From d1feee5e469edbf6e5262b0f2a3dc76bb6f69ef9 Mon Sep 17 00:00:00 2001 From: Carolina Delwing Rosa Date: Thu, 15 Feb 2024 16:40:59 -0500 Subject: [PATCH] docs: add terraform files to deploy a vmware cluster --- .../vmware-cluster-deployment-tf/README.md | 83 ++++++++++ .../vmware-cluster-deployment-tf/cluster.tf | 87 ++++++++++ .../vmware-cluster-deployment-tf/data.tf | 69 ++++++++ .../vmware-cluster-deployment-tf/inputs.tf | 149 ++++++++++++++++++ .../vmware-cluster-deployment-tf/ippool.tf | 13 ++ .../vmware-cluster-deployment-tf/outputs.tf | 15 ++ .../vmware-cluster-deployment-tf/profile.tf | 56 +++++++ .../vmware-cluster-deployment-tf/provider.tf | 20 +++ .../terraform.tfvars | 23 +++ 9 files changed, 515 insertions(+) create mode 100644 terraform/vmware-cluster-deployment-tf/README.md create mode 100644 terraform/vmware-cluster-deployment-tf/cluster.tf create mode 100644 terraform/vmware-cluster-deployment-tf/data.tf create mode 100644 terraform/vmware-cluster-deployment-tf/inputs.tf create mode 100644 terraform/vmware-cluster-deployment-tf/ippool.tf create mode 100644 terraform/vmware-cluster-deployment-tf/outputs.tf create mode 100644 terraform/vmware-cluster-deployment-tf/profile.tf create mode 100644 terraform/vmware-cluster-deployment-tf/provider.tf create mode 100644 terraform/vmware-cluster-deployment-tf/terraform.tfvars diff --git a/terraform/vmware-cluster-deployment-tf/README.md b/terraform/vmware-cluster-deployment-tf/README.md new file mode 100644 index 0000000..b4a1cb7 --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/README.md @@ -0,0 +1,83 @@ +# Hello Universe TF + +This folder contains the demo code for the [Deploy App Workloads with a PCG](placeholder for the tutorial link) tutorial. +Use the code in this directory with the tutorial. + +To get started, review the [prerequisites](#prerequisites). Next, follow the steps in the tutorial to deploy the VMware cluster and add-on pack. +Use the [terraform.tfvars](./terraform.tfvars) file to provide the required variables. Once you populate the variables, you can deploy the VMware cluster and add-on pack. + +## Prerequisites + +You will need the following things before getting started: + +1. A Palette API key. +2. A VMware PCG added to your Palette account. +3. A public SSH key that will be used to access the cluster nodes. + +> [!NOTE] +> This Terraform code will deploy the resources specified in the template to **VMware vSphere**. + +## Requirements + +| Name | Version | +| --------------------------------------------------------------------------------- | --------- | +| [spectrocloud](#requirement_spectrocloud) | >= 0.16.1 | +| [vsphere](#requirement_vsphere) | >= 2.6.1 | + +## Providers + +| Name | Version | +| --------------------------------------------------------------------------- | ------- | +| [spectrocloud](#provider_spectrocloud) | 0.17.4 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | +| [spectrocloud_cluster_profile.profile](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/resources/cluster_profile) | resource | +| [spectrocloud_cluster_vsphere.cluster](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/resources/cluster_vsphere) | resource | +| [spectrocloud_privatecloudgateway_ippool.ippool](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/resources/privatecloudgateway_ippool) | resource | +| [spectrocloud_cloudaccount_vsphere.account](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/data-sources/cloudaccount_vsphere) | data source | +| [spectrocloud_pack.cni](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/data-sources/pack) | data source | +| [spectrocloud_pack.csi](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/data-sources/pack) | data source | +| [spectrocloud_pack.k8s](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/data-sources/pack) | data source | +| [spectrocloud_pack.metallb](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/data-sources/pack) | data source | +| [spectrocloud_pack.ubuntu](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/data-sources/pack) | data source | +| [spectrocloud_private_cloud_gateway.pcg](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/data-sources/private_cloud_gateway) | data source | +| [spectrocloud_registry.public_registry](https://registry.terraform.io/providers/spectrocloud/spectrocloud/latest/docs/data-sources/registry) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +| ------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------- | :------: | +| [cluster_name](#input_cluster_name) | The name of the cluster. | `string` | `"pcg-tutorial-cluster"` | no | +| [cluster_profile_description](#input_cluster_profile_description) | Provide a description of the cluster profile. | `string` | `"My cluster profile as part of the pcg tutorial."` | no | +| [cluster_profile_name](#input_cluster_profile_name) | The name of the cluster profile. | `string` | `"pcg-tutorial-profile"` | no | +| [datacenter_name](#input_datacenter_name) | The name of the vsphere datacenter. | `string` | n/a | yes | +| [datastore_name](#input_datastore_name) | The name of the vsphere datastore. | `string` | n/a | yes | +| [folder_name](#input_folder_name) | The name of the vsphere folder. | `string` | n/a | yes | +| [ip_range_end](#input_ip_range_end) | The last IP of your IP range. | `string` | n/a | yes | +| [ip_range_start](#input_ip_range_start) | The first IP of your IP range. | `string` | n/a | yes | +| [metallb_ip](#input_metallb_ip) | Provide the metallb ip. | `string` | n/a | yes | +| [nameserver_addr](#input_nameserver_addr) | The nameserver address of your network. | `set(string)` | n/a | yes | +| [network_gateway](#input_network_gateway) | The gateway of your network. | `string` | n/a | yes | +| [network_name](#input_network_name) | The name of the vsphere network. | `string` | n/a | yes | +| [network_prefix](#input_network_prefix) | The network prefix of your IP Pool. | `number` | n/a | yes | +| [pcg_name](#input_pcg_name) | The name of the Vsphere PCG | `string` | n/a | yes | +| [resource_pool_name](#input_resource_pool_name) | The name of the vsphere resource pool. | `string` | n/a | yes | +| [ssh_key](#input_ssh_key) | Specify the public key that will be used to access the cluster nodes. | `string` | n/a | yes | +| [tags](#input_tags) | The default tags to apply to Palette resources | `list(string)` | 
[
 "spectro-cloud-education",
 "app:hello-universe",
 "terraform_managed:true"
]
| no | +| [vsphere_cluster](#input_vsphere_cluster) | The name of your vsphere cluster. | `string` | n/a | yes | + +## Outputs + +| Name | Description | +| ----------------------------------------------------------------- | ----------- | +| [Advisory](#output_Advisory) | n/a | +| [profile_id](#output_profile_id) | n/a | + + diff --git a/terraform/vmware-cluster-deployment-tf/cluster.tf b/terraform/vmware-cluster-deployment-tf/cluster.tf new file mode 100644 index 0000000..cccc5b4 --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/cluster.tf @@ -0,0 +1,87 @@ +# Copyright (c) Spectro Cloud +# SPDX-License-Identifier: Apache-2.0 + +resource "spectrocloud_cluster_vsphere" "cluster" { + name = var.cluster_name + tags = var.tags + cloud_account_id = data.spectrocloud_cloudaccount_vsphere.account.id + depends_on = [spectrocloud_cluster_profile.profile] + + cloud_config { + ssh_key = var.ssh_key + datacenter = var.datacenter_name + folder = var.folder_name + static_ip = true + + } + + cluster_profile { + id = spectrocloud_cluster_profile.profile.id + } + + scan_policy { + configuration_scan_schedule = "0 0 * * SUN" + penetration_scan_schedule = "0 0 * * SUN" + conformance_scan_schedule = "0 0 1 * *" + } + + ############################## + # control-plane-pool + ############################## + machine_pool { + name = "control-plane-pool" + count = 1 + control_plane = true + control_plane_as_worker = true + + instance_type { + cpu = 4 + disk_size_gb = 60 + memory_mb = 8000 + } + + placement { + cluster = var.vsphere_cluster + datastore = var.datastore_name + network = var.network_name + resource_pool = var.resource_pool_name + static_ip_pool_id = resource.spectrocloud_privatecloudgateway_ippool.ippool.id + } + + additional_labels = { + "owner" = "docs" + "purpose" = "tutorial" + "type" = "control-plane-node" + } + } + + ############################## + # worker-pool + ############################## + machine_pool { + name = "worker-pool" + count = 1 + control_plane = false + + instance_type { + cpu = 4 + disk_size_gb = 60 + memory_mb = 8000 + } + + placement { + cluster = var.vsphere_cluster + datastore = var.datastore_name + network = var.network_name + resource_pool = var.resource_pool_name + static_ip_pool_id = resource.spectrocloud_privatecloudgateway_ippool.ippool.id + } + + additional_labels = { + "owner" = "docs" + "purpose" = "tutorial" + "type" = "worker-node" + } + } + +} diff --git a/terraform/vmware-cluster-deployment-tf/data.tf b/terraform/vmware-cluster-deployment-tf/data.tf new file mode 100644 index 0000000..b3a072b --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/data.tf @@ -0,0 +1,69 @@ +# Copyright (c) Spectro Cloud +# SPDX-License-Identifier: Apache-2.0 + +#################################### +# Data resources for the profile +#################################### +data "spectrocloud_registry" "public_registry" { + name = "Public Repo" +} + +#################################### +# Core Infrastructure Layers +# The following core infrastructure layers are configured for deployment to Vsphere. +# Change the name and version of the following core infrastructure layers if you want to create the profile for other cloud service providers. +#################################### +data "spectrocloud_pack" "ubuntu" { + name = "ubuntu-vsphere" + version = "22.04" + registry_uid = data.spectrocloud_registry.public_registry.id +} + +data "spectrocloud_pack" "k8s" { + name = "kubernetes" + version = "1.28.3" + registry_uid = data.spectrocloud_registry.public_registry.id +} + +data "spectrocloud_pack" "cni" { + name = "cni-calico" + version = "3.26.3" + registry_uid = data.spectrocloud_registry.public_registry.id +} + +data "spectrocloud_pack" "csi" { + name = "csi-vsphere-csi" + version = "3.0.2" + registry_uid = data.spectrocloud_registry.public_registry.id +} + +data "spectrocloud_pack" "metallb" { + name = "lb-metallb" + version = "0.13.7" + registry_uid = data.spectrocloud_registry.public_registry.id +} + +#################################### +# Add-On Layers +#################################### + +#data "spectrocloud_pack" "hellouniverse" { +# name = +# version = +# registry_uid = data.spectrocloud_registry.public_registry.id +#} + +#################################### +# Data resources for the cluster +#################################### +data "spectrocloud_cloudaccount_vsphere" "account" { + name = var.pcg_name +} + + +#################################### +# Data resources for the PCG +#################################### +data "spectrocloud_private_cloud_gateway" "pcg" { + name = var.pcg_name +} \ No newline at end of file diff --git a/terraform/vmware-cluster-deployment-tf/inputs.tf b/terraform/vmware-cluster-deployment-tf/inputs.tf new file mode 100644 index 0000000..beb61bf --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/inputs.tf @@ -0,0 +1,149 @@ +# Copyright (c) Spectro Cloud +# SPDX-License-Identifier: Apache-2.0 + +#################################### +# Input resources for the profile +#################################### + +variable "cluster_profile_name" { + type = string + description = "The name of the cluster profile." + default = "pcg-tutorial-profile" +} + +variable "cluster_profile_description" { + type = string + description = "Provide a description of the cluster profile." + default = "My cluster profile as part of the PCG tutorial." +} + +# ToDo +# Provide a range of IP addresses for your Metallb Load Balancer. This range must be included in the PCG's static IP pool. +variable "metallb_ip" { + type = string + description = "The IP address range for your MetalLB Load Balancer." +} + +#################################### +# Input resources for the cluster +#################################### + +variable "cluster_name" { + type = string + description = "The name of the cluster." + default = "pcg-tutorial-cluster" +} + +variable "tags" { + type = list(string) + description = "The default tags to apply to Palette resources" + # Value and key must be 63 characters or less, must start and end with an alphanumeric character, and can contain only alphanumeric characters, dots, dashes or underscores. + # Slashes `\` are not allowed. + default = ["spectro-cloud-education", "app:hello-universe", "terraform_managed:true"] +} + +################################################# +# Input resources for the cluster - Cloud config +################################################# + +# ToDo +# Export the variable below as an environment variable named "TF_VAR_ssh_key". +# The value should include the public key for accessing the cluster nodes. +variable "ssh_key" { + type = string + description = "Specify the public key that will be used to access the cluster nodes." + sensitive = true +} + +# ToDo +# Provide the name of the datacenter in vSphere. +variable "datacenter_name" { + type = string + description = "The name of the datacenter in vSphere.." +} + +# ToDo +# Provide the name of the folder in vSphere. +variable "folder_name" { + type = string + description = "The name of the folder in vSphere." +} + +################################################# +# Input resources for the cluster - Placement +################################################# + +# ToDo +# Provide the cluster name for the machine pool as it appears in vSphere. +variable "vsphere_cluster" { + type = string + description = "The name of your vSphere cluster." +} + +# ToDo +# Provide the datastore name for the machine pool as it appears in vSphere. +variable "datastore_name" { + type = string + description = "The name of the vSphere datastore." +} + +# ToDo +# Provide the network name for the machine pool as it appears in vSphere. +variable "network_name" { + type = string + description = "The name of the vSphere network." +} + +# ToDo +# Provide the resource pool name for the machine pool as it appears in vSphere. +variable "resource_pool_name" { + type = string + description = "The name of the vSphere resource pool." +} + +################################################# +# Input resources for the Static IP Pool +################################################# + +# ToDo +# Provide the IP address of the vSphere network gateway. +variable "network_gateway" { + type = string + description = "The IP address of the vSphere network gateway." +} + +# ToDo +# Provide the prefix of your vSphere network. +# Valid values are network CIDR subnet masks from the range 0-32. Example: 18. +variable "network_prefix" { + type = number + description = "The prefix of your vSphere network." +} + +# ToDo +# Provide the name of the PCG that will be used to create the static IP pool. +variable "pcg_name" { + type = string + description = "The name of the IP Pool PCG." +} + +# ToDo +# Provide the first IP address of your PCG IP pool range. +variable "ip_range_start" { + type = string + description = "The first IP address of your PCG IP pool range." +} + +# ToDo +# Provide the second IP address of your PCG IP pool range. +variable "ip_range_end" { + type = string + description = "The last IP address of your PCG IP pool range." +} + +# ToDo +# Provide a comma-separated list of DNS name server IP addresses. +variable "nameserver_addr" { + type = set(string) + description = "The DNS nameserver IP addresses of your network." +} \ No newline at end of file diff --git a/terraform/vmware-cluster-deployment-tf/ippool.tf b/terraform/vmware-cluster-deployment-tf/ippool.tf new file mode 100644 index 0000000..7832252 --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/ippool.tf @@ -0,0 +1,13 @@ +# Copyright (c) Spectro Cloud +# SPDX-License-Identifier: Apache-2.0 + +resource "spectrocloud_privatecloudgateway_ippool" "ippool" { + gateway = var.network_gateway + name = "${var.cluster_name}-ippool" + network_type = "range" + prefix = var.network_prefix + private_cloud_gateway_id = data.spectrocloud_private_cloud_gateway.pcg.id + ip_start_range = var.ip_range_start + ip_end_range = var.ip_range_end + nameserver_addresses = var.nameserver_addr +} \ No newline at end of file diff --git a/terraform/vmware-cluster-deployment-tf/outputs.tf b/terraform/vmware-cluster-deployment-tf/outputs.tf new file mode 100644 index 0000000..7145616 --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/outputs.tf @@ -0,0 +1,15 @@ +# Copyright (c) Spectro Cloud +# SPDX-License-Identifier: Apache-2.0 + +output "Advisory" { + value = <<-EOT + +It takes between one to three minutes for DNS to properly resolve the public load balancer URL. +We recommend waiting a few moments before clicking on the service URL to prevent the browser from caching an unresolved DNS request. + +EOT +} + +output "profile_id" { + value = spectrocloud_cluster_profile.profile.id +} diff --git a/terraform/vmware-cluster-deployment-tf/profile.tf b/terraform/vmware-cluster-deployment-tf/profile.tf new file mode 100644 index 0000000..75c7d67 --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/profile.tf @@ -0,0 +1,56 @@ +# Copyright (c) Spectro Cloud +# SPDX-License-Identifier: Apache-2.0 + + +resource "spectrocloud_cluster_profile" "profile" { + name = var.cluster_profile_name + description = var.cluster_profile_description + tags = var.tags + cloud = "vsphere" + type = "cluster" + + ############################ + # Core layers + ############################ + # The packs listed below have a static name and tag value. Refer to the HubbleAPI collection before changing these values. + pack { + name = "ubuntu-vsphere" + tag = "LTS__22.4.x" + uid = data.spectrocloud_pack.ubuntu.id + values = data.spectrocloud_pack.ubuntu.values + } + + pack { + name = "kubernetes" + tag = "1.28.x" + uid = data.spectrocloud_pack.k8s.id + values = data.spectrocloud_pack.k8s.values + } + + pack { + name = "cni-calico" + tag = "3.26.x" + uid = data.spectrocloud_pack.cni.id + values = data.spectrocloud_pack.cni.values + } + + pack { + name = "csi-vsphere-csi" + tag = "3.0.x" + uid = data.spectrocloud_pack.csi.id + values = data.spectrocloud_pack.csi.values + } + + pack { + name = "lb-metallb" + tag = "0.13.x" + uid = data.spectrocloud_pack.metallb.id + values = format("%s - %s", data.spectrocloud_pack.metallb.values, var.metallb_ip) + } + + ############################ + # Add-on layer + ############################ + + # Add-on pack hellouniverse +} \ No newline at end of file diff --git a/terraform/vmware-cluster-deployment-tf/provider.tf b/terraform/vmware-cluster-deployment-tf/provider.tf new file mode 100644 index 0000000..7402a42 --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/provider.tf @@ -0,0 +1,20 @@ +# Copyright (c) Spectro Cloud +# SPDX-License-Identifier: Apache-2.0 + +terraform { + required_providers { + spectrocloud = { + version = ">= 0.16.1" + source = "spectrocloud/spectrocloud" + } + vsphere = { + source = "hashicorp/vsphere" + version = ">= 2.6.1" + } + } +} + +provider "spectrocloud" { + # API key set through the environment variable SPECTROCLOUD_APIKEY + project_name = "Default" +} \ No newline at end of file diff --git a/terraform/vmware-cluster-deployment-tf/terraform.tfvars b/terraform/vmware-cluster-deployment-tf/terraform.tfvars new file mode 100644 index 0000000..2d4b9bc --- /dev/null +++ b/terraform/vmware-cluster-deployment-tf/terraform.tfvars @@ -0,0 +1,23 @@ +# Copyright (c) Spectro Cloud +# SPDX-License-Identifier: Apache-2.0 + +# Static IP Pool Variables +network_gateway = "REPLACE ME" # Provide the IP address of the vSphere network gateway. +network_prefix = "REPLACE ME" # Provide the prefix of your vSphere network. Valid values are network CIDR subnet masks from the range 0-32. Example: 18. +pcg_name = "REPLACE ME" # Provide the name of the PCG that will be used to create the static IP pool. +ip_range_start = "REPLACE ME" # Provide the first IP address of your PCG IP pool range. +ip_range_end = "REPLACE ME" # Provide the second IP address of your PCG IP pool range. +nameserver_addr = ["REPLACE ME"] # Provide a comma-separated list of DNS name server IP addresses. + + +# Cluster Profile Variables +metallb_ip = "REPLACE ME" # Provide a range of IP addresses for your Metallb Load Balancer. This range must be included in the PCG's static IP pool range. + + +# Cluster Variables +datacenter_name = "REPLACE ME" # Provide the name of the datacenter in vSphere. +folder_name = "REPLACE ME" # Provide the name of the folder in vSphere. +vsphere_cluster = "REPLACE ME" # Provide the cluster name for the machine pool as it appears in vSphere. +datastore_name = "REPLACE ME" # Provide the datastore name for the machine pool as it appears in vSphere. +network_name = "REPLACE ME" # Provide the network name for the machine pool as it appears in vSphere. +resource_pool_name = "REPLACE ME" # Provide the resource pool name for the machine pool as it appears in vSphere. \ No newline at end of file