From ef7566640c6e422513f17b17f786c6c28415e12b Mon Sep 17 00:00:00 2001 From: Serge Logvinov Date: Sun, 8 May 2022 17:13:42 +0300 Subject: [PATCH] Fix deployments --- openstack/deployments/cilium.yaml | 2 +- openstack/deployments/cilium_result.yaml | 6 +- openstack/images/images.tf | 4 +- openstack/modules/controlplane/main.tf | 70 +++++++++++++++++++++ openstack/modules/controlplane/outputs.tf | 12 ++++ openstack/modules/controlplane/variables.tf | 39 ++++++++++++ openstack/modules/controlplane/versions.tf | 10 +++ 7 files changed, 137 insertions(+), 6 deletions(-) create mode 100644 openstack/modules/controlplane/main.tf create mode 100644 openstack/modules/controlplane/outputs.tf create mode 100644 openstack/modules/controlplane/variables.tf create mode 100644 openstack/modules/controlplane/versions.tf diff --git a/openstack/deployments/cilium.yaml b/openstack/deployments/cilium.yaml index a7f8094..18516d5 100644 --- a/openstack/deployments/cilium.yaml +++ b/openstack/deployments/cilium.yaml @@ -1,6 +1,6 @@ --- -k8sServiceHost: "172.16.0.10" +k8sServiceHost: "172.16.132.11" k8sServicePort: "6443" operator: diff --git a/openstack/deployments/cilium_result.yaml b/openstack/deployments/cilium_result.yaml index 4b6095b..20c251a 100644 --- a/openstack/deployments/cilium_result.yaml +++ b/openstack/deployments/cilium_result.yaml @@ -538,7 +538,7 @@ spec: key: custom-cni-conf optional: true - name: KUBERNETES_SERVICE_HOST - value: "172.16.0.10" + value: "172.16.132.11" - name: KUBERNETES_SERVICE_PORT value: "6443" lifecycle: @@ -616,7 +616,7 @@ spec: key: clean-cilium-bpf-state optional: true - name: KUBERNETES_SERVICE_HOST - value: "172.16.0.10" + value: "172.16.132.11" - name: KUBERNETES_SERVICE_PORT value: "6443" securityContext: @@ -756,7 +756,7 @@ spec: name: cilium-config optional: true - name: KUBERNETES_SERVICE_HOST - value: "172.16.0.10" + value: "172.16.132.11" - name: KUBERNETES_SERVICE_PORT value: "6443" livenessProbe: diff --git a/openstack/images/images.tf b/openstack/images/images.tf index 051fdcb..4783a10 100644 --- a/openstack/images/images.tf +++ b/openstack/images/images.tf @@ -1,7 +1,7 @@ resource "openstack_images_image_v2" "talos" { - count = length(var.regions) - region = element(var.regions, count.index) + for_each = { for idx, name in var.regions : name => idx } + region = each.key name = "talos" container_format = "bare" disk_format = "raw" diff --git a/openstack/modules/controlplane/main.tf b/openstack/modules/controlplane/main.tf new file mode 100644 index 0000000..add88cc --- /dev/null +++ b/openstack/modules/controlplane/main.tf @@ -0,0 +1,70 @@ + +resource "openstack_networking_port_v2" "controlplane" { + count = var.instance_count + region = var.region + name = "controlplane-${lower(var.region)}-${count.index + 1}" + network_id = var.network_internal.network_id + admin_state_up = true + port_security_enabled = false + + fixed_ip { + subnet_id = var.network_internal.subnet_id + ip_address = cidrhost(var.network_internal.cidr, var.instance_ip_start + count.index) + } +} + +resource "openstack_networking_port_v2" "controlplane_public" { + count = var.instance_count + region = var.region + name = "controlplane-${lower(var.region)}-${count.index + 1}" + network_id = var.network_external.id + admin_state_up = "true" +} + +resource "openstack_compute_instance_v2" "controlplane" { + count = var.instance_count + region = var.region + name = "controlplane-${lower(var.region)}-${count.index + 1}" + flavor_name = var.instance_flavor + image_id = var.instance_image + + network { + port = openstack_networking_port_v2.controlplane_public[count.index].id + } + network { + port = openstack_networking_port_v2.controlplane[count.index].id + } + + lifecycle { + ignore_changes = [flavor_name, image_id, user_data] + } +} + +locals { + ipv4_local = var.instance_count > 0 ? [for k in try(openstack_networking_port_v2.controlplane_public[0].all_fixed_ips, []) : k if length(regexall("[0-9]+.[0-9.]+", k)) > 0][0] : "" + ipv4_local_vip = cidrhost(var.network_internal.cidr, 5) + + controlplane_labels = "" +} + +resource "local_file" "controlplane" { + count = var.instance_count + + content = templatefile("${path.module}/../../templates/controlplane.yaml", + merge(var.instance_params, { + name = "controlplane-${lower(var.region)}-${count.index + 1}" + type = "controlplane" + labels = local.controlplane_labels + + ipv4_local = [for k in openstack_networking_port_v2.controlplane[count.index].all_fixed_ips : k if length(regexall("[0-9]+.[0-9.]+", k)) > 0][0] + ipv4_local_vip = local.ipv4_local_vip + + ipv4 = [for k in openstack_networking_port_v2.controlplane_public[count.index].all_fixed_ips : k if length(regexall("[0-9]+.[0-9.]+", k)) > 0][0] + ipv6 = [for k in openstack_networking_port_v2.controlplane_public[count.index].all_fixed_ips : k if length(regexall("[0-9a-z]+:[0-9a-z:]+", k)) > 0][0] + + nodeSubnets = var.network_internal.cidr + }) + ) + filename = "_cfgs/controlplane-${lower(var.region)}-${count.index + 1}.yaml" + file_permission = "0600" +} diff --git a/openstack/modules/controlplane/outputs.tf b/openstack/modules/controlplane/outputs.tf new file mode 100644 index 0000000..29a6200 --- /dev/null +++ b/openstack/modules/controlplane/outputs.tf @@ -0,0 +1,12 @@ + +output "controlplane_endpoints" { + description = "Kubernetes controlplane endpoint" + value = [for ip in try(openstack_networking_port_v2.controlplane_public[*].all_fixed_ips, []) : ip] + depends_on = [openstack_networking_port_v2.controlplane_public] +} + +output "controlplane_bootstrap" { + description = "Kubernetes controlplane bootstrap command" + value = local.ipv4_local == "" ? "" : "talosctl apply-config --insecure --nodes ${local.ipv4_local} --file _cfgs/controlplane-${lower(var.region)}-1.yaml" + depends_on = [openstack_networking_port_v2.controlplane_public] +} diff --git a/openstack/modules/controlplane/variables.tf b/openstack/modules/controlplane/variables.tf new file mode 100644 index 0000000..0757db1 --- /dev/null +++ b/openstack/modules/controlplane/variables.tf @@ -0,0 +1,39 @@ + +variable "region" { + description = "Region" + type = string +} + +variable "network_internal" { + description = "Internal network" +} + +variable "network_external" { + description = "External network" +} + +variable "instance_count" { + description = "Instances in region" + type = number +} + +variable "instance_flavor" { + description = "Instance type" + type = string +} + +variable "instance_image" { + description = "Instance image" + type = string +} + +variable "instance_params" { + description = "Instance template parameters" + type = map(string) +} + +variable "instance_ip_start" { + description = "Instances in region" + type = number + default = 11 +} diff --git a/openstack/modules/controlplane/versions.tf b/openstack/modules/controlplane/versions.tf new file mode 100644 index 0000000..a5aeb95 --- /dev/null +++ b/openstack/modules/controlplane/versions.tf @@ -0,0 +1,10 @@ + +terraform { + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + version = "~> 1.47.0" + } + } + required_version = ">= 1.0" +}