From a32d3b93db9b82a7188c4350db132ca76e369b4f Mon Sep 17 00:00:00 2001 From: Anatolios Laskaris Date: Mon, 13 Jan 2025 16:27:56 +0300 Subject: [PATCH 1/4] Update --- ephemeral/instance.tf | 11 +-- ephemeral/main.tf | 13 ++-- .../registry.yml} | 0 examples/talos/README.md | 4 +- examples/talos/main.tf | 29 ++++---- examples/talos/patches/base.yml | 4 ++ .../{config_patch.yml => patches/cp-0.yml} | 1 - examples/talos/variables.auto.tfvars | 2 - ...controlplane_patch.yml => base_config.yml} | 5 +- terraform-modules/talos/talos.tf | 70 ++++++++++++------- terraform-modules/talos/variables.tf | 27 +++++-- 11 files changed, 103 insertions(+), 63 deletions(-) rename ephemeral/{config_patch.yml => patches/registry.yml} (100%) create mode 100644 examples/talos/patches/base.yml rename examples/talos/{config_patch.yml => patches/cp-0.yml} (99%) delete mode 100644 examples/talos/variables.auto.tfvars rename terraform-modules/talos/{templates/controlplane_patch.yml => base_config.yml} (90%) diff --git a/ephemeral/instance.tf b/ephemeral/instance.tf index aeb81861..511d607f 100644 --- a/ephemeral/instance.tf +++ b/ephemeral/instance.tf @@ -15,9 +15,10 @@ data "digitalocean_image" "talos" { name = "talos-v1.8.4" } -resource "digitalocean_droplet" "talos" { - name = "rnd-${local.prefix}-spectrum-cp" - size = "s-8vcpu-16gb" +resource "digitalocean_droplet" "cp" { + count = 1 + name = "rnd-${local.prefix}-spectrum-cp-${count.index}" + size = "s-2vcpu-4gb" image = data.digitalocean_image.talos.id region = "fra1" vpc_uuid = data.digitalocean_vpc.spectrum.id @@ -32,6 +33,6 @@ resource "digitalocean_droplet" "talos" { } resource "digitalocean_reserved_ip" "l2" { - droplet_id = digitalocean_droplet.talos.id - region = digitalocean_droplet.talos.region + droplet_id = digitalocean_droplet.cp[0].id + region = digitalocean_droplet.cp[0].region } diff --git a/ephemeral/main.tf b/ephemeral/main.tf index b7f6b6f8..ff12c556 100644 --- a/ephemeral/main.tf +++ b/ephemeral/main.tf @@ -13,10 +13,15 @@ data "vault_generic_secret" "docker" { module "talos" { source = "../terraform-modules/talos" cluster_name = local.prefix - server_ip = digitalocean_droplet.talos.ipv4_address - config_patches = [ - file("${path.root}/config_patch.yml"), + control_planes = [ + { + name = "cp-0" + server_ip = digitalocean_droplet.cp[0].ipv4_address + config_patches = [ + file("${path.root}/patches/registry.yml"), + ] + }, ] } @@ -36,7 +41,7 @@ module "spectrum" { DOTOKEN = base64encode(data.vault_generic_secret.spectrum.data.token) DOMAIN = "${local.prefix}.fluence.dev" PREFIX = local.prefix - LOADBALANCER_IP = digitalocean_droplet.talos.ipv4_address + LOADBALANCER_IP = digitalocean_droplet.cp[0].ipv4_address L2_IP = digitalocean_reserved_ip.l2.ip_address } } diff --git a/ephemeral/config_patch.yml b/ephemeral/patches/registry.yml similarity index 100% rename from ephemeral/config_patch.yml rename to ephemeral/patches/registry.yml diff --git a/examples/talos/README.md b/examples/talos/README.md index efc31e8e..0c52c381 100644 --- a/examples/talos/README.md +++ b/examples/talos/README.md @@ -2,9 +2,9 @@ ## Server customization -In talos machine is configured from a single configuration file in yaml format. Talos terraform module allows to specify overlays of the main configuration file maintained by cloudless labs [here](https://github.com/fluencelabs/spectrum/blob/main/terraform-modules/talos/templates/controlplane_patch.yml) with `config_pathes` option. +In talos machine is configured from a single configuration file in yaml format. Talos terraform module allows to specify overlays of the main configuration file maintained by cloudless labs [here](https://github.com/fluencelabs/spectrum/blob/main/terraform-modules/talos/base_config.yml) with `config_pathes` option. -You can configure server specific things like layout of disks or network configuration. Checkout [talos documentation](https://www.talos.dev/v1.9/reference/configuration/v1alpha1/config/) and see `config_patch.yml` for an example of a `bond` interface configuration. +You can configure server specific things like layout of disks or network configuration. Checkout [talos documentation](https://www.talos.dev/v1.9/reference/configuration/v1alpha1/config/) and see [`cp-0.yml`](https://github.com/fluencelabs/blob/main/examples/talos/patches/cp-0.yml) for an example of a `bond` interface configuration. ## Terraform state diff --git a/examples/talos/main.tf b/examples/talos/main.tf index 4c56d808..78ea2331 100644 --- a/examples/talos/main.tf +++ b/examples/talos/main.tf @@ -21,27 +21,24 @@ provider "helm" { } module "talos" { - source = "git::https://github.com/fluencelabs/spectrum.git//terraform-modules/talos?ref=main" + source = "git::https://github.com/fluencelabs/spectrum.git//terraform-modules/talos?ref=terraform-module-talos-v0.1.0" cluster_name = var.cluster_name - server_ip = var.server_ip - # config_patches = [ - # file("${path.root}/config_patch.yml"), - # ] + + control_planes = [ + { + name = "cp-0" + server_ip = "1.2.3.4" + config_patches = [ + file("${path.root}/patches/base.yml"), + file("${path.root}/patches/cp-0.yml"), + ] + }, + ] } module "spectrum" { depends_on = [module.talos] - source = "git::https://github.com/fluencelabs/spectrum.git//terraform-modules/spectrum?ref=main" + source = "git::https://github.com/fluencelabs/spectrum.git//terraform-modules/spectrum?ref=terraform-module-spectrum-v0.1.0" network = "main" cluster = "default" } - -variable "server_ip" { - type = string - description = "IP at which server is accessible" -} - -variable "cluster_name" { - type = string - description = "Name used in k8s and talos to distinguish between clusters" -} diff --git a/examples/talos/patches/base.yml b/examples/talos/patches/base.yml new file mode 100644 index 00000000..beb4b210 --- /dev/null +++ b/examples/talos/patches/base.yml @@ -0,0 +1,4 @@ +machine: + time: + servers: + - time.cloudflare.com diff --git a/examples/talos/config_patch.yml b/examples/talos/patches/cp-0.yml similarity index 99% rename from examples/talos/config_patch.yml rename to examples/talos/patches/cp-0.yml index cfd216d8..face7490 100644 --- a/examples/talos/config_patch.yml +++ b/examples/talos/patches/cp-0.yml @@ -30,7 +30,6 @@ machine: serial: Y0L0A031T5N8 network: - hostname: foobar interfaces: - interface: bond0 dhcp: false diff --git a/examples/talos/variables.auto.tfvars b/examples/talos/variables.auto.tfvars deleted file mode 100644 index 6b03a1d2..00000000 --- a/examples/talos/variables.auto.tfvars +++ /dev/null @@ -1,2 +0,0 @@ -server_ip = "1.2.3.4" -cluster_name = "example" diff --git a/terraform-modules/talos/templates/controlplane_patch.yml b/terraform-modules/talos/base_config.yml similarity index 90% rename from terraform-modules/talos/templates/controlplane_patch.yml rename to terraform-modules/talos/base_config.yml index 05fdf74e..06eb0981 100644 --- a/terraform-modules/talos/templates/controlplane_patch.yml +++ b/terraform-modules/talos/base_config.yml @@ -1,7 +1,6 @@ machine: - time: - servers: - - time.cloudflare.com + network: + hostname: ${hostname} install: diskSelector: size: '>= 100GB' diff --git a/terraform-modules/talos/talos.tf b/terraform-modules/talos/talos.tf index f576d070..78da3c5c 100644 --- a/terraform-modules/talos/talos.tf +++ b/terraform-modules/talos/talos.tf @@ -1,61 +1,79 @@ resource "talos_machine_secrets" "this" { - talos_version = "v1.8" + talos_version = var.talos_version } -data "talos_machine_configuration" "this" { +locals { + virtual_ip = var.virtual_ip != "" ? var.virtual_ip : var.control_planes[0].server_ip + cluster_endpoint = "https://${local.virtual_ip}:6443" +} + +data "talos_machine_configuration" "control_plane" { + for_each = { for control_plane in var.control_planes : control_plane.name => control_plane } + talos_version = var.talos_version cluster_name = var.cluster_name machine_type = "controlplane" - cluster_endpoint = "https://${var.server_ip}:6443" + cluster_endpoint = local.cluster_endpoint machine_secrets = talos_machine_secrets.this.machine_secrets - talos_version = "v1.8" config_patches = [ - templatefile("${path.module}/templates/controlplane_patch.yml", {}) + templatefile("${path.module}/base_config.yml", { hostname = each.value.name }) ] } -resource "talos_machine_configuration_apply" "this" { +data "talos_machine_configuration" "worker" { + for_each = { for worker in var.workers : worker.name => worker } + talos_version = var.talos_version + cluster_name = var.cluster_name + cluster_endpoint = local.cluster_endpoint + machine_type = "worker" + machine_secrets = talos_machine_secrets.this.machine_secrets + config_patches = [ + templatefile("${path.module}/base_config.yml", { hostname = each.value.name }) + ] +} + +resource "talos_machine_configuration_apply" "control_plane" { + for_each = { for control_plane in var.control_planes : control_plane.name => control_plane } + client_configuration = talos_machine_secrets.this.client_configuration + machine_configuration_input = data.talos_machine_configuration.control_plane[each.key].machine_configuration + node = each.value.server_ip + config_patches = each.value.config_patches +} + +resource "talos_machine_configuration_apply" "worker" { + for_each = { for worker in var.workers : worker.name => worker } client_configuration = talos_machine_secrets.this.client_configuration - machine_configuration_input = data.talos_machine_configuration.this.machine_configuration - node = var.server_ip - config_patches = var.config_patches + machine_configuration_input = data.talos_machine_configuration.worker[each.key].machine_configuration + node = each.value.server_ip + config_patches = each.value.config_patches } data "talos_client_configuration" "this" { cluster_name = var.cluster_name client_configuration = talos_machine_secrets.this.client_configuration endpoints = [ - var.server_ip + for control_plane in var.control_planes : control_plane.server_ip ] } resource "talos_machine_bootstrap" "this" { - depends_on = [talos_machine_configuration_apply.this] + depends_on = [talos_machine_configuration_apply.control_plane] client_configuration = talos_machine_secrets.this.client_configuration - endpoint = var.server_ip - node = var.server_ip + endpoint = var.control_planes[0].server_ip + node = var.control_planes[0].server_ip } resource "talos_cluster_kubeconfig" "this" { client_configuration = talos_machine_secrets.this.client_configuration - node = var.server_ip + node = var.control_planes[0].server_ip } -# data "talos_cluster_health" "this" { -# client_configuration = data.talos_client_configuration.this.client_configuration -# control_plane_nodes = [var.server_ip] -# endpoints = data.talos_client_configuration.this.endpoints -# skip_kubernetes_checks = true -# } - data "http" "talos_health" { - url = "https://${var.server_ip}:6443/version" + url = "${local.cluster_endpoint}/version" insecure = true retry { - attempts = 20 + attempts = 60 min_delay_ms = 5000 max_delay_ms = 5000 } - depends_on = [ - talos_machine_bootstrap.this, - ] + depends_on = [talos_machine_bootstrap.this] } diff --git a/terraform-modules/talos/variables.tf b/terraform-modules/talos/variables.tf index 87c5df35..476c480a 100644 --- a/terraform-modules/talos/variables.tf +++ b/terraform-modules/talos/variables.tf @@ -1,12 +1,31 @@ -variable "server_ip" { - type = string +variable "virtual_ip" { + type = string + description = "IP shared between control-plane nodes" + default = "" } variable "cluster_name" { type = string } -variable "config_patches" { - type = list(string) +variable "talos_version" { + type = string + default = "v1.8" +} + +variable "control_planes" { + type = list(object({ + name = string + server_ip = string + config_patches = list(string) + })) +} + +variable "workers" { + type = list(object({ + name = string + server_ip = string + config_patches = list(string) + })) default = [] } From eeaa92c99013b7951e163ad6be0c8af81f8227bc Mon Sep 17 00:00:00 2001 From: Anatolios Laskaris Date: Mon, 13 Jan 2025 17:13:30 +0300 Subject: [PATCH 2/4] Fix instance type --- ephemeral/instance.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ephemeral/instance.tf b/ephemeral/instance.tf index 511d607f..da66e82d 100644 --- a/ephemeral/instance.tf +++ b/ephemeral/instance.tf @@ -18,7 +18,7 @@ data "digitalocean_image" "talos" { resource "digitalocean_droplet" "cp" { count = 1 name = "rnd-${local.prefix}-spectrum-cp-${count.index}" - size = "s-2vcpu-4gb" + size = "s-8vcpu-16gb" image = data.digitalocean_image.talos.id region = "fra1" vpc_uuid = data.digitalocean_vpc.spectrum.id From 46868af19bb96b1383ae41bd36a3374d9afec0fa Mon Sep 17 00:00:00 2001 From: Anatolios Laskaris Date: Tue, 14 Jan 2025 16:04:58 +0300 Subject: [PATCH 3/4] Fix name --- examples/talos/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/talos/main.tf b/examples/talos/main.tf index c39c6d98..72d6937a 100644 --- a/examples/talos/main.tf +++ b/examples/talos/main.tf @@ -22,7 +22,7 @@ provider "helm" { module "talos" { source = "git::https://github.com/fluencelabs/spectrum.git//terraform-modules/talos?ref=terraform-module-talos-v0.1.0" # x-release-please-version - cluster_name = var.cluster_name + cluster_name = "my-cluster" control_planes = [ { From ea766a2bcd5164a82fcb292dfce0d22f0d89a935 Mon Sep 17 00:00:00 2001 From: Anatolios Laskaris Date: Wed, 15 Jan 2025 14:36:06 +0300 Subject: [PATCH 4/4] F --- terraform-modules/talos/talos.tf | 2 -- terraform-modules/talos/variables.tf | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/terraform-modules/talos/talos.tf b/terraform-modules/talos/talos.tf index bef3b497..78da3c5c 100644 --- a/terraform-modules/talos/talos.tf +++ b/terraform-modules/talos/talos.tf @@ -14,7 +14,6 @@ data "talos_machine_configuration" "control_plane" { machine_type = "controlplane" cluster_endpoint = local.cluster_endpoint machine_secrets = talos_machine_secrets.this.machine_secrets - talos_version = var.talos_version config_patches = [ templatefile("${path.module}/base_config.yml", { hostname = each.value.name }) ] @@ -27,7 +26,6 @@ data "talos_machine_configuration" "worker" { cluster_endpoint = local.cluster_endpoint machine_type = "worker" machine_secrets = talos_machine_secrets.this.machine_secrets - talos_version = var.talos_version config_patches = [ templatefile("${path.module}/base_config.yml", { hostname = each.value.name }) ] diff --git a/terraform-modules/talos/variables.tf b/terraform-modules/talos/variables.tf index 476c480a..aa9c7873 100644 --- a/terraform-modules/talos/variables.tf +++ b/terraform-modules/talos/variables.tf @@ -10,7 +10,7 @@ variable "cluster_name" { variable "talos_version" { type = string - default = "v1.8" + default = "v1.9" } variable "control_planes" {