initial commit
This commit is contained in:
Matthias Hinrichs
@@ -0,0 +1,183 @@
|
||||
terraform {
|
||||
required_providers {
|
||||
rancher2 = {
|
||||
source = "rancher/rancher2"
|
||||
version = ">= 7.3.2"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
locals {
|
||||
env_config = {
|
||||
dev = {
|
||||
cluster_control_node_count = 0
|
||||
cluster_worker_node_count = 0
|
||||
cluster_all-in-one_node_count = 1
|
||||
}
|
||||
test = {
|
||||
cluster_control_node_count = 1
|
||||
cluster_worker_node_count = 1
|
||||
cluster_all-in-one_node_count = 0
|
||||
}
|
||||
prod = {
|
||||
cluster_control_node_count = 3
|
||||
cluster_worker_node_count = 2
|
||||
cluster_all-in-one_node_count = 0
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
data "rancher2_cluster_v2" "harvester" {
|
||||
name = var.harvester_cluster_name
|
||||
}
|
||||
|
||||
resource "rancher2_cloud_credential" "harvester" {
|
||||
name = "${var.cluster_name}-${var.cluster_environment}-harvester"
|
||||
harvester_credential_config {
|
||||
cluster_id = data.rancher2_cluster_v2.harvester.cluster_v1_id
|
||||
cluster_type = "imported"
|
||||
kubeconfig_content = data.rancher2_cluster_v2.harvester.kube_config
|
||||
}
|
||||
}
|
||||
|
||||
resource "rancher2_machine_config_v2" "vm-large" {
|
||||
generate_name = "${var.cluster_name}-large"
|
||||
harvester_config {
|
||||
vm_namespace = "hnrx-${var.cluster_environment}-cluster"
|
||||
cpu_count = 2
|
||||
memory_size = 4
|
||||
disk_info = jsonencode({
|
||||
disks = [{
|
||||
imageName = var.cluster_vm_image
|
||||
size = 75
|
||||
bootOrder = 1
|
||||
}]
|
||||
})
|
||||
network_info = jsonencode({
|
||||
interfaces = [{
|
||||
networkName = var.cluster_vm_network
|
||||
}]
|
||||
})
|
||||
ssh_user = "opensuse"
|
||||
}
|
||||
}
|
||||
|
||||
resource "rancher2_machine_config_v2" "vm-xlarge" {
|
||||
generate_name = "${var.cluster_name}-xlarge"
|
||||
harvester_config {
|
||||
vm_namespace = "hnrx-${var.cluster_environment}-cluster"
|
||||
cpu_count = 4
|
||||
memory_size = 8
|
||||
disk_info = jsonencode({
|
||||
disks = [{
|
||||
imageName = var.cluster_vm_image
|
||||
size = 100
|
||||
bootOrder = 1
|
||||
}]
|
||||
})
|
||||
network_info = jsonencode({
|
||||
interfaces = [{
|
||||
networkName = var.cluster_vm_network
|
||||
}]
|
||||
})
|
||||
ssh_user = "opensuse"
|
||||
}
|
||||
}
|
||||
|
||||
resource "rancher2_machine_config_v2" "vm-xxlarge" {
|
||||
generate_name = "${var.cluster_name}-xxlarge"
|
||||
harvester_config {
|
||||
vm_namespace = "hnrx-${var.cluster_environment}-cluster"
|
||||
cpu_count = 4
|
||||
memory_size = 16
|
||||
disk_info = jsonencode({
|
||||
disks = [{
|
||||
imageName = var.cluster_vm_image
|
||||
size = 100
|
||||
bootOrder = 1
|
||||
}]
|
||||
})
|
||||
network_info = jsonencode({
|
||||
interfaces = [{
|
||||
networkName = var.cluster_vm_network
|
||||
}]
|
||||
})
|
||||
ssh_user = "opensuse"
|
||||
}
|
||||
}
|
||||
|
||||
resource "rancher2_cluster_v2" "cluster" {
|
||||
name = "${var.cluster_name}-${var.cluster_environment}"
|
||||
labels = {
|
||||
"cluster-environment" = var.cluster_environment
|
||||
"cluster-features/cni" = "cilium"
|
||||
"cluster-features/gateway-api" = "true"
|
||||
}
|
||||
kubernetes_version = var.cluster_kubernetes_version
|
||||
enable_network_policy = false
|
||||
|
||||
rke_config {
|
||||
machine_pools {
|
||||
name = "all-in-one"
|
||||
cloud_credential_secret_name = rancher2_cloud_credential.harvester.id
|
||||
control_plane_role = true
|
||||
etcd_role = true
|
||||
worker_role = true
|
||||
quantity = local.env_config[var.cluster_environment].cluster_all-in-one_node_count
|
||||
machine_config {
|
||||
kind = rancher2_machine_config_v2.vm-xxlarge.kind
|
||||
name = rancher2_machine_config_v2.vm-xxlarge.name
|
||||
}
|
||||
}
|
||||
machine_pools {
|
||||
name = "control-plane"
|
||||
cloud_credential_secret_name = rancher2_cloud_credential.harvester.id
|
||||
control_plane_role = true
|
||||
etcd_role = true
|
||||
worker_role = false
|
||||
quantity = local.env_config[var.cluster_environment].cluster_control_node_count
|
||||
machine_config {
|
||||
kind = rancher2_machine_config_v2.vm-large.kind
|
||||
name = rancher2_machine_config_v2.vm-large.name
|
||||
}
|
||||
}
|
||||
machine_pools {
|
||||
name = "worker"
|
||||
cloud_credential_secret_name = rancher2_cloud_credential.harvester.id
|
||||
control_plane_role = false
|
||||
etcd_role = false
|
||||
worker_role = true
|
||||
quantity = local.env_config[var.cluster_environment].cluster_worker_node_count
|
||||
machine_config {
|
||||
kind = rancher2_machine_config_v2.vm-xlarge.kind
|
||||
name = rancher2_machine_config_v2.vm-xlarge.name
|
||||
}
|
||||
}
|
||||
|
||||
machine_selector_config {
|
||||
config = yamlencode({
|
||||
cloud-provider-name = "harvester"
|
||||
cloud-provider-config = "${var.cluster_name}-${var.cluster_environment}-kubeconfig"
|
||||
})
|
||||
}
|
||||
|
||||
machine_global_config = yamlencode({
|
||||
cni = "cilium"
|
||||
disable-kube-proxy = true
|
||||
})
|
||||
|
||||
chart_values = <<EOF
|
||||
rke2-cilium:
|
||||
kubeProxyReplacement: true
|
||||
k8sServiceHost: 127.0.0.1
|
||||
k8sServicePort: '6443'
|
||||
gatewayAPI:
|
||||
enabled: true
|
||||
operator:
|
||||
replicas: ${local.env_config[var.cluster_environment].cluster_all-in-one_node_count + local.env_config[var.cluster_environment].cluster_control_node_count}
|
||||
harvester-cloud-provider:
|
||||
clusterName: ${var.cluster_name}-${var.cluster_environment}
|
||||
cloudConfigPath: /var/lib/rancher/rke2/etc/config-files/cloud-provider-config
|
||||
EOF
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user