-
Notifications
You must be signed in to change notification settings - Fork 87
/
Copy pathmain.tf
107 lines (91 loc) · 2.95 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# Configure the Packet Provider.
terraform {
required_providers {
metal = {
source = "equinix/metal"
version = "3.1.0"
}
null = {
source = "hashicorp/null"
version = "~> 2.1.2"
}
template = {
source = "hashicorp/template"
version = "~> 2.1.2"
}
}
}
provider "metal" {
auth_token = var.metal_api_token
}
# Create a new VLAN in datacenter "ewr1"
resource "metal_vlan" "provisioning_vlan" {
description = "provisioning_vlan"
facility = var.facility
project_id = var.project_id
}
# Create a device and add it to tf_project_1
resource "metal_device" "tink_worker" {
hostname = "tink-worker"
plan = var.device_type
facilities = [var.facility]
operating_system = "custom_ipxe"
ipxe_script_url = "https://boot.netboot.xyz"
always_pxe = "true"
billing_cycle = "hourly"
project_id = var.project_id
}
resource "metal_device_network_type" "tink_worker_network_type" {
device_id = metal_device.tink_worker.id
type = "layer2-individual"
}
# Attach VLAN to worker
resource "metal_port_vlan_attachment" "worker" {
depends_on = [metal_device_network_type.tink_worker_network_type]
device_id = metal_device.tink_worker.id
port_name = "eth0"
vlan_vnid = metal_vlan.provisioning_vlan.vxlan
}
# Create a device and add it to tf_project_1
resource "metal_device" "tink_provisioner" {
hostname = "tink-provisioner"
plan = var.device_type
facilities = [var.facility]
operating_system = "ubuntu_20_04"
billing_cycle = "hourly"
project_id = var.project_id
user_data = file("setup.sh")
}
resource "metal_device_network_type" "tink_provisioner_network_type" {
device_id = metal_device.tink_provisioner.id
type = "hybrid"
}
# Attach VLAN to provisioner
resource "metal_port_vlan_attachment" "provisioner" {
depends_on = [metal_device_network_type.tink_provisioner_network_type]
device_id = metal_device.tink_provisioner.id
port_name = "eth1"
vlan_vnid = metal_vlan.provisioning_vlan.vxlan
}
resource "null_resource" "setup" {
connection {
type = "ssh"
user = "root"
host = metal_device.tink_provisioner.network[0].address
private_key = file("~/.ssh/id_rsa")
}
# need to tar the compose directory because the 'provisioner "file"' does not preserve file permissions
provisioner "local-exec" {
command = "cd ../ && tar zcvf compose.tar.gz compose"
}
provisioner "file" {
source = "../compose.tar.gz"
destination = "/root/compose.tar.gz"
}
provisioner "remote-exec" {
inline = [
"cd /root && tar zxvf /root/compose.tar.gz -C /root/sandbox",
"cd /root/sandbox/compose && TINKERBELL_CLIENT_MAC=${metal_device.tink_worker.ports[1].mac} TINKERBELL_TEMPLATE_MANIFEST=/manifests/template/ubuntu-equinix-metal.yaml TINKERBELL_HARDWARE_MANIFEST=/manifests/hardware/hardware-equinix-metal.json docker-compose up -d"
]
}
}