easylinux/proxmox-tofu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Made installation more configurable and removed clutter

Browse Source
This commit is contained in:
Max Pfeiffer
2025-09-12 19:52:44 +02:00
parent cf41134815
commit 5076f167f9
8 changed files with 98 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
proxmox/credentials.auto.tfvars.example
View File

@@ -1,13 +1,56 @@
# Proxmox # Proxmox
proxmox_api_url = "https://192.168.1.10:8006/api2/json" proxmox_api_url = "https://192.168.1.25:8006/api2/json"
proxmox_api_token_id = "root@pam!supersecret" proxmox_api_token_id = "root@pam!supersecret"
proxmox_api_token_secret = "js7ej5k9-hd75-hd64-js56-js834jmd732" proxmox_api_token_secret = "js7ej5k9-hd75-hd64-js56-js834jmd732"
proxmox_target_node = "your proxmox node" proxmox_target_node = "your proxmox node"
proxmox_storage_device = "samsung-ssd" proxmox_storage_device = "samsung-ssd"
# Talos Linux # Talos Linux
talos_version = "1.11.1"
# With these variables you can configure the ISO images which are uploaded to Proxmox for initially booting the VMs
talos_linux_iso_image_url = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso"
talos_linux_iso_image_filename = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso"
# Name of the cluster
cluster_name = "your cluster name" cluster_name = "your cluster name"
network = "192.168.1.0/24" # VIP address for the control planes, see https://www.talos.dev/v1.11/talos-guides/network/vip/
network_gateway = "192.168.1.1" cluster_vip_shared_ip = "192.168.10.100"
domain_name_server = "192.168.1.1" # The node configuration, adjust it to your liking
vlan_tag = 20 # Optional: if you don't specify it no Vlan tag is set for the virtual machine node_data = {
controlplanes = {
"192.168.10.101" = {
install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
},
"192.168.10.102" = {
install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
},
"192.168.10.103" = {
install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
},
}
workers = {
"192.168.10.104" = {
install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
},
"192.168.10.105" = {
install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
},
"192.168.10.106" = {
install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
},
"192.168.10.107" = {
install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
},
}
}
# Network configuration, which is applied to all nodes
network = "192.168.10.0/24"
network_gateway = "192.168.10.1"
domain_name_server = "192.168.10.1"
vlan_tag = 10 # Optional: if you don't specify it no Vlan tag is set for the virtual machines

4
proxmox/iso_images.tf
View File

@@ -1,6 +1,6 @@
resource "proxmox_storage_iso" "talos_linux_iso_image" { resource "proxmox_storage_iso" "talos_linux_iso_image" {
url = local.talos_linux_iso_image_url url = var.talos_linux_iso_image_url
filename = local.talos_linux_iso_image_filename filename = var.talos_linux_iso_image_filename
storage = "local" storage = "local"
pve_node = var.proxmox_target_node pve_node = var.proxmox_target_node
} }

5
proxmox/locals.tf
View File

@@ -1,5 +0,0 @@
locals {
# Talos Linux
talos_linux_iso_image_url = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso"
talos_linux_iso_image_filename = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso"
}

34
proxmox/talos_linux.tf
View File

@@ -2,22 +2,24 @@ resource "talos_machine_secrets" "this" {}
data "talos_machine_configuration" "controlplane" { data "talos_machine_configuration" "controlplane" {
cluster_name = var.cluster_name cluster_name = var.cluster_name
cluster_endpoint = "https://${var.vip_shared_ip}:6443" cluster_endpoint = "https://${var.cluster_vip_shared_ip}:6443"
machine_type = "controlplane" machine_type = "controlplane"
machine_secrets = talos_machine_secrets.this.machine_secrets machine_secrets = talos_machine_secrets.this.machine_secrets
talos_version = var.talos_version
} }
data "talos_machine_configuration" "worker" { data "talos_machine_configuration" "worker" {
cluster_name = var.cluster_name cluster_name = var.cluster_name
cluster_endpoint = "https://${var.vip_shared_ip}:6443" cluster_endpoint = "https://${var.cluster_vip_shared_ip}:6443"
machine_type = "worker" machine_type = "worker"
machine_secrets = talos_machine_secrets.this.machine_secrets machine_secrets = talos_machine_secrets.this.machine_secrets
talos_version = var.talos_version
} }
data "talos_client_configuration" "this" { data "talos_client_configuration" "this" {
cluster_name = var.cluster_name cluster_name = var.cluster_name
client_configuration = talos_machine_secrets.this.client_configuration client_configuration = talos_machine_secrets.this.client_configuration
endpoints = [for k, v in var.node_data.controlplanes : k] endpoints = concat([var.cluster_vip_shared_ip], [for k, v in var.node_data.controlplanes : k])
} }
resource "talos_machine_configuration_apply" "controlplane" { resource "talos_machine_configuration_apply" "controlplane" {
@@ -28,13 +30,13 @@ resource "talos_machine_configuration_apply" "controlplane" {
node = each.key node = each.key
config_patches = [ config_patches = [
templatefile("${path.module}/templates/machine_config_patches_controlplane.tftpl", { templatefile("${path.module}/templates/machine_config_patches_controlplane.tftpl", {
hostname = each.value.hostname == null ? format("%s-cp-%s", var.cluster_name, index(keys(var.node_data.controlplanes), each.key)) : each.value.hostname hostname = each.value.hostname == null ? format("%s-cp-%s", var.cluster_name, index(keys(var.node_data.controlplanes), each.key)) : each.value.hostname
install_disk = each.value.install_disk install_disk = each.value.install_disk
install_image = each.value.install_image install_image = each.value.install_image
ip_address = "${each.key}/24" ip_address = "${each.key}/24"
network = var.network network = var.network
network_gateway = var.network_gateway network_gateway = var.network_gateway
vip_shared_ip = var.vip_shared_ip vip_shared_ip = var.cluster_vip_shared_ip
}), }),
] ]
} }
@@ -47,12 +49,12 @@ resource "talos_machine_configuration_apply" "worker" {
node = each.key node = each.key
config_patches = [ config_patches = [
templatefile("${path.module}/templates/machine_config_patches_worker.tftpl", { templatefile("${path.module}/templates/machine_config_patches_worker.tftpl", {
hostname = each.value.hostname == null ? format("%s-worker-%s", var.cluster_name, index(keys(var.node_data.workers), each.key)) : each.value.hostname hostname = each.value.hostname == null ? format("%s-worker-%s", var.cluster_name, index(keys(var.node_data.workers), each.key)) : each.value.hostname
install_disk = each.value.install_disk install_disk = each.value.install_disk
install_image = each.value.install_image install_image = each.value.install_image
ip_address = "${each.key}/24" ip_address = "${each.key}/24"
network = var.network network = var.network
network_gateway = var.network_gateway network_gateway = var.network_gateway
}) })
] ]
} }

15
proxmox/templates/machine_config_patches_controlplane.tftpl
View File

@@ -14,20 +14,5 @@ machine:
gateway: ${network_gateway} gateway: ${network_gateway}
vip: vip:
ip: ${vip_shared_ip} ip: ${vip_shared_ip}
registries:
mirrors:
docker.io:
endpoints:
- https://harbor.lan/v2/docker-hub-cache
overridePath: true
ghcr.io:
endpoints:
- https://harbor.lan/v2/github-cache
overridePath: true
config:
harbor.lan:
tls:
ca: |
${indent(16, container_registry_cache_ca)}
cluster: cluster:
allowSchedulingOnControlPlanes: false allowSchedulingOnControlPlanes: false

15
proxmox/templates/machine_config_patches_worker.tftpl
View File

@@ -12,18 +12,3 @@ machine:
routes: routes:
- network: ${network} - network: ${network}
gateway: ${network_gateway} gateway: ${network_gateway}
registries:
mirrors:
docker.io:
endpoints:
- https://harbor.lan/v2/docker-hub-cache
overridePath: true
ghcr.io:
endpoints:
- https://harbor.lan/v2/github-cache
overridePath: true
config:
harbor.lan:
tls:
ca: |
${indent(16, container_registry_cache_ca)}

37
proxmox/variables.tf
View File

@@ -20,11 +20,34 @@ variable "proxmox_storage_device" {
type = string type = string
} }
variable "talos_version" {
type = string
default = "1.11.1"
}
variable "talos_linux_iso_image_url" {
description = "URL of the Talos ISO image for initially booting the VM"
type = string
default = "https://factory.talos.dev/image/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515/v1.11.1/nocloud-amd64.iso"
}
variable "talos_linux_iso_image_filename" {
description = "Filename of the Talos ISO image for initially booting the VM"
type = string
default = "talos-linux-v1.11.1-qemu-guest-agent-amd64.iso"
}
variable "cluster_name" { variable "cluster_name" {
description = "A name to provide for the Talos cluster" description = "A name to provide for the Talos cluster"
type = string type = string
} }
variable "cluster_vip_shared_ip" {
description = "Shared virtual IP address for control plane nodes"
type = string
default = "192.168.1.100"
}
variable "node_data" { variable "node_data" {
description = "A map of node data" description = "A map of node data"
type = object({ type = object({
@@ -41,20 +64,16 @@ variable "node_data" {
}) })
default = { default = {
controlplanes = { controlplanes = {
"192.168.1.150" = { "192.168.1.101" = {
install_disk = "/dev/vda" install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
}, },
} }
workers = { workers = {
"192.168.1.151" = { "192.168.1.102" = {
install_disk = "/dev/vda" install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1" install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
}, },
"192.168.1.152" = {
install_disk = "/dev/vda"
install_image = "factory.talos.dev/nocloud-installer/ce4c980550dd2ab1b17bbf2b08801c7eb59418eafe8f279833297925d67c7515:v1.11.1"
}
} }
} }
} }
@@ -74,12 +93,6 @@ variable "domain_name_server" {
type = string type = string
} }
variable "vip_shared_ip" {
description = "Shared virtual IP address for control plane nodes"
type = string
default = "192.168.20.10"
}
variable "vlan_tag" { variable "vlan_tag" {
description = "Vlan tag for all nodes, default does not configure a Vlan" description = "Vlan tag for all nodes, default does not configure a Vlan"
type = number type = number

6
proxmox/virtual_machines.tf
View File

@@ -26,7 +26,7 @@ resource "proxmox_vm_qemu" "kubernetes_control_plane" {
disk { disk {
slot = "ide2" slot = "ide2"
type = "cdrom" type = "cdrom"
iso = "local:iso/${local.talos_linux_iso_image_filename}" iso = "local:iso/${var.talos_linux_iso_image_filename}"
} }
disk { disk {
@@ -38,6 +38,7 @@ resource "proxmox_vm_qemu" "kubernetes_control_plane" {
} }
network { network {
id = 0
model = "virtio" model = "virtio"
bridge = "vmbr0" bridge = "vmbr0"
tag = var.vlan_tag tag = var.vlan_tag
@@ -77,7 +78,7 @@ resource "proxmox_vm_qemu" "kubernetes_worker" {
disk { disk {
slot = "ide2" slot = "ide2"
type = "cdrom" type = "cdrom"
iso = "local:iso/${local.talos_linux_iso_image_filename}" iso = "local:iso/${var.talos_linux_iso_image_filename}"
} }
disk { disk {
@@ -89,6 +90,7 @@ resource "proxmox_vm_qemu" "kubernetes_worker" {
} }
network { network {
id = 0
model = "virtio" model = "virtio"
bridge = "vmbr0" bridge = "vmbr0"
tag = var.vlan_tag tag = var.vlan_tag