ka
/
testing
1
0
Fork 0
Código Incidencias 0 Pull Requests 0 Lanzamientos 0 Wiki Actividad
Explorar el Código

new terraform deployment structure

master
Markus Katharina Brechtel hace 4 años
padre
aefb85c7ab
commit
369e8e3273
Se han modificado 24 ficheros con 625 adiciones y 102 borrados
Dividir vista
Opciones de diferencias
Mostrar estadísticas Descargar archivo de parche Descargar archivo de diferencias
  1. +1
    -1
      .gitignore
  2. +51
    -0
      ansible_inventory.tf
  3. +14
    -0
      common.yaml
  4. +10
    -0
      controllers.yaml
  5. +0
    -18
      deploy.yaml
  6. +7
    -0
      etcd.tf
  7. +1
    -0
      group_vars/controllers/alerta.yaml
  8. +1
    -0
      group_vars/controllers/certificates.yaml
  9. +1
    -0
      group_vars/controllers/gitea.yaml
  10. +1
    -0
      group_vars/controllers/netbox.yaml
  11. +0
    -3
      group_vars/ovh_vms/terraform.yaml
  12. +0
    -1
      host_vars/controller.testing.thengo.net/terraform-info.json
  13. +0
    -9
      inventory
  14. +1
    -0
      inventory.json
  15. +13
    -0
      inventory_input.tf
  16. +1
    -0
      provider_hetzner.auto.tfvars
  17. +107
    -0
      provider_hetzner.tf
  18. +5
    -0
      providers.tf
  19. +173
    -0
      terraform.tfstate
  20. +238
    -0
      terraform.tfstate.backup
  21. +0
    -31
      terraform/controller.testing.thengo.net.tf
  22. +0
    -7
      terraform/etcd.tf
  23. +0
    -32
      terraform/ovh.tf
  24. +0
    -0
      versions.tf

+ 1
- 1
.gitignore Ver fichero

@@ -1 +1 @@
terraform/.terraform
.terraform

+ 51
- 0
ansible_inventory.tf Ver fichero

@@ -0,0 +1,51 @@
variable "ansible_inventory_filename" {
type = string
default = "inventory.json"
}

locals {
vm_hosts_with_groups = {
for hostname, host in var.vm_hosts: hostname => host if contains(keys(host),"groups")
}
vm_hosts_without_groups = {
for hostname, host in var.vm_hosts: hostname => host if !contains(keys(host),"groups")
}
vm_groups = distinct(flatten(values(local.hetzner_vm_hosts_with_groups)[*].groups))
ansible_inventory = {
all = {
hosts = {
for hostname,host in var.vm_hosts: hostname => {}
}
children = merge(
{
for group in local.vm_groups: group => {
hosts = {
for hostname, host in local.vm_hosts_with_groups:
hostname => {}
if contains(host.groups,group)
}
}
},{
for providername, provider in local.providers: "provider_${providername}" => {
hosts = {
for hostname, host in local.vm_hosts_with_groups:
hostname => local.providers[host.provider].hostvars[hostname]
if host.provider == providername
}
}
}
)
}
}
}

output "ansible_inventory" {
value = local.ansible_inventory
}

resource "local_file" "foo" {
content = jsonencode(local.ansible_inventory)
filename = var.ansible_inventory_filename
file_permission = "0644"
directory_permission = "0755"
}

+ 14
- 0
common.yaml Ver fichero

@@ -0,0 +1,14 @@
---

- hosts:
- controllers
- nameservers
remote_user: root
roles:
- role: common

- hosts:
- controllers
remote_user: root
roles:
- role: tools

+ 10
- 0
controllers.yaml Ver fichero

@@ -0,0 +1,10 @@
---

- hosts: controllers
remote_user: root
roles:
#- role: nginx
#- role: gitea
#- role: buildbot
#- role: netbox
#- role: alerta

+ 0
- 18
deploy.yaml Ver fichero

@@ -1,18 +0,0 @@
---

- hosts: ovh_vms
remote_user: root
gather_facts: false
roles:
- role: terraform-vm

- hosts: localhost
tasks:
- debug:
msg: |-
to apply terraform updates run:
cd "{{playbook_dir}}/terraform"
terraform apply

# - terraform:
# project_path: "{{playbook_dir}}/terraform"

+ 7
- 0
etcd.tf Ver fichero

@@ -0,0 +1,7 @@
#terraform {
# backend "etcdv3" {
# endpoints = ["localhost:2379"]
# lock = true
# prefix = "testing/terraform-state/"
# }
#}

+ 1
- 0
group_vars/controllers/alerta.yaml Ver fichero

@@ -0,0 +1 @@
alerta_server_name: alerts.testing.thengo.net

+ 1
- 0
group_vars/controllers/certificates.yaml Ver fichero

@@ -0,0 +1 @@
certificate_provider: letsencrypt

+ 1
- 0
group_vars/controllers/gitea.yaml Ver fichero

@@ -0,0 +1 @@
gitea_server_name: git.testing.thengo.net

+ 1
- 0
group_vars/controllers/netbox.yaml Ver fichero

@@ -0,0 +1 @@
netbox_server_name: netbox.testing.thengo.net

+ 0
- 3
group_vars/ovh_vms/terraform.yaml Ver fichero

@@ -1,3 +0,0 @@
ansible_host: "{{terraform_vm.access_ip_v4}}"
openstack_region: GRA7
openstack_flavor: s1-2

+ 0
- 1
host_vars/controller.testing.thengo.net/terraform-info.json Ver fichero

@@ -1 +0,0 @@
{"terraform_vm":{"access_ip_v4":"54.37.77.37","access_ip_v6":"[2001:41d0:701:1000::ad9]","admin_pass":null,"all_metadata":{},"all_tags":[],"availability_zone":"nova","block_device":[],"config_drive":null,"flavor_id":"d31419c1-8e1e-48c2-8a4c-28190650c817","flavor_name":"s1-2","floating_ip":null,"force_delete":false,"id":"cf23e031-b299-477b-af6a-989826c4c9aa","image_id":"6a27a33f-9cb9-4c65-b99c-bb904dfb43aa","image_name":"Debian 10","key_pair":"terraform-default","metadata":null,"name":"controller.testing.thengo.net","network":[{"access_network":false,"fixed_ip_v4":"54.37.77.37","fixed_ip_v6":"[2001:41d0:701:1000::ad9]","floating_ip":"","mac":"fa:16:3e:84:3d:f1","name":"Ext-Net","port":"","uuid":"ed0ab0c6-93ee-44f8-870b-d103065b1b34"}],"personality":[],"power_state":"active","region":"DE1","scheduler_hints":[],"security_groups":["default"],"stop_before_destroy":false,"tags":null,"timeouts":null,"user_data":"3670b43deeb2d5936a31f7eb5c20593fd64c7a0e","vendor_options":[],"volume":[]}}

+ 0
- 9
inventory Ver fichero

@@ -1,9 +0,0 @@
[ovh_vms]
controller.testing.thengo.net openstack_region=DE1
#ns.testing.thengo.net openstack_region=DE1

[controllers]
controller.testing.thengo.net

[nameservers]
ns.testing.thengo.net

+ 1
- 0
inventory.json Ver fichero

@@ -0,0 +1 @@
{"all":{"children":{"controllers":{"hosts":{"controller.testing.thengo.net":{}}},"provider_hetzner":{"hosts":{"controller.testing.thengo.net":{"ansible_host":"116.203.152.103","external_ip":"116.203.152.103"}}}},"hosts":{"controller.testing.thengo.net":{}}}}

+ 13
- 0
inventory_input.tf Ver fichero

@@ -0,0 +1,13 @@
variable "vm_hosts" {
default = {
"controller.testing.thengo.net" = { provider = "hetzner", groups = [ "controllers" ] }
#"ns.testing.thengo.net" = { provider = "hetzner", groups = [ "nameservers" ] }
}
}

variable "groups" {
default = {
reverse_proxies = {
}
}
}

+ 1
- 0
provider_hetzner.auto.tfvars Ver fichero

@@ -0,0 +1 @@
hetzner_token = "nCsHpDLur3bZyLdibay4CvdlP4MnJ1gREFkale18x2Onjv69URriP6roQUvBbqDT"

+ 107
- 0
provider_hetzner.tf Ver fichero

@@ -0,0 +1,107 @@
# Provider Setup

variable "hetzner_token" {
type = string
description = "Hetzner Cloud API-Token"
}

variable "hetzner_default_location" {
type = string
default = "nbg1"
}

variable "hetzner_server_image" {
type = string
default = "debian-10"
}

variable "hetzner_default_server_type" {
type = string
default = "cx11"
}

variable "hetzner_ssh_keys_filenames" {
type = set(string)
default = [
"~/.ssh/id_ed25519.pub",
]
}

provider "hcloud" {
token = var.hetzner_token
}


# Network

#resource "hcloud_network" "internal_network" {
# name = "internal_network"
# ip_range = "10.0.0.0/8"
#}
#resource "hcloud_network_subnet" "internal_network" {
# network_id = hcloud_network.internal_network.id
# type = "server"
# network_zone = "eu-central"
# ip_range = "10.9.0.0/16"
#}


# VMs

resource "hcloud_ssh_key" "ssh_keys" {
name = each.value
public_key = file(each.value)
for_each = var.hetzner_ssh_keys_filenames
}

locals {
hetzner_vm_hosts = {
for hostname, host in var.vm_hosts: hostname => host
if host.provider == "hetzner"
}
hetzner_vm_hosts_with_groups = {
for hostname, host in local.hetzner_vm_hosts: hostname => host if contains(keys(host),"groups")
}
hetzner_vm_hosts_without_groups = {
for hostname, host in local.hetzner_vm_hosts: hostname => host if !contains(keys(host),"groups")
}
}

resource "hcloud_server" "vms" {
name = each.key
image = var.hetzner_server_image
server_type = var.hetzner_default_server_type
location = var.hetzner_default_location
ssh_keys = [for value in hcloud_ssh_key.ssh_keys: value.id]

lifecycle {
ignore_changes = [
ssh_keys,
]
}

for_each = local.hetzner_vm_hosts
}

#resource "hcloud_server_network" "vms" {
# server_id = hcloud_server.vms[each.key].id
# network_id = hcloud_network.internal_network.id
#
# for_each = local.hetzner_vm_hosts
#}

# Provider Variable

locals {
provider_hetzner = {
hostvars = {
for hostname, host in var.vm_hosts: hostname =>
{
external_ip = hcloud_server.vms[hostname].ipv4_address
ansible_host = hcloud_server.vms[hostname].ipv4_address
#internal_ip = hcloud_server_network.vms[hostname].ip
}
if host.provider == "hetzner"
}
}
}

+ 5
- 0
providers.tf Ver fichero

@@ -0,0 +1,5 @@
locals {
providers = {
hetzner = local.provider_hetzner
}
}

+ 173
- 0
terraform.tfstate Ver fichero

@@ -0,0 +1,173 @@
{
"version": 4,
"terraform_version": "0.12.24",
"serial": 26,
"lineage": "0f8651e8-593e-1889-aef1-d79f69de7a9a",
"outputs": {
"ansible_inventory": {
"value": {
"all": {
"children": {
"controllers": {
"hosts": {
"controller.testing.thengo.net": {}
}
},
"provider_hetzner": {
"hosts": {
"controller.testing.thengo.net": {
"ansible_host": "116.203.152.103",
"external_ip": "116.203.152.103"
}
}
}
},
"hosts": {
"controller.testing.thengo.net": {}
}
}
},
"type": [
"object",
{
"all": [
"object",
{
"children": [
"object",
{
"controllers": [
"object",
{
"hosts": [
"object",
{
"controller.testing.thengo.net": [
"object",
{}
]
}
]
}
],
"provider_hetzner": [
"object",
{
"hosts": [
"object",
{
"controller.testing.thengo.net": [
"object",
{
"ansible_host": "string",
"external_ip": "string"
}
]
}
]
}
]
}
],
"hosts": [
"object",
{
"controller.testing.thengo.net": [
"object",
{}
]
}
]
}
]
}
]
}
},
"resources": [
{
"mode": "managed",
"type": "hcloud_server",
"name": "vms",
"each": "map",
"provider": "provider.hcloud",
"instances": [
{
"index_key": "controller.testing.thengo.net",
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "nbg1-dc3",
"id": "5685515",
"image": "debian-10",
"ipv4_address": "116.203.152.103",
"ipv6_address": "2a01:4f8:c0c:c828::1",
"ipv6_network": "2a01:4f8:c0c:c828::/64",
"iso": null,
"keep_disk": false,
"labels": {},
"location": "nbg1",
"name": "controller.testing.thengo.net",
"rescue": null,
"server_type": "cx11",
"ssh_keys": [
"1501431"
],
"status": "running",
"user_data": null
},
"private": "bnVsbA==",
"dependencies": [
"hcloud_ssh_key.ssh_keys"
]
}
]
},
{
"mode": "managed",
"type": "hcloud_ssh_key",
"name": "ssh_keys",
"each": "map",
"provider": "provider.hcloud",
"instances": [
{
"index_key": "~/.ssh/id_ed25519.pub",
"schema_version": 0,
"attributes": {
"fingerprint": "75:3c:1e:51:61:71:51:48:d0:45:18:e4:66:19:de:6e",
"id": "1501431",
"labels": {},
"name": "~/.ssh/id_ed25519.pub",
"public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwdEkFBdQfY5YB6LR1l+copG7rZXlGLQyWWwhZdNkpW ka\n"
},
"private": "bnVsbA=="
}
]
},
{
"mode": "managed",
"type": "local_file",
"name": "foo",
"provider": "provider.local",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": "{\"all\":{\"children\":{\"controllers\":{\"hosts\":{\"controller.testing.thengo.net\":{}}},\"provider_hetzner\":{\"hosts\":{\"controller.testing.thengo.net\":{\"ansible_host\":\"116.203.152.103\",\"external_ip\":\"116.203.152.103\"}}}},\"hosts\":{\"controller.testing.thengo.net\":{}}}}",
"content_base64": null,
"directory_permission": "0755",
"file_permission": "0644",
"filename": "inventory.json",
"id": "0f2b79f769f5dcbdebc46242e9b0484c11646b71",
"sensitive_content": null
},
"private": "bnVsbA==",
"dependencies": [
"hcloud_server.vms"
]
}
]
}
]
}

+ 238
- 0
terraform.tfstate.backup Ver fichero

@@ -0,0 +1,238 @@
{
"version": 4,
"terraform_version": "0.12.24",
"serial": 22,
"lineage": "0f8651e8-593e-1889-aef1-d79f69de7a9a",
"outputs": {
"ansible_inventory": {
"value": {
"all": {
"children": {
"controllers": {
"hosts": {
"controller.testing.thengo.net": {}
}
},
"nameservers": {
"hosts": {
"ns.testing.thengo.net": {}
}
},
"provider_hetzner": {
"hosts": {
"controller.testing.thengo.net": {
"ansible_host": "116.203.152.103",
"external_ip": "116.203.152.103"
},
"ns.testing.thengo.net": {
"ansible_host": "116.203.152.95",
"external_ip": "116.203.152.95"
}
}
}
},
"hosts": {
"controller.testing.thengo.net": {},
"ns.testing.thengo.net": {}
}
}
},
"type": [
"object",
{
"all": [
"object",
{
"children": [
"object",
{
"controllers": [
"object",
{
"hosts": [
"object",
{
"controller.testing.thengo.net": [
"object",
{}
]
}
]
}
],
"nameservers": [
"object",
{
"hosts": [
"object",
{
"ns.testing.thengo.net": [
"object",
{}
]
}
]
}
],
"provider_hetzner": [
"object",
{
"hosts": [
"object",
{
"controller.testing.thengo.net": [
"object",
{
"ansible_host": "string",
"external_ip": "string"
}
],
"ns.testing.thengo.net": [
"object",
{
"ansible_host": "string",
"external_ip": "string"
}
]
}
]
}
]
}
],
"hosts": [
"object",
{
"controller.testing.thengo.net": [
"object",
{}
],
"ns.testing.thengo.net": [
"object",
{}
]
}
]
}
]
}
]
}
},
"resources": [
{
"mode": "managed",
"type": "hcloud_server",
"name": "vms",
"each": "map",
"provider": "provider.hcloud",
"instances": [
{
"index_key": "controller.testing.thengo.net",
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "nbg1-dc3",
"id": "5685515",
"image": "debian-10",
"ipv4_address": "116.203.152.103",
"ipv6_address": "2a01:4f8:c0c:c828::1",
"ipv6_network": "2a01:4f8:c0c:c828::/64",
"iso": null,
"keep_disk": false,
"labels": {},
"location": "nbg1",
"name": "controller.testing.thengo.net",
"rescue": null,
"server_type": "cx11",
"ssh_keys": [
"1501431"
],
"status": "running",
"user_data": null
},
"private": "bnVsbA==",
"dependencies": [
"hcloud_ssh_key.ssh_keys"
]
},
{
"index_key": "ns.testing.thengo.net",
"schema_version": 0,
"attributes": {
"backup_window": "",
"backups": false,
"datacenter": "nbg1-dc3",
"id": "5685513",
"image": "debian-10",
"ipv4_address": "116.203.152.95",
"ipv6_address": "2a01:4f8:c0c:c827::1",
"ipv6_network": "2a01:4f8:c0c:c827::/64",
"iso": null,
"keep_disk": false,
"labels": {},
"location": "nbg1",
"name": "ns.testing.thengo.net",
"rescue": null,
"server_type": "cx11",
"ssh_keys": [
"1501431"
],
"status": "running",
"user_data": null
},
"private": "bnVsbA==",
"dependencies": [
"hcloud_ssh_key.ssh_keys"
]
}
]
},
{
"mode": "managed",
"type": "hcloud_ssh_key",
"name": "ssh_keys",
"each": "map",
"provider": "provider.hcloud",
"instances": [
{
"index_key": "~/.ssh/id_ed25519.pub",
"schema_version": 0,
"attributes": {
"fingerprint": "75:3c:1e:51:61:71:51:48:d0:45:18:e4:66:19:de:6e",
"id": "1501431",
"labels": {},
"name": "~/.ssh/id_ed25519.pub",
"public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGwdEkFBdQfY5YB6LR1l+copG7rZXlGLQyWWwhZdNkpW ka\n"
},
"private": "bnVsbA=="
}
]
},
{
"mode": "managed",
"type": "local_file",
"name": "foo",
"provider": "provider.local",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": "{\"all\":{\"children\":{\"controllers\":{\"hosts\":{\"controller.testing.thengo.net\":{}}},\"nameservers\":{\"hosts\":{\"ns.testing.thengo.net\":{}}},\"provider_hetzner\":{\"hosts\":{\"controller.testing.thengo.net\":{\"ansible_host\":\"116.203.152.103\",\"external_ip\":\"116.203.152.103\"},\"ns.testing.thengo.net\":{\"ansible_host\":\"116.203.152.95\",\"external_ip\":\"116.203.152.95\"}}}},\"hosts\":{\"controller.testing.thengo.net\":{},\"ns.testing.thengo.net\":{}}}}",
"content_base64": null,
"directory_permission": "0755",
"file_permission": "0644",
"filename": "inventory.json",
"id": "24344b5c76e5b8f59034052299c331fe9ea170c3",
"sensitive_content": null
},
"private": "bnVsbA==",
"dependencies": [
"hcloud_server.vms"
]
}
]
}
]
}

+ 0
- 31
terraform/controller.testing.thengo.net.tf Ver fichero

@@ -1,31 +0,0 @@
resource "openstack_compute_instance_v2" "controller--testing--thengo--net" {
name = "controller.testing.thengo.net"

region = "DE1"

flavor_name = "s1-2"

key_pair = "terraform-default"
user_data = "#cloud-config\ndisable_root: false"

image_name = "Debian 10"

network {
name = "Ext-Net"
}

lifecycle {
ignore_changes = [
key_pair,
user_data
]
}
}

resource "local_file" "controller--testing--thengo--net-info" {
content = jsonencode({
"terraform_vm": openstack_compute_instance_v2.controller--testing--thengo--net
})
filename = "../host_vars/controller.testing.thengo.net/terraform-info.json"
}


+ 0
- 7
terraform/etcd.tf Ver fichero

@@ -1,7 +0,0 @@
terraform {
backend "etcdv3" {
endpoints = ["localhost:2379"]
lock = true
prefix = "testing/terraform-state/"
}
}

+ 0
- 32
terraform/ovh.tf Ver fichero

@@ -1,32 +0,0 @@
provider "ovh" {
endpoint = "ovh-eu"
}

resource "ovh_cloud_user" "user" {
project_id = "2044653399df4877a72b77333c25557e"
description = "terraform user"
}

provider "openstack" {
auth_url = "https://auth.cloud.ovh.net/v3"

user_name = ovh_cloud_user.user.username
password = ovh_cloud_user.user.password

tenant_id = ovh_cloud_user.user.project_id
}

variable "ovh_regions" {
type = list(string)
default = [
"DE1",
"GRA7",
]
}

resource "openstack_compute_keypair_v2" "default" {
name = "terraform-default"
region = each.value
public_key = file("~/.ssh/id_rsa.pub")
for_each = toset(var.ovh_regions)
}

terraform/versions.tf → versions.tf Ver fichero


Escribir Vista previa
Cargando…
Cancelar
Guardar