Made installation more configurable and removed clutter

2025-09-12 19:52:44 +02:00
parent cf41134815
commit 5076f167f9
8 changed files with 98 additions and 73 deletions
--- a/proxmox/credentials.auto.tfvars.example
+++ b/proxmox/credentials.auto.tfvars.example
@@ -1,13 +1,56 @@
 # Proxmox
-proxmox_api_url = "https://192.168.1.10:8006/api2/json"
+proxmox_api_url = "https://192.168.1.25:8006/api2/json"
 proxmox_api_token_id = "root@pam!supersecret"
 proxmox_api_token_secret = "js7ej5k9-hd75-hd64-js56-js834jmd732"
 proxmox_target_node = "your proxmox node"
 proxmox_storage_device   = "samsung-ssd"

 # Talos Linux
+talos_version = "1.11.1"
+# With these variables you can configure the ISO images which are uploaded to Proxmox for initially booting the VMs
+talos_linux_iso_image_url = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso"
+talos_linux_iso_image_filename = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso"
+# Name of the cluster
 cluster_name = "your cluster name"
-network            = "192.168.1.0/24"
-network_gateway    = "192.168.1.1"
-domain_name_server = "192.168.1.1"
-vlan_tag           = 20 # Optional: if you don't specify it no Vlan tag is set for the virtual machine
+# VIP address for the control planes, see https://www.talos.dev/v1.11/talos-guides/network/vip/
+cluster_vip_shared_ip = "192.168.10.100"
+# The node configuration, adjust it to your liking
+node_data = {
+    controlplanes = {
+      "192.168.10.101" = {
+        install_disk  = "/dev/vda"
+        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
+      },
+      "192.168.10.102" = {
+        install_disk  = "/dev/vda"
+        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
+      },
+      "192.168.10.103" = {
+        install_disk  = "/dev/vda"
+        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
+      },
+    }
+    workers = {
+      "192.168.10.104" = {
+        install_disk  = "/dev/vda"
+        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
+      },
+      "192.168.10.105" = {
+        install_disk  = "/dev/vda"
+        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
+      },
+      "192.168.10.106" = {
+        install_disk  = "/dev/vda"
+        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
+      },
+      "192.168.10.107" = {
+        install_disk  = "/dev/vda"
+        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
+      },
+    }
+  }
+# Network configuration, which is applied to all nodes
+network            = "192.168.10.0/24"
+network_gateway    = "192.168.10.1"
+domain_name_server = "192.168.10.1"
+vlan_tag           = 10 # Optional: if you don't specify it no Vlan tag is set for the virtual machines
--- a/proxmox/iso_images.tf
+++ b/proxmox/iso_images.tf
@@ -1,6 +1,6 @@
 resource "proxmox_storage_iso" "talos_linux_iso_image" {
-  url      = local.talos_linux_iso_image_url
-  filename = local.talos_linux_iso_image_filename
+  url      = var.talos_linux_iso_image_url
+  filename = var.talos_linux_iso_image_filename
  storage  = "local"
  pve_node = var.proxmox_target_node
 }
--- a/proxmox/locals.tf
+++ b/proxmox/locals.tf
@@ -1,5 +0,0 @@
-locals {
-  # Talos Linux
-  talos_linux_iso_image_url      = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso"
-  talos_linux_iso_image_filename = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso"
-}
--- a/proxmox/talos_linux.tf
+++ b/proxmox/talos_linux.tf
@@ -2,22 +2,24 @@ resource "talos_machine_secrets" "this" {}

 data "talos_machine_configuration" "controlplane" {
  cluster_name     = var.cluster_name
-  cluster_endpoint = "https://${var.vip_shared_ip}:6443"
+  cluster_endpoint = "https://${var.cluster_vip_shared_ip}:6443"
  machine_type     = "controlplane"
  machine_secrets  = talos_machine_secrets.this.machine_secrets
+  talos_version    = var.talos_version
 }

 data "talos_machine_configuration" "worker" {
  cluster_name     = var.cluster_name
-  cluster_endpoint = "https://${var.vip_shared_ip}:6443"
+  cluster_endpoint = "https://${var.cluster_vip_shared_ip}:6443"
  machine_type     = "worker"
  machine_secrets  = talos_machine_secrets.this.machine_secrets
+  talos_version    = var.talos_version
 }

 data "talos_client_configuration" "this" {
  cluster_name         = var.cluster_name
  client_configuration = talos_machine_secrets.this.client_configuration
-  endpoints            = [for k, v in var.node_data.controlplanes : k]
+  endpoints            = concat([var.cluster_vip_shared_ip], [for k, v in var.node_data.controlplanes : k])
 }

 resource "talos_machine_configuration_apply" "controlplane" {
@@ -28,13 +30,13 @@ resource "talos_machine_configuration_apply" "controlplane" {
  node                        = each.key
  config_patches = [
    templatefile("${path.module}/templates/machine_config_patches_controlplane.tftpl", {
-      hostname      = each.value.hostname == null ? format("%s-cp-%s", var.cluster_name, index(keys(var.node_data.controlplanes), each.key)) : each.value.hostname
-      install_disk  = each.value.install_disk
-      install_image = each.value.install_image
-      ip_address                  = "${each.key}/24"
-      network                     = var.network
-      network_gateway             = var.network_gateway
-      vip_shared_ip               = var.vip_shared_ip
+      hostname        = each.value.hostname == null ? format("%s-cp-%s", var.cluster_name, index(keys(var.node_data.controlplanes), each.key)) : each.value.hostname
+      install_disk    = each.value.install_disk
+      install_image   = each.value.install_image
+      ip_address      = "${each.key}/24"
+      network         = var.network
+      network_gateway = var.network_gateway
+      vip_shared_ip   = var.cluster_vip_shared_ip
    }),
  ]
 }
@@ -47,12 +49,12 @@ resource "talos_machine_configuration_apply" "worker" {
  node                        = each.key
  config_patches = [
    templatefile("${path.module}/templates/machine_config_patches_worker.tftpl", {
-      hostname      = each.value.hostname == null ? format("%s-worker-%s", var.cluster_name, index(keys(var.node_data.workers), each.key)) : each.value.hostname
-      install_disk  = each.value.install_disk
-      install_image = each.value.install_image
-      ip_address                  = "${each.key}/24"
-      network                     = var.network
-      network_gateway             = var.network_gateway
+      hostname        = each.value.hostname == null ? format("%s-worker-%s", var.cluster_name, index(keys(var.node_data.workers), each.key)) : each.value.hostname
+      install_disk    = each.value.install_disk
+      install_image   = each.value.install_image
+      ip_address      = "${each.key}/24"
+      network         = var.network
+      network_gateway = var.network_gateway
    })
  ]
 }
--- a/proxmox/templates/machine_config_patches_controlplane.tftpl
+++ b/proxmox/templates/machine_config_patches_controlplane.tftpl
@@ -14,20 +14,5 @@ machine:
            gateway: ${network_gateway}
        vip:
          ip: ${vip_shared_ip}
-  registries:
-    mirrors:
-      docker.io:
-        endpoints:
-          - https://harbor.lan/v2/docker-hub-cache
-        overridePath: true
-      ghcr.io:
-        endpoints:
-          - https://harbor.lan/v2/github-cache
-        overridePath: true
-    config:
-      harbor.lan:
-        tls:
-            ca: |
-                ${indent(16, container_registry_cache_ca)}
 cluster:
  allowSchedulingOnControlPlanes: false
--- a/proxmox/templates/machine_config_patches_worker.tftpl
+++ b/proxmox/templates/machine_config_patches_worker.tftpl
@@ -11,19 +11,4 @@ machine:
          - ${ip_address}
        routes:
          - network: ${network}
-            gateway: ${network_gateway}
-  registries:
-    mirrors:
-      docker.io:
-        endpoints:
-          - https://harbor.lan/v2/docker-hub-cache
-        overridePath: true
-      ghcr.io:
-        endpoints:
-          - https://harbor.lan/v2/github-cache
-        overridePath: true
-    config:
-      harbor.lan:
-        tls:
-            ca: |
-                ${indent(16, container_registry_cache_ca)}
+            gateway: ${network_gateway}
--- a/proxmox/variables.tf
+++ b/proxmox/variables.tf
@@ -20,11 +20,34 @@ variable "proxmox_storage_device" {
  type = string
 }

+variable "talos_version" {
+  type    = string
+  default = "1.11.1"
+}
+
+variable "talos_linux_iso_image_url" {
+  description = "URL of the Talos ISO image for initially booting the VM"
+  type        = string
+  default     = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso"
+}
+
+variable "talos_linux_iso_image_filename" {
+  description = "Filename of the Talos ISO image for initially booting the VM"
+  type        = string
+  default     = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso"
+}
+
 variable "cluster_name" {
  description = "A name to provide for the Talos cluster"
  type        = string
 }

+variable "cluster_vip_shared_ip" {
+  description = "Shared virtual IP address for control plane nodes"
+  type        = string
+  default     = "192.168.1.100"
+}
+
 variable "node_data" {
  description = "A map of node data"
  type = object({
@@ -41,20 +64,16 @@ variable "node_data" {
  })
  default = {
    controlplanes = {
-      "192.168.1.150" = {
+      "192.168.1.101" = {
        install_disk  = "/dev/vda"
        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
      },
    }
    workers = {
-      "192.168.1.151" = {
+      "192.168.1.102" = {
        install_disk  = "/dev/vda"
        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
      },
-      "192.168.1.152" = {
-        install_disk  = "/dev/vda"
-        install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
-      }
    }
  }
 }
@@ -74,12 +93,6 @@ variable "domain_name_server" {
  type        = string
 }

-variable "vip_shared_ip" {
-  description = "Shared virtual IP address for control plane nodes"
-  type        = string
-  default     = "192.168.20.10"
-}
-
 variable "vlan_tag" {
  description = "Vlan tag for all nodes, default does not configure a Vlan"
  type        = number
--- a/proxmox/virtual_machines.tf
+++ b/proxmox/virtual_machines.tf
@@ -26,7 +26,7 @@ resource "proxmox_vm_qemu" "kubernetes_control_plane" {
  disk {
    slot = "ide2"
    type = "cdrom"
-    iso  = "local:iso/${local.talos_linux_iso_image_filename}"
+    iso  = "local:iso/${var.talos_linux_iso_image_filename}"
  }

  disk {
@@ -38,6 +38,7 @@ resource "proxmox_vm_qemu" "kubernetes_control_plane" {
  }

  network {
+    id     = 0
    model  = "virtio"
    bridge = "vmbr0"
    tag    = var.vlan_tag
@@ -77,7 +78,7 @@ resource "proxmox_vm_qemu" "kubernetes_worker" {
  disk {
    slot = "ide2"
    type = "cdrom"
-    iso  = "local:iso/${local.talos_linux_iso_image_filename}"
+    iso  = "local:iso/${var.talos_linux_iso_image_filename}"
  }

  disk {
@@ -89,6 +90,7 @@ resource "proxmox_vm_qemu" "kubernetes_worker" {
  }

  network {
+    id     = 0
    model  = "virtio"
    bridge = "vmbr0"
    tag    = var.vlan_tag