diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..3f5ca68 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +terraform.tfvars diff --git a/.terraform/modules/modules.json b/.terraform/modules/modules.json index 7bf9f75..1e61331 100644 --- a/.terraform/modules/modules.json +++ b/.terraform/modules/modules.json @@ -1 +1 @@ -{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"app","Source":"./modules/app","Dir":"modules/app"},{"Key":"apps","Source":"./modules/lxc_dynamic","Dir":"modules/lxc_dynamic"},{"Key":"db","Source":"./modules/db","Dir":"modules/db"}]} \ No newline at end of file +{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"app","Source":"./modules/app","Dir":"modules/app"},{"Key":"apps","Source":"./modules/lxc_dynamic","Dir":"modules/lxc_dynamic"},{"Key":"db","Source":"./modules/db","Dir":"modules/db"},{"Key":"monitoring","Source":"./modules/monitoring","Dir":"modules/monitoring"}]} \ No newline at end of file diff --git a/README.md b/README.md index 0ac68ef..26084a6 100644 --- a/README.md +++ b/README.md @@ -1,197 +1,13 @@ -Создал модуль lxc_container в terraform для создания LXC контейнера в proxmox. +1. Разобрана зависимость между модулями. Выполнена задача: -В итоге при выполнении terrafrom создается ВМ с ОС ubuntu из шаблона контейнера (собран шаблон контейнера вручную с внесенными изменениями). -С настроенной сетью, включенным SSH доступом root. +Создай два модуля: db и app -В основном main.tf подключается сам модуль и указываются переменные. +В db подними LXC с PostgreSQL и выведи его IP через output -В provider.tf указывается плагин провайдера для работы с proxmox - telmate/proxmox и его версия. А также настройки для подключения к proxmox. +В app подключи модуль и передай IP как переменную db_host -В terraform.tfvars указывается переменная окружения (для прода лучше использовать переменные окружения CI либо vault). +Выведи значение db_host в output app -В variables.tf происходит инициализация переменной окружения. +2. Добавлено условное включение модуля monitoring. -В modules/lxc_container/main.tf прописывается шаблон создания LXC контейнера ВМ в proxmox. - -В modules/lxc_container/outputs.tf выходные данные, которые нужно передать из модуля в основной файл main. - -В modules/lxc_container/variables.tf происходит инициализация переменных, которые передаются из основного main в модуль. - - -Создан модуль modules/lxc_dynamic для создания нескольких ВМ используя for_each. - -``` -andy@mercower:~/terraform-proxmox$ terraform plan -module.app.proxmox_lxc.app_container: Refreshing state... [id=px/lxc/100] - -Note: Objects have changed outside of Terraform - -Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan: - - # module.app.proxmox_lxc.app_container has been deleted - - resource "proxmox_lxc" "app_container" { - - hostname = "app-01" -> null - id = "px/lxc/100" - tags = null - # (35 unchanged attributes hidden) - - # (2 unchanged blocks hidden) - } - - -Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes. - -───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── - -Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: - + create - -Terraform will perform the following actions: - - # module.app.proxmox_lxc.app_container will be created - + resource "proxmox_lxc" "app_container" { - + arch = "amd64" - + cmode = "tty" - + console = true - + cores = 2 - + cpulimit = 0 - + cpuunits = 1024 - + current_node = (known after apply) - + hostname = "app-01" - + id = (known after apply) - + memory = 2048 - + onboot = false - + ostemplate = "local:vztmpl/ubuntu-22.04-custome.tar.zst" - + ostype = (known after apply) - + password = (sensitive value) - + protection = false - + ssh_public_keys = <<-EOT - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc - EOT - + start = true - + swap = 512 - + target_node = "px" - + tty = 2 - + unprivileged = false - + unused = (known after apply) - + vmid = (known after apply) - - + network { - + bridge = "vmbr1" - + firewall = true - + gw = "10.10.10.1" - + hwaddr = (known after apply) - + id = (known after apply) - + ip = "10.10.10.3/24" - + name = "eth0" - + tag = (known after apply) - + trunks = (known after apply) - + type = (known after apply) - } - - + rootfs { - + size = "8G" - + storage = "local" - + volume = (known after apply) - } - } - - # module.apps.proxmox_lxc.app_container["nginx01"] will be created - + resource "proxmox_lxc" "app_container" { - + arch = "amd64" - + cmode = "tty" - + console = true - + cores = 2 - + cpulimit = 0 - + cpuunits = 1024 - + current_node = (known after apply) - + hostname = "nginx01" - + id = (known after apply) - + memory = 2048 - + onboot = false - + ostemplate = "local:vztmpl/ubuntu-22.04-custome.tar.zst" - + ostype = (known after apply) - + password = (sensitive value) - + protection = false - + ssh_public_keys = <<-EOT - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc - EOT - + start = true - + swap = 512 - + target_node = "px" - + tty = 2 - + unprivileged = false - + unused = (known after apply) - + vmid = (known after apply) - - + network { - + bridge = "vmbr1" - + firewall = true - + gw = "10.10.10.1" - + hwaddr = (known after apply) - + id = (known after apply) - + ip = "10.10.10.5/24" - + name = "eth0" - + tag = (known after apply) - + trunks = (known after apply) - + type = (known after apply) - } - - + rootfs { - + size = "8G" - + storage = "local" - + volume = (known after apply) - } - } - - # module.apps.proxmox_lxc.app_container["nginx02"] will be created - + resource "proxmox_lxc" "app_container" { - + arch = "amd64" - + cmode = "tty" - + console = true - + cores = 2 - + cpulimit = 0 - + cpuunits = 1024 - + current_node = (known after apply) - + hostname = "nginx02" - + id = (known after apply) - + memory = 2048 - + onboot = false - + ostemplate = "local:vztmpl/ubuntu-22.04-custome.tar.zst" - + ostype = (known after apply) - + password = (sensitive value) - + protection = false - + ssh_public_keys = <<-EOT - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc - EOT - + start = true - + swap = 512 - + target_node = "px" - + tty = 2 - + unprivileged = false - + unused = (known after apply) - + vmid = (known after apply) - - + network { - + bridge = "vmbr1" - + firewall = true - + gw = "10.10.10.1" - + hwaddr = (known after apply) - + id = (known after apply) - + ip = "10.10.10.6/24" - + name = "eth0" - + tag = (known after apply) - + trunks = (known after apply) - + type = (known after apply) - } - - + rootfs { - + size = "8G" - + storage = "local" - + volume = (known after apply) - } - } - -Plan: 3 to add, 0 to change, 0 to destroy. - -``` +Командой terraform apply -var="enable_monitoring=true" модуль включается, через false terraform будет пропускать отработку данного модуля. diff --git a/main.tf b/main.tf index 373046e..a5b1473 100644 --- a/main.tf +++ b/main.tf @@ -23,7 +23,7 @@ module "db" { module "app" { source = "./modules/app" -target_node = "px" + target_node = "px" vm_hostname = "app-01" ostemplate = "local:vztmpl/ubuntu-22.04-custome.tar.zst" ssh_public_key = file("./ssh/id_terraform.pub") @@ -42,3 +42,29 @@ target_node = "px" } } + +locals { + modules_enabled = var.enable_monitoring ? toset(["monitoring"]) : [] +} + +module "monitoring" { + for_each = local.modules_enabled + source = "./modules/monitoring" + + target_node = "px" + vm_hostname = "prometheus" + ostemplate = "local:vztmpl/ubuntu-22.04-custome.tar.zst" + ssh_public_key = file("./ssh/id_terraform.pub") + private_key = file("./ssh/id_terraform") + ip_address = "10.10.10.10" + gateway = "10.10.10.1" + bridge = "vmbr1" + storage = "local" + size = "8G" + + lxc_resources = { + cores = 2 + memory = 2048 + swap = 512 + } +} diff --git a/modules/monitoring/main.tf b/modules/monitoring/main.tf new file mode 100644 index 0000000..0167083 --- /dev/null +++ b/modules/monitoring/main.tf @@ -0,0 +1,37 @@ +resource "proxmox_lxc" "app" { + target_node = var.target_node + hostname = var.vm_hostname + ostemplate = var.ostemplate + password = "password" + + ssh_public_keys = var.ssh_public_key + + cores = var.lxc_resources.cores + memory = var.lxc_resources.memory + swap = var.lxc_resources.swap + + rootfs { + storage = var.storage + size = var.size + } + + network { + name = "eth0" + bridge = var.bridge + ip = "${var.ip_address}/24" + gw = var.gateway + firewall = true + } + + start = true + + connection { + type = "ssh" + host = var.ip_address + user = "root" + private_key = var.private_key + timeout = "2m" + } + + +} diff --git a/modules/monitoring/outputs.tf b/modules/monitoring/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/modules/monitoring/variables.tf b/modules/monitoring/variables.tf new file mode 100644 index 0000000..eb6a122 --- /dev/null +++ b/modules/monitoring/variables.tf @@ -0,0 +1,18 @@ +variable "target_node" {} +variable "vm_hostname" {} +variable "ostemplate" {} +variable "ssh_public_key" {} +variable "private_key" {} +variable "ip_address" {} +variable "gateway" {} +variable "bridge" {} +variable "storage" {} +variable "size" {} + +variable "lxc_resources" { + type = object({ + cores = number + memory = number + swap = number + }) +} diff --git a/modules/monitoring/versions.tf b/modules/monitoring/versions.tf new file mode 100644 index 0000000..c540864 --- /dev/null +++ b/modules/monitoring/versions.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + proxmox = { + source = "telmate/proxmox" + version = "3.0.2-rc07" + } + } +} diff --git a/terraform.tfstate b/terraform.tfstate index acd22f0..ae63613 100644 --- a/terraform.tfstate +++ b/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.14.6", - "serial": 21, + "serial": 25, "lineage": "f4c291e8-3767-da71-b85c-0fdc56b7a316", "outputs": {}, "resources": [ @@ -33,6 +33,108 @@ "hastate": "", "hookscript": "", "hostname": "app-01", + "id": "px/lxc/102", + "ignore_unpack_errors": false, + "lock": "", + "memory": 2048, + "mountpoint": [], + "nameserver": "", + "network": [ + { + "bridge": "vmbr1", + "firewall": true, + "gw": "10.10.10.1", + "gw6": "", + "hwaddr": "BC:24:11:CF:57:44", + "id": 0, + "ip": "10.10.10.4/24", + "ip6": "", + "mtu": 0, + "name": "eth0", + "rate": 0, + "tag": 0, + "trunks": "", + "type": "veth" + } + ], + "onboot": false, + "ostemplate": "local:vztmpl/ubuntu-22.04-custome.tar.zst", + "ostype": "ubuntu", + "password": "password", + "pool": null, + "protection": false, + "restore": false, + "rootfs": [ + { + "acl": false, + "quota": false, + "replicate": false, + "ro": false, + "shared": false, + "size": "8G", + "storage": "local", + "volume": "local:102/vm-102-disk-0.raw" + } + ], + "searchdomain": "", + "ssh_public_keys": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc\n", + "start": true, + "startup": "", + "swap": 512, + "tags": "", + "target_node": "px", + "template": false, + "timeouts": null, + "tty": 2, + "unique": false, + "unprivileged": false, + "unused": [], + "vmid": 102 + }, + "sensitive_attributes": [ + [ + { + "type": "get_attr", + "value": "password" + } + ] + ], + "identity_schema_version": 0, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.db.proxmox_lxc.postgresql" + ] + } + ] + }, + { + "module": "module.db", + "mode": "managed", + "type": "proxmox_lxc", + "name": "postgresql", + "provider": "provider[\"registry.terraform.io/telmate/proxmox\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arch": "amd64", + "bwlimit": 0, + "clone": null, + "clone_storage": null, + "cmode": "tty", + "console": true, + "cores": 2, + "cpulimit": 0, + "cpuunits": 1024, + "current_node": "px", + "description": "", + "features": [], + "force": false, + "full": null, + "hagroup": "", + "hastate": "", + "hookscript": "", + "hostname": "db", "id": "px/lxc/101", "ignore_unpack_errors": false, "lock": "", @@ -45,9 +147,9 @@ "firewall": true, "gw": "10.10.10.1", "gw6": "", - "hwaddr": "BC:24:11:FE:43:63", + "hwaddr": "BC:24:11:1D:0E:B2", "id": 0, - "ip": "10.10.10.4/24", + "ip": "10.10.10.3/24", "ip6": "", "mtu": 0, "name": "eth0", @@ -100,18 +202,15 @@ ] ], "identity_schema_version": 0, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", - "dependencies": [ - "module.db.proxmox_lxc.postgresql" - ] + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19" } ] }, { - "module": "module.db", + "module": "module.monitoring[\"monitoring\"]", "mode": "managed", "type": "proxmox_lxc", - "name": "postgresql", + "name": "app", "provider": "provider[\"registry.terraform.io/telmate/proxmox\"]", "instances": [ { @@ -134,7 +233,7 @@ "hagroup": "", "hastate": "", "hookscript": "", - "hostname": "db", + "hostname": "prometheus", "id": "px/lxc/100", "ignore_unpack_errors": false, "lock": "", @@ -147,9 +246,9 @@ "firewall": true, "gw": "10.10.10.1", "gw6": "", - "hwaddr": "BC:24:11:C0:09:67", + "hwaddr": "BC:24:11:05:0E:7B", "id": 0, - "ip": "10.10.10.3/24", + "ip": "10.10.10.10/24", "ip6": "", "mtu": 0, "name": "eth0", diff --git a/terraform.tfstate.backup b/terraform.tfstate.backup index d940336..acd22f0 100644 --- a/terraform.tfstate.backup +++ b/terraform.tfstate.backup @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.14.6", - "serial": 18, + "serial": 21, "lineage": "f4c291e8-3767-da71-b85c-0fdc56b7a316", "outputs": {}, "resources": [ @@ -45,7 +45,7 @@ "firewall": true, "gw": "10.10.10.1", "gw6": "", - "hwaddr": "BC:24:11:D1:7E:AF", + "hwaddr": "BC:24:11:FE:43:63", "id": 0, "ip": "10.10.10.4/24", "ip6": "", @@ -147,7 +147,7 @@ "firewall": true, "gw": "10.10.10.1", "gw6": "", - "hwaddr": "BC:24:11:80:08:AB", + "hwaddr": "BC:24:11:C0:09:67", "id": 0, "ip": "10.10.10.3/24", "ip6": "", diff --git a/terraform.tfvars b/terraform.tfvars index 20d3d58..04838c2 100644 --- a/terraform.tfvars +++ b/terraform.tfvars @@ -1 +1 @@ -pm_token_secret = "db7041aa-ced2-40d8-a5d5-7883f064210d" +pm_token_secret = "192b290d-c88c-4c72-86f4-f8e818070efa" diff --git a/variables.tf b/variables.tf index 97ead75..5b3fc31 100644 --- a/variables.tf +++ b/variables.tf @@ -1,3 +1,8 @@ variable "pm_token_secret" { description = "Секрет токена Proxmox" } + +variable "enable_monitoring" { + type = bool + default = false +}