vsphere-k8s/terraform/main.tf

218 lines
7 KiB
HCL

terraform {
required_providers {
vsphere = {
version = "2.2.0"
}
}
}
provider "vsphere" {
user = var.vsphere-user
password = var.vsphere-password
vsphere_server = var.vsphere-server
allow_unverified_ssl = var.vsphere-unverified-ssl
}
data "vsphere_datacenter" "dc" {
name = var.vsphere-datacenter
}
data "vsphere_datastore" "datastore" {
name = var.vm-datastore
datacenter_id = data.vsphere_datacenter.dc.id
}
data "vsphere_datastore" "k8s-datastore" {
name = var.k8s-datastore
datacenter_id = data.vsphere_datacenter.dc.id
}
data "vsphere_compute_cluster" "cluster" {
name = var.vsphere-cluster
datacenter_id = data.vsphere_datacenter.dc.id
}
data "vsphere_network" "network" {
name = var.vm-network-name
datacenter_id = data.vsphere_datacenter.dc.id
}
data "vsphere_virtual_machine" "template" {
name = "/${var.vsphere-datacenter}/vm/${var.vsphere-template-folder}/${var.vm-template-name}"
datacenter_id = data.vsphere_datacenter.dc.id
}
resource "random_shuffle" "certkey" {
input = ["a", "b", "c", "d", "e", "f", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"]
result_count = 64
}
resource "random_string" "token1" {
length = 6
special = false
upper = false
}
resource "random_string" "token2" {
length = 16
special = false
upper = false
}
locals {
kubeadm-certkey = join("", random_shuffle.certkey.result)
kubeadm-token = join(".", [random_string.token1.result, random_string.token2.result])
k8s-initial-node = "${var.vm-control-name}-1"
k8s-node-count = "${var.vm-control-count + var.vm-worker-count}"
}
resource "vsphere_virtual_machine" "control" {
count = var.vm-control-count
name = "${var.vm-control-name}-${count.index + 1}"
resource_pool_id = data.vsphere_compute_cluster.cluster.resource_pool_id
datastore_id = data.vsphere_datastore.datastore.id
folder = var.vm-folder
num_cpus = var.vm-control-cpu
memory = var.vm-control-ram
guest_id = data.vsphere_virtual_machine.template.guest_id
firmware = data.vsphere_virtual_machine.template.firmware
hardware_version = data.vsphere_virtual_machine.template.hardware_version
scsi_type = data.vsphere_virtual_machine.template.scsi_type
extra_config = {
"disk.EnableUUID" = "TRUE"
}
network_interface {
network_id = data.vsphere_network.network.id
adapter_type = data.vsphere_virtual_machine.template.network_interface_types[0]
}
disk {
label = "${var.vm-control-name}-${count.index +1}-disk"
size = var.vm-control-disk-size
}
clone {
template_uuid = data.vsphere_virtual_machine.template.id
customize {
timeout = 0
linux_options {
host_name = "${var.vm-control-name}-${count.index +1}"
domain = var.vm-domain
}
network_interface {
ipv4_address = "${var.vm-network-address != "0.0.0.0/0" ? cidrhost(var.vm-network-address, var.vm-control-ip-address-start + count.index) : ""}"
ipv4_netmask = "${var.vm-network-address != "0.0.0.0/0" ? element(split("/", var.vm-network-address), 1) : 0}"
}
ipv4_gateway = var.vm-network-gateway
dns_server_list = var.vm-network-dns-servers
dns_suffix_list = [var.vm-domain]
}
}
connection {
type = "ssh"
user = "${var.k8s-username}"
private_key = file("${var.k8s-ssh-key-file}")
host = "${self.default_ip_address}"
}
provisioner "file" {
source = "scripts/initialize-controlplane.sh"
destination = "/home/${var.k8s-username}/initialize-controlplane.sh"
}
provisioner "remote-exec" {
inline = [
"echo export K8S_INITIAL_NODE=\"'${local.k8s-initial-node}'\" >> env.txt",
"echo export KUBEADM_TOKEN=\"'${local.kubeadm-token}'\" >> env.txt",
"echo export KUBEADM_CERTKEY=\"'${local.kubeadm-certkey}'\" >> env.txt",
"echo export K8S_VER=\"'${var.k8s-version}'\" >> env.txt",
"echo export K8S_SERVICE_CIDR=\"'${var.k8s-service-cidr}'\" >> env.txt",
"echo export K8S_POD_CIDR=\"'${var.k8s-pod-cidr}'\" >> env.txt",
"echo export K8S_CLUSTER_NAME=\"'${var.k8s-cluster-name}'\" >> env.txt",
"echo export K8S_CONTROLPLANE_VIP=\"'${var.k8s-controlplane-vip}'\" >> env.txt",
"echo export K8S_CONTROLPLANE_COUNT=\"'${var.vm-control-count}'\" >> env.txt",
"echo export KUBEVIP_VER=\"'${var.k8s-kubevip-version}'\" >> env.txt",
"echo export K8S_NODE_COUNT=\"'${local.k8s-node-count}'\" >> env.txt",
"echo export VCENTER_SERVER=\"'${var.vsphere-server}'\" >> env.txt",
"echo export VCENTER_USERNAME=\"'${var.vsphere-user}'\" >> env.txt",
"echo export VCENTER_PASSWORD=\"'${var.vsphere-password}'\" >> env.txt",
"echo export VCENTER_DATACENTER=\"'${var.vsphere-datacenter}'\" >> env.txt",
"chmod +x /home/${var.k8s-username}/initialize-controlplane.sh",
"/home/${var.k8s-username}/initialize-controlplane.sh"
]
}
}
resource "vsphere_virtual_machine" "worker" {
count = var.vm-worker-count
name = "${var.vm-worker-name}-${count.index + 1}"
resource_pool_id = data.vsphere_compute_cluster.cluster.resource_pool_id
datastore_id = data.vsphere_datastore.datastore.id
folder = "/${var.vsphere-datacenter}/vm/${var.vm-folder}"
num_cpus = var.vm-worker-cpu
memory = var.vm-worker-ram
guest_id = data.vsphere_virtual_machine.template.guest_id
firmware = data.vsphere_virtual_machine.template.firmware
hardware_version = data.vsphere_virtual_machine.template.hardware_version
scsi_type = data.vsphere_virtual_machine.template.scsi_type
network_interface {
network_id = data.vsphere_network.network.id
adapter_type = data.vsphere_virtual_machine.template.network_interface_types[0]
}
disk {
label = "${var.vm-worker-name}-${count.index +1}-disk"
size = var.vm-worker-disk-size
}
clone {
template_uuid = data.vsphere_virtual_machine.template.id
customize {
timeout = 0
linux_options {
host_name = "${var.vm-worker-name}-${count.index +1}"
domain = var.vm-domain
}
network_interface {
ipv4_address = "${var.vm-network-address != "0.0.0.0/0" ? cidrhost(var.vm-network-address, var.vm-worker-ip-address-start + count.index) : ""}"
ipv4_netmask = "${var.vm-network-address != "0.0.0.0/0" ? element(split("/", var.vm-network-address), 1) : 0}"
}
ipv4_gateway = var.vm-network-gateway
dns_server_list = var.vm-network-dns-servers
dns_suffix_list = [var.vm-domain]
}
}
connection {
type = "ssh"
user = "${var.k8s-username}"
private_key = file("${var.k8s-ssh-key-file}")
host = "${self.default_ip_address}"
}
provisioner "file" {
source = "scripts/join-workers.sh"
destination = "/home/${var.k8s-username}/join-workers.sh"
}
provisioner "remote-exec" {
inline = [
"echo export KUBEADM_TOKEN=\"'${local.kubeadm-token}'\" >> env.txt",
"echo export K8S_CONTROLPLANE_VIP=\"'${var.k8s-controlplane-vip}'\" >> env.txt",
"echo export K8S_CONTROLPLANE_COUNT=\"'${var.vm-control-count}'\" >> env.txt",
"chmod +x /home/${var.k8s-username}/join-workers.sh",
"/home/${var.k8s-username}/join-workers.sh"
]
}
}