mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-11 23:49:30 -05:00
terraform template libvirt
Signed-off-by: Malte Poll <mp@edgeless.systems>
This commit is contained in:
parent
869448c3e1
commit
ff657a2ee7
8
.gitignore
vendored
8
.gitignore
vendored
@ -31,3 +31,11 @@ image/dependencies/coordinator
|
|||||||
image/dependencies/cilium
|
image/dependencies/cilium
|
||||||
image/images/*
|
image/images/*
|
||||||
image/cosa.lock
|
image/cosa.lock
|
||||||
|
|
||||||
|
# Terraform
|
||||||
|
*.tfstate
|
||||||
|
*.tfstate.backup
|
||||||
|
.terraform
|
||||||
|
.terraform.lock.hcl
|
||||||
|
.terraform.tfstate.lock.info
|
||||||
|
*.tfvars
|
||||||
|
65
terraform/libvirt/main.tf
Normal file
65
terraform/libvirt/main.tf
Normal file
@ -0,0 +1,65 @@
|
|||||||
|
terraform {
|
||||||
|
required_providers {
|
||||||
|
libvirt = {
|
||||||
|
source = "dmacvicar/libvirt"
|
||||||
|
version = "0.6.14"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "libvirt" {
|
||||||
|
uri = "qemu:///session"
|
||||||
|
}
|
||||||
|
|
||||||
|
module "control_plane" {
|
||||||
|
source = "./modules/instance_group"
|
||||||
|
role = "control-plane"
|
||||||
|
amount = var.control_plane_count
|
||||||
|
vcpus = var.vcpus
|
||||||
|
memory = var.memory
|
||||||
|
state_disk_size = var.state_disk_size
|
||||||
|
ip_range_start = var.ip_range_start
|
||||||
|
cidr = "10.42.1.0/24"
|
||||||
|
network_id = libvirt_network.constellation.id
|
||||||
|
pool = libvirt_pool.cluster.name
|
||||||
|
boot_volume_id = libvirt_volume.constellation_coreos_image.id
|
||||||
|
}
|
||||||
|
|
||||||
|
module "worker" {
|
||||||
|
source = "./modules/instance_group"
|
||||||
|
role = "worker"
|
||||||
|
amount = var.worker_count
|
||||||
|
vcpus = var.vcpus
|
||||||
|
memory = var.memory
|
||||||
|
state_disk_size = var.state_disk_size
|
||||||
|
ip_range_start = var.ip_range_start
|
||||||
|
cidr = "10.42.2.0/24"
|
||||||
|
network_id = libvirt_network.constellation.id
|
||||||
|
pool = libvirt_pool.cluster.name
|
||||||
|
boot_volume_id = libvirt_volume.constellation_coreos_image.id
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "libvirt_pool" "cluster" {
|
||||||
|
name = "constellation"
|
||||||
|
type = "dir"
|
||||||
|
path = "/var/lib/libvirt/images"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "libvirt_volume" "constellation_coreos_image" {
|
||||||
|
name = "constellation-coreos-image"
|
||||||
|
pool = libvirt_pool.cluster.name
|
||||||
|
source = var.constellation_coreos_image_qcow2
|
||||||
|
format = "qcow2"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "libvirt_network" "constellation" {
|
||||||
|
name = "constellation"
|
||||||
|
mode = "nat"
|
||||||
|
addresses = ["10.42.0.0/16"]
|
||||||
|
dhcp {
|
||||||
|
enabled = true
|
||||||
|
}
|
||||||
|
dns {
|
||||||
|
enabled = true
|
||||||
|
}
|
||||||
|
}
|
24
terraform/libvirt/modules/instance_group/domain.xsl
Normal file
24
terraform/libvirt/modules/instance_group/domain.xsl
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
<xsl:stylesheet version="2.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
|
||||||
|
<xsl:output omit-xml-declaration="yes" indent="yes"/>
|
||||||
|
<xsl:template match="node()|@*">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="node()|@*"/>
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
<xsl:template match="os">
|
||||||
|
<os firmware="efi">
|
||||||
|
<xsl:apply-templates select="@*|node()"/>
|
||||||
|
</os>
|
||||||
|
</xsl:template>
|
||||||
|
<xsl:template match="/domain/devices/tpm/backend">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="node()|@*"/>
|
||||||
|
<xsl:element name ="active_pcr_banks">
|
||||||
|
<xsl:element name="sha1"></xsl:element>
|
||||||
|
<xsl:element name="sha256"></xsl:element>
|
||||||
|
<xsl:element name="sha384"></xsl:element>
|
||||||
|
<xsl:element name="sha512"></xsl:element>
|
||||||
|
</xsl:element>
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
</xsl:stylesheet>
|
72
terraform/libvirt/modules/instance_group/main.tf
Normal file
72
terraform/libvirt/modules/instance_group/main.tf
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
terraform {
|
||||||
|
required_providers {
|
||||||
|
libvirt = {
|
||||||
|
source = "dmacvicar/libvirt"
|
||||||
|
version = "0.6.14"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
locals {
|
||||||
|
state_disk_size_byte = 1073741824 * var.state_disk_size
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "libvirt_domain" "instance_group" {
|
||||||
|
name = "${var.role}-${count.index}"
|
||||||
|
count = var.amount
|
||||||
|
memory = var.memory
|
||||||
|
vcpu = var.vcpus
|
||||||
|
machine = "q35"
|
||||||
|
tpm {
|
||||||
|
backend_type = "emulator"
|
||||||
|
backend_version = "2.0"
|
||||||
|
}
|
||||||
|
disk = [
|
||||||
|
{
|
||||||
|
volume_id = element(libvirt_volume.boot_volume.*.id, count.index)
|
||||||
|
scsi : true,
|
||||||
|
// fix for https://github.com/dmacvicar/terraform-provider-libvirt/issues/728
|
||||||
|
block_device : null,
|
||||||
|
file : null,
|
||||||
|
url : null,
|
||||||
|
wwn : null
|
||||||
|
},
|
||||||
|
{
|
||||||
|
volume_id = element(libvirt_volume.state_volume.*.id, count.index)
|
||||||
|
// fix for https://github.com/dmacvicar/terraform-provider-libvirt/issues/728
|
||||||
|
block_device : null,
|
||||||
|
file : null,
|
||||||
|
scsi : null,
|
||||||
|
url : null,
|
||||||
|
wwn : null
|
||||||
|
},
|
||||||
|
]
|
||||||
|
network_interface {
|
||||||
|
network_id = var.network_id
|
||||||
|
hostname = "${var.role}-${count.index}"
|
||||||
|
addresses = [cidrhost(var.cidr, var.ip_range_start + count.index)]
|
||||||
|
wait_for_lease = true
|
||||||
|
}
|
||||||
|
console {
|
||||||
|
type = "pty"
|
||||||
|
target_port = "0"
|
||||||
|
}
|
||||||
|
xml {
|
||||||
|
xslt = file("modules/instance_group/domain.xsl")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "libvirt_volume" "boot_volume" {
|
||||||
|
name = "constellation-${var.role}-${count.index}-boot"
|
||||||
|
count = var.amount
|
||||||
|
pool = var.pool
|
||||||
|
base_volume_id = var.boot_volume_id
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "libvirt_volume" "state_volume" {
|
||||||
|
name = "constellation-${var.role}-${count.index}-state"
|
||||||
|
count = var.amount
|
||||||
|
pool = var.pool
|
||||||
|
size = local.state_disk_size_byte
|
||||||
|
format = "qcow2"
|
||||||
|
}
|
3
terraform/libvirt/modules/instance_group/outputs.tf
Normal file
3
terraform/libvirt/modules/instance_group/outputs.tf
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
output "instance_ips" {
|
||||||
|
value = flatten(libvirt_domain.instance_group[*].network_interface[*].addresses[*])
|
||||||
|
}
|
48
terraform/libvirt/modules/instance_group/variables.tf
Normal file
48
terraform/libvirt/modules/instance_group/variables.tf
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
variable "amount" {
|
||||||
|
type = number
|
||||||
|
description = "amount of nodes"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "vcpus" {
|
||||||
|
type = number
|
||||||
|
description = "amount of vcpus per instance"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "memory" {
|
||||||
|
type = number
|
||||||
|
description = "amount of memory per instance (MiB)"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "state_disk_size" {
|
||||||
|
type = number
|
||||||
|
description = "size of state disk (GiB)"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "ip_range_start" {
|
||||||
|
type = number
|
||||||
|
description = "first ip address to use within subnet"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "cidr" {
|
||||||
|
type = string
|
||||||
|
description = "subnet to use for dhcp"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "network_id" {
|
||||||
|
type = string
|
||||||
|
description = "id of the network to use"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "pool" {
|
||||||
|
type = string
|
||||||
|
description = "name of the storage pool to use"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "boot_volume_id" {
|
||||||
|
type = string
|
||||||
|
description = "id of the constellation boot disk"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "role" {
|
||||||
|
type = string
|
||||||
|
}
|
7
terraform/libvirt/outputs.tf
Normal file
7
terraform/libvirt/outputs.tf
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
output "control_plane_ips" {
|
||||||
|
value = module.control_plane.instance_ips
|
||||||
|
}
|
||||||
|
|
||||||
|
output "worker_ips" {
|
||||||
|
value = module.worker.instance_ips
|
||||||
|
}
|
40
terraform/libvirt/variables.tf
Normal file
40
terraform/libvirt/variables.tf
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
variable "constellation_coreos_image_qcow2" {
|
||||||
|
type = string
|
||||||
|
description = "constellation OS qcow file path"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "control_plane_count" {
|
||||||
|
type = number
|
||||||
|
default = 3
|
||||||
|
description = "amount of control plane nodes"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "worker_count" {
|
||||||
|
type = number
|
||||||
|
default = 2
|
||||||
|
description = "amount of worker nodes"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "vcpus" {
|
||||||
|
type = number
|
||||||
|
default = 2
|
||||||
|
description = "amount of vcpus per instance"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "memory" {
|
||||||
|
type = number
|
||||||
|
default = 2048
|
||||||
|
description = "amount of memory per instance (MiB)"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "state_disk_size" {
|
||||||
|
type = number
|
||||||
|
default = 10
|
||||||
|
description = "size of state disk (GiB)"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "ip_range_start" {
|
||||||
|
type = number
|
||||||
|
default = 100
|
||||||
|
description = "first ip address to use within subnet"
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user