Or 'Cloud-in-a-Can'.
This deploys users, groups, and roles.
Then, this builds some preset 'flavors' for secure VMs:
The goal is to have it as automated as possible, with as few HITL interactions as possible.
I am adapting this to the new provider.
Plan for Output:
This deploys a 'cloud in a can' ready to be reused dependent on an input dataset.
This input dataset, given in a tabular dataset, produces an output set of vms across the dataset. This deploys users, groups, roles, etc.
This outputs the data structure representative of the cloud, with metadata defining all elements deployed.
{'node', 'vm stuff', 'e.g.'}
Each of these nodes will deploy according to the input. So, what needs to be abstracted?
Working on this currently in data_elements.tf troubleshooting modules / network config
The provider requires an API token and an SSH key.
The SSH key is generated here and persisted as both input and output; both the private and public key are stored as attrbiutes.
The API token must be generated by you.
I dorked around with authy 2fa totp here. we'll see if I need to remove it.
This deploys a series of proxmox nodes into an expected output structure.
known issues: Flaky-ass provider; resolution - cancel apply, murder and delete failues, reapply. 5 min apply on average. ideal final solution - provider swap or automate around failures and ensure recording time metrics for comparison
This uses the environment variables PM_API_URL
, PM_API_TOKEN_SECRET
, and PM_API_TOKEN_ID
(or other appropriate credentials) to define connectivity for the provider.
There are four files here:
vars.tf
`: This contains the following data structures:
versions.tf
: Simply declaring the required Telmate provider.main.tf
: This deploys three sets of QEmu VMs into the proxmox cluster (master, control, worker).output.tf
: This contains three key-value 'VM Name' to 'VM IP' output data structures identifying the contact information for the deployed VMs.On the far side of this is a set of managed vms in a few groups.
TODO: CODE FOLD HERE
#######################
# Fixed Compute Layer #
#######################
variable "k8s_nodes_master" {
type = list(string)
description = "A single proxmox node to be the master node."
default = ["gaianode00"]
}
variable "k8s_nodes_control" {
type = list(string)
description = "A list of proxmox nodes to put control nodes on."
default = ["gaianode01", "gaianode02", "gaianode03"]
}
variable "k8s_nodes_worker" {
type = list(string)
description = "A list of proxmox nodes to put worker nodes on."
default = ["gaianode00", "gaianode01", "gaianode02", "gaianode03"]
}
module "fixed_compute_layer_control_master" {
source = "./LunaHouseholdFixedComputeLayer"
k8s_nodes = {
"k8s_nodes_master" = var.k8s_nodes_master,
"k8s_nodes_control" = var.k8s_nodes_control,
"k8s_nodes_worker" = var.k8s_nodes_worker
}
ssh_username = module.secrets_engine.pm_api_user
ssh_public_key = module.secrets_engine.fixed_compute_public_key
ssh_private_key = module.secrets_engine.fixed_compute_private_key
providers = {
proxmox = proxmox
}
}