# 作問用 ``` provider "proxmox" { pm_tls_insecure = true pm_api_url = "https://172.16.11.2:8006/api2/json" pm_password = "aWPBBh6i2" pm_user = "root@pam" } resource "proxmox_vm_qemu" "base-code-abc-1" { # 問題VMごとに名前を修正してください name = "base-code-abc-1" # ベースイメージ(ubuntu-bionic, centos7, vyos) clone = "centos7" # コア数、メモリ cores = 2 memory = 2048 # cloud-init周り ciuser = "ictsc" cipassword = "aWPBBh6i2" ipconfig0 = "ip=192.168.11.1/24,gw=192.168.11.254" # 問題ごとに割り当てられたVLANタグを使用してください network { id = 0 model = "virtio" bridge = "vmbr1" tag = "11" } # クローンの時は使用されないけどバリデーションの都合上書かないといけないやつ disk { id = 0 size = 32 type = "virtio" storage = "local-lvm" } target_node = "pve-dev" full_clone = "true" } # 2台目（必要な場合） resource "proxmox_vm_qemu" "base-code-abc-2" { # 問題VMごとに名前を修正してください name = "base-code-abc-2" # ベースイメージ(ubuntu-bionic, centos7, vyos) clone = "ubuntu-bionic" # コア数、メモリ cores = 2 memory = 2048 # cloud-init周り ciuser = "ictsc" cipassword = "aWPBBh6i2" ipconfig0 = "ip=192.168.11.2/24,gw=192.168.11.254" ipconfig1 = "ip=192.168.12.1/24,gw=192.168.11.254" # 問題ごとに割り当てられたVLANタグを使用してください network { id = 0 model = "virtio" bridge = "vmbr1" tag = "11" } # NICを追加したいときはidをインクリメントしてください network { id = 1 model = "virtio" bridge = "vmbr1" tag = "12" } # クローンの時は使用されないけどバリデーションの都合上書かないといけないやつ disk { id = 0 size = 32 type = "virtio" storage = "local-lvm" } target_node = "pve-dev" full_clone = "true" } ``` # 展開用 ``` provider "proxmox" { pm_tls_insecure = true pm_api_url = "https://172.16.11.2:8006/api2/json" pm_password = "aWPBBh6i2" pm_user = "root@pam" } # Team20は運営テスト用 variable "team" { default = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 20] } resource "proxmox_vm_qemu" "problem1-1" { count = "${length(var.team)}" name = "team${format("%02.0f", element(var.team, count.index))}-problem1-1" target_node = "pve-dev" full_clone = "false" clone = "base-code-abc-1" disk { id = 0 size = 32 type = "scsi" storage = "local" } network { id = 0 model = "virtio" bridge = "vmbr1" tag = "${11 + element(var.team, count.index) * 100}" } } resource "proxmox_vm_qemu" "problem1-2" { count = "${length(var.team)}" name = "team${format("%02.0f", element(var.team, count.index))}-problem1-2" target_node = "pve-dev" full_clone = "false" clone = "base-code-abc-2" disk { id = 0 size = 32 type = "scsi" storage = "local" } network { id = 0 model = "virtio" bridge = "vmbr1" tag = "${11 + element(var.team, count.index) * 100}" } network { id = 1 model = "virtio" bridge = "vmbr1" tag = "${12 + element(var.team, count.index) * 100}" } } ``` --- https://blog.mosuke.tech/entry/2018/06/16/terraform-workspaces/ ```terraform { required_version = ">= 0.12.5" } # ubuntu archive data sakuracloud_archive "ubuntu-archive" { os_type = "ubuntu" } // # VPCルータ本体の定義(スタンダードプランの場合) // resource sakuracloud_vpc_router "k8s-external-vpc" { // name = "k8s-external-vpc" // plan = "standard" // } # pub key resource sakuracloud_ssh_key_gen "key"{ name = "k8s_pubkey" provisioner "local-exec" { command = "echo \"${self.private_key}\" > id_rsa; chmod 0600 id_rsa" } provisioner "local-exec" { when = "destroy" command = "rm -f id_rsa" } } # switch # global switch resource sakuracloud_internet "k8s-external-switch" { name = "k8s-external-switch" nw_mask_len="${lookup(var.external_subnet, terraform.workspace)}" } resource sakuracloud_switch "k8s-internal-switch" { name = "k8s-internal-switch" } // TODO // resource sakuracloud_switch "nfs-internal-switch" { // name = "nfs-internal-switch" // } # disks resource sakuracloud_disk "k8s-master-disk" { count = "${lookup(var.master, terraform.workspace)}" name = "k8s-master-${count.index}-${terraform.workspace}" source_archive_id = "${data.sakuracloud_archive.ubuntu-archive.id}" size = tonumber("${lookup(var.master_disk, terraform.workspace)}") tags = ["k8s"] } resource sakuracloud_disk "k8s-node-disk" { count = "${lookup(var.node, terraform.workspace)}" name = "k8s-node-${count.index}-${terraform.workspace}" source_archive_id = "${data.sakuracloud_archive.ubuntu-archive.id}" size = tonumber("${lookup(var.node_disk, terraform.workspace)}") tags = ["k8s"] } resource sakuracloud_disk "k8s-lb-disk" { count = "${lookup(var.lb, terraform.workspace)}" name = "k8s-lb-${count.index}-${terraform.workspace}" source_archive_id = "${data.sakuracloud_archive.ubuntu-archive.id}" size = tonumber("${lookup(var.lb_disk, terraform.workspace)}") tags = ["k8s"] } # servers resource sakuracloud_server "k8s-master-server" { count = "${lookup(var.master, terraform.workspace)}" name = "k8s-master-${count.index + 1}-server-${terraform.workspace}" hostname = "k8s-master-${count.index + 1}-server-${terraform.workspace}" core = "${lookup(var.master_cpu, terraform.workspace)}" memory = "${lookup(var.master_mem, terraform.workspace)}" disks = ["${sakuracloud_disk.k8s-master-disk[count.index].id}"] nic = "${sakuracloud_internet.k8s-external-switch.switch_id}" additional_nics = ["${sakuracloud_switch.k8s-internal-switch.id}"] additional_display_ipaddresses = ["192.168.100.1${count.index}"] ssh_key_ids = ["${sakuracloud_ssh_key_gen.key.id}"] password = "PUT_YOUR_PASSWORD_HERE" tags = ["k8s"] ipaddress = "${sakuracloud_internet.k8s-external-switch.ipaddresses[count.index]}" gateway = "${sakuracloud_internet.k8s-external-switch.gateway}" nw_mask_len = "${lookup(var.external_subnet, terraform.workspace)}" connection { type = "ssh" user = "ubuntu" host = "${self.ipaddress}" private_key = "${sakuracloud_ssh_key_gen.key.private_key}" } provisioner "remote-exec" { # write password mean for the sake of ansible used # todo: must better use cloudinit or packer initialize. inline = [ "echo ${self.password} |sudo -S sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config", "sudo systemctl restart sshd.service", "echo Success", "sudo ip link set eth1 up", "sudo ip addr add ${self.additional_display_ipaddresses[0]}/24 dev eth1" ] } } resource sakuracloud_server "k8s-node-server" { count = "${lookup(var.node, terraform.workspace)}" name = "k8s-node-${count.index + 1}-server-${terraform.workspace}" hostname = "k8s-node-${count.index + 1}-server-${terraform.workspace}" core = "${lookup(var.node_cpu, terraform.workspace)}" memory = "${lookup(var.node_mem, terraform.workspace)}" disks = ["${sakuracloud_disk.k8s-node-disk[count.index].id}"] nic = "${sakuracloud_internet.k8s-external-switch.switch_id}" additional_nics = ["${sakuracloud_switch.k8s-internal-switch.id}"] additional_display_ipaddresses = ["192.168.100.2${count.index}"] ssh_key_ids = ["${sakuracloud_ssh_key_gen.key.id}"] password = "PUT_YOUR_PASSWORD_HERE" tags = ["k8s"] ipaddress = "${sakuracloud_internet.k8s-external-switch.ipaddresses[count.index + lookup(var.master, terraform.workspace)]}" gateway = "${sakuracloud_internet.k8s-external-switch.gateway}" nw_mask_len = "${lookup(var.external_subnet, terraform.workspace)}" connection { type = "ssh" user = "ubuntu" host = "${self.ipaddress}" private_key = "${sakuracloud_ssh_key_gen.key.private_key}" } provisioner "remote-exec" { # write password mean for the sake of ansible used # todo: must better use cloudinit or packer initialize. inline = [ "echo ${self.password} |sudo -S sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config", "sudo systemctl restart sshd.service", "echo Success", "sudo ip link set eth1 up", "sudo ip addr add ${self.additional_display_ipaddresses[0]}/24 dev eth1" ] } } resource sakuracloud_server "k8s-lb-server" { count = "${lookup(var.lb, terraform.workspace)}" name = "k8s-lb-${count.index + 1}-server-${terraform.workspace}" hostname = "k8s-lb-${count.index + 1}-server-${terraform.workspace}" core = "${lookup(var.lb_cpu, terraform.workspace)}" memory = "${lookup(var.lb_mem, terraform.workspace)}" disks = ["${sakuracloud_disk.k8s-lb-disk[count.index].id}"] nic = "${sakuracloud_internet.k8s-external-switch.switch_id}" additional_nics = ["${sakuracloud_switch.k8s-internal-switch.id}"] additional_display_ipaddresses = ["192.168.100.3${count.index}"] ssh_key_ids = ["${sakuracloud_ssh_key_gen.key.id}"] password = "PUT_YOUR_PASSWORD_HERE" tags = ["k8s"] ipaddress = "${sakuracloud_internet.k8s-external-switch.ipaddresses[count.index+ lookup(var.master, terraform.workspace)+ lookup(var.node, terraform.workspace)]}" gateway = "${sakuracloud_internet.k8s-external-switch.gateway}" nw_mask_len = "${lookup(var.external_subnet, terraform.workspace)}" connection { type = "ssh" user = "ubuntu" host = "${self.ipaddress}" private_key = "${sakuracloud_ssh_key_gen.key.private_key}" } provisioner "remote-exec" { # write password mean for the sake of ansible used # todo: must better use cloudinit or packer initialize. inline = [ "echo ${self.password} |sudo -S sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config", "sudo systemctl restart sshd.service", "echo Success", "sudo ip link set eth1 up", "sudo ip addr add ${self.additional_display_ipaddresses[0]}/24 dev eth1", "sudo sysctl net.ipv4.ip_nonlocal_bind=1" ] } } // # output output "k8s_master_server_ipaddress"{ value = sakuracloud_server.k8s-master-server.*.ipaddress } output "k8s_lb_server_ipaddress"{ value = sakuracloud_server.k8s-lb-server.*.ipaddress } output "k8s_node_server_ipaddress"{ value = sakuracloud_server.k8s-node-server.*.ipaddress } output "public_address_list"{ value = "${sakuracloud_internet.k8s-external-switch.ipaddresses}" } ``` terrform workspace select dev ``` variable "external_subnet" { type = "map" default = { tmp = "28" dev = "27" prd = "27" } } variable "master" { type = "map" default = { tmp = "1" dev = "3" prd = "3" } } variable "master_cpu" { type = "map" default = { tmp = "2" dev = "8" prd = "8" } } variable "master_mem" { type = "map" default = { tmp = "2" dev = "16" prd = "16" } } variable "master_disk" { type = "map" default = { tmp = "20" dev = "100" prd = "100" } } variable "node" { type = "map" default = { tmp = "3" dev = "3" prd = "3" } } variable "node_cpu" { type = "map" default = { tmp = "2" dev = "8" prd = "8" } } variable "node_mem" { type = "map" default = { tmp = "2" dev = "16" prd = "16" } } variable "node_disk" { type = "map" default = { tmp = "20" dev = "100" prd = "100" } } variable "lb" { type = "map" default = { tmp = "0" dev = "2" prd = "2" } } variable "lb_cpu" { type = "map" default = { tmp = "0" dev = "2" prd = "4" } } variable "lb_mem" { type = "map" default = { tmp = "0" dev = "2" prd = "4" } } variable "lb_disk" { type = "map" default = { tmp = "0" dev = "20" prd = "20" } } ```