217;i olu\u015ftur.<\/li>\n<li><code>generate_inventory.sh<\/code> ile IP&#8217;leri Ansible envanterine yaz.<\/li>\n<li><code>ansible-playbook<\/code> ile VPS&#8217;i yap\u0131land\u0131r.<\/li>\n<\/ol>\n<p>Bunlar\u0131n hepsini tek komuta indirmek i\u00e7in bir <code>Makefile<\/code> da kullanabilirsiniz.<\/p>\n<h3><span id=\"Makefile_ile_Tek_Komutluk_Akis\">Makefile ile Tek Komutluk Ak\u0131\u015f<\/span><\/h3>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># Makefile\n.PHONY: all infra config destroy\n\nall: infra config\n\ninfra:\n\tcd infra &amp;&amp; terraform init &amp;&amp; terraform apply -auto-approve\n\t.\/scripts\/generate_inventory.sh\n\nconfig:\n\tcd config &amp;&amp; ansible-playbook -i inventory\/hosts.ini playbooks\/site.yml\n\ndestroy:\n\tcd infra &amp;&amp; terraform destroy -auto-approve\n<\/code><\/pre>\n<p>Art\u0131k yaln\u0131zca \u015fu komutu verdi\u011finizde:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">make all<\/code><\/pre>\n<p><strong>Ad\u0131m ad\u0131m \u015fu i\u015flemler ger\u00e7ekle\u015fir<\/strong>:<\/p>\n<ul>\n<li>DCHost \u00fczerinde Terraform ile yeni VPS olu\u015fturulur.<\/li>\n<li>Olu\u015fan IP adresi otomatik olarak Ansible envanterine yaz\u0131l\u0131r.<\/li>\n<li>Ansible playbook&#8217;lar\u0131 ile sunucu g\u00fcncellenir, g\u00fcvenli\u011fi sertle\u015ftirilir, Nginx ve di\u011fer servisler kurulur.<\/li>\n<\/ul>\n<p>Bir felaket senaryosunda ayn\u0131 komutla s\u0131f\u0131rdan yeni bir VPS&#8217;i aya\u011fa kald\u0131r\u0131p, ayn\u0131 konfig\u00fcrasyona saniyeler-birka\u00e7 dakika i\u00e7inde ula\u015fabilirsiniz. Bu konuyu daha geni\u015f \u00f6l\u00e7ekteki <strong>felaket kurtarma planlar\u0131<\/strong> ile birle\u015ftirmek isterseniz, <a href='https:\/\/www.dchost.com\/blog\/felaket-kurtarma-plani-nasil-yazilir-rto-rpoyu-kafada-netlestirip-yedek-testleri-ve-runbooklari-gercekten-calisir-hale-getirmek\/'>felaket kurtarma plan\u0131 nas\u0131l yaz\u0131l\u0131r<\/a> yaz\u0131m\u0131z size iyi bir \u00e7er\u00e7eve sunar.<\/p>\n<h2><span id=\"Guvenlik_Secrets_ve_Erisim_Yonetimi\">G\u00fcvenlik, Secrets ve Eri\u015fim Y\u00f6netimi<\/span><\/h2>\n<h3><span id=\"API_Anahtarlari_ve_SSH_Anahtarlarini_Nasil_Saklamali\">API Anahtarlar\u0131 ve SSH Anahtarlar\u0131n\u0131 Nas\u0131l Saklamal\u0131?<\/span><\/h3>\n<p>Terraform ve Ansible ile otomasyon kurarken en kritik konulardan biri, <strong>gizli anahtarlar\u0131n (secrets)<\/strong> y\u00f6netimidir. Hata yapmaya \u00e7ok a\u00e7\u0131k alanlar:<\/p>\n<ul>\n<li>Terraform veya Ansible dosyalar\u0131nda API token&#8217;lar\u0131n\u0131 d\u00fcz metin olarak b\u0131rakmak<\/li>\n<li>SSH \u00f6zel anahtarlar\u0131n\u0131 Git deposuna yanl\u0131\u015fl\u0131kla commit etmek<\/li>\n<li>\u00dcretim ortam\u0131 \u015fifrelerini staging ortam\u0131yla kar\u0131\u015ft\u0131rmak<\/li>\n<\/ul>\n<p>En az\u0131ndan \u015fu temel \u00f6nlemleri alman\u0131z\u0131 \u00f6neririz:<\/p>\n<ul>\n<li><strong>Git deposunda .gitignore<\/strong> ile \u00f6zel anahtar dosyalar\u0131n\u0131 hari\u00e7 tutun.<\/li>\n<li>Terraform taraf\u0131nda <code>sensitive = true<\/code> de\u011fi\u015fkenler kullan\u0131n ve <code>terraform.tfvars<\/code> dosyas\u0131n\u0131 \u00f6zel olarak saklay\u0131n.<\/li>\n<li>Ansible i\u00e7in <strong>ansible-vault<\/strong> veya harici bir secrets y\u00f6neticisi (\u00f6rne\u011fin sops + age) kullan\u0131n.<\/li>\n<\/ul>\n<p>Gizli bilgilerin y\u00f6netimini derinlemesine ele ald\u0131\u011f\u0131m\u0131z <a href='https:\/\/www.dchost.com\/blog\/vpste-secrets-yonetimi-nasil-tatli-tatli-cozulur-sops-age-gitops-akisi-systemd-ve-rotasyon\/'>VPS&#8217;te secrets y\u00f6netimi rehberi<\/a>, Terraform\/Ansible ak\u0131\u015f\u0131n\u0131z\u0131 g\u00fcvenli hale getirirken size somut \u00f6rnekler sa\u011flayacakt\u0131r.<\/p>\n<h3><span id=\"SSH_Erisimini_Standartlastirmak\">SSH Eri\u015fimini Standartla\u015ft\u0131rmak<\/span><\/h3>\n<p>Elle sunucu kurdu\u011funuzda, herkes kendi zevkine g\u00f6re SSH ayar\u0131 yapar. Terraform + Ansible ak\u0131\u015f\u0131nda bunu da kodla\u015ft\u0131rmak b\u00fcy\u00fck konfor sa\u011flar:<\/p>\n<ul>\n<li>Yaln\u0131zca belirli kullan\u0131c\u0131lar\u0131n public key&#8217;leri Ansible ile da\u011f\u0131t\u0131l\u0131r.<\/li>\n<li><code>\/etc\/ssh\/sshd_config<\/code> \u015fablon haline getirilir; root login kapat\u0131l\u0131r, parola ile giri\u015f engellenir.<\/li>\n<li>Her yeni VPS ayn\u0131 SSH g\u00fcvenlik seviyesinde ba\u015flar.<\/li>\n<\/ul>\n<p>Bunu bir <code>ssh_hardening<\/code> rol\u00fcne koyup t\u00fcm playbook&#8217;lara ekledi\u011finizde, &#8220;\u015fu sunucuda neden hala parola giri\u015fi a\u00e7\u0131k&#8221; s\u00fcrprizleri ortadan kalkar. DCHost olarak kendi altyap\u0131m\u0131zda da en \u00e7ok de\u011fer verdi\u011fimiz \u015feylerden biri, <strong>tutarl\u0131 g\u00fcvenlik seviyesi<\/strong>dir.<\/p>\n<h2><span id=\"Gercekci_Senaryolar_DCHost_Uzerinde_Terraform_Ansible_Kullanim_Ornekleri\">Ger\u00e7ek\u00e7i Senaryolar: DCHost \u00dczerinde Terraform + Ansible Kullan\u0131m \u00d6rnekleri<\/span><\/h2>\n<h3><span id=\"1_Staging_ve_Uretim_Ortamlarini_Ayni_Hale_Getirmek\">1. Staging ve \u00dcretim Ortamlar\u0131n\u0131 Ayn\u0131 Hale Getirmek<\/span><\/h3>\n<p>En s\u0131k g\u00f6rd\u00fc\u011f\u00fcm\u00fcz problemlerden biri, staging ortam\u0131nda \u00e7al\u0131\u015fan bir \u00f6zelli\u011fin \u00fcretimde farkl\u0131 davranmas\u0131. Sebep \u00e7o\u011fu zaman yaz\u0131l\u0131m de\u011fil, <strong>altyap\u0131 farklar\u0131<\/strong> oluyor: farkl\u0131 PHP s\u00fcr\u00fcm\u00fc, farkl\u0131 Nginx ayar\u0131, farkl\u0131 kernel parametresi\u2026<\/p>\n<p>Terraform ve Ansible ile \u015fu modeli kurabilirsiniz:<\/p>\n<ul>\n<li>Ayn\u0131 Terraform mod\u00fcl\u00fc ile iki farkl\u0131 workspace: <code>staging<\/code> ve <code>prod<\/code><\/li>\n<li>Ayn\u0131 Ansible rol ve playbook&#8217;lar\u0131, yaln\u0131zca birka\u00e7 de\u011fi\u015fken fark\u0131yla iki ortama da uygulan\u0131r.<\/li>\n<li>\u00d6rne\u011fin staging&#8217;de daha k\u00fc\u00e7\u00fck plan, prod&#8217;da daha b\u00fcy\u00fck plan kullan\u0131rs\u0131n\u0131z; di\u011fer her \u015fey ayn\u0131d\u0131r.<\/li>\n<\/ul>\n<p>B\u00f6ylece staging&#8217;de yapt\u0131\u011f\u0131n\u0131z her test, \u00fcretim ortam\u0131ndaki davran\u0131\u015fa \u00e7ok daha yak\u0131n olur. \u00d6zellikle y\u00fcksek trafikli WordPress ve Laravel projelerinde, <a href='https:\/\/www.dchost.com\/blog\/gelistirme-staging-canli-yolculugu-wordpress-ve-laravelde-sifir-kesinti-dagitim-nasil-gercekten-olur\/'>geli\u015ftirme\u2013staging\u2013canl\u0131 yolculu\u011fu<\/a> yaz\u0131s\u0131nda anlatt\u0131\u011f\u0131m\u0131z da\u011f\u0131t\u0131m ak\u0131\u015flar\u0131 ile birle\u015fti\u011finde, hem kod hem altyap\u0131 taraf\u0131nda u\u00e7tan uca tekrar \u00fcretilebilir bir sistem elde edersiniz.<\/p>\n<h3><span id=\"2_Ayni_Uygulamayi_Farkli_Bolgelerde_Cogaltmak\">2. Ayn\u0131 Uygulamay\u0131 Farkl\u0131 B\u00f6lgelerde \u00c7o\u011faltmak<\/span><\/h3>\n<p>Kurumsal bir m\u00fc\u015fteriniz i\u00e7in uygulamay\u0131 hem T\u00fcrkiye&#8217;deki kullan\u0131c\u0131lar hem de Avrupa&#8217;daki kullan\u0131c\u0131lar i\u00e7in d\u00fc\u015f\u00fck gecikmeli sunmak istiyorsunuz diyelim. Terraform ile iki farkl\u0131 b\u00f6lgede benzer VPS k\u00fcmeleri olu\u015fturup, Ansible ile hepsini ayn\u0131 \u015fekilde yap\u0131land\u0131rabilirsiniz.<\/p>\n<p>\u0130leride DNS veya Anycast tabanl\u0131 bir \u00e7ok b\u00f6lgeli mimariye ge\u00e7mek isterseniz, blogda detayland\u0131rd\u0131\u011f\u0131m\u0131z <a href='https:\/\/www.dchost.com\/blog\/cok-bolgeli-mimariler-nasil-kurulur-dns-geo-routing-ve-veritabani-replikasyonu-ile-korkusuz-felaket-dayanikliligi\/'>\u00e7ok b\u00f6lgeli mimariler<\/a> rehberi ile Terraform\/Ansible altyap\u0131n\u0131z\u0131 birle\u015ftirmeniz olduk\u00e7a do\u011fal bir ad\u0131m olur.<\/p>\n<h3><span id=\"3_Sifirdan_Kaldirmak_Gerekebilen_Riskli_Denemeler\">3. S\u0131f\u0131rdan Kald\u0131rmak Gerekebilen Riskli Denemeler<\/span><\/h3>\n<p>Bazen yeni bir veritaban\u0131 s\u00fcr\u00fcm\u00fc, yeni bir PHP versiyonu veya yeni bir cache mimarisi denemek istersiniz. \u00dcretim sunucusu \u00fczerinde do\u011frudan deneme yapmak yerine, Terraform + Ansible ile <strong>\u00e7\u00f6pe at\u0131labilir test ortamlar\u0131<\/strong> olu\u015fturmak \u00e7ok daha g\u00fcvenlidir.<\/p>\n<ul>\n<li><code>make all<\/code> ile test ortam\u0131n\u0131 kurars\u0131n\u0131z.<\/li>\n<li>Load test, sorgu optimizasyonu veya konfig\u00fcrasyon denemelerinizi yapars\u0131n\u0131z.<\/li>\n<li>\u0130\u015finiz bitince <code>make destroy<\/code> ile her \u015feyi temizlersiniz.<\/li>\n<\/ul>\n<p>B\u00f6ylece hem test maliyetini d\u00fc\u015f\u00fcr\u00fcr, hem de \u00fcretim ortam\u0131n\u0131 gereksiz risklerden korursunuz.<\/p>\n<h2><span id=\"Sik_Yapilan_Hatalar_ve_Iyilestirme_Ipuclari\">S\u0131k Yap\u0131lan Hatalar ve \u0130yile\u015ftirme \u0130pu\u00e7lar\u0131<\/span><\/h2>\n<h3><span id=\"Hata_1_Her_Seyi_Tek_Dev_VPS_Uzerine_Yigmak\">Hata 1: Her \u015eeyi Tek Dev VPS \u00dczerine Y\u0131\u011fmak<\/span><\/h3>\n<p>Terraform ile otomasyon kurdu\u011funuzda, \u00e7o\u011fu zaman &#8220;madem kolay kuruyoruz, b\u00fct\u00fcn i\u015fleri tek b\u00fcy\u00fck VPS&#8217;e koyal\u0131m&#8221; d\u00fc\u015f\u00fcncesi devreye giriyor. \u00d6zellikle veritaban\u0131, uygulama ve cache katman\u0131n\u0131 tek makinada toplamak bazen ka\u00e7\u0131n\u0131lmaz olabilir ama otomasyonunuz haz\u0131rken <strong>erken ayr\u0131\u015ft\u0131rma<\/strong> yapmak uzun vadede i\u015finizi \u00e7ok kolayla\u015ft\u0131r\u0131r.<\/p>\n<p>Veritaban\u0131n\u0131 ayr\u0131 bir VPS&#8217;e ta\u015f\u0131man\u0131n ne zaman mant\u0131kl\u0131 oldu\u011fu sorusunu, blogdaki <a href='https:\/\/www.dchost.com\/blog\/veritabani-sunucusunu-uygulama-sunucusundan-ayirmak-ne-zaman-mantikli\/'>veritaban\u0131 sunucusunu uygulamadan ay\u0131rmak<\/a> rehberinde detayl\u0131ca tart\u0131\u015ft\u0131k. Terraform\/Ansible iskeletiniz varken bu ayr\u0131m\u0131 yapmak \u00e7ok daha az zahmetli olacakt\u0131r.<\/p>\n<h3><span id=\"Hata_2_State_Dosyasini_Ciddiye_Almamak\">Hata 2: State Dosyas\u0131n\u0131 Ciddiye Almamak<\/span><\/h3>\n<p>Terraform&#8217;un state dosyas\u0131, t\u00fcm altyap\u0131n\u0131z\u0131n tek do\u011fruluk kayna\u011f\u0131d\u0131r. Lokal bir <code>terraform.tfstate<\/code> dosyas\u0131n\u0131 rastgele makinelerde tutmak, ekip b\u00fcy\u00fcd\u00fc\u011f\u00fcnde ciddi problemlere yol a\u00e7ar.<\/p>\n<p>\u00d6nerimiz:<\/p>\n<ul>\n<li>State&#8217;i uzak bir backend&#8217;de (S3 uyumlu nesne depolama, Terraform Cloud vb.) tutun.<\/li>\n<li>State kilitlemeyi (locking) aktif hale getirin, ayn\u0131 anda birden fazla ki\u015finin <code>apply<\/code> \u00e7al\u0131\u015ft\u0131rmas\u0131n\u0131 engelleyin.<\/li>\n<li>State dosyas\u0131n\u0131 da d\u00fczenli olarak yedekleyin; sonu\u00e7ta bu da kritik bir veridir.<\/li>\n<\/ul>\n<h3><span id=\"Hata_3_Ansible_Rollerini_Spagetti_Hale_Getirmek\">Hata 3: Ansible Rollerini Spagetti Hale Getirmek<\/span><\/h3>\n<p>Zamanla Ansible rolleri b\u00fcy\u00fcy\u00fcp i\u00e7 i\u00e7e ge\u00e7ti\u011finde, &#8220;bu sunucuya ne kuruldu&#8221; sorusunun cevab\u0131 zorla\u015fmaya ba\u015flar. Bunu engellemek i\u00e7in:<\/p>\n<ul>\n<li>Her rol\u00fcn net bir sorumlulu\u011fu olsun: <code>nginx<\/code>, <code>php_fpm<\/code>, <code>mysql<\/code>, <code>security_hardening<\/code> gibi.<\/li>\n<li>Rolleri yaln\u0131zca ihtiya\u00e7 duyan sunucu gruplar\u0131na atay\u0131n; her rol\u00fc her yere y\u00fcklemeye \u00e7al\u0131\u015fmay\u0131n.<\/li>\n<li>De\u011fi\u015fkenleri rollere \u00f6zel <code>defaults<\/code> klas\u00f6r\u00fcnde tutun; environment farklar\u0131n\u0131 group_vars ile y\u00f6netin.<\/li>\n<\/ul>\n<h3><span id=\"Hata_4_Izleme_ve_Loglamayi_Unutmak\">Hata 4: \u0130zleme ve Loglamay\u0131 Unutmak<\/span><\/h3>\n<p>Otomasyonla VPS kurduk, uygulamay\u0131 deploy ettik, her \u015fey \u00e7al\u0131\u015f\u0131yor\u2026 Peki CPU tavan yapt\u0131\u011f\u0131nda, disk doldu\u011funda veya 5xx hatalar\u0131 f\u0131rlad\u0131\u011f\u0131nda ne olacak? Terraform ve Ansible ak\u0131\u015f\u0131n\u0131za <strong>izleme ve loglama ajanlar\u0131n\u0131<\/strong> eklemediyseniz, sorunlar\u0131 hala elle te\u015fhis etmek zorunda kal\u0131rs\u0131n\u0131z.<\/p>\n<p>Bu a\u015famada, blogda detayland\u0131rd\u0131\u011f\u0131m\u0131z <a href='https:\/\/www.dchost.com\/blog\/vps-izleme-ve-alarm-kurulumu-prometheus-grafana-ve-uptime-kuma-ile-baslangic\/'>VPS izleme ve alarm kurulumu<\/a> rehberindeki ajanlar\u0131 ve dashboard kurulumlar\u0131n\u0131 Ansible rolleri haline getirip, her yeni VPS&#8217;inize otomatik olarak ekleyebilirsiniz.<\/p>\n<h2><span id=\"DCHost_ile_Terraform_ve_Ansible_Otomasyonunu_Hayata_Gecirmek\">DCHost ile Terraform ve Ansible Otomasyonunu Hayata Ge\u00e7irmek<\/span><\/h2>\n<p>Buraya kadar anlatt\u0131\u011f\u0131m\u0131z yap\u0131, ilk bak\u0131\u015fta kapsaml\u0131 g\u00f6r\u00fcnebilir; ancak k\u00fc\u00e7\u00fck ad\u0131mlarla gitti\u011finizde her ad\u0131m\u0131n somut bir getirisi oluyor. \u00d6zetle:<\/p>\n<ul>\n<li>Terraform ile VPS, disk, a\u011f ve temel kaynaklar\u0131 kod olarak tan\u0131ml\u0131yorsunuz.<\/li>\n<li>Ansible ile i\u015fletim sistemi, g\u00fcvenlik ayarlar\u0131, web sunucusu ve uygulama katman\u0131n\u0131 tekrar \u00fcretilebilir hale getiriyorsunuz.<\/li>\n<li>Terraform \u00e7\u0131kt\u0131s\u0131n\u0131 Ansible envanterine ba\u011flayarak tek komutla ba\u015ftan sona \u00e7al\u0131\u015fan bir ak\u0131\u015f kuruyorsunuz.<\/li>\n<\/ul>\n<p>DCHost taraf\u0131nda sundu\u011fumuz <strong>VPS, dedicated ve colocation<\/strong> altyap\u0131lar\u0131, bu tarz otomasyon senaryolar\u0131n\u0131 rahat\u00e7a ta\u015f\u0131yabilece\u011finiz \u015fekilde tasarlan\u0131yor. \u00d6zellikle tekrar tekrar kurman\u0131z gereken staging, test ve k\u0131sa \u00f6m\u00fcrl\u00fc ortamlar\u0131n\u0131z varsa, otomasyonlu bir yap\u0131 kurdu\u011funuzda hem operasyon y\u00fck\u00fcn\u00fcz hem de insan hatas\u0131 kaynakl\u0131 riskler ciddi oranda azal\u0131r.<\/p>\n<p>Bir sonraki ad\u0131m olarak \u015funlar\u0131 yapman\u0131z\u0131 \u00f6neririm:<\/p>\n<ul>\n<li>K\u00fc\u00e7\u00fck bir proje se\u00e7in ve Terraform ile yaln\u0131zca tek bir VPS tan\u0131m\u0131 yap\u0131n.<\/li>\n<li>Ansible ile sadece temel g\u00fcvenlik ve Nginx kurulumunu role \u00e7evirin.<\/li>\n<li>Bunlar\u0131 bir <code>Makefile<\/code> veya basit bir script ile u\u00e7tan uca ba\u011flay\u0131n.<\/li>\n<\/ul>\n<p>Bu ilk iskeleti oturttuktan sonra, veritaban\u0131, cache, izleme, loglama, yedekleme gibi bile\u015fenleri tek tek bu yap\u0131ya ekleyerek b\u00fcy\u00fctebilirsiniz. DCHost olarak bu yolculukta, ister altyap\u0131 se\u00e7imi ister Terraform\/Ansible mimarisi olsun, ekibinizle birlikte ayn\u0131 dili konu\u015fan bir partner olmaktan memnuniyet duyar\u0131z.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 Neden Terraform ve Ansible ile VPS Otomasyonu Kurmal\u0131s\u0131n\u0131z?2 Genel Mimarinin Resmi: Terraform Nerede, Ansible Nerede?3 Terraform ile VPS Altyap\u0131s\u0131n\u0131 Kodlamak3.1 Temel Kavramlar: Provider, Resource, State3.2 \u00d6rnek Terraform Yap\u0131land\u0131rmas\u01313.3 cloud-init ile \u0130lk Nefes: Ansible&#8217;a Haz\u0131rl\u0131k4 Ansible ile VPS Konfig\u00fcrasyonunu Kodlamak4.1 Envanter, Playbook ve Roller4.2 Basit Bir Inventory \u00d6rne\u011fi4.3 G\u00fcvenlik Sertle\u015ftirmesini Role Haline Getirmek5 Terraform \u00c7\u0131kt\u0131s\u0131n\u0131 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3635,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-3634","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3634","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=3634"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3634\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/3635"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=3634"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=3634"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=3634"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}