From 5076f167f9693751c10539a26ef271073115918f Mon Sep 17 00:00:00 2001 From: Max Pfeiffer Date: Fri, 12 Sep 2025 19:52:44 +0200 Subject: [PATCH] Made installation more configurable and removed clutter --- proxmox/credentials.auto.tfvars.example | 53 +++++++++++++++++-- proxmox/iso_images.tf | 4 +- proxmox/locals.tf | 5 -- proxmox/talos_linux.tf | 34 ++++++------ .../machine_config_patches_controlplane.tftpl | 15 ------ .../machine_config_patches_worker.tftpl | 17 +----- proxmox/variables.tf | 37 ++++++++----- proxmox/virtual_machines.tf | 6 ++- 8 files changed, 98 insertions(+), 73 deletions(-) delete mode 100644 proxmox/locals.tf diff --git a/proxmox/credentials.auto.tfvars.example b/proxmox/credentials.auto.tfvars.example index 6a30ff4..c17518d 100644 --- a/proxmox/credentials.auto.tfvars.example +++ b/proxmox/credentials.auto.tfvars.example @@ -1,13 +1,56 @@ # Proxmox -proxmox_api_url = "https://192.168.1.10:8006/api2/json" +proxmox_api_url = "https://192.168.1.25:8006/api2/json" proxmox_api_token_id = "root@pam!supersecret" proxmox_api_token_secret = "js7ej5k9-hd75-hd64-js56-js834jmd732" proxmox_target_node = "your proxmox node" proxmox_storage_device = "samsung-ssd" # Talos Linux +talos_version = "1.11.1" +# With these variables you can configure the ISO images which are uploaded to Proxmox for initially booting the VMs +talos_linux_iso_image_url = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso" +talos_linux_iso_image_filename = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso" +# Name of the cluster cluster_name = "your cluster name" -network = "192.168.1.0/24" -network_gateway = "192.168.1.1" -domain_name_server = "192.168.1.1" -vlan_tag = 20 # Optional: if you don't specify it no Vlan tag is set for the virtual machine \ No newline at end of file +# VIP address for the control planes, see https://www.talos.dev/v1.11/talos-guides/network/vip/ +cluster_vip_shared_ip = "192.168.10.100" +# The node configuration, adjust it to your liking +node_data = { + controlplanes = { + "192.168.10.101" = { + install_disk = "/dev/vda" + install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" + }, + "192.168.10.102" = { + install_disk = "/dev/vda" + install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" + }, + "192.168.10.103" = { + install_disk = "/dev/vda" + install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" + }, + } + workers = { + "192.168.10.104" = { + install_disk = "/dev/vda" + install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" + }, + "192.168.10.105" = { + install_disk = "/dev/vda" + install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" + }, + "192.168.10.106" = { + install_disk = "/dev/vda" + install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" + }, + "192.168.10.107" = { + install_disk = "/dev/vda" + install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" + }, + } + } +# Network configuration, which is applied to all nodes +network = "192.168.10.0/24" +network_gateway = "192.168.10.1" +domain_name_server = "192.168.10.1" +vlan_tag = 10 # Optional: if you don't specify it no Vlan tag is set for the virtual machines \ No newline at end of file diff --git a/proxmox/iso_images.tf b/proxmox/iso_images.tf index d5eabdd..6d7755f 100644 --- a/proxmox/iso_images.tf +++ b/proxmox/iso_images.tf @@ -1,6 +1,6 @@ resource "proxmox_storage_iso" "talos_linux_iso_image" { - url = local.talos_linux_iso_image_url - filename = local.talos_linux_iso_image_filename + url = var.talos_linux_iso_image_url + filename = var.talos_linux_iso_image_filename storage = "local" pve_node = var.proxmox_target_node } diff --git a/proxmox/locals.tf b/proxmox/locals.tf deleted file mode 100644 index 36ce098..0000000 --- a/proxmox/locals.tf +++ /dev/null @@ -1,5 +0,0 @@ -locals { - # Talos Linux - talos_linux_iso_image_url = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso" - talos_linux_iso_image_filename = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso" -} diff --git a/proxmox/talos_linux.tf b/proxmox/talos_linux.tf index ad22570..37809ab 100644 --- a/proxmox/talos_linux.tf +++ b/proxmox/talos_linux.tf @@ -2,22 +2,24 @@ resource "talos_machine_secrets" "this" {} data "talos_machine_configuration" "controlplane" { cluster_name = var.cluster_name - cluster_endpoint = "https://${var.vip_shared_ip}:6443" + cluster_endpoint = "https://${var.cluster_vip_shared_ip}:6443" machine_type = "controlplane" machine_secrets = talos_machine_secrets.this.machine_secrets + talos_version = var.talos_version } data "talos_machine_configuration" "worker" { cluster_name = var.cluster_name - cluster_endpoint = "https://${var.vip_shared_ip}:6443" + cluster_endpoint = "https://${var.cluster_vip_shared_ip}:6443" machine_type = "worker" machine_secrets = talos_machine_secrets.this.machine_secrets + talos_version = var.talos_version } data "talos_client_configuration" "this" { cluster_name = var.cluster_name client_configuration = talos_machine_secrets.this.client_configuration - endpoints = [for k, v in var.node_data.controlplanes : k] + endpoints = concat([var.cluster_vip_shared_ip], [for k, v in var.node_data.controlplanes : k]) } resource "talos_machine_configuration_apply" "controlplane" { @@ -28,13 +30,13 @@ resource "talos_machine_configuration_apply" "controlplane" { node = each.key config_patches = [ templatefile("${path.module}/templates/machine_config_patches_controlplane.tftpl", { - hostname = each.value.hostname == null ? format("%s-cp-%s", var.cluster_name, index(keys(var.node_data.controlplanes), each.key)) : each.value.hostname - install_disk = each.value.install_disk - install_image = each.value.install_image - ip_address = "${each.key}/24" - network = var.network - network_gateway = var.network_gateway - vip_shared_ip = var.vip_shared_ip + hostname = each.value.hostname == null ? format("%s-cp-%s", var.cluster_name, index(keys(var.node_data.controlplanes), each.key)) : each.value.hostname + install_disk = each.value.install_disk + install_image = each.value.install_image + ip_address = "${each.key}/24" + network = var.network + network_gateway = var.network_gateway + vip_shared_ip = var.cluster_vip_shared_ip }), ] } @@ -47,12 +49,12 @@ resource "talos_machine_configuration_apply" "worker" { node = each.key config_patches = [ templatefile("${path.module}/templates/machine_config_patches_worker.tftpl", { - hostname = each.value.hostname == null ? format("%s-worker-%s", var.cluster_name, index(keys(var.node_data.workers), each.key)) : each.value.hostname - install_disk = each.value.install_disk - install_image = each.value.install_image - ip_address = "${each.key}/24" - network = var.network - network_gateway = var.network_gateway + hostname = each.value.hostname == null ? format("%s-worker-%s", var.cluster_name, index(keys(var.node_data.workers), each.key)) : each.value.hostname + install_disk = each.value.install_disk + install_image = each.value.install_image + ip_address = "${each.key}/24" + network = var.network + network_gateway = var.network_gateway }) ] } diff --git a/proxmox/templates/machine_config_patches_controlplane.tftpl b/proxmox/templates/machine_config_patches_controlplane.tftpl index f3729d5..5223800 100644 --- a/proxmox/templates/machine_config_patches_controlplane.tftpl +++ b/proxmox/templates/machine_config_patches_controlplane.tftpl @@ -14,20 +14,5 @@ machine: gateway: ${network_gateway} vip: ip: ${vip_shared_ip} - registries: - mirrors: - docker.io: - endpoints: - - https://harbor.lan/v2/docker-hub-cache - overridePath: true - ghcr.io: - endpoints: - - https://harbor.lan/v2/github-cache - overridePath: true - config: - harbor.lan: - tls: - ca: | - ${indent(16, container_registry_cache_ca)} cluster: allowSchedulingOnControlPlanes: false \ No newline at end of file diff --git a/proxmox/templates/machine_config_patches_worker.tftpl b/proxmox/templates/machine_config_patches_worker.tftpl index 048e799..e689f3f 100644 --- a/proxmox/templates/machine_config_patches_worker.tftpl +++ b/proxmox/templates/machine_config_patches_worker.tftpl @@ -11,19 +11,4 @@ machine: - ${ip_address} routes: - network: ${network} - gateway: ${network_gateway} - registries: - mirrors: - docker.io: - endpoints: - - https://harbor.lan/v2/docker-hub-cache - overridePath: true - ghcr.io: - endpoints: - - https://harbor.lan/v2/github-cache - overridePath: true - config: - harbor.lan: - tls: - ca: | - ${indent(16, container_registry_cache_ca)} \ No newline at end of file + gateway: ${network_gateway} \ No newline at end of file diff --git a/proxmox/variables.tf b/proxmox/variables.tf index 5e8c569..b9832e5 100644 --- a/proxmox/variables.tf +++ b/proxmox/variables.tf @@ -20,11 +20,34 @@ variable "proxmox_storage_device" { type = string } +variable "talos_version" { + type = string + default = "1.11.1" +} + +variable "talos_linux_iso_image_url" { + description = "URL of the Talos ISO image for initially booting the VM" + type = string + default = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso" +} + +variable "talos_linux_iso_image_filename" { + description = "Filename of the Talos ISO image for initially booting the VM" + type = string + default = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso" +} + variable "cluster_name" { description = "A name to provide for the Talos cluster" type = string } +variable "cluster_vip_shared_ip" { + description = "Shared virtual IP address for control plane nodes" + type = string + default = "192.168.1.100" +} + variable "node_data" { description = "A map of node data" type = object({ @@ -41,20 +64,16 @@ variable "node_data" { }) default = { controlplanes = { - "192.168.1.150" = { + "192.168.1.101" = { install_disk = "/dev/vda" install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" }, } workers = { - "192.168.1.151" = { + "192.168.1.102" = { install_disk = "/dev/vda" install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" }, - "192.168.1.152" = { - install_disk = "/dev/vda" - install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" - } } } } @@ -74,12 +93,6 @@ variable "domain_name_server" { type = string } -variable "vip_shared_ip" { - description = "Shared virtual IP address for control plane nodes" - type = string - default = "192.168.20.10" -} - variable "vlan_tag" { description = "Vlan tag for all nodes, default does not configure a Vlan" type = number diff --git a/proxmox/virtual_machines.tf b/proxmox/virtual_machines.tf index a054c23..0d860d3 100644 --- a/proxmox/virtual_machines.tf +++ b/proxmox/virtual_machines.tf @@ -26,7 +26,7 @@ resource "proxmox_vm_qemu" "kubernetes_control_plane" { disk { slot = "ide2" type = "cdrom" - iso = "local:iso/${local.talos_linux_iso_image_filename}" + iso = "local:iso/${var.talos_linux_iso_image_filename}" } disk { @@ -38,6 +38,7 @@ resource "proxmox_vm_qemu" "kubernetes_control_plane" { } network { + id = 0 model = "virtio" bridge = "vmbr0" tag = var.vlan_tag @@ -77,7 +78,7 @@ resource "proxmox_vm_qemu" "kubernetes_worker" { disk { slot = "ide2" type = "cdrom" - iso = "local:iso/${local.talos_linux_iso_image_filename}" + iso = "local:iso/${var.talos_linux_iso_image_filename}" } disk { @@ -89,6 +90,7 @@ resource "proxmox_vm_qemu" "kubernetes_worker" { } network { + id = 0 model = "virtio" bridge = "vmbr0" tag = var.vlan_tag