From 6db6a6b960227b0133c8e62b4de499855b2d4aef Mon Sep 17 00:00:00 2001 From: Max Pfeiffer Date: Thu, 18 Sep 2025 19:01:32 +0200 Subject: [PATCH 1/3] Added first kubernetes resources, removed clutter --- README.md | 6 ++--- kubernetes/helm_releases.tf | 8 +++++++ kubernetes/namespaces.tf | 23 ------------------- kubernetes/providers.tf | 23 +++++++------------ kubernetes/variables.tf | 9 ++++++++ ...mple => configuration.auto.tfvars.example} | 0 6 files changed, 28 insertions(+), 41 deletions(-) create mode 100644 kubernetes/helm_releases.tf delete mode 100644 kubernetes/namespaces.tf create mode 100644 kubernetes/variables.tf rename proxmox/{credentials.auto.tfvars.example => configuration.auto.tfvars.example} (100%) diff --git a/README.md b/README.md index 813bee2..bc10158 100644 --- a/README.md +++ b/README.md @@ -20,11 +20,11 @@ tofu plan tofu apply ``` -You can then grab the kube config file for Kubernetes provisioning like so: +You can then grab and move the kube config file for Kubernetes provisioning like so: ```shell -tofu output kubeconfig +tofu output kubeconfig -raw > ~/.kube/config +chmod 600 ~/.kube/config ``` -and put its contents into your `~/.kube/config`. Test if your cluster access works by listing the nodes: ```shell diff --git a/kubernetes/helm_releases.tf b/kubernetes/helm_releases.tf new file mode 100644 index 0000000..22ba259 --- /dev/null +++ b/kubernetes/helm_releases.tf @@ -0,0 +1,8 @@ +resource "helm_release" "argocd" { + name = "argo-cd" + namespace = "argocd" + chart = "argo-cd" + version = "8.3.1" + repository = "https://argoproj.github.io/argo-helm" + timeout = 120 +} diff --git a/kubernetes/namespaces.tf b/kubernetes/namespaces.tf deleted file mode 100644 index a4e66ed..0000000 --- a/kubernetes/namespaces.tf +++ /dev/null @@ -1,23 +0,0 @@ -resource "kubernetes_namespace" "ingress" { - metadata { - name = "ingress" - } -} - -resource "kubernetes_namespace" "argocd" { - metadata { - name = "argocd" - } -} - -resource "kubernetes_namespace" "applications" { - metadata { - name = "applications" - } -} - -resource "kubernetes_namespace" "persistence" { - metadata { - name = "persistence" - } -} diff --git a/kubernetes/providers.tf b/kubernetes/providers.tf index 89a52f9..2d97573 100644 --- a/kubernetes/providers.tf +++ b/kubernetes/providers.tf @@ -1,22 +1,15 @@ terraform { required_providers { - kubernetes = { - source = "opentofu/kubernetes" - version = "2.32.0" - } - helm = { - source = "opentofu/helm" - version = "2.15.0" - } + helm = { + source = "hashicorp/helm" + version = "3.0.2" + } } } -provider "kubernetes" { - config_path = "~/.kube/config" -} - provider "helm" { - kubernetes { - config_path = "~/.kube/config" + kubernetes = { + config_path = var.kubernetes_config_path + config_context = var.Kubernetes_config_context } -} \ No newline at end of file +} diff --git a/kubernetes/variables.tf b/kubernetes/variables.tf new file mode 100644 index 0000000..aebcf6b --- /dev/null +++ b/kubernetes/variables.tf @@ -0,0 +1,9 @@ +variable "kubernetes_config_path" { + type = string + sensitive = true +} + +variable "Kubernetes_config_context" { + type = string + sensitive = true +} diff --git a/proxmox/credentials.auto.tfvars.example b/proxmox/configuration.auto.tfvars.example similarity index 100% rename from proxmox/credentials.auto.tfvars.example rename to proxmox/configuration.auto.tfvars.example From 2d31e02b471837c35ab091f6ae2fdbe141a567f0 Mon Sep 17 00:00:00 2001 From: Max Pfeiffer Date: Thu, 18 Sep 2025 19:21:44 +0200 Subject: [PATCH 2/3] Updated docs --- README.md | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index bc10158..58cdd55 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # proxmox-talos-opentofu -Proof of concept project using [OpenTofu](https://opentofu.org/) to install a Kubernetes cluster on a Proxmox +Proof of concept project using [OpenTofu](https://opentofu.org/) to install a Kubernetes cluster on a Proxmox VE hypervisor using [Talos Linux](https://www.talos.dev/). ## Requirements @@ -12,28 +12,44 @@ The project is grouped in two modules: * proxmox: provisioning of virtual machines, operating systems and Kubernetes cluster * kubernetes: provisioning of Kubernetes cluster resources -So you want first to provision the Proxmox part: create a `credentials.auto.tfvars` file based on the example. +### Proxmox VE +So you want first to provision the Proxmox part: create a `configuration.auto.tfvars` file based on the example and +edit it so it suits your needs: ```shell cd proxmox +cope configuration.auto.tfvars.example configuration.auto.tfvars +vim configuration.auto.tfvars +``` +Then apply the configuration using OpenTofu: +```shell tofu init tofu plan tofu apply ``` - You can then grab and move the kube config file for Kubernetes provisioning like so: ```shell tofu output kubeconfig -raw > ~/.kube/config chmod 600 ~/.kube/config ``` - Test if your cluster access works by listing the nodes: ```shell kubectl get nodes ``` +You might need to wait a bit until the cluster comes up. Proceed with the next step when all nodes are in the `ready` +state. -Secondly, you can provision the Resources inside the Kubernetes cluster: +### Kubernetes +Secondly, you can provision the Resources inside the Kubernetes cluster. Currently, this project just installs +ArgoCD in the `argocd` namespace in the cluster. You can then add on top of this by adding your own resources +using the GitOps approach. +You need to create a `configuration.auto.tfvars` file as well first: ```shell cd kubernetes +cope configuration.auto.tfvars.example configuration.auto.tfvars +vim configuration.auto.tfvars +``` +Then do the provisiong with OpenTofu: +```shell tofu init tofu plan tofu apply From 55ebc7f11ba0f792203b4e85d400a47dbd280770 Mon Sep 17 00:00:00 2001 From: Max Pfeiffer Date: Thu, 18 Sep 2025 19:26:00 +0200 Subject: [PATCH 3/3] Added config example and fixed helm installation --- kubernetes/.terraform.lock.hcl | 31 ++++++++++---------- kubernetes/configuration.auto.tfvars.example | 3 ++ kubernetes/helm_releases.tf | 1 + 3 files changed, 19 insertions(+), 16 deletions(-) create mode 100644 kubernetes/configuration.auto.tfvars.example diff --git a/kubernetes/.terraform.lock.hcl b/kubernetes/.terraform.lock.hcl index 688e94f..c9b3173 100644 --- a/kubernetes/.terraform.lock.hcl +++ b/kubernetes/.terraform.lock.hcl @@ -1,27 +1,26 @@ # This file is maintained automatically by "tofu init". # Manual edits may be lost in future updates. -provider "registry.opentofu.org/opentofu/helm" { - version = "2.15.0" - constraints = "2.15.0" +provider "registry.opentofu.org/hashicorp/helm" { + version = "3.0.2" + constraints = "3.0.2" hashes = [ - "h1:rKskirxYKhPyaQ4gEp+wA+dSAeYNfZxw1oc4bgh5vVg=", - "zh:21394ae3ec6f8ccda74688f8aeb979c03c9c52b60b5d0ada10521b5a75ae85af", - "zh:248ba25e309432dc7a2a6049da9178731ae3884be1761c4e349c844ce5159d82", - "zh:30dd6046b239f8b3788958475ad4db9b956c99ea71a0492fe6f2380d8d711ffc", - "zh:40691066592cdd396226ff0ecd4153dce91799375282c3c8a13fdf21d616c73b", - "zh:54b16f5ac335903f6bd6c7ba03c66b894940511a0d16c6ad92a16fe9ef80aaa8", - "zh:9af1702deec999a8ba5fa379de6eb515bf8b045bb02a7f24e3aa1a559f88ec12", - "zh:d057a371798b526b32d6985baaaf6e8126f14f23e1ebd65b44b970064c7790e5", - "zh:de6fa77b4763ccdcf8d5546d54609299e3b0a2cfe3446e62d5cfa7806e2aa003", - "zh:e2a21a57031a97abd3a61c09ffa84f4aae451329e876c2cd6597e02947ca1008", - "zh:f8d12702874a935e0e2397bdb050f4d4c0d83fb4c0a9c7dfd1b49257605149bd", + "h1:GMW0C0TkkYmURt4OZIlwcLdvREL08PDbsSn5sfH4/TU=", + "zh:100f75a700074568cfaee7884e4477c50b5468e086db5bb95d7d519581b65621", + "zh:578d09c7319d0dd0fee03a7fcb48bf68ac978c1fefaa0752cfcb9ecfb0a56a4e", + "zh:64e7cce303362b4bf132d1c61858ef0ada221af4a2ea0fdfd16ec43e562d459c", + "zh:7a64933e70733aeec44bf9b9b6ea3617fd075acb346b082197ded993cfa7d2be", + "zh:7caf4655a5bf72e6d212209ad5ea5c619269eca6e0d9930c85b59bbbdf57ce28", + "zh:a1e0208423445e2443516e52a4d72c556b1303705c90aaeb139fbb64a10d7c1c", + "zh:ac9e4417e9e0486bc60f6796da06356b59161c9923c56a7a5c9b4900a46ee52d", + "zh:b9588da386c17456b242bd18122836baeccdce3227aac4752e189ec9ad218da7", + "zh:d5b6ac3b0b6beb3d94886f45a5a96eb6d78ca2b657efd62b8e0650d8097ee60f", + "zh:db6761e7cf86825f13628e8f4e32818683efff61b0d909211e1096cc6ad84f83", ] } provider "registry.opentofu.org/opentofu/kubernetes" { - version = "2.32.0" - constraints = "2.32.0" + version = "2.32.0" hashes = [ "h1:eQbVYFjsq9QjAeYvmRAXy7EOjvY8MO7XFV1vCsDD6ds=", "zh:06d586c8fcd3ab8fe7f3ac99142ba48b9efbff8bebe05c52b3c7997f83146200", diff --git a/kubernetes/configuration.auto.tfvars.example b/kubernetes/configuration.auto.tfvars.example new file mode 100644 index 0000000..a621685 --- /dev/null +++ b/kubernetes/configuration.auto.tfvars.example @@ -0,0 +1,3 @@ +# Kubernetes +kubernetes_config_path = "~/.kube/config" +Kubernetes_config_context = "admin@yourclustername" diff --git a/kubernetes/helm_releases.tf b/kubernetes/helm_releases.tf index 22ba259..6d1aa37 100644 --- a/kubernetes/helm_releases.tf +++ b/kubernetes/helm_releases.tf @@ -1,6 +1,7 @@ resource "helm_release" "argocd" { name = "argo-cd" namespace = "argocd" + create_namespace = true chart = "argo-cd" version = "8.3.1" repository = "https://argoproj.github.io/argo-helm"