Условное включение модуля мониторинга

2026-03-08 23:36:51 +03:00 · 2026-03-08 23:36:51 +03:00 · 326dd25998
commit 326dd25998
parent d75a9b3b64
12 changed files with 219 additions and 209 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 terraform.tfvars
--- a/.terraform/modules/modules.json
+++ b/.terraform/modules/modules.json
@ -1 +1 @@
-{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"app","Source":"./modules/app","Dir":"modules/app"},{"Key":"apps","Source":"./modules/lxc_dynamic","Dir":"modules/lxc_dynamic"},{"Key":"db","Source":"./modules/db","Dir":"modules/db"}]}
+{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"app","Source":"./modules/app","Dir":"modules/app"},{"Key":"apps","Source":"./modules/lxc_dynamic","Dir":"modules/lxc_dynamic"},{"Key":"db","Source":"./modules/db","Dir":"modules/db"},{"Key":"monitoring","Source":"./modules/monitoring","Dir":"modules/monitoring"}]}
--- a/README.md
+++ b/README.md
@ -1,197 +1,13 @@
-Создал модуль lxc_container в terraform для создания LXC контейнера в proxmox.
+1. Разобрана зависимость между модулями. Выполнена задача:
-В итоге при выполнении terrafrom создается ВМ с ОС ubuntu из шаблона контейнера (собран шаблон контейнера вручную с внесенными изменениями).
+Создай два модуля: db и app
 С настроенной сетью, включенным SSH доступом root.
-В основном main.tf подключается сам модуль и указываются переменные.
+В db подними LXC с PostgreSQL и выведи его IP через output
-В provider.tf указывается плагин провайдера для работы с proxmox - telmate/proxmox и его версия. А также настройки для подключения к proxmox.
+В app подключи модуль и передай IP как переменную db_host
-В terraform.tfvars указывается переменная окружения (для прода лучше использовать переменные окружения CI либо vault).
+Выведи значение db_host в output app
-В variables.tf происходит инициализация переменной окружения.
+2. Добавлено условное включение модуля monitoring.
-В modules/lxc_container/main.tf прописывается шаблон создания LXC контейнера ВМ в proxmox.
+Командой terraform apply -var="enable_monitoring=true" модуль включается, через false terraform будет пропускать отработку данного модуля.
 В modules/lxc_container/outputs.tf выходные данные, которые нужно передать из модуля в основной файл main.
 В modules/lxc_container/variables.tf происходит инициализация переменных, которые передаются из основного main в модуль.
 Создан модуль modules/lxc_dynamic для создания нескольких ВМ используя for_each.
 ```
 andy@mercower:~/terraform-proxmox$ terraform plan
 module.app.proxmox_lxc.app_container: Refreshing state... [id=px/lxc/100]
 Note: Objects have changed outside of Terraform
 Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:
  # module.app.proxmox_lxc.app_container has been deleted
  - resource "proxmox_lxc" "app_container" {
      - hostname             = "app-01" -> null
        id                   = "px/lxc/100"
        tags                 = null
        # (35 unchanged attributes hidden)
        # (2 unchanged blocks hidden)
    }
 Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes.
 ─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
 Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create
 Terraform will perform the following actions:
  # module.app.proxmox_lxc.app_container will be created
  + resource "proxmox_lxc" "app_container" {
      + arch            = "amd64"
      + cmode           = "tty"
      + console         = true
      + cores           = 2
      + cpulimit        = 0
      + cpuunits        = 1024
      + current_node    = (known after apply)
      + hostname        = "app-01"
      + id              = (known after apply)
      + memory          = 2048
      + onboot          = false
      + ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
      + ostype          = (known after apply)
      + password        = (sensitive value)
      + protection      = false
      + ssh_public_keys = <<-EOT
            ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc
        EOT
      + start           = true
      + swap            = 512
      + target_node     = "px"
      + tty             = 2
      + unprivileged    = false
      + unused          = (known after apply)
      + vmid            = (known after apply)
      + network {
          + bridge   = "vmbr1"
          + firewall = true
          + gw       = "10.10.10.1"
          + hwaddr   = (known after apply)
          + id       = (known after apply)
          + ip       = "10.10.10.3/24"
          + name     = "eth0"
          + tag      = (known after apply)
          + trunks   = (known after apply)
          + type     = (known after apply)
        }
      + rootfs {
          + size    = "8G"
          + storage = "local"
          + volume  = (known after apply)
        }
    }
  # module.apps.proxmox_lxc.app_container["nginx01"] will be created
  + resource "proxmox_lxc" "app_container" {
      + arch            = "amd64"
      + cmode           = "tty"
      + console         = true
      + cores           = 2
      + cpulimit        = 0
      + cpuunits        = 1024
      + current_node    = (known after apply)
      + hostname        = "nginx01"
      + id              = (known after apply)
      + memory          = 2048
      + onboot          = false
      + ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
      + ostype          = (known after apply)
      + password        = (sensitive value)
      + protection      = false
      + ssh_public_keys = <<-EOT
            ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc
        EOT
      + start           = true
      + swap            = 512
      + target_node     = "px"
      + tty             = 2
      + unprivileged    = false
      + unused          = (known after apply)
      + vmid            = (known after apply)
      + network {
          + bridge   = "vmbr1"
          + firewall = true
          + gw       = "10.10.10.1"
          + hwaddr   = (known after apply)
          + id       = (known after apply)
          + ip       = "10.10.10.5/24"
          + name     = "eth0"
          + tag      = (known after apply)
          + trunks   = (known after apply)
          + type     = (known after apply)
        }
      + rootfs {
          + size    = "8G"
          + storage = "local"
          + volume  = (known after apply)
        }
    }
  # module.apps.proxmox_lxc.app_container["nginx02"] will be created
  + resource "proxmox_lxc" "app_container" {
      + arch            = "amd64"
      + cmode           = "tty"
      + console         = true
      + cores           = 2
      + cpulimit        = 0
      + cpuunits        = 1024
      + current_node    = (known after apply)
      + hostname        = "nginx02"
      + id              = (known after apply)
      + memory          = 2048
      + onboot          = false
      + ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
      + ostype          = (known after apply)
      + password        = (sensitive value)
      + protection      = false
      + ssh_public_keys = <<-EOT
            ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc
        EOT
      + start           = true
      + swap            = 512
      + target_node     = "px"
      + tty             = 2
      + unprivileged    = false
      + unused          = (known after apply)
      + vmid            = (known after apply)
      + network {
          + bridge   = "vmbr1"
          + firewall = true
          + gw       = "10.10.10.1"
          + hwaddr   = (known after apply)
          + id       = (known after apply)
          + ip       = "10.10.10.6/24"
          + name     = "eth0"
          + tag      = (known after apply)
          + trunks   = (known after apply)
          + type     = (known after apply)
        }
      + rootfs {
          + size    = "8G"
          + storage = "local"
          + volume  = (known after apply)
        }
    }
 Plan: 3 to add, 0 to change, 0 to destroy.
 ```
--- a/main.tf
+++ b/main.tf
@ -23,7 +23,7 @@ module "db" {
 module "app" {
  source = "./modules/app"
-target_node     = "px"
+  target_node     = "px"
  vm_hostname     = "app-01"
  ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
  ssh_public_key  = file("./ssh/id_terraform.pub")
@ -42,3 +42,29 @@ target_node     = "px"
  }
 }
 locals {
  modules_enabled = var.enable_monitoring ? toset(["monitoring"]) : []
 }
 module "monitoring" {
  for_each = local.modules_enabled
  source   = "./modules/monitoring"
  target_node     = "px"
  vm_hostname     = "prometheus"
  ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
  ssh_public_key  = file("./ssh/id_terraform.pub")
  private_key     = file("./ssh/id_terraform")
  ip_address      = "10.10.10.10"
  gateway         = "10.10.10.1"
  bridge          = "vmbr1"
  storage         = "local"
  size            = "8G"
  lxc_resources = {
    cores  = 2
    memory = 2048
    swap   = 512
  }
 }
--- a/modules/monitoring/main.tf
+++ b/modules/monitoring/main.tf
@ -0,0 +1,37 @@
 resource "proxmox_lxc" "app" {
  target_node = var.target_node
  hostname    = var.vm_hostname
  ostemplate  = var.ostemplate
  password    = "password"
  ssh_public_keys = var.ssh_public_key
  cores  = var.lxc_resources.cores
  memory = var.lxc_resources.memory
  swap   = var.lxc_resources.swap
  rootfs {
    storage = var.storage
    size    = var.size
  }
  network {
    name     = "eth0"
    bridge   = var.bridge
    ip       = "${var.ip_address}/24"
    gw       = var.gateway
    firewall = true
  }
  start = true
  connection {
    type        = "ssh"
    host        = var.ip_address
    user        = "root"
    private_key = var.private_key
    timeout     = "2m"
  }
 }
--- a/modules/monitoring/outputs.tf
+++ b/modules/monitoring/outputs.tf
--- a/modules/monitoring/variables.tf
+++ b/modules/monitoring/variables.tf
@ -0,0 +1,18 @@
 variable "target_node" {}
 variable "vm_hostname" {}
 variable "ostemplate" {}
 variable "ssh_public_key" {}
 variable "private_key" {}
 variable "ip_address" {}
 variable "gateway" {}
 variable "bridge" {}
 variable "storage" {}
 variable "size" {}
 variable "lxc_resources" {
  type = object({
    cores  = number
    memory = number
    swap   = number
  })
 }
--- a/modules/monitoring/versions.tf
+++ b/modules/monitoring/versions.tf
@ -0,0 +1,8 @@
 terraform {
  required_providers {
    proxmox = {
      source  = "telmate/proxmox"
      version = "3.0.2-rc07"
    }
  }
 }
--- a/terraform.tfstate
+++ b/terraform.tfstate
@ -1,7 +1,7 @@
 {
  "version": 4,
  "terraform_version": "1.14.6",
-  "serial": 21,
+  "serial": 25,
  "lineage": "f4c291e8-3767-da71-b85c-0fdc56b7a316",
  "outputs": {},
  "resources": [
@ -33,6 +33,108 @@
            "hastate": "",
            "hookscript": "",
            "hostname": "app-01",
            "id": "px/lxc/102",
            "ignore_unpack_errors": false,
            "lock": "",
            "memory": 2048,
            "mountpoint": [],
            "nameserver": "",
            "network": [
              {
                "bridge": "vmbr1",
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
                "hwaddr": "BC:24:11:CF:57:44",
                "id": 0,
                "ip": "10.10.10.4/24",
                "ip6": "",
                "mtu": 0,
                "name": "eth0",
                "rate": 0,
                "tag": 0,
                "trunks": "",
                "type": "veth"
              }
            ],
            "onboot": false,
            "ostemplate": "local:vztmpl/ubuntu-22.04-custome.tar.zst",
            "ostype": "ubuntu",
            "password": "password",
            "pool": null,
            "protection": false,
            "restore": false,
            "rootfs": [
              {
                "acl": false,
                "quota": false,
                "replicate": false,
                "ro": false,
                "shared": false,
                "size": "8G",
                "storage": "local",
                "volume": "local:102/vm-102-disk-0.raw"
              }
            ],
            "searchdomain": "",
            "ssh_public_keys": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc\n",
            "start": true,
            "startup": "",
            "swap": 512,
            "tags": "",
            "target_node": "px",
            "template": false,
            "timeouts": null,
            "tty": 2,
            "unique": false,
            "unprivileged": false,
            "unused": [],
            "vmid": 102
          },
          "sensitive_attributes": [
            [
              {
                "type": "get_attr",
                "value": "password"
              }
            ]
          ],
          "identity_schema_version": 0,
          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19",
          "dependencies": [
            "module.db.proxmox_lxc.postgresql"
          ]
        }
      ]
    },
    {
      "module": "module.db",
      "mode": "managed",
      "type": "proxmox_lxc",
      "name": "postgresql",
      "provider": "provider[\"registry.terraform.io/telmate/proxmox\"]",
      "instances": [
        {
          "schema_version": 0,
          "attributes": {
            "arch": "amd64",
            "bwlimit": 0,
            "clone": null,
            "clone_storage": null,
            "cmode": "tty",
            "console": true,
            "cores": 2,
            "cpulimit": 0,
            "cpuunits": 1024,
            "current_node": "px",
            "description": "",
            "features": [],
            "force": false,
            "full": null,
            "hagroup": "",
            "hastate": "",
            "hookscript": "",
            "hostname": "db",
            "id": "px/lxc/101",
            "ignore_unpack_errors": false,
            "lock": "",
@ -45,9 +147,9 @@
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
-                "hwaddr": "BC:24:11:FE:43:63",
+                "hwaddr": "BC:24:11:1D:0E:B2",
                "id": 0,
-                "ip": "10.10.10.4/24",
+                "ip": "10.10.10.3/24",
                "ip6": "",
                "mtu": 0,
                "name": "eth0",
@ -100,18 +202,15 @@
            ]
          ],
          "identity_schema_version": 0,
-          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19",
+          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19"
          "dependencies": [
            "module.db.proxmox_lxc.postgresql"
          ]
        }
      ]
    },
    {
-      "module": "module.db",
+      "module": "module.monitoring[\"monitoring\"]",
      "mode": "managed",
      "type": "proxmox_lxc",
-      "name": "postgresql",
+      "name": "app",
      "provider": "provider[\"registry.terraform.io/telmate/proxmox\"]",
      "instances": [
        {
@ -134,7 +233,7 @@
            "hagroup": "",
            "hastate": "",
            "hookscript": "",
-            "hostname": "db",
+            "hostname": "prometheus",
            "id": "px/lxc/100",
            "ignore_unpack_errors": false,
            "lock": "",
@ -147,9 +246,9 @@
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
-                "hwaddr": "BC:24:11:C0:09:67",
+                "hwaddr": "BC:24:11:05:0E:7B",
                "id": 0,
-                "ip": "10.10.10.3/24",
+                "ip": "10.10.10.10/24",
                "ip6": "",
                "mtu": 0,
                "name": "eth0",
--- a/terraform.tfstate.backup
+++ b/terraform.tfstate.backup
@ -1,7 +1,7 @@
 {
  "version": 4,
  "terraform_version": "1.14.6",
-  "serial": 18,
+  "serial": 21,
  "lineage": "f4c291e8-3767-da71-b85c-0fdc56b7a316",
  "outputs": {},
  "resources": [
@ -45,7 +45,7 @@
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
-                "hwaddr": "BC:24:11:D1:7E:AF",
+                "hwaddr": "BC:24:11:FE:43:63",
                "id": 0,
                "ip": "10.10.10.4/24",
                "ip6": "",
@ -147,7 +147,7 @@
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
-                "hwaddr": "BC:24:11:80:08:AB",
+                "hwaddr": "BC:24:11:C0:09:67",
                "id": 0,
                "ip": "10.10.10.3/24",
                "ip6": "",
--- a/terraform.tfvars
+++ b/terraform.tfvars
@ -1 +1 @@
-pm_token_secret = "db7041aa-ced2-40d8-a5d5-7883f064210d"
+pm_token_secret = "192b290d-c88c-4c72-86f4-f8e818070efa"
--- a/variables.tf
+++ b/variables.tf
@ -1,3 +1,8 @@
 variable "pm_token_secret" {
  description = "Секрет токена Proxmox"
 }
 variable "enable_monitoring" {
  type    = bool
  default = false
 }
		`@ -1 +1 @@`
			`{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"app","Source":"./modules/app","Dir":"modules/app"},{"Key":"apps","Source":"./modules/lxc_dynamic","Dir":"modules/lxc_dynamic"},{"Key":"db","Source":"./modules/db","Dir":"modules/db"}]}`				`{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"app","Source":"./modules/app","Dir":"modules/app"},{"Key":"apps","Source":"./modules/lxc_dynamic","Dir":"modules/lxc_dynamic"},{"Key":"db","Source":"./modules/db","Dir":"modules/db"},{"Key":"monitoring","Source":"./modules/monitoring","Dir":"modules/monitoring"}]}`
`@ -1 +1 @@`
	`pm_token_secret = "db7041aa-ced2-40d8-a5d5-7883f064210d"`	`pm_token_secret = "192b290d-c88c-4c72-86f4-f8e818070efa"`