First draft version

.gitignore

@@ -0,0 +1,3 @@
+/.terraform/
+terraform
+inventory*.tfvars.json

.gitlab-ci.yml

@@ -0,0 +1,66 @@
+stages:
+  - inventory
+  - deploy
+  #- configure
+
+.aggregate_rules: &aggregate_rules
+  - if: '$CI_COMMIT_BRANCH == "master"'
+    when: on_success
+  - when: never
+
+variables: &cd_vars
+  REGISTRY: "localhost:5000"
+  ANSIBLE_REMOTE_USER: "admin"
+  ANSIBLE_STDOUT_CALLBACK: "yaml"
+  ANSIBLE_HOST_KEY_CHECKING: "False"
+  ANSIBLE_SSH_PIPELINING: "True"
+  VARS_JSON: "data/inventory_vars.tfvars.json"
+  INVENTORY_JSON: "data/inventory.tfvars.json"
+  TF_INPUT: 0
+  TF_LOG: "TRACE"
+  TF_IN_AUTOMATION: "1"
+  TF_DATA_DIR: "/opt/.terraform"
+  INVENTORY: "ansible_inventory.yml"
+  # MOVE THESE TO VAULT OR AS MASKED VARIABLES
+  VSPHERE_USER: "[email protected]"
+  VSPHERE_PASSWORD: "adminpass123"
+
+prepare:
+  image: ${REGISTRY}/ansible/ansible2.7
+  stage: inventory
+  rules: *aggregate_rules
+  allow_failure: false
+  artifacts:
+    paths:
+      - "data/*.tfvars.json"
+  before_script:
+    - mkdir data/
+  script:
+    - ansible-inventory -i $INVENTORY --list > $INVENTORY_JSON
+    - python create_vars_json.py $INVENTORY_JSON
+
+#TODO: set artifactory backend
+terraform:
+  image: ${REGISTRY}/terraform/terraform:0.12.26
+  stage: deploy
+  rules: *aggregate_rules
+  dependencies:
+    - prepare
+  allow_failure: false
+  script:
+    - terraform init -plugin-dir="$TF_DATA_DIR/plugins"
+    - |
+      if [[ -n "$TAINT_GUEST" ]]; then
+        terraform taint 'vsphere_virtual_machine.vsphere_vms\"${TAINT_GUEST}\"]' -state="${INVENTORY}.tfstate"
+      fi
+    - terraform plan -var="vsphere_user=${VSPHERE_USER}" -var="vsphere_password=${VSPHERE_PASSWORD}" -var-file="$VARS_JSON" -var-file="$INVENTORY_JSON" -state="${INVENTORY}.tfstate" -out=tfplan
+    - terraform apply -state="${INVENTORY}.tfstate" tfplan
+
+## A following stage would be used to configure the VMs with ansible, using the original ansible inventory file
+#ansible:
+#  image: ${REGISTRY}/ansible/ansible2.7
+#  stage: configure
+#  rules: *aggregate_rules
+#  allow_failure: false
+#  script:
+#    - ansible-playbook -i ansible_inventory.yml configure.yml

Dockerfile-terraform

@@ -0,0 +1,17 @@
+FROM centos:centos7
+
+ARG TERRAFORM_VERSION=0.12.26
+ARG VSPHERE_PLUGIN_VERSION=1.18.3
+ENV TF_DATA_DIR="/opt/.terraform"
+
+RUN yum install -y wget unzip && \
+    wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
+    unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
+    mv terraform /usr/bin && \
+    rm -rf terraform_${TERRAFORM_VERSION}_linux_amd64.zip
+
+RUN wget https://releases.hashicorp.com/terraform-provider-vsphere/1.18.3/terraform-provider-vsphere_${VSPHERE_PLUGIN_VERSION}_linux_amd64.zip && \
+    unzip terraform-provider-vsphere_${VSPHERE_PLUGIN_VERSION}_linux_amd64.zip && \
+    mkdir -p ${TF_DATA_DIR}/plugins && \
+    mv terraform-provider-vsphere_v${VSPHERE_PLUGIN_VERSION}_x4 ${TF_DATA_DIR}/plugins && \
+    rm -rf terraform-provider-vsphere_${VSPHERE_PLUGIN_VERSION}_linux_amd64.zip

ansible_inventory.yml

@@ -0,0 +1,52 @@
+all:
+  children:
+    tf_group:
+      hosts:
+        tf-test:
+          name: "tf-test"
+          network_adapters:
+          - name: "VM Network"
+            ip: "172.16.0.170"
+            netmask: '255.255.255.0'
+            gateway: "172.16.0.1"
+            ipv6: "fcf8:ab17:01fd::170"
+            netmaskv6: "64"
+            gatewayv6: "fcf8:ab17:01fd::1"
+          - name: "VM Network2"
+            ip: "172.17.0.170"
+            netmask: '255.255.255.0'
+            ipv6: "fcf8:ab17:02fd::170"
+            netmaskv6: "64"
+          disk_layout:
+          - size_gb: "150"
+            type: "thin"
+            datastore: "datastore-01"
+        tf-test2:
+          name: "tf-test2"
+          network_adapters:
+          - name: "VM Network"
+            ip: "172.16.0.171"
+            netmask: '255.255.255.0'
+            gateway: "172.16.0.1"
+            ipv6: "fcf8:ab17:01fd::171"
+            netmaskv6: "64"
+            gatewayv6: "fcf8:ab17:01fd::1"
+            start_connected: True
+          - name: "VM Network2"
+            ip: "172.17.0.171"
+            netmask: '255.255.255.0'
+            ipv6: "fcf8:ab17:02fd::171"
+            netmaskv6: "64"
+            start_connected: True
+          disk_layout:
+          - size_gb: "150"
+            type: "thin"
+            datastore: "datastore-01"
+      vars:
+        guest_id: centos64Guest
+        guest_memory: 2048
+        guest_vcpu: 2
+        dns_servers:
+          - 8.8.8.8
+          - 8.8.4.4
+        guest_template: vm-template1

create_vars_json.py

@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+
+import os
+import sys
+import json
+
+def create_vars_json(inventories):
+    output_file = os.environ.get("VARS_JSON", "inventory_vars.tfvars.json")
+
+    variables = dict(networks=list(),templates=list(),datastores=list())
+
+    for inventory_path in inventories:
+
+        with open(inventory_path,"r") as inventory_file:
+            inventory = json.loads(inventory_file.read())
+
+        hostvars = inventory["_meta"]["hostvars"]
+        variables["networks"].extend(net_if["name"]
+                                         for var in hostvars.values()
+                                         for net_if in var["network_adapters"])
+
+        variables["templates"].extend(var["guest_template"]
+                                         for var in hostvars.values()
+                                         if "guest_template" in var)
+
+        variables["datastores"].extend(disk_layout["datastore"]
+                                           for var in hostvars.values()
+                                           for disk_layout in var["disk_layout"] if "datastore" in disk_layout)
+
+    if os.path.isfile(output_file):
+        existing_vars = json.loads(open(output_file, "r").read())
+        for k in variables:
+            if k in existing_vars:
+                variables[k].extend(existing_vars[k])
+
+    for k in variables:
+        variables[k] = list(set(variables[k]))
+
+    with open(output_file, "w") as nt:
+        json.dump(variables, nt, indent=2)
+
+
+if __name__ == '__main__':
+    if len(sys.argv) < 2:
+        print("Specify inventory paths as arguments!")
+        sys.exit(1)
+    print(str(sys.argv[1:]))
+    create_vars_json(sys.argv[1:])

inventory.tfvars.json.example

@@ -0,0 +1,93 @@
+{
+    "_meta": {
+        "hostvars": {
+            "tf-test": {
+                "disk_layout": [
+                    {
+                        "datastore": "datastore-01",
+                        "size_gb": "150",
+                        "type": "thin"
+                    }
+                ],
+                "dns_servers": [
+                    "8.8.8.8",
+                    "8.8.4.4"
+                ],
+                "guest_id": "centos64Guest",
+                "guest_memory": 2048,
+                "guest_template": "vm-template1",
+                "guest_vcpu": 2,
+                "name": "tf-test",
+                "network_adapters": [
+                    {
+                        "gateway": "172.16.0.1",
+                        "gatewayv6": "fcf8:ab17:01fd::1",
+                        "ip": "172.16.0.170",
+                        "ipv6": "fcf8:ab17:01fd::170",
+                        "name": "VM Network",
+                        "netmask": "255.255.255.0",
+                        "netmaskv6": "64"
+                    },
+                    {
+                        "ip": "172.17.0.170",
+                        "ipv6": "fcf8:ab17:02fd::170",
+                        "name": "VM Network2",
+                        "netmask": "255.255.255.0",
+                        "netmaskv6": "64"
+                    }
+                ]
+            },
+            "tf-test2": {
+                "disk_layout": [
+                    {
+                        "datastore": "datastore-01",
+                        "size_gb": "150",
+                        "type": "thin"
+                    }
+                ],
+                "dns_servers": [
+                    "8.8.8.8",
+                    "8.8.4.4"
+                ],
+                "guest_id": "centos64Guest",
+                "guest_memory": 2048,
+                "guest_template": "vm-template1",
+                "guest_vcpu": 2,
+                "name": "tf-test2",
+                "network_adapters": [
+                    {
+                        "gateway": "172.16.0.1",
+                        "gatewayv6": "fcf8:ab17:01fd::1",
+                        "ip": "172.16.0.171",
+                        "ipv6": "fcf8:ab17:01fd::171",
+                        "name": "VM Network",
+                        "netmask": "255.255.255.0",
+                        "netmaskv6": "64",
+                        "start_connected": true
+                    },
+                    {
+                        "ip": "172.17.0.171",
+                        "ipv6": "fcf8:ab17:02fd::171",
+                        "name": "VM Network2",
+                        "netmask": "255.255.255.0",
+                        "netmaskv6": "64",
+                        "start_connected": true
+                    }
+                ]
+            }
+        }
+    },
+    "all": {
+        "children": [
+            "tf_group",
+            "ungrouped"
+        ]
+    },
+    "tf_group": {
+        "hosts": [
+            "tf-test",
+            "tf-test2"
+        ]
+    },
+    "ungrouped": {}
+}

inventory_vars.tfvars.json.example

@@ -0,0 +1,12 @@
+{
+  "datastores": [
+    "datastore-01"
+  ], 
+  "templates": [
+    "vm-template1"
+  ], 
+  "networks": [
+    "VM Network2", 
+    "VM Network"
+  ]
+}

terraform.tfvars.json

@@ -0,0 +1,4 @@
+{
+    "vsphere_server": "192.168.0.10",
+    "allow_unverified_ssl": false
+}

vsphere_data.tf

@@ -0,0 +1,68 @@
+variable "vsphere_user" {
+    type = string
+}
+variable "vsphere_password" {
+    type = string
+}
+variable "vsphere_server" {
+    type = string
+}
+variable "allow_unverified_ssl" {
+    type = bool
+}
+
+provider "vsphere" {
+  user			= var.vsphere_user
+  password		= var.vsphere_password
+  vsphere_server	= var.vsphere_server
+  allow_unverified_ssl = var.allow_unverified_ssl
+  version = "~> 1.18"
+}
+
+variable "networks" {
+  type = list(string)
+}
+
+variable "templates" {
+  type = list(string)
+}
+
+variable "datastores" {
+  type = list(string)
+}
+
+data "vsphere_datacenter" "dc" {
+  name = "ha-datacenter"
+}
+
+data "vsphere_compute_cluster" "ha-cluster" {
+  name = "ha-cluster"
+  datacenter_id = data.vsphere_datacenter.dc.id
+}
+
+data "vsphere_datastore" "all" {
+  count = length(var.datastores)
+
+  name = var.datastores[count.index]
+  datacenter_id = data.vsphere_datacenter.dc.id
+}
+
+data "vsphere_distributed_virtual_switch" "dvs1" {
+  name          = "dvs1"
+  datacenter_id = data.vsphere_datacenter.dc.id
+}
+
+data "vsphere_network" "all" {
+  count = length(var.networks)
+
+  name          = var.networks[count.index]
+  datacenter_id = data.vsphere_datacenter.dc.id
+  distributed_virtual_switch_uuid = data.vsphere_distributed_virtual_switch.dvs1.id
+}
+
+data "vsphere_virtual_machine" "templates" {
+  count = length(var.templates)
+
+  name = var.templates[count.index]
+  datacenter_id = data.vsphere_datacenter.dc.id
+}