forked from fvumbaca/terraform-proxmox-k3s
-
Notifications
You must be signed in to change notification settings - Fork 0
/
master_nodes.tf
124 lines (102 loc) · 3.06 KB
/
master_nodes.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
resource "macaddress" "k3s-masters" {
count = var.master_nodes_count
}
locals {
master_node_settings = defaults(var.master_node_settings, {
cores = 2
sockets = 1
memory = 4096
storage_type = "scsi"
storage_id = "local-lvm"
disk_size = "20G"
user = "k3s"
network_bridge = "vmbr0"
network_tag = -1
})
master_node_ips = [for i in range(var.master_nodes_count) : cidrhost(var.control_plane_subnet, i + 1)]
}
resource "random_password" "k3s-server-token" {
length = 32
special = false
override_special = "_%@"
}
resource "proxmox_vm_qemu" "k3s-master" {
depends_on = [
proxmox_vm_qemu.k3s-support,
]
count = var.master_nodes_count
target_node = var.proxmox_node
name = "${var.cluster_name}-master-${count.index}"
clone = var.node_template
pool = var.proxmox_resource_pool
# cores = 2
cores = local.master_node_settings.cores
sockets = local.master_node_settings.sockets
memory = local.master_node_settings.memory
agent = 1
disk {
type = local.master_node_settings.storage_type
storage = local.master_node_settings.storage_id
size = local.master_node_settings.disk_size
}
network {
bridge = local.master_node_settings.network_bridge
firewall = true
link_down = false
macaddr = upper(macaddress.k3s-masters[count.index].address)
model = "virtio"
queues = 0
rate = 0
tag = local.master_node_settings.network_tag
}
lifecycle {
ignore_changes = [
ciuser,
sshkeys,
disk,
network
]
}
os_type = "cloud-init"
ciuser = local.master_node_settings.user
ipconfig0 = "ip=${local.master_node_ips[count.index]}/${local.lan_subnet_cidr_bitnum},gw=${var.network_gateway}"
sshkeys = file(var.authorized_keys_file)
nameserver = var.nameserver
connection {
type = "ssh"
user = local.master_node_settings.user
host = local.master_node_ips[count.index]
}
provisioner "remote-exec" {
inline = [
templatefile("${path.module}/scripts/install-k3s-server.sh.tftpl", {
mode = "server"
tokens = [random_password.k3s-server-token.result]
alt_names = concat([local.support_node_ip], var.api_hostnames)
server_hosts = []
node_taints = ["CriticalAddonsOnly=true:NoExecute"]
disable = var.k3s_disable_components
datastores = [{
host = "${local.support_node_ip}:3306"
name = "k3s"
user = "k3s"
password = random_password.k3s-master-db-password.result
}]
http_proxy = var.http_proxy
})
]
}
}
data "external" "kubeconfig" {
depends_on = [
proxmox_vm_qemu.k3s-support,
proxmox_vm_qemu.k3s-master
]
program = [
"/usr/bin/ssh",
"-o UserKnownHostsFile=/dev/null",
"-o StrictHostKeyChecking=no",
"${local.master_node_settings.user}@${local.master_node_ips[0]}",
"echo '{\"kubeconfig\":\"'$(sudo cat /etc/rancher/k3s/k3s.yaml | base64)'\"}'"
]
}