You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

226 lines
8.4 KiB

  1. resource "openstack_networking_floatingip_v2" "k8s_master" {
  2. count = "${var.number_of_k8s_masters + var.number_of_k8s_masters_no_etcd}"
  3. pool = "${var.floatingip_pool}"
  4. }
  5. resource "openstack_networking_floatingip_v2" "k8s_node" {
  6. count = "${var.number_of_k8s_nodes}"
  7. pool = "${var.floatingip_pool}"
  8. }
  9. resource "openstack_compute_keypair_v2" "k8s" {
  10. name = "kubernetes-${var.cluster_name}"
  11. public_key = "${file(var.public_key_path)}"
  12. }
  13. resource "openstack_compute_secgroup_v2" "k8s_master" {
  14. name = "${var.cluster_name}-k8s-master"
  15. description = "${var.cluster_name} - Kubernetes Master"
  16. }
  17. resource "openstack_compute_secgroup_v2" "k8s" {
  18. name = "${var.cluster_name}-k8s"
  19. description = "${var.cluster_name} - Kubernetes"
  20. rule {
  21. ip_protocol = "tcp"
  22. from_port = "22"
  23. to_port = "22"
  24. cidr = "0.0.0.0/0"
  25. }
  26. rule {
  27. ip_protocol = "icmp"
  28. from_port = "-1"
  29. to_port = "-1"
  30. cidr = "0.0.0.0/0"
  31. }
  32. rule {
  33. ip_protocol = "tcp"
  34. from_port = "1"
  35. to_port = "65535"
  36. self = true
  37. }
  38. rule {
  39. ip_protocol = "udp"
  40. from_port = "1"
  41. to_port = "65535"
  42. self = true
  43. }
  44. rule {
  45. ip_protocol = "icmp"
  46. from_port = "-1"
  47. to_port = "-1"
  48. self = true
  49. }
  50. }
  51. resource "openstack_compute_instance_v2" "k8s_master" {
  52. name = "${var.cluster_name}-k8s-master-${count.index+1}"
  53. count = "${var.number_of_k8s_masters}"
  54. image_name = "${var.image}"
  55. flavor_id = "${var.flavor_k8s_master}"
  56. key_pair = "${openstack_compute_keypair_v2.k8s.name}"
  57. network {
  58. name = "${var.network_name}"
  59. }
  60. security_groups = [ "${openstack_compute_secgroup_v2.k8s_master.name}",
  61. "${openstack_compute_secgroup_v2.k8s.name}" ]
  62. floating_ip = "${element(openstack_networking_floatingip_v2.k8s_master.*.address, count.index)}"
  63. metadata = {
  64. ssh_user = "${var.ssh_user}"
  65. kubespray_groups = "etcd,kube-master,kube-node,k8s-cluster,vault"
  66. }
  67. }
  68. resource "openstack_compute_instance_v2" "k8s_master_no_etcd" {
  69. name = "${var.cluster_name}-k8s-master-ne-${count.index+1}"
  70. count = "${var.number_of_k8s_masters_no_etcd}"
  71. image_name = "${var.image}"
  72. flavor_id = "${var.flavor_k8s_master}"
  73. key_pair = "${openstack_compute_keypair_v2.k8s.name}"
  74. network {
  75. name = "${var.network_name}"
  76. }
  77. security_groups = [ "${openstack_compute_secgroup_v2.k8s_master.name}",
  78. "${openstack_compute_secgroup_v2.k8s.name}" ]
  79. floating_ip = "${element(openstack_networking_floatingip_v2.k8s_master.*.address, count.index + var.number_of_k8s_masters)}"
  80. metadata = {
  81. ssh_user = "${var.ssh_user}"
  82. kubespray_groups = "kube-master,kube-node,k8s-cluster,vault"
  83. }
  84. }
  85. resource "openstack_compute_instance_v2" "etcd" {
  86. name = "${var.cluster_name}-etcd-${count.index+1}"
  87. count = "${var.number_of_etcd}"
  88. image_name = "${var.image}"
  89. flavor_id = "${var.flavor_etcd}"
  90. key_pair = "${openstack_compute_keypair_v2.k8s.name}"
  91. network {
  92. name = "${var.network_name}"
  93. }
  94. security_groups = [ "${openstack_compute_secgroup_v2.k8s.name}" ]
  95. metadata = {
  96. ssh_user = "${var.ssh_user}"
  97. kubespray_groups = "etcd,vault,no-floating"
  98. }
  99. provisioner "local-exec" {
  100. command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element(openstack_networking_floatingip_v2.k8s_master.*.address, 0)}/ > contrib/terraform/openstack/group_vars/no-floating.yml"
  101. }
  102. }
  103. resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip" {
  104. name = "${var.cluster_name}-k8s-master-nf-${count.index+1}"
  105. count = "${var.number_of_k8s_masters_no_floating_ip}"
  106. image_name = "${var.image}"
  107. flavor_id = "${var.flavor_k8s_master}"
  108. key_pair = "${openstack_compute_keypair_v2.k8s.name}"
  109. network {
  110. name = "${var.network_name}"
  111. }
  112. security_groups = [ "${openstack_compute_secgroup_v2.k8s_master.name}",
  113. "${openstack_compute_secgroup_v2.k8s.name}" ]
  114. metadata = {
  115. ssh_user = "${var.ssh_user}"
  116. kubespray_groups = "etcd,kube-master,kube-node,k8s-cluster,vault,no-floating"
  117. }
  118. provisioner "local-exec" {
  119. command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element(openstack_networking_floatingip_v2.k8s_master.*.address, 0)}/ > contrib/terraform/openstack/group_vars/no-floating.yml"
  120. }
  121. }
  122. resource "openstack_compute_instance_v2" "k8s_master_no_floating_ip_no_etcd" {
  123. name = "${var.cluster_name}-k8s-master-ne-nf-${count.index+1}"
  124. count = "${var.number_of_k8s_masters_no_floating_ip_no_etcd}"
  125. image_name = "${var.image}"
  126. flavor_id = "${var.flavor_k8s_master}"
  127. key_pair = "${openstack_compute_keypair_v2.k8s.name}"
  128. network {
  129. name = "${var.network_name}"
  130. }
  131. security_groups = [ "${openstack_compute_secgroup_v2.k8s_master.name}",
  132. "${openstack_compute_secgroup_v2.k8s.name}" ]
  133. metadata = {
  134. ssh_user = "${var.ssh_user}"
  135. kubespray_groups = "kube-master,kube-node,k8s-cluster,vault,no-floating"
  136. }
  137. provisioner "local-exec" {
  138. command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element(openstack_networking_floatingip_v2.k8s_master.*.address, 0)}/ > contrib/terraform/openstack/group_vars/no-floating.yml"
  139. }
  140. }
  141. resource "openstack_compute_instance_v2" "k8s_node" {
  142. name = "${var.cluster_name}-k8s-node-${count.index+1}"
  143. count = "${var.number_of_k8s_nodes}"
  144. image_name = "${var.image}"
  145. flavor_id = "${var.flavor_k8s_node}"
  146. key_pair = "${openstack_compute_keypair_v2.k8s.name}"
  147. network {
  148. name = "${var.network_name}"
  149. }
  150. security_groups = ["${openstack_compute_secgroup_v2.k8s.name}" ]
  151. floating_ip = "${element(openstack_networking_floatingip_v2.k8s_node.*.address, count.index)}"
  152. metadata = {
  153. ssh_user = "${var.ssh_user}"
  154. kubespray_groups = "kube-node,k8s-cluster,vault"
  155. }
  156. }
  157. resource "openstack_compute_instance_v2" "k8s_node_no_floating_ip" {
  158. name = "${var.cluster_name}-k8s-node-nf-${count.index+1}"
  159. count = "${var.number_of_k8s_nodes_no_floating_ip}"
  160. image_name = "${var.image}"
  161. flavor_id = "${var.flavor_k8s_node}"
  162. key_pair = "${openstack_compute_keypair_v2.k8s.name}"
  163. network {
  164. name = "${var.network_name}"
  165. }
  166. security_groups = ["${openstack_compute_secgroup_v2.k8s.name}" ]
  167. metadata = {
  168. ssh_user = "${var.ssh_user}"
  169. kubespray_groups = "kube-node,k8s-cluster,vault,no-floating"
  170. }
  171. provisioner "local-exec" {
  172. command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element(openstack_networking_floatingip_v2.k8s_master.*.address, 0)}/ > contrib/terraform/openstack/group_vars/no-floating.yml"
  173. }
  174. }
  175. resource "openstack_blockstorage_volume_v2" "glusterfs_volume" {
  176. name = "${var.cluster_name}-gfs-nephe-vol-${count.index+1}"
  177. count = "${var.number_of_gfs_nodes_no_floating_ip}"
  178. description = "Non-ephemeral volume for GlusterFS"
  179. size = "${var.gfs_volume_size_in_gb}"
  180. }
  181. resource "openstack_compute_instance_v2" "glusterfs_node_no_floating_ip" {
  182. name = "${var.cluster_name}-gfs-node-nf-${count.index+1}"
  183. count = "${var.number_of_gfs_nodes_no_floating_ip}"
  184. image_name = "${var.image_gfs}"
  185. flavor_id = "${var.flavor_gfs_node}"
  186. key_pair = "${openstack_compute_keypair_v2.k8s.name}"
  187. network {
  188. name = "${var.network_name}"
  189. }
  190. security_groups = ["${openstack_compute_secgroup_v2.k8s.name}" ]
  191. metadata = {
  192. ssh_user = "${var.ssh_user_gfs}"
  193. kubespray_groups = "gfs-cluster,network-storage"
  194. }
  195. volume {
  196. volume_id = "${element(openstack_blockstorage_volume_v2.glusterfs_volume.*.id, count.index)}"
  197. }
  198. provisioner "local-exec" {
  199. command = "sed s/USER/${var.ssh_user}/ contrib/terraform/openstack/ansible_bastion_template.txt | sed s/BASTION_ADDRESS/${element(openstack_networking_floatingip_v2.k8s_master.*.address, 0)}/ > contrib/terraform/openstack/group_vars/gfs-cluster.yml"
  200. }
  201. }
  202. #output "msg" {
  203. # value = "Your hosts are ready to go!\nYour ssh hosts are: ${join(", ", openstack_networking_floatingip_v2.k8s_master.*.address )}"
  204. #}