From 395494c1d93198f90007a4a441b0bfc0be036085 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Tue, 30 May 2017 13:54:42 -0700 Subject: [PATCH 1/3] examples/terraform: Template variables early where possible --- examples/terraform/etcd3-install/etcd3.tf | 5 +---- examples/terraform/modules/bootkube/groups.tf | 5 +---- .../profiles/cl/container-linux-install.yaml.tmpl | 4 ++-- examples/terraform/modules/profiles/profiles.tf | 14 ++++++++++++-- 4 files changed, 16 insertions(+), 12 deletions(-) diff --git a/examples/terraform/etcd3-install/etcd3.tf b/examples/terraform/etcd3-install/etcd3.tf index c14621c9..a71d076e 100644 --- a/examples/terraform/etcd3-install/etcd3.tf +++ b/examples/terraform/etcd3-install/etcd3.tf @@ -13,12 +13,9 @@ resource "matchbox_group" "default" { // No selector, matches all nodes metadata { - container_linux_channel = "stable" - container_linux_version = "1353.7.0" - container_linux_oem = "${var.container_linux_oem}" - ignition_endpoint = "${var.matchbox_http_endpoint}/ignition" baseurl = "${var.matchbox_http_endpoint}/assets/coreos" ssh_authorized_key = "${var.ssh_authorized_key}" + container_linux_oem = "${var.container_linux_oem}" } } diff --git a/examples/terraform/modules/bootkube/groups.tf b/examples/terraform/modules/bootkube/groups.tf index 213a99a7..5d7ab198 100644 --- a/examples/terraform/modules/bootkube/groups.tf +++ b/examples/terraform/modules/bootkube/groups.tf @@ -10,12 +10,9 @@ resource "matchbox_group" "container-linux-install" { } metadata { - container_linux_channel = "${var.container_linux_channel}" - container_linux_version = "${var.container_linux_version}" - container_linux_oem = "${var.container_linux_oem}" - ignition_endpoint = "${var.matchbox_http_endpoint}/ignition" baseurl = "${var.matchbox_http_endpoint}/assets/coreos" ssh_authorized_key = "${var.ssh_authorized_key}" + container_linux_oem = "${var.container_linux_oem}" } } diff --git a/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl b/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl index d5c1526e..4012bc14 100644 --- a/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl +++ b/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl @@ -20,8 +20,8 @@ storage: contents: inline: | #!/bin/bash -ex - curl "{{.ignition_endpoint}}?{{.request.raw_query}}&os=installed" -o ignition.json - coreos-install -d /dev/sda -C {{.container_linux_channel}} -V {{.container_linux_version}} -i ignition.json {{if index . "baseurl"}}-b {{.baseurl}}{{end}} {{if index . "container_linux_oem"}}-o {{.container_linux_oem}}{{end}} + curl "${ignition_endpoint}?{{.request.raw_query}}&os=installed" -o ignition.json + coreos-install -d /dev/sda -C ${container_linux_channel} -V ${container_linux_version} -i ignition.json {{if index . "baseurl"}}-b {{.baseurl}}{{end}} {{if index . "container_linux_oem"}}-o {{.container_linux_oem}}{{end}} udevadm settle systemctl reboot passwd: diff --git a/examples/terraform/modules/profiles/profiles.tf b/examples/terraform/modules/profiles/profiles.tf index 0795ca84..9e73fa2d 100644 --- a/examples/terraform/modules/profiles/profiles.tf +++ b/examples/terraform/modules/profiles/profiles.tf @@ -14,7 +14,7 @@ resource "matchbox_profile" "container-linux-install" { "console=ttyS0", ] - container_linux_config = "${file("${path.module}/cl/container-linux-install.yaml.tmpl")}" + container_linux_config = "${data.template_file.container-linux-install-config.rendered}" } // Container Linux Install profile (from matchbox /assets cache) @@ -34,7 +34,17 @@ resource "matchbox_profile" "cached-container-linux-install" { "console=ttyS0", ] - container_linux_config = "${file("${path.module}/cl/container-linux-install.yaml.tmpl")}" + container_linux_config = "${data.template_file.container-linux-install-config.rendered}" +} + +data "template_file" "container-linux-install-config" { + template = "${file("${path.module}/cl/container-linux-install.yaml.tmpl")}" + + vars { + container_linux_channel = "${var.container_linux_channel}" + container_linux_version = "${var.container_linux_version}" + ignition_endpoint = "${format("%s/ignition", var.matchbox_http_endpoint)}" + } } // etcd3 profile From d54562f4293ea4126d58bd40af74335997f0ec00 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Tue, 30 May 2017 14:58:57 -0700 Subject: [PATCH 2/3] examples/terraform: Add install_disk optional override --- examples/terraform/bootkube-install/README.md | 24 ++++++++++++------- .../terraform/bootkube-install/cluster.tf | 5 ++-- .../bootkube-install/terraform.tfvars.example | 1 + .../terraform/bootkube-install/variables.tf | 11 ++++++++- examples/terraform/etcd3-install/README.md | 15 ++++++++++-- examples/terraform/etcd3-install/etcd3.tf | 1 + .../etcd3-install/terraform.tfvars.example | 1 + examples/terraform/etcd3-install/variables.tf | 6 +++++ .../terraform/modules/bootkube/profiles.tf | 1 + .../terraform/modules/bootkube/variables.tf | 8 +++++++ .../cl/container-linux-install.yaml.tmpl | 2 +- .../terraform/modules/profiles/profiles.tf | 1 + .../terraform/modules/profiles/variables.tf | 8 +++++++ 13 files changed, 69 insertions(+), 15 deletions(-) diff --git a/examples/terraform/bootkube-install/README.md b/examples/terraform/bootkube-install/README.md index 90ebed43..0e26204f 100644 --- a/examples/terraform/bootkube-install/README.md +++ b/examples/terraform/bootkube-install/README.md @@ -32,16 +32,16 @@ Copy the `terraform.tfvars.example` file to `terraform.tfvars`. Ensure `provider ```hcl matchbox_http_endpoint = "http://matchbox.example.com:8080" matchbox_rpc_endpoint = "matchbox.example.com:8081" +ssh_authorized_key = "ADD ME" cluster_name = "demo" container_linux_version = "1353.7.0" container_linux_channel = "stable" -ssh_authorized_key = "ADD ME" ``` Provide an ordered list of controller names, MAC addresses, and domain names. Provide an ordered list of worker names, MAC addresses, and domain names. -``` +```hcl controller_names = ["node1"] controller_macs = ["52:54:00:a1:9c:ae"] controller_domains = ["node1.example.com"] @@ -50,18 +50,26 @@ worker_macs = ["52:54:00:b2:2f:86", "52:54:00:c3:61:77"] worker_domains = ["node2.example.com", "node3.example.com"] ``` -Finally, provide an `assets_dir` for generated manifests and a DNS name which you've setup to resolves to controller(s) (e.g. round-robin). Worker nodes and your kubeconfig will communicate via this endpoint. +Provide an `assets_dir` for generated manifests and a DNS name which you've setup to resolves to controller(s) (e.g. round-robin). Worker nodes and your kubeconfig will communicate via this endpoint. -``` +```hcl k8s_domain_name = "cluster.example.com" asset_dir = "assets" ``` -### Options +Note: The `cached-container-linux-install` profile will PXE boot and install Container Linux from matchbox [assets](https://github.com/coreos/matchbox/blob/master/Documentation/api.md#assets). If you have not populated the assets cache, use the `container-linux-install` profile to use public images (slower). -You may set `experimental_self_hosted_etcd = "true"` to deploy "self-hosted" etcd atop Kubernetes instead of running etcd on hosts directly. Warning, this is experimental and potentially dangerous. +### Optional -The example above defines a Kubernetes cluster with 1 controller and 2 workers. Check the `multi-controller.tfvars.example` for an example which defines 3 controllers and one worker. +You may set certain optional variables to override defaults. Set `experimental_self_hosted_etcd = "true"` to deploy "self-hosted" etcd atop Kubernetes instead of running etcd on hosts directly. + +```hcl +# install_disk = "/dev/sda" +# container_linux_oem = "" +# experimental_self_hosted_etcd = "true" +``` + +The default is to create a Kubernetes cluster with 1 controller and 2 workers as an example, but check `multi-controller.tfvars.example` for an example which defines 3 controllers and 1 worker. ## Apply @@ -95,8 +103,6 @@ Apply complete! Resources: 37 added, 0 changed, 0 destroyed. You can now move on to the "Machines" section. Apply will loop until it can successfully copy the kubeconfig to each node and start the one-time Kubernetes bootstrapping process on a controller. In practice, you may see `apply` fail if it connects before the disk install has completed. Run terraform apply until it reconciles successfully. -Note: The `cached-container-linux-install` profile will PXE boot and install Container Linux from matchbox [assets](https://github.com/coreos/matchbox/blob/master/Documentation/api.md#assets). If you have not populated the assets cache, use the `container-linux-install` profile to use public images (slower). - ## Machines Power on each machine (with PXE boot device on next boot). Machines should network boot, install Container Linux to disk, reboot, and provision themselves as bootkube controllers or workers. diff --git a/examples/terraform/bootkube-install/cluster.tf b/examples/terraform/bootkube-install/cluster.tf index af6c3197..02eb5ba4 100644 --- a/examples/terraform/bootkube-install/cluster.tf +++ b/examples/terraform/bootkube-install/cluster.tf @@ -18,10 +18,11 @@ module "cluster" { worker_domains = "${var.worker_domains}" # bootkube assets - k8s_domain_name = "${var.k8s_domain_name}" - asset_dir = "${var.asset_dir}" + k8s_domain_name = "${var.k8s_domain_name}" + asset_dir = "${var.asset_dir}" # Optional + install_disk = "${var.install_disk}" container_linux_oem = "${var.container_linux_oem}" experimental_self_hosted_etcd = "${var.experimental_self_hosted_etcd}" } diff --git a/examples/terraform/bootkube-install/terraform.tfvars.example b/examples/terraform/bootkube-install/terraform.tfvars.example index 1c4139ae..0a32735e 100644 --- a/examples/terraform/bootkube-install/terraform.tfvars.example +++ b/examples/terraform/bootkube-install/terraform.tfvars.example @@ -19,5 +19,6 @@ k8s_domain_name = "cluster.example.com" asset_dir = "assets" # Optional +# install_disk = "/dev/sda" # container_linux_oem = "" # experimental_self_hosted_etcd = "true" diff --git a/examples/terraform/bootkube-install/variables.tf b/examples/terraform/bootkube-install/variables.tf index 0d1f6599..9419d3ff 100644 --- a/examples/terraform/bootkube-install/variables.tf +++ b/examples/terraform/bootkube-install/variables.tf @@ -78,8 +78,17 @@ variable "service_cidr" { CIDR IP range to assign Kubernetes services. The 1st IP will be reserved for kube_apiserver, the 10th IP will be reserved for kube-dns, the 15th IP will be reserved for self-hosted etcd, and the 200th IP will be reserved for bootstrap self-hosted etcd. EOD + + type = "string" + default = "10.3.0.0/16" +} + +# optional + +variable "install_disk" { type = "string" - default = "10.3.0.0/16" + default = "/dev/sda" + description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)" } variable "container_linux_oem" { diff --git a/examples/terraform/etcd3-install/README.md b/examples/terraform/etcd3-install/README.md index 21c2c814..e237985e 100644 --- a/examples/terraform/etcd3-install/README.md +++ b/examples/terraform/etcd3-install/README.md @@ -37,6 +37,19 @@ ssh_authorized_key = "ADD ME" Configs in `etcd3-install` configure the matchbox provider, define profiles (e.g. `cached-container-linux-install`, `etcd3`), and define 3 groups which match machines by MAC address to a profile. These resources declare that the machines should PXE boot, install Container Linux to disk, and provision themselves into peers in a 3-node etcd3 cluster. +Note: The `cached-container-linux-install` profile will PXE boot and install Container Linux from matchbox [assets](https://github.com/coreos/matchbox/blob/master/Documentation/api.md#assets). If you have not populated the assets cache, use the `container-linux-install` profile to use public images (slower). + +### Optional + +You may set certain optional variables to override defaults. + +```hcl +# install_disk = "/dev/sda" +# container_linux_oem = "" +``` + +## Apply + Fetch the [profiles](../README.md#modules) Terraform [module](https://www.terraform.io/docs/modules/index.html) which let's you use common machine profiles maintained in the matchbox repo (like `etcd3`). ```sh @@ -52,8 +65,6 @@ $ terraform apply Apply complete! Resources: 10 added, 0 changed, 0 destroyed. ``` -Note: The `cached-container-linux-install` profile will PXE boot and install Container Linux from matchbox [assets](https://github.com/coreos/matchbox/blob/master/Documentation/api.md#assets). If you have not populated the assets cache, use the `container-linux-install` profile to use public images (slower). - ## Machines Power on each machine (with PXE boot device on next boot). Machines should network boot, install Container Linux to disk, reboot, and provision themselves as a 3-node etcd3 cluster. diff --git a/examples/terraform/etcd3-install/etcd3.tf b/examples/terraform/etcd3-install/etcd3.tf index a71d076e..523e8a1f 100644 --- a/examples/terraform/etcd3-install/etcd3.tf +++ b/examples/terraform/etcd3-install/etcd3.tf @@ -4,6 +4,7 @@ module "profiles" { matchbox_http_endpoint = "${var.matchbox_http_endpoint}" container_linux_version = "1353.7.0" container_linux_channel = "stable" + install_disk = "${var.install_disk}" } // Install Container Linux to disk before provisioning diff --git a/examples/terraform/etcd3-install/terraform.tfvars.example b/examples/terraform/etcd3-install/terraform.tfvars.example index 38976486..93c2716c 100644 --- a/examples/terraform/etcd3-install/terraform.tfvars.example +++ b/examples/terraform/etcd3-install/terraform.tfvars.example @@ -3,4 +3,5 @@ matchbox_rpc_endpoint = "matchbox.example.com:8081" # ssh_authorized_key = "ADD ME" # Optional +# install_disk = "/dev/sda" # container_linux_oem = "" diff --git a/examples/terraform/etcd3-install/variables.tf b/examples/terraform/etcd3-install/variables.tf index a9b0cc00..dd439d03 100644 --- a/examples/terraform/etcd3-install/variables.tf +++ b/examples/terraform/etcd3-install/variables.tf @@ -13,6 +13,12 @@ variable "ssh_authorized_key" { description = "SSH public key to set as an authorized_key on machines" } +variable "install_disk" { + type = "string" + default = "/dev/sda" + description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)" +} + variable "container_linux_oem" { type = "string" default = "" diff --git a/examples/terraform/modules/bootkube/profiles.tf b/examples/terraform/modules/bootkube/profiles.tf index a950b74e..6eb4b4ba 100644 --- a/examples/terraform/modules/bootkube/profiles.tf +++ b/examples/terraform/modules/bootkube/profiles.tf @@ -4,4 +4,5 @@ module "profiles" { matchbox_http_endpoint = "${var.matchbox_http_endpoint}" container_linux_version = "${var.container_linux_version}" container_linux_channel = "${var.container_linux_channel}" + install_disk = "${var.install_disk}" } diff --git a/examples/terraform/modules/bootkube/variables.tf b/examples/terraform/modules/bootkube/variables.tf index bb34b183..b7478b0c 100644 --- a/examples/terraform/modules/bootkube/variables.tf +++ b/examples/terraform/modules/bootkube/variables.tf @@ -77,6 +77,14 @@ EOD default = "10.3.0.0/16" } +# optional + +variable "install_disk" { + type = "string" + default = "/dev/sda" + description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)" +} + variable "container_linux_oem" { type = "string" default = "" diff --git a/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl b/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl index 4012bc14..455a9224 100644 --- a/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl +++ b/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl @@ -21,7 +21,7 @@ storage: inline: | #!/bin/bash -ex curl "${ignition_endpoint}?{{.request.raw_query}}&os=installed" -o ignition.json - coreos-install -d /dev/sda -C ${container_linux_channel} -V ${container_linux_version} -i ignition.json {{if index . "baseurl"}}-b {{.baseurl}}{{end}} {{if index . "container_linux_oem"}}-o {{.container_linux_oem}}{{end}} + coreos-install -d ${install_disk} -C ${container_linux_channel} -V ${container_linux_version} -i ignition.json {{if index . "baseurl"}}-b {{.baseurl}}{{end}} {{if index . "container_linux_oem"}}-o {{.container_linux_oem}}{{end}} udevadm settle systemctl reboot passwd: diff --git a/examples/terraform/modules/profiles/profiles.tf b/examples/terraform/modules/profiles/profiles.tf index 9e73fa2d..1510cef7 100644 --- a/examples/terraform/modules/profiles/profiles.tf +++ b/examples/terraform/modules/profiles/profiles.tf @@ -44,6 +44,7 @@ data "template_file" "container-linux-install-config" { container_linux_channel = "${var.container_linux_channel}" container_linux_version = "${var.container_linux_version}" ignition_endpoint = "${format("%s/ignition", var.matchbox_http_endpoint)}" + install_disk = "${var.install_disk}" } } diff --git a/examples/terraform/modules/profiles/variables.tf b/examples/terraform/modules/profiles/variables.tf index 450cf8bd..66ffa3bd 100644 --- a/examples/terraform/modules/profiles/variables.tf +++ b/examples/terraform/modules/profiles/variables.tf @@ -12,3 +12,11 @@ variable "container_linux_channel" { type = "string" description = "Container Linux channel corresponding to the container_linux_version" } + +# optional + +variable "install_disk" { + type = "string" + default = "/dev/sda" + description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)" +} From d84bb8e3980843da86f042ff9680f03edc60cd9e Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Wed, 31 May 2017 13:57:12 -0700 Subject: [PATCH 3/3] examples/terraform: Configure whether to install CL from cache * Module "profiles" provides container-linux-install and cached-container-linux-install Profiles * Module bootkube accepts cached_install variable to determine whether the cluster should install Container Linux from cache or from the public download site (default) --- .../terraform/bootkube-install/cluster.tf | 1 + .../bootkube-install/terraform.tfvars.example | 5 ++-- .../terraform/bootkube-install/variables.tf | 6 +++++ examples/terraform/etcd3-install/etcd3.tf | 8 +++--- .../etcd3-install/terraform.tfvars.example | 2 +- examples/terraform/etcd3-install/variables.tf | 10 ++++--- examples/terraform/modules/bootkube/groups.tf | 10 +++---- .../terraform/modules/bootkube/profiles.tf | 3 ++- .../terraform/modules/bootkube/variables.tf | 15 ++++++++--- .../cl/container-linux-install.yaml.tmpl | 8 +++++- .../terraform/modules/profiles/profiles.tf | 27 ++++++++++++++++--- .../terraform/modules/profiles/variables.tf | 10 +++++-- tests/smoke/bootkube.tfvars | 3 +-- 13 files changed, 77 insertions(+), 31 deletions(-) diff --git a/examples/terraform/bootkube-install/cluster.tf b/examples/terraform/bootkube-install/cluster.tf index 02eb5ba4..6243ee41 100644 --- a/examples/terraform/bootkube-install/cluster.tf +++ b/examples/terraform/bootkube-install/cluster.tf @@ -22,6 +22,7 @@ module "cluster" { asset_dir = "${var.asset_dir}" # Optional + cached_install = "${var.cached_install}" install_disk = "${var.install_disk}" container_linux_oem = "${var.container_linux_oem}" experimental_self_hosted_etcd = "${var.experimental_self_hosted_etcd}" diff --git a/examples/terraform/bootkube-install/terraform.tfvars.example b/examples/terraform/bootkube-install/terraform.tfvars.example index 0a32735e..2292ed4e 100644 --- a/examples/terraform/bootkube-install/terraform.tfvars.example +++ b/examples/terraform/bootkube-install/terraform.tfvars.example @@ -18,7 +18,8 @@ worker_domains = ["node2.example.com", "node3.example.com"] k8s_domain_name = "cluster.example.com" asset_dir = "assets" -# Optional +# Optional (defaults) +cached_install = "true" # install_disk = "/dev/sda" # container_linux_oem = "" -# experimental_self_hosted_etcd = "true" +# experimental_self_hosted_etcd = "false" diff --git a/examples/terraform/bootkube-install/variables.tf b/examples/terraform/bootkube-install/variables.tf index 9419d3ff..0ca71549 100644 --- a/examples/terraform/bootkube-install/variables.tf +++ b/examples/terraform/bootkube-install/variables.tf @@ -85,6 +85,12 @@ EOD # optional +variable "cached_install" { + type = "string" + default = "false" + description = "Whether Container Linux should PXE boot and install from matchbox /assets cache. Note that the admin must have downloaded the container_linux_version into matchbox assets." +} + variable "install_disk" { type = "string" default = "/dev/sda" diff --git a/examples/terraform/etcd3-install/etcd3.tf b/examples/terraform/etcd3-install/etcd3.tf index 523e8a1f..a9b8c2c9 100644 --- a/examples/terraform/etcd3-install/etcd3.tf +++ b/examples/terraform/etcd3-install/etcd3.tf @@ -4,7 +4,8 @@ module "profiles" { matchbox_http_endpoint = "${var.matchbox_http_endpoint}" container_linux_version = "1353.7.0" container_linux_channel = "stable" - install_disk = "${var.install_disk}" + install_disk = "${var.install_disk}" + container_linux_oem = "${var.container_linux_oem}" } // Install Container Linux to disk before provisioning @@ -13,10 +14,9 @@ resource "matchbox_group" "default" { profile = "${module.profiles.cached-container-linux-install}" // No selector, matches all nodes + metadata { - baseurl = "${var.matchbox_http_endpoint}/assets/coreos" - ssh_authorized_key = "${var.ssh_authorized_key}" - container_linux_oem = "${var.container_linux_oem}" + ssh_authorized_key = "${var.ssh_authorized_key}" } } diff --git a/examples/terraform/etcd3-install/terraform.tfvars.example b/examples/terraform/etcd3-install/terraform.tfvars.example index 93c2716c..8ff0909b 100644 --- a/examples/terraform/etcd3-install/terraform.tfvars.example +++ b/examples/terraform/etcd3-install/terraform.tfvars.example @@ -2,6 +2,6 @@ matchbox_http_endpoint = "http://matchbox.example.com:8080" matchbox_rpc_endpoint = "matchbox.example.com:8081" # ssh_authorized_key = "ADD ME" -# Optional +# Optional (defaults) # install_disk = "/dev/sda" # container_linux_oem = "" diff --git a/examples/terraform/etcd3-install/variables.tf b/examples/terraform/etcd3-install/variables.tf index dd439d03..0e593773 100644 --- a/examples/terraform/etcd3-install/variables.tf +++ b/examples/terraform/etcd3-install/variables.tf @@ -13,14 +13,16 @@ variable "ssh_authorized_key" { description = "SSH public key to set as an authorized_key on machines" } +# optional + variable "install_disk" { - type = "string" - default = "/dev/sda" + type = "string" + default = "/dev/sda" description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)" } variable "container_linux_oem" { - type = "string" - default = "" + type = "string" + default = "" description = "Specify an OEM image id to use as base for the installation (e.g. ami, vmware_raw, xen) or leave blank for the default image" } diff --git a/examples/terraform/modules/bootkube/groups.tf b/examples/terraform/modules/bootkube/groups.tf index 5d7ab198..cc558571 100644 --- a/examples/terraform/modules/bootkube/groups.tf +++ b/examples/terraform/modules/bootkube/groups.tf @@ -3,16 +3,14 @@ resource "matchbox_group" "container-linux-install" { count = "${length(var.controller_names) + length(var.worker_names)}" name = "${format("container-linux-install-%s", element(concat(var.controller_names, var.worker_names), count.index))}" - profile = "${module.profiles.cached-container-linux-install}" + profile = "${var.cached_install == "true" ? module.profiles.cached-container-linux-install : module.profiles.container-linux-install}" selector { mac = "${element(concat(var.controller_macs, var.worker_macs), count.index)}" } metadata { - baseurl = "${var.matchbox_http_endpoint}/assets/coreos" - ssh_authorized_key = "${var.ssh_authorized_key}" - container_linux_oem = "${var.container_linux_oem}" + ssh_authorized_key = "${var.ssh_authorized_key}" } } @@ -51,8 +49,8 @@ resource "matchbox_group" "worker" { domain_name = "${element(var.worker_domains, count.index)}" etcd_endpoints = "${join(",", formatlist("%s:2379", var.controller_domains))}" etcd_on_host = "${var.experimental_self_hosted_etcd ? "false" : "true"}" - k8s_dns_service_ip = "${module.bootkube.kube_dns_service_ip}" - k8s_etcd_service_ip = "${module.bootkube.etcd_service_ip}" + k8s_dns_service_ip = "${module.bootkube.kube_dns_service_ip}" + k8s_etcd_service_ip = "${module.bootkube.etcd_service_ip}" ssh_authorized_key = "${var.ssh_authorized_key}" } } diff --git a/examples/terraform/modules/bootkube/profiles.tf b/examples/terraform/modules/bootkube/profiles.tf index 6eb4b4ba..6a2ce73c 100644 --- a/examples/terraform/modules/bootkube/profiles.tf +++ b/examples/terraform/modules/bootkube/profiles.tf @@ -4,5 +4,6 @@ module "profiles" { matchbox_http_endpoint = "${var.matchbox_http_endpoint}" container_linux_version = "${var.container_linux_version}" container_linux_channel = "${var.container_linux_channel}" - install_disk = "${var.install_disk}" + install_disk = "${var.install_disk}" + container_linux_oem = "${var.container_linux_oem}" } diff --git a/examples/terraform/modules/bootkube/variables.tf b/examples/terraform/modules/bootkube/variables.tf index b7478b0c..35473aae 100644 --- a/examples/terraform/modules/bootkube/variables.tf +++ b/examples/terraform/modules/bootkube/variables.tf @@ -73,15 +73,22 @@ variable "service_cidr" { CIDR IP range to assign Kubernetes services. The 1st IP will be reserved for kube_apiserver, the 10th IP will be reserved for kube-dns, the 15th IP will be reserved for self-hosted etcd, and the 200th IP will be reserved for bootstrap self-hosted etcd. EOD - type = "string" - default = "10.3.0.0/16" + + type = "string" + default = "10.3.0.0/16" } # optional +variable "cached_install" { + type = "string" + default = "false" + description = "Whether Container Linux should PXE boot and install from matchbox /assets cache. Note that the admin must have downloaded the container_linux_version into matchbox assets." +} + variable "install_disk" { - type = "string" - default = "/dev/sda" + type = "string" + default = "/dev/sda" description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)" } diff --git a/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl b/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl index 455a9224..f38b6a64 100644 --- a/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl +++ b/examples/terraform/modules/profiles/cl/container-linux-install.yaml.tmpl @@ -21,7 +21,13 @@ storage: inline: | #!/bin/bash -ex curl "${ignition_endpoint}?{{.request.raw_query}}&os=installed" -o ignition.json - coreos-install -d ${install_disk} -C ${container_linux_channel} -V ${container_linux_version} -i ignition.json {{if index . "baseurl"}}-b {{.baseurl}}{{end}} {{if index . "container_linux_oem"}}-o {{.container_linux_oem}}{{end}} + coreos-install \ + -d ${install_disk} \ + -C ${container_linux_channel} \ + -V ${container_linux_version} \ + -o "${container_linux_oem}" \ + ${baseurl_flag} \ + -i ignition.json udevadm settle systemctl reboot passwd: diff --git a/examples/terraform/modules/profiles/profiles.tf b/examples/terraform/modules/profiles/profiles.tf index 1510cef7..5d50b043 100644 --- a/examples/terraform/modules/profiles/profiles.tf +++ b/examples/terraform/modules/profiles/profiles.tf @@ -17,6 +17,21 @@ resource "matchbox_profile" "container-linux-install" { container_linux_config = "${data.template_file.container-linux-install-config.rendered}" } +data "template_file" "container-linux-install-config" { + template = "${file("${path.module}/cl/container-linux-install.yaml.tmpl")}" + + vars { + container_linux_channel = "${var.container_linux_channel}" + container_linux_version = "${var.container_linux_version}" + ignition_endpoint = "${format("%s/ignition", var.matchbox_http_endpoint)}" + install_disk = "${var.install_disk}" + container_linux_oem = "${var.container_linux_oem}" + + # only cached-container-linux profile adds -b baseurl + baseurl_flag = "" + } +} + // Container Linux Install profile (from matchbox /assets cache) // Note: Admin must have downloaded container_linux_version into matchbox assets. resource "matchbox_profile" "cached-container-linux-install" { @@ -34,17 +49,21 @@ resource "matchbox_profile" "cached-container-linux-install" { "console=ttyS0", ] - container_linux_config = "${data.template_file.container-linux-install-config.rendered}" + container_linux_config = "${data.template_file.cached-container-linux-install-config.rendered}" } -data "template_file" "container-linux-install-config" { +data "template_file" "cached-container-linux-install-config" { template = "${file("${path.module}/cl/container-linux-install.yaml.tmpl")}" vars { container_linux_channel = "${var.container_linux_channel}" container_linux_version = "${var.container_linux_version}" - ignition_endpoint = "${format("%s/ignition", var.matchbox_http_endpoint)}" - install_disk = "${var.install_disk}" + ignition_endpoint = "${format("%s/ignition", var.matchbox_http_endpoint)}" + install_disk = "${var.install_disk}" + container_linux_oem = "${var.container_linux_oem}" + + # profile uses -b baseurl to install from matchbox cache + baseurl_flag = "-b ${var.matchbox_http_endpoint}/assets/coreos" } } diff --git a/examples/terraform/modules/profiles/variables.tf b/examples/terraform/modules/profiles/variables.tf index 66ffa3bd..9d7fbadf 100644 --- a/examples/terraform/modules/profiles/variables.tf +++ b/examples/terraform/modules/profiles/variables.tf @@ -16,7 +16,13 @@ variable "container_linux_channel" { # optional variable "install_disk" { - type = "string" - default = "/dev/sda" + type = "string" + default = "/dev/sda" description = "Disk device to which the install profiles should install Container Linux (e.g. /dev/sda)" } + +variable "container_linux_oem" { + type = "string" + default = "" + description = "Specify an OEM image id to use as base for the installation (e.g. ami, vmware_raw, xen) or leave blank for the default image" +} diff --git a/tests/smoke/bootkube.tfvars b/tests/smoke/bootkube.tfvars index 89082eb1..93ae1fbb 100644 --- a/tests/smoke/bootkube.tfvars +++ b/tests/smoke/bootkube.tfvars @@ -19,5 +19,4 @@ k8s_domain_name = "cluster.example.com" asset_dir = "assets" # Optional -# container_linux_oem = "" -# experimental_self_hosted_etcd = "true" +cached_install = "true"