Условное включение модуля мониторинга

2026-03-08 23:36:51 +03:00 · 2026-03-08 23:36:51 +03:00 · 326dd25998
commit 326dd25998
parent d75a9b3b64
12 changed files with 219 additions and 209 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+terraform.tfvars
--- a/.terraform/modules/modules.json
+++ b/.terraform/modules/modules.json
@ -1 +1 @@
-{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"app","Source":"./modules/app","Dir":"modules/app"},{"Key":"apps","Source":"./modules/lxc_dynamic","Dir":"modules/lxc_dynamic"},{"Key":"db","Source":"./modules/db","Dir":"modules/db"}]}
+{"Modules":[{"Key":"","Source":"","Dir":"."},{"Key":"app","Source":"./modules/app","Dir":"modules/app"},{"Key":"apps","Source":"./modules/lxc_dynamic","Dir":"modules/lxc_dynamic"},{"Key":"db","Source":"./modules/db","Dir":"modules/db"},{"Key":"monitoring","Source":"./modules/monitoring","Dir":"modules/monitoring"}]}
--- a/README.md
+++ b/README.md
@ -1,197 +1,13 @@
-Создал модуль lxc_container в terraform для создания LXC контейнера в proxmox.
+1. Разобрана зависимость между модулями. Выполнена задача:

-В итоге при выполнении terrafrom создается ВМ с ОС ubuntu из шаблона контейнера (собран шаблон контейнера вручную с внесенными изменениями).
-С настроенной сетью, включенным SSH доступом root.
+Создай два модуля: db и app

-В основном main.tf подключается сам модуль и указываются переменные.
+В db подними LXC с PostgreSQL и выведи его IP через output

-В provider.tf указывается плагин провайдера для работы с proxmox - telmate/proxmox и его версия. А также настройки для подключения к proxmox.
+В app подключи модуль и передай IP как переменную db_host

-В terraform.tfvars указывается переменная окружения (для прода лучше использовать переменные окружения CI либо vault).
+Выведи значение db_host в output app

-В variables.tf происходит инициализация переменной окружения.
+2. Добавлено условное включение модуля monitoring.

-В modules/lxc_container/main.tf прописывается шаблон создания LXC контейнера ВМ в proxmox.
-
-В modules/lxc_container/outputs.tf выходные данные, которые нужно передать из модуля в основной файл main.
-
-В modules/lxc_container/variables.tf происходит инициализация переменных, которые передаются из основного main в модуль.
-
-
-Создан модуль modules/lxc_dynamic для создания нескольких ВМ используя for_each.
-
-```
-andy@mercower:~/terraform-proxmox$ terraform plan
-module.app.proxmox_lxc.app_container: Refreshing state... [id=px/lxc/100]
-
-Note: Objects have changed outside of Terraform
-
-Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:
-
-  # module.app.proxmox_lxc.app_container has been deleted
-  - resource "proxmox_lxc" "app_container" {
-      - hostname             = "app-01" -> null
-        id                   = "px/lxc/100"
-        tags                 = null
-        # (35 unchanged attributes hidden)
-
-        # (2 unchanged blocks hidden)
-    }
-
-
-Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes.
-
-─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
-
-Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
-  + create
-
-Terraform will perform the following actions:
-
-  # module.app.proxmox_lxc.app_container will be created
-  + resource "proxmox_lxc" "app_container" {
-      + arch            = "amd64"
-      + cmode           = "tty"
-      + console         = true
-      + cores           = 2
-      + cpulimit        = 0
-      + cpuunits        = 1024
-      + current_node    = (known after apply)
-      + hostname        = "app-01"
-      + id              = (known after apply)
-      + memory          = 2048
-      + onboot          = false
-      + ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
-      + ostype          = (known after apply)
-      + password        = (sensitive value)
-      + protection      = false
-      + ssh_public_keys = <<-EOT
-            ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc
-        EOT
-      + start           = true
-      + swap            = 512
-      + target_node     = "px"
-      + tty             = 2
-      + unprivileged    = false
-      + unused          = (known after apply)
-      + vmid            = (known after apply)
-
-      + network {
-          + bridge   = "vmbr1"
-          + firewall = true
-          + gw       = "10.10.10.1"
-          + hwaddr   = (known after apply)
-          + id       = (known after apply)
-          + ip       = "10.10.10.3/24"
-          + name     = "eth0"
-          + tag      = (known after apply)
-          + trunks   = (known after apply)
-          + type     = (known after apply)
-        }
-
-      + rootfs {
-          + size    = "8G"
-          + storage = "local"
-          + volume  = (known after apply)
-        }
-    }
-
-  # module.apps.proxmox_lxc.app_container["nginx01"] will be created
-  + resource "proxmox_lxc" "app_container" {
-      + arch            = "amd64"
-      + cmode           = "tty"
-      + console         = true
-      + cores           = 2
-      + cpulimit        = 0
-      + cpuunits        = 1024
-      + current_node    = (known after apply)
-      + hostname        = "nginx01"
-      + id              = (known after apply)
-      + memory          = 2048
-      + onboot          = false
-      + ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
-      + ostype          = (known after apply)
-      + password        = (sensitive value)
-      + protection      = false
-      + ssh_public_keys = <<-EOT
-            ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc
-        EOT
-      + start           = true
-      + swap            = 512
-      + target_node     = "px"
-      + tty             = 2
-      + unprivileged    = false
-      + unused          = (known after apply)
-      + vmid            = (known after apply)
-
-      + network {
-          + bridge   = "vmbr1"
-          + firewall = true
-          + gw       = "10.10.10.1"
-          + hwaddr   = (known after apply)
-          + id       = (known after apply)
-          + ip       = "10.10.10.5/24"
-          + name     = "eth0"
-          + tag      = (known after apply)
-          + trunks   = (known after apply)
-          + type     = (known after apply)
-        }
-
-      + rootfs {
-          + size    = "8G"
-          + storage = "local"
-          + volume  = (known after apply)
-        }
-    }
-
-  # module.apps.proxmox_lxc.app_container["nginx02"] will be created
-  + resource "proxmox_lxc" "app_container" {
-      + arch            = "amd64"
-      + cmode           = "tty"
-      + console         = true
-      + cores           = 2
-      + cpulimit        = 0
-      + cpuunits        = 1024
-      + current_node    = (known after apply)
-      + hostname        = "nginx02"
-      + id              = (known after apply)
-      + memory          = 2048
-      + onboot          = false
-      + ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
-      + ostype          = (known after apply)
-      + password        = (sensitive value)
-      + protection      = false
-      + ssh_public_keys = <<-EOT
-            ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc
-        EOT
-      + start           = true
-      + swap            = 512
-      + target_node     = "px"
-      + tty             = 2
-      + unprivileged    = false
-      + unused          = (known after apply)
-      + vmid            = (known after apply)
-
-      + network {
-          + bridge   = "vmbr1"
-          + firewall = true
-          + gw       = "10.10.10.1"
-          + hwaddr   = (known after apply)
-          + id       = (known after apply)
-          + ip       = "10.10.10.6/24"
-          + name     = "eth0"
-          + tag      = (known after apply)
-          + trunks   = (known after apply)
-          + type     = (known after apply)
-        }
-
-      + rootfs {
-          + size    = "8G"
-          + storage = "local"
-          + volume  = (known after apply)
-        }
-    }
-
-Plan: 3 to add, 0 to change, 0 to destroy.
-
-```
+Командой terraform apply -var="enable_monitoring=true" модуль включается, через false terraform будет пропускать отработку данного модуля.
--- a/main.tf
+++ b/main.tf
@ -42,3 +42,29 @@ target_node     = "px"
  }

 }
+
+locals {
+  modules_enabled = var.enable_monitoring ? toset(["monitoring"]) : []
+}
+
+module "monitoring" {
+  for_each = local.modules_enabled
+  source   = "./modules/monitoring"
+
+  target_node     = "px"
+  vm_hostname     = "prometheus"
+  ostemplate      = "local:vztmpl/ubuntu-22.04-custome.tar.zst"
+  ssh_public_key  = file("./ssh/id_terraform.pub")
+  private_key     = file("./ssh/id_terraform")
+  ip_address      = "10.10.10.10"
+  gateway         = "10.10.10.1"
+  bridge          = "vmbr1"
+  storage         = "local"
+  size            = "8G"
+
+  lxc_resources = {
+    cores  = 2
+    memory = 2048
+    swap   = 512
+  }
+}
--- a/modules/monitoring/main.tf
+++ b/modules/monitoring/main.tf
@ -0,0 +1,37 @@
+resource "proxmox_lxc" "app" {
+  target_node = var.target_node
+  hostname    = var.vm_hostname
+  ostemplate  = var.ostemplate
+  password    = "password"
+
+  ssh_public_keys = var.ssh_public_key
+
+  cores  = var.lxc_resources.cores
+  memory = var.lxc_resources.memory
+  swap   = var.lxc_resources.swap
+
+  rootfs {
+    storage = var.storage
+    size    = var.size
+  }
+
+  network {
+    name     = "eth0"
+    bridge   = var.bridge
+    ip       = "${var.ip_address}/24"
+    gw       = var.gateway
+    firewall = true
+  }
+
+  start = true
+
+  connection {
+    type        = "ssh"
+    host        = var.ip_address
+    user        = "root"
+    private_key = var.private_key
+    timeout     = "2m"
+  }
+
+
+}
--- a/modules/monitoring/outputs.tf
+++ b/modules/monitoring/outputs.tf
--- a/modules/monitoring/variables.tf
+++ b/modules/monitoring/variables.tf
@ -0,0 +1,18 @@
+variable "target_node" {}
+variable "vm_hostname" {}
+variable "ostemplate" {}
+variable "ssh_public_key" {}
+variable "private_key" {}
+variable "ip_address" {}
+variable "gateway" {}
+variable "bridge" {}
+variable "storage" {}
+variable "size" {}
+
+variable "lxc_resources" {
+  type = object({
+    cores  = number
+    memory = number
+    swap   = number
+  })
+}
--- a/modules/monitoring/versions.tf
+++ b/modules/monitoring/versions.tf
@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source  = "telmate/proxmox"
+      version = "3.0.2-rc07"
+    }
+  }
+}
--- a/terraform.tfstate
+++ b/terraform.tfstate
@ -1,7 +1,7 @@
 {
  "version": 4,
  "terraform_version": "1.14.6",
-  "serial": 21,
+  "serial": 25,
  "lineage": "f4c291e8-3767-da71-b85c-0fdc56b7a316",
  "outputs": {},
  "resources": [
@ -33,6 +33,108 @@
            "hastate": "",
            "hookscript": "",
            "hostname": "app-01",
+            "id": "px/lxc/102",
+            "ignore_unpack_errors": false,
+            "lock": "",
+            "memory": 2048,
+            "mountpoint": [],
+            "nameserver": "",
+            "network": [
+              {
+                "bridge": "vmbr1",
+                "firewall": true,
+                "gw": "10.10.10.1",
+                "gw6": "",
+                "hwaddr": "BC:24:11:CF:57:44",
+                "id": 0,
+                "ip": "10.10.10.4/24",
+                "ip6": "",
+                "mtu": 0,
+                "name": "eth0",
+                "rate": 0,
+                "tag": 0,
+                "trunks": "",
+                "type": "veth"
+              }
+            ],
+            "onboot": false,
+            "ostemplate": "local:vztmpl/ubuntu-22.04-custome.tar.zst",
+            "ostype": "ubuntu",
+            "password": "password",
+            "pool": null,
+            "protection": false,
+            "restore": false,
+            "rootfs": [
+              {
+                "acl": false,
+                "quota": false,
+                "replicate": false,
+                "ro": false,
+                "shared": false,
+                "size": "8G",
+                "storage": "local",
+                "volume": "local:102/vm-102-disk-0.raw"
+              }
+            ],
+            "searchdomain": "",
+            "ssh_public_keys": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPiX5bOEXfX3AvwstdAyYYHgSyGDF12NzOBCwfNPQVgo terraform@lxc\n",
+            "start": true,
+            "startup": "",
+            "swap": 512,
+            "tags": "",
+            "target_node": "px",
+            "template": false,
+            "timeouts": null,
+            "tty": 2,
+            "unique": false,
+            "unprivileged": false,
+            "unused": [],
+            "vmid": 102
+          },
+          "sensitive_attributes": [
+            [
+              {
+                "type": "get_attr",
+                "value": "password"
+              }
+            ]
+          ],
+          "identity_schema_version": 0,
+          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19",
+          "dependencies": [
+            "module.db.proxmox_lxc.postgresql"
+          ]
+        }
+      ]
+    },
+    {
+      "module": "module.db",
+      "mode": "managed",
+      "type": "proxmox_lxc",
+      "name": "postgresql",
+      "provider": "provider[\"registry.terraform.io/telmate/proxmox\"]",
+      "instances": [
+        {
+          "schema_version": 0,
+          "attributes": {
+            "arch": "amd64",
+            "bwlimit": 0,
+            "clone": null,
+            "clone_storage": null,
+            "cmode": "tty",
+            "console": true,
+            "cores": 2,
+            "cpulimit": 0,
+            "cpuunits": 1024,
+            "current_node": "px",
+            "description": "",
+            "features": [],
+            "force": false,
+            "full": null,
+            "hagroup": "",
+            "hastate": "",
+            "hookscript": "",
+            "hostname": "db",
            "id": "px/lxc/101",
            "ignore_unpack_errors": false,
            "lock": "",
@ -45,9 +147,9 @@
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
-                "hwaddr": "BC:24:11:FE:43:63",
+                "hwaddr": "BC:24:11:1D:0E:B2",
                "id": 0,
-                "ip": "10.10.10.4/24",
+                "ip": "10.10.10.3/24",
                "ip6": "",
                "mtu": 0,
                "name": "eth0",
@ -100,18 +202,15 @@
            ]
          ],
          "identity_schema_version": 0,
-          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19",
-          "dependencies": [
-            "module.db.proxmox_lxc.postgresql"
-          ]
+          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWZhdWx0IjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInJlYWQiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19"
        }
      ]
    },
    {
-      "module": "module.db",
+      "module": "module.monitoring[\"monitoring\"]",
      "mode": "managed",
      "type": "proxmox_lxc",
-      "name": "postgresql",
+      "name": "app",
      "provider": "provider[\"registry.terraform.io/telmate/proxmox\"]",
      "instances": [
        {
@ -134,7 +233,7 @@
            "hagroup": "",
            "hastate": "",
            "hookscript": "",
-            "hostname": "db",
+            "hostname": "prometheus",
            "id": "px/lxc/100",
            "ignore_unpack_errors": false,
            "lock": "",
@ -147,9 +246,9 @@
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
-                "hwaddr": "BC:24:11:C0:09:67",
+                "hwaddr": "BC:24:11:05:0E:7B",
                "id": 0,
-                "ip": "10.10.10.3/24",
+                "ip": "10.10.10.10/24",
                "ip6": "",
                "mtu": 0,
                "name": "eth0",
--- a/terraform.tfstate.backup
+++ b/terraform.tfstate.backup
@ -1,7 +1,7 @@
 {
  "version": 4,
  "terraform_version": "1.14.6",
-  "serial": 18,
+  "serial": 21,
  "lineage": "f4c291e8-3767-da71-b85c-0fdc56b7a316",
  "outputs": {},
  "resources": [
@ -45,7 +45,7 @@
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
-                "hwaddr": "BC:24:11:D1:7E:AF",
+                "hwaddr": "BC:24:11:FE:43:63",
                "id": 0,
                "ip": "10.10.10.4/24",
                "ip6": "",
@ -147,7 +147,7 @@
                "firewall": true,
                "gw": "10.10.10.1",
                "gw6": "",
-                "hwaddr": "BC:24:11:80:08:AB",
+                "hwaddr": "BC:24:11:C0:09:67",
                "id": 0,
                "ip": "10.10.10.3/24",
                "ip6": "",
--- a/terraform.tfvars
+++ b/terraform.tfvars
@ -1 +1 @@
-pm_token_secret = "db7041aa-ced2-40d8-a5d5-7883f064210d"
+pm_token_secret = "192b290d-c88c-4c72-86f4-f8e818070efa"
--- a/variables.tf
+++ b/variables.tf
@ -1,3 +1,8 @@
 variable "pm_token_secret" {
  description = "Секрет токена Proxmox"
 }
+
+variable "enable_monitoring" {
+  type    = bool
+  default = false
+}