Openstack workers

2025-11-03 11:47:45 +00:00 · 2021-11-14 18:48:53 +02:00
parent b766851961
commit c50cdf040b
7 changed files with 141 additions and 17 deletions
--- a/openstack/Makefile
+++ b/openstack/Makefile
@@ -13,15 +13,13 @@ create-templates:
 	@echo 'serviceSubnets: "10.200.0.0/22,fd40:10:200::/112"'  >> _cfgs/tfstate.vars
 	@echo 'apiDomain: api.cluster.local'                       >> _cfgs/tfstate.vars
 	@yq eval '.cluster.network.dnsDomain' _cfgs/controlplane.yaml | awk '{ print "domain: "$$1}'       >> _cfgs/tfstate.vars
-	@yq eval '.cluster.clusterName' _cfgs/controlplane.yaml       | awk '{ print "cluster_name: "$$1}' >> _cfgs/tfstate.vars
+	@yq eval '.cluster.clusterName' _cfgs/controlplane.yaml       | awk '{ print "clusterName: "$$1}'  >> _cfgs/tfstate.vars
-	@yq eval '.machine.token'  _cfgs/controlplane.yaml            | awk '{ print "tokenmachine: "$$1}' >> _cfgs/tfstate.vars
+	@yq eval '.machine.token'  _cfgs/controlplane.yaml            | awk '{ print "tokenMachine: "$$1}' >> _cfgs/tfstate.vars
 	@yq eval '.machine.ca.crt' _cfgs/controlplane.yaml            | awk '{ print "caMachine: "$$1}'    >> _cfgs/tfstate.vars
 	@yq eval '.cluster.token'  _cfgs/controlplane.yaml            | awk '{ print "token: "$$1}'        >> _cfgs/tfstate.vars
 	@yq eval '.cluster.ca.crt' _cfgs/controlplane.yaml            | awk '{ print "ca: "$$1}'           >> _cfgs/tfstate.vars
 	@yq eval -o=json '{"kubernetes": .}' _cfgs/tfstate.vars > terraform.tfvars.json
 # create-controlplane: ## Bootstrap first controlplane node
 # 	terraform apply -target=hcloud_server.controlplane
 create-kubeconfig:
 	talosctl --talosconfig _cfgs/talosconfig --nodes 172.18.0.11 kubeconfig
--- a/openstack/instances-master.tf
+++ b/openstack/instances-master.tf
@@ -4,7 +4,7 @@ resource "openstack_networking_port_v2" "vip" {
  region         = element(var.regions, count.index)
  name           = "vip"
  network_id     = data.openstack_networking_network_v2.main[count.index].id
-  admin_state_up = "true"
+  admin_state_up = true
  fixed_ip {
    subnet_id  = openstack_networking_subnet_v2.core[count.index].id
@@ -15,9 +15,10 @@ resource "openstack_networking_port_v2" "vip" {
 resource "openstack_networking_port_v2" "controlplane" {
  count                 = length(var.regions)
  region                = element(var.regions, count.index)
-  name           = "master-${count.index + 1}"
+  name                  = "controlplane-${count.index + 1}"
  network_id            = data.openstack_networking_network_v2.main[count.index].id
-  admin_state_up = "true"
+  admin_state_up        = true
  port_security_enabled = false
  fixed_ip {
    subnet_id  = openstack_networking_subnet_v2.core[count.index].id
@@ -25,6 +26,22 @@ resource "openstack_networking_port_v2" "controlplane" {
  }
 }
 resource "openstack_networking_port_v2" "controlplane_public" {
  count          = length(var.regions)
  region         = element(var.regions, count.index)
  name           = "controlplane-public-${count.index + 1}"
  network_id     = data.openstack_networking_network_v2.external[count.index].id
  admin_state_up = "true"
 }
 data "openstack_networking_subnet_v2" "controlplane_public" {
  count      = length(var.regions)
  region     = element(var.regions, count.index)
  network_id = data.openstack_networking_network_v2.external[count.index].id
  # address_scope_id = openstack_networking_port_v2.controlplane_public[count.index].id
  ip_version = 6
 }
 resource "openstack_compute_instance_v2" "controlplane" {
  count       = 1
  name        = "master-${count.index + 1}"
@@ -39,13 +56,14 @@ resource "openstack_compute_instance_v2" "controlplane" {
      lbv4        = local.lbv4
      ipv4_local  = openstack_networking_port_v2.controlplane[count.index].fixed_ip[0].ip_address
      ipv4_vip    = local.ipv4_vip
      ipv6        = [for k in openstack_networking_port_v2.controlplane_public[count.index].all_fixed_ips : k if length(regexall("[0-9a-z]+:[0-9a-z:]+", k)) > 0][0]
      ipv6_gw     = data.openstack_networking_subnet_v2.controlplane_public[count.index].gateway_ip
      nodeSubnets = var.vpc_main_cidr
    })
  )
  network {
-    name           = data.openstack_networking_network_v2.external[count.index].name
+    port = openstack_networking_port_v2.controlplane_public[count.index].id
    access_network = true
  }
  network {
    port = openstack_networking_port_v2.controlplane[count.index].id
@@ -65,6 +83,8 @@ resource "openstack_compute_instance_v2" "controlplane" {
 #       lbv4        = local.lbv4
 #       ipv4_local  = openstack_networking_port_v2.controlplane[count.index].fixed_ip[0].ip_address
 #       ipv4_vip    = local.ipv4_vip
 #       ipv6        = [for k in openstack_networking_port_v2.controlplane_public[count.index].all_fixed_ips : k if length(regexall("[0-9a-z]+:[0-9a-z:]+", k)) > 0][0]
 #       ipv6_gw     = data.openstack_networking_subnet_v2.controlplane_public[count.index].gateway_ip
 #       nodeSubnets = var.vpc_main_cidr
 #     })
 #   )
--- a/openstack/instances-workers.tf
+++ b/openstack/instances-workers.tf
@@ -0,0 +1,56 @@
 resource "openstack_networking_port_v2" "worker" {
  count          = length(var.regions)
  region         = element(var.regions, count.index)
  name           = "worker-${count.index + 1}"
  network_id     = data.openstack_networking_network_v2.main[count.index].id
  admin_state_up = "true"
  fixed_ip {
    subnet_id  = openstack_networking_subnet_v2.private[count.index].id
    ip_address = cidrhost(openstack_networking_subnet_v2.private[count.index].cidr, 40 + count.index)
  }
 }
 locals {
  worker_labels = "project.io/node-pool=worker"
 }
 resource "openstack_compute_instance_v2" "worker" {
  count       = 1
  name        = "worker-${count.index + 1}"
  image_id    = openstack_images_image_v2.talos[count.index].id
  flavor_name = "s1-2"
  region      = element(var.regions, count.index)
  user_data = templatefile("${path.module}/templates/worker.yaml.tpl",
    merge(var.kubernetes, {
      name        = "worker-${count.index + 1}"
      lbv4        = local.lbv4
      nodeSubnets = var.vpc_main_cidr
      labels      = local.worker_labels
    })
  )
  network {
    port = openstack_networking_port_v2.worker[count.index].id
  }
  lifecycle {
    ignore_changes = [user_data, image_id]
  }
 }
 # resource "local_file" "worker" {
 #   count = 1
 #   content = templatefile("${path.module}/templates/worker.yaml.tpl",
 #     merge(var.kubernetes, {
 #       name        = "worker-${count.index + 1}"
 #       lbv4        = local.lbv4
 #       nodeSubnets = var.vpc_main_cidr
 #       labels      = local.worker_labels
 #     })
 #   )
 #   filename        = "_cfgs/worker-${count.index + 1}.yaml"
 #   file_permission = "0640"
 # }
--- a/openstack/network.tf
+++ b/openstack/network.tf
@@ -25,6 +25,7 @@ resource "openstack_networking_subnet_v2" "core" {
    end   = cidrhost(cidrsubnet(var.vpc_main_cidr, 8, count.index * 4), -7)
  }
  ip_version      = 4
  dns_nameservers = ["1.1.1.1", "8.8.8.8"]
 }
 resource "openstack_networking_subnet_v2" "private" {
@@ -38,6 +39,7 @@ resource "openstack_networking_subnet_v2" "private" {
    end   = cidrhost(cidrsubnet(var.vpc_main_cidr, 8, 1 + count.index * 4), -7)
  }
  ip_version      = 4
  dns_nameservers = ["1.1.1.1", "8.8.8.8"]
 }
 data "openstack_networking_network_v2" "external" {
--- a/openstack/templates/controlplane.yaml.tpl
+++ b/openstack/templates/controlplane.yaml.tpl
@@ -19,6 +19,11 @@ machine:
    interfaces:
      - interface: eth0
        dhcp: true
        addresses:
          - ${ipv6}/56
        routes:
          - network: ::/0
            gateway: ${ipv6_gw}
      - interface: eth1
        dhcp: true
        vip:
--- a/openstack/templates/worker.yaml.tpl
+++ b/openstack/templates/worker.yaml.tpl
@@ -0,0 +1,41 @@
 version: v1alpha1
 debug: false
 persist: true
 machine:
  type: worker
  token: ${tokenMachine}
  ca:
    crt: ${caMachine}
  kubelet:
    extraArgs:
      cloud-provider: external
      rotate-server-certificates: true
      node-labels: "${labels}"
    nodeIP:
      validSubnets: ${format("%#v",split(",",nodeSubnets))}
    clusterDNS:
      - 169.254.2.53
  network:
    hostname: "${name}"
    interfaces:
      - interface: dummy0
        addresses:
          - 169.254.2.53/32
          - fd00::169:254:2:53/128
  sysctls:
    net.core.somaxconn: 65535
    net.core.netdev_max_backlog: 4096
  install:
    wipe: false
 cluster:
  controlPlane:
    endpoint: https://${lbv4}:6443
  clusterName: ${clusterName}
  network:
    dnsDomain: ${domain}
    serviceSubnets: ${format("%#v",split(",",serviceSubnets))}
  proxy:
    disabled: true
  token: ${token}
  ca:
    crt: ${ca}
--- a/openstack/variables.tf
+++ b/openstack/variables.tf
@@ -23,11 +23,13 @@ variable "kubernetes" {
    serviceSubnets = "10.200.0.0/22,fd40:10:200::/112"
    domain         = "cluster.local"
    apiDomain      = "api.cluster.local"
-    cluster_name   = "talos-k8s-hezner"
+    clusterName    = "talos-k8s-hezner"
-    tokenmachine   = ""
+    tokenMachine   = ""
    caMachine      = ""
    token          = ""
    ca             = ""
  }
  sensitive = true
 }
 variable "controlplane" {