Skip to content

Commit

Permalink
[terraform] use modern day equinix metal provider (kubernetes-sigs#8748)
Browse files Browse the repository at this point in the history
* [terraform] use modern day equinix metal provider

* [CI] ensure packet job tests metal
  • Loading branch information
cristicalin authored and LuckySB committed Oct 23, 2023
1 parent 28fe796 commit 8bda053
Show file tree
Hide file tree
Showing 11 changed files with 58 additions and 59 deletions.
4 changes: 2 additions & 2 deletions .gitlab-ci/terraform.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,11 +60,11 @@ tf-validate-openstack:
PROVIDER: openstack
CLUSTER: $CI_COMMIT_REF_NAME

tf-validate-packet:
tf-validate-metal:
extends: .terraform_validate
variables:
TF_VERSION: $TERRAFORM_VERSION
PROVIDER: packet
PROVIDER: metal
CLUSTER: $CI_COMMIT_REF_NAME

tf-validate-aws:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,9 @@ Terraform will be used to provision all of the Equinix Metal resources with base
Create an inventory directory for your cluster by copying the existing sample and linking the `hosts` script (used to build the inventory based on Terraform state):

```ShellSession
cp -LRp contrib/terraform/packet/sample-inventory inventory/$CLUSTER
cp -LRp contrib/terraform/metal/sample-inventory inventory/$CLUSTER
cd inventory/$CLUSTER
ln -s ../../contrib/terraform/packet/hosts
ln -s ../../contrib/terraform/metal/hosts
```

This will be the base for subsequent Terraform commands.
Expand Down Expand Up @@ -101,7 +101,7 @@ This helps when identifying which hosts are associated with each cluster.
While the defaults in variables.tf will successfully deploy a cluster, it is recommended to set the following values:

- cluster_name = the name of the inventory directory created above as $CLUSTER
- packet_project_id = the Equinix Metal Project ID associated with the Equinix Metal API token above
- metal_project_id = the Equinix Metal Project ID associated with the Equinix Metal API token above

#### Enable localhost access

Expand All @@ -119,7 +119,7 @@ Once the Kubespray playbooks are run, a Kubernetes configuration file will be wr

In the cluster's inventory folder, the following files might be created (either by Terraform
or manually), to prevent you from pushing them accidentally they are in a
`.gitignore` file in the `terraform/packet` directory :
`.gitignore` file in the `terraform/metal` directory :

- `.terraform`
- `.tfvars`
Expand All @@ -135,7 +135,7 @@ plugins. This is accomplished as follows:

```ShellSession
cd inventory/$CLUSTER
terraform init ../../contrib/terraform/packet
terraform init ../../contrib/terraform/metal
```

This should finish fairly quickly telling you Terraform has successfully initialized and loaded necessary modules.
Expand All @@ -146,7 +146,7 @@ You can apply the Terraform configuration to your cluster with the following com
issued from your cluster's inventory directory (`inventory/$CLUSTER`):

```ShellSession
terraform apply -var-file=cluster.tfvars ../../contrib/terraform/packet
terraform apply -var-file=cluster.tfvars ../../contrib/terraform/metal
export ANSIBLE_HOST_KEY_CHECKING=False
ansible-playbook -i hosts ../../cluster.yml
```
Expand All @@ -156,7 +156,7 @@ ansible-playbook -i hosts ../../cluster.yml
You can destroy your new cluster with the following command issued from the cluster's inventory directory:

```ShellSession
terraform destroy -var-file=cluster.tfvars ../../contrib/terraform/packet
terraform destroy -var-file=cluster.tfvars ../../contrib/terraform/metal
```

If you've started the Ansible run, it may also be a good idea to do some manual cleanup:
Expand Down
File renamed without changes.
Original file line number Diff line number Diff line change
@@ -1,63 +1,62 @@
# Configure the Equinix Metal Provider
provider "packet" {
version = "~> 2.0"
provider "metal" {
}

resource "packet_ssh_key" "k8s" {
resource "metal_ssh_key" "k8s" {
count = var.public_key_path != "" ? 1 : 0
name = "kubernetes-${var.cluster_name}"
public_key = chomp(file(var.public_key_path))
}

resource "packet_device" "k8s_master" {
depends_on = [packet_ssh_key.k8s]
resource "metal_device" "k8s_master" {
depends_on = [metal_ssh_key.k8s]

count = var.number_of_k8s_masters
hostname = "${var.cluster_name}-k8s-master-${count.index + 1}"
plan = var.plan_k8s_masters
facilities = [var.facility]
operating_system = var.operating_system
billing_cycle = var.billing_cycle
project_id = var.packet_project_id
project_id = var.metal_project_id
tags = ["cluster-${var.cluster_name}", "k8s_cluster", "kube_control_plane", "etcd", "kube_node"]
}

resource "packet_device" "k8s_master_no_etcd" {
depends_on = [packet_ssh_key.k8s]
resource "metal_device" "k8s_master_no_etcd" {
depends_on = [metal_ssh_key.k8s]

count = var.number_of_k8s_masters_no_etcd
hostname = "${var.cluster_name}-k8s-master-${count.index + 1}"
plan = var.plan_k8s_masters_no_etcd
facilities = [var.facility]
operating_system = var.operating_system
billing_cycle = var.billing_cycle
project_id = var.packet_project_id
project_id = var.metal_project_id
tags = ["cluster-${var.cluster_name}", "k8s_cluster", "kube_control_plane"]
}

resource "packet_device" "k8s_etcd" {
depends_on = [packet_ssh_key.k8s]
resource "metal_device" "k8s_etcd" {
depends_on = [metal_ssh_key.k8s]

count = var.number_of_etcd
hostname = "${var.cluster_name}-etcd-${count.index + 1}"
plan = var.plan_etcd
facilities = [var.facility]
operating_system = var.operating_system
billing_cycle = var.billing_cycle
project_id = var.packet_project_id
project_id = var.metal_project_id
tags = ["cluster-${var.cluster_name}", "etcd"]
}

resource "packet_device" "k8s_node" {
depends_on = [packet_ssh_key.k8s]
resource "metal_device" "k8s_node" {
depends_on = [metal_ssh_key.k8s]

count = var.number_of_k8s_nodes
hostname = "${var.cluster_name}-k8s-node-${count.index + 1}"
plan = var.plan_k8s_nodes
facilities = [var.facility]
operating_system = var.operating_system
billing_cycle = var.billing_cycle
project_id = var.packet_project_id
project_id = var.metal_project_id
tags = ["cluster-${var.cluster_name}", "k8s_cluster", "kube_node"]
}

16 changes: 16 additions & 0 deletions contrib/terraform/metal/output.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
output "k8s_masters" {
value = metal_device.k8s_master.*.access_public_ipv4
}

output "k8s_masters_no_etc" {
value = metal_device.k8s_master_no_etcd.*.access_public_ipv4
}

output "k8s_etcds" {
value = metal_device.k8s_etcd.*.access_public_ipv4
}

output "k8s_nodes" {
value = metal_device.k8s_node.*.access_public_ipv4
}

Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
cluster_name = "mycluster"

# Your Equinix Metal project ID. See hhttps://metal.equinix.com/developers/docs/accounts/
packet_project_id = "Example-API-Token"
metal_project_id = "Example-API-Token"

# The public SSH key to be uploaded into authorized_keys in bare metal Equinix Metal nodes provisioned
# leave this value blank if the public key is already setup in the Equinix Metal project
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@ variable "cluster_name" {
default = "kubespray"
}

variable "packet_project_id" {
variable "metal_project_id" {
description = "Your Equinix Metal project ID. See https://metal.equinix.com/developers/docs/accounts/"
}

variable "operating_system" {
default = "ubuntu_16_04"
default = "ubuntu_20_04"
}

variable "public_key_path" {
Expand All @@ -24,23 +24,23 @@ variable "facility" {
}

variable "plan_k8s_masters" {
default = "c2.medium.x86"
default = "c3.small.x86"
}

variable "plan_k8s_masters_no_etcd" {
default = "c2.medium.x86"
default = "c3.small.x86"
}

variable "plan_etcd" {
default = "c2.medium.x86"
default = "c3.small.x86"
}

variable "plan_k8s_nodes" {
default = "c2.medium.x86"
default = "c3.medium.x86"
}

variable "number_of_k8s_masters" {
default = 0
default = 1
}

variable "number_of_k8s_masters_no_etcd" {
Expand All @@ -52,6 +52,6 @@ variable "number_of_etcd" {
}

variable "number_of_k8s_nodes" {
default = 0
default = 1
}

Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
terraform {
required_version = ">= 0.12"
required_providers {
packet = {
source = "terraform-providers/packet"
metal = {
source = "equinix/metal"
}
}
}
16 changes: 0 additions & 16 deletions contrib/terraform/packet/output.tf

This file was deleted.

16 changes: 8 additions & 8 deletions contrib/terraform/terraform.py
Original file line number Diff line number Diff line change
Expand Up @@ -195,8 +195,8 @@ def parse_bool(string_form):
raise ValueError('could not convert %r to a bool' % string_form)


@parses('packet_device')
def packet_device(resource, tfvars=None):
@parses('metal_device')
def metal_device(resource, tfvars=None):
raw_attrs = resource['primary']['attributes']
name = raw_attrs['hostname']
groups = []
Expand All @@ -213,25 +213,25 @@ def packet_device(resource, tfvars=None):
'state': raw_attrs['state'],
# ansible
'ansible_ssh_host': raw_attrs['network.0.address'],
'ansible_ssh_user': 'root', # Use root by default in packet
'ansible_ssh_user': 'root', # Use root by default in metal
# generic
'ipv4_address': raw_attrs['network.0.address'],
'public_ipv4': raw_attrs['network.0.address'],
'ipv6_address': raw_attrs['network.1.address'],
'public_ipv6': raw_attrs['network.1.address'],
'private_ipv4': raw_attrs['network.2.address'],
'provider': 'packet',
'provider': 'metal',
}

if raw_attrs['operating_system'] == 'flatcar_stable':
# For Flatcar set the ssh_user to core
attrs.update({'ansible_ssh_user': 'core'})

# add groups based on attrs
groups.append('packet_operating_system=' + attrs['operating_system'])
groups.append('packet_locked=%s' % attrs['locked'])
groups.append('packet_state=' + attrs['state'])
groups.append('packet_plan=' + attrs['plan'])
groups.append('metal_operating_system=' + attrs['operating_system'])
groups.append('metal_locked=%s' % attrs['locked'])
groups.append('metal_state=' + attrs['state'])
groups.append('metal_plan=' + attrs['plan'])

# groups specific to kubespray
groups = groups + attrs['tags']
Expand Down

0 comments on commit 8bda053

Please sign in to comment.