Merge pull request #14 from tvories/feat_disks

Overhaul on node config. Added ability to specify additonal disk. Mov…
tvories · Feb 27, 2021 · 13e12a6 · 13e12a6
2 parents f8ce8ac + cee7b96
commit 13e12a6
Show file tree

Hide file tree

Showing 5 changed files with 167 additions and 56 deletions.
diff --git a/README.md b/README.md
@@ -18,7 +18,7 @@ Check out the [examples](https://github.com/tvories/terraform-vsphere-talos/tree
 
 ### Required for your Module
 
-The [`terraform_vsphere_provider`](https://registry.terraform.io/providers/hashicorp/vsphere/latest/docs) needs to be declared in your project.  The bare minimum you must provide:
+The [`terraform_vsphere_provider`](https://registry.terraform.io/providers/hashicorp/vsphere/latest/docs) needs to be declared in your project.  The minimum you must provide:
 
 ```terraform
 provider "vsphere" {
@@ -79,18 +79,3 @@ See the [terraform-vsphere-talos](https://registry.terraform.io/modules/tvories/
 ## Limitations
 
 ## Compatability
-
-## To Do
-- [ ] Support multiple disks
-- [ ] Optionally output talos yaml configurations
-- [ ] Figure out way to add all controlplane endpoints to talosconfig.tpl
-- [ ] Handle the IP address asignment better.  Choose a base block and then allow all nodes to pick from the pool
-- [ ] remove the dependency on a vsphere host and allow for cluster selection
-- [ ] add support to deploy from local ovf instead of url
-- [ ] Support different kubernetes versions.  Update variables.
-- [ ] Add ability to specify additional manifests
-- [ ] Add ability to specify timeserver
-- [ ] Add ability to specify your own init/controlplane/join yaml configuration files
-- [ ] Move all key generation to terraform (waiting on https://github.com/hashicorp/terraform-provider-tls/pull/85)
-- [ ] Support the ability to specify kubernetes cluster network customization
-- [ ] Support the ability to deploy the cluster to different datastores
diff --git a/main.tf b/main.tf
@@ -6,9 +6,38 @@ locals {
     for i in range(var.worker_nodes) : {
       ip_address = "${var.ip_address_base}.${var.worker_ip_address_start + i}"
       name = "${var.worker_name_prefix}-${i + 1}"
-      type = "join"
       cpus = var.worker_cpu
       memory = var.worker_memory
+      disk_size = var.worker_disk_size
+      config = base64encode(templatefile("${path.module}/talosnode.tpl", {
+        type                        = "join"
+        talos_token                 = var.talos_token
+        talos_crt                   = var.talos_crt
+        talos_key                   = var.talos_key
+        customize_network           = var.customize_network
+        node_ip_address             = "${var.ip_address_base}.${var.worker_ip_address_start + i}"
+        ip_netmask                  = var.ip_netmask
+        ip_gateway                  = var.ip_gateway
+        nameservers                 = var.nameservers
+        hostname                    = "${var.worker_name_prefix}-${i + 1}"
+        tf_interface                = "eth0"
+        tf_node_fqdn                = "${var.worker_name_prefix}-${i + 1}.${var.dns_domain}"
+        add_extra_node_disk         = var.add_extra_node_disk
+        kube_cluster_name           = var.kube_cluster_name
+        tf_talos_version            = var.talos_version
+        cluster_endpoint            = var.talos_cluster_endpoint
+        talos_cluster_endpoint_port = var.talos_cluster_endpoint_port
+        kube_dns_domain             = var.kube_dns_domain
+        kube_token                  = var.kube_token
+        kube_enc_key                = var.kube_enc_key
+        kube_crt                    = var.kube_crt
+        kube_key                    = var.kube_key
+        etcd_crt                    = var.etcd_crt
+        etcd_key                    = var.etcd_key
+        tf_allow_master_scheduling  = var.allow_master_scheduling
+        custom_cni                  = var.custom_cni
+        cni_urls                    = var.cni_urls
+      }))
     }
   ]
   controlplane_specs = [
@@ -18,6 +47,36 @@ locals {
       type = i == 0 ? "init" : "controlplane"
       cpus = var.controlplane_cpu
       memory = var.controlplane_memory
+      disk_size = var.controlplane_disk_size
+      config = base64encode(templatefile("${path.module}/talosnode.tpl", {
+        type                        = i == 0 ? "init" : "controlplane"
+        talos_token                 = var.talos_token
+        talos_crt                   = var.talos_crt
+        talos_key                   = var.talos_key
+        customize_network           = var.customize_network
+        node_ip_address             = "${var.ip_address_base}.${var.controlplane_ip_address_start + i}"
+        ip_netmask                  = var.ip_netmask
+        ip_gateway                  = var.ip_gateway
+        nameservers                 = var.nameservers
+        hostname                    = "${var.controlplane_name_prefix}-${i + 1}"
+        tf_interface                = "eth0"
+        tf_node_fqdn                = "${var.controlplane_name_prefix}-${i + 1}.${var.dns_domain}"
+        add_extra_node_disk         = var.add_extra_node_disk
+        kube_cluster_name           = var.kube_cluster_name
+        tf_talos_version            = var.talos_version
+        cluster_endpoint            = var.talos_cluster_endpoint
+        talos_cluster_endpoint_port = var.talos_cluster_endpoint_port
+        kube_dns_domain             = var.kube_dns_domain
+        kube_token                  = var.kube_token
+        kube_enc_key                = var.kube_enc_key
+        kube_crt                    = var.kube_crt
+        kube_key                    = var.kube_key
+        etcd_crt                    = var.etcd_crt
+        etcd_key                    = var.etcd_key
+        tf_allow_master_scheduling  = var.allow_master_scheduling
+        custom_cni                  = var.custom_cni
+        cni_urls                    = var.cni_urls
+      }))
     }
   ]
   node_specs = concat(local.worker_specs, local.controlplane_specs)
@@ -55,7 +114,9 @@ resource "local_file" "talosconfig" {
   content = templatefile("${path.module}/talosconfig.tpl", {
     talos_cluster_endpoint = var.talos_cluster_endpoint
     talos_cluster_name     = var.talos_cluster_name
-    tf_endpoints           = local.controlplane_specs[0].ip_address
+    tf_endpoints           = var.talos_cluster_endpoint
+    nodes                  = local.controlplane_specs[0].ip_address
+    # tf_endpoints           = local.controlplane_specs[0].ip_address
     tf_talos_ca_crt        = var.talos_crt
     tf_talos_admin_crt     = var.admin_crt
     tf_talos_admin_key     = var.admin_key
@@ -66,24 +127,92 @@ resource "local_file" "talosconfig" {
 # ----------------------------------------------------------------------------
 #   Talos Nodes
 # ----------------------------------------------------------------------------
-resource "vsphere_virtual_machine" "node" {
-  count                      = length(local.node_specs)
-  name                       = local.node_specs[count.index].name
+resource "vsphere_virtual_machine" "controlplane" {
+  count                      = length(local.controlplane_specs)
+  name                       = local.controlplane_specs[count.index].name
   resource_pool_id           = data.vsphere_resource_pool.resource_pool.id
   host_system_id             = data.vsphere_host.host.id
   datastore_id               = data.vsphere_datastore.datastore.id
   datacenter_id              = data.vsphere_datacenter.datacenter.id
   wait_for_guest_net_timeout = -1 # don't wait for guest since talos doesn't have vmtools
-  num_cpus = local.node_specs[count.index].cpus
-  memory   = local.node_specs[count.index].memory
+  num_cpus = local.controlplane_specs[count.index].cpus
+  memory   = local.controlplane_specs[count.index].memory
   ovf_deploy {
     remote_ovf_url = local.talos_ovf_url
   }
 
   # Disk
   disk {
     name = var.ova_disk_name
-    size = var.controlplane_disk_size
+    size = local.controlplane_specs[count.index].disk_size
+  }
+
+  # Additional disk
+  dynamic "disk" {
+    for_each = var.node_extra_disk
+
+    content {
+      label = "extra_disk_${disk.key + 1}.vmdk"
+      size = disk.value.size
+      unit_number = (disk.key + 1)
+      thin_provisioned = true
+    }
+  }
+
+  # VM networking
+  network_interface {
+    network_id   = data.vsphere_network.network.id
+    adapter_type = var.vsphere_nic_type
+  }
+
+  # for vsphere-kubernetes integration
+  enable_disk_uuid = "true"
+
+  # sets the talos configuration
+  extra_config = {
+    "guestinfo.talos.config" = local.controlplane_specs[count.index].config
+  }
+
+  lifecycle {
+    ignore_changes = [
+      disk[0].io_share_count,
+      disk[0].thin_provisioned,
+      disk[1].io_share_count,
+      disk[1].io_share_count
+    ]
+  }
+}
+
+resource "vsphere_virtual_machine" "worker" {
+  count                      = length(local.worker_specs)
+  name                       = local.worker_specs[count.index].name
+  resource_pool_id           = data.vsphere_resource_pool.resource_pool.id
+  host_system_id             = data.vsphere_host.host.id
+  datastore_id               = data.vsphere_datastore.datastore.id
+  datacenter_id              = data.vsphere_datacenter.datacenter.id
+  wait_for_guest_net_timeout = -1 # don't wait for guest since talos doesn't have vmtools
+  num_cpus = local.worker_specs[count.index].cpus
+  memory   = local.worker_specs[count.index].memory
+  ovf_deploy {
+    remote_ovf_url = local.talos_ovf_url
+  }
+
+  # Disk
+  disk {
+    name = var.ova_disk_name
+    size = local.worker_specs[count.index].disk_size
+  }
+
+  # Additional disk
+  dynamic "disk" {
+    for_each = var.node_extra_disk
+
+    content {
+      label = "extra_disk_${disk.key + 1}.vmdk"
+      size = disk.value.size
+      unit_number = (disk.key + 1)
+      thin_provisioned = true
+    }
   }
 
   # VM networking
@@ -97,41 +226,15 @@ resource "vsphere_virtual_machine" "node" {
 
   # sets the talos configuration
   extra_config = {
-    "guestinfo.talos.config" = base64encode(templatefile("${path.module}/talosnode.tpl", {
-      type                       = local.node_specs[count.index].type
-      talos_token                = var.talos_token
-      talos_crt                  = var.talos_crt
-      talos_key                  = var.talos_key
-      customize_network          = var.customize_network
-      node_ip_address            = local.node_specs[count.index].ip_address
-      ip_netmask                 = var.ip_netmask
-      ip_gateway                 = var.ip_gateway
-      nameservers                = var.nameservers
-      hostname                   = local.node_specs[count.index].name
-      tf_interface               = "eth0"
-      tf_node_fqdn               = "${local.node_specs[count.index].name}.${var.dns_domain}"
-      tf_os_disk                 = "/dev/sda"
-      kube_cluster_name          = var.kube_cluster_name
-      tf_talos_version           = var.talos_version
-      cluster_endpoint           = var.talos_cluster_endpoint
-      talos_cluster_endpoint_port      = var.talos_cluster_endpoint_port
-      kube_dns_domain            = var.kube_dns_domain
-      kube_token                 = var.kube_token
-      kube_enc_key               = var.kube_enc_key
-      kube_crt                   = var.kube_crt
-      kube_key                   = var.kube_key
-      etcd_crt                   = var.etcd_crt
-      etcd_key                   = var.etcd_key
-      tf_allow_master_scheduling = var.allow_master_scheduling
-      custom_cni                 = var.custom_cni
-      cni_urls                   = var.cni_urls
-    }))
+    "guestinfo.talos.config" = local.worker_specs[count.index].config
   }
 
   lifecycle {
     ignore_changes = [
       disk[0].io_share_count,
       disk[0].thin_provisioned,
+      disk[1].io_share_count,
+      disk[1].io_share_count
     ]
   }
 }
diff --git a/talosconfig.tpl b/talosconfig.tpl
@@ -4,7 +4,7 @@ contexts:
     endpoints:
       - ${tf_endpoints}
     nodes:
-      - ${tf_endpoints}
+      - ${nodes}
     ca: ${tf_talos_ca_crt}
     crt: ${tf_talos_admin_crt}
     key: ${tf_talos_admin_key}
diff --git a/talosnode.tpl b/talosnode.tpl
@@ -105,14 +105,23 @@ machine:
     # # Extra certificate subject alternative names for the machine's certificate.
 
     # # Uncomment this to enable SANs.
-    # certSANs:
-    #     - 10.0.0.10
+    certSANs:
+%{if customize_network ~}
+      - ${node_ip_address}
+%{ endif ~}
+      - ${cluster_endpoint}
     #     - 172.16.0.10
     #     - 192.168.0.10
 
     # # Used to partition, format and mount additional disks.
 
     # # MachineDisks list example.
+%{ if add_extra_node_disk ~}
+    disks:
+      - device: /dev/sdb
+        partitions:
+          - mountpoint: /var/mnt/extra
+%{ else ~}
     # disks:
     #     - device: /dev/sdb # The name of the disk to use.
     #       # A list of partitions to create on the disk.
@@ -125,6 +134,7 @@ machine:
     #           # size: 100 MB
     #           # # Precise value in bytes.
     #           # size: 1073741824
+%{ endif ~}
 
     # # Allows the addition of user specified files.
 

diff --git a/variables.tf b/variables.tf
@@ -201,6 +201,19 @@ variable "worker_disk_size" {
   type        = number
   default     = 8
 }
+variable "node_extra_disk" {
+  description = "Extra disk information"
+  type = list(object({
+    size = number
+    mountpoint = string
+  }))
+  default = []
+}
+variable "add_extra_node_disk" {
+  description = "Whether or not to add an additional disk."
+  type = bool
+  default = false
+}
 
 # Networking
 variable "vsphere_nic_type" {