RancherOS libvirt testing cluster

libvirt.tf

# Uses https://github.com/dmacvicar/terraform-provider-libvirt/releases/tag/v0.5.1
# Merged https://github.com/dmacvicar/terraform-provider-libvirt/pull/476
# Merged https://github.com/dmacvicar/terraform-provider-libvirt/pull/567
# Download rancher iso
# Transform rancher iso with
#   `qemu-img convert -f raw -O qcow2 .../rancheros.iso .../rancheros.qcow2`

# For loacal domain specific DNS to work:
# sudo cp /etc/resolv.conf{,.bk}
# sudo ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

# Setup systemd-networkd (from: https://unix.stackexchange.com/a/442599)
# sudo nano /etc/NetworkManager/dnsmasq.d/libvirt_dnsmasq.conf
# [Match]
# Name=virbr2
# [Network]
# DNS=10.0.1.1
# Domains=k8s.kvm ~kvm
# sudo systemctl daemon-reload
# sudo systemctl restart systemd-networkd
# sudo systemctl restart systemd-resolved

variable workers_count {
  type    = "string"
  default = "3"
}

# instance the provider
provider "libvirt" {
  uri = "qemu:///system"
}

# We fetch the latest rancheros release image from their mirrors
resource "libvirt_volume" "ros" {
  name   = "RancherOS-Base"
  source = "../../../rancheros.qcow2"
}

# Create a network for our VMs
resource "libvirt_network" "ros-cluster" {
  # the name used by libvirt
  name = "k8snet"

  # mode can be: "nat" (default), "none", "route", "bridge"
  mode = "nat"

  #  the domain used by the DNS server in this network
  domain = "k8s.kvm"

  #  list of subnets the addresses allowed for domains connected
  # also derived to define the host addresses
  # also derived to define the addresses served by the DHCP server
  addresses = ["10.0.1.0/24"]

  dns = {
    # Undocumented: https://github.com/dmacvicar/terraform-provider-libvirt/issues/580
    enabled    = true
    local_only = true
  }
}

# Use CloudInit to add our ssh-key to the instance
resource "libvirt_cloudinit_disk" "commoninit" {
  name = "commoninit.iso"

  user_data = <<CLOUDINIT
#cloud-config
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrCl14a/OKlOzpntF6lF5/DKDSP9E8QeLZt81cciO517ViUtAtOuxluMEzd2yuzR8tIMrREQ6QAIqKtTlN/EX2OQQaN4ohqqYq3FKkU+gD03XONNGCVsRCI7tmMHq2k5rqk6dqOLLp/aj/5OsKAgop3OU9Bfx2vo5WqKo5au8bCSJE+UVdy8QeSFJ7qJ8mNXVnzzv/Epnbi4Aepglwxfw1s2brFjoRXj+qnxVFlyhQMFdAX11ZwtJ2fR9jjzkezCusJ7D/kPs1Z4+e/VcMzUk7GVFR99RjFD7jpThRgMcKYoj03zhO6XDlk+EBjZbPuWUNlmwTjhFUxl5cPwwXXnAd Gitlab

rancher:
  network:
    dns:
      search:
        - k8s.kvm
      nameservers:
        - 10.0.1.1
CLOUDINIT

  data_source_type = "openstack"
}

resource "libvirt_volume" "node" {
  name           = "RancherOS-Node-${count.index}.qcow2"
  base_volume_id = "${libvirt_volume.ros.id}"
  size           = "2000000000"
  count          = "${var.workers_count}"
}

# Create the machine
resource "libvirt_domain" "node" {
  count  = "${var.workers_count}"
  name   = "Node-${count.index}"
  memory = "4096"
  vcpu   = 1

  cloudinit = "${libvirt_cloudinit_disk.commoninit.id}"

  network_interface {
    hostname       = "node${count.index}"
    network_id     = "${libvirt_network.ros-cluster.id}"
    addresses      = ["10.0.1.17${count.index}"]
    wait_for_lease = true
  }

  # IMPORTANT
  # Ubuntu can hang is a isa-serial is not present at boot time.
  # If you find your CPU 100% and never is available this is why
  console {
    type        = "pty"
    target_type = "serial"
    target_port = "0"
  }

  console {
    type        = "pty"
    target_type = "virtio"
    target_port = "1"
  }

  disk {
    volume_id = "${element(libvirt_volume.node.*.id, count.index)}"
  }

  graphics {
    type        = "spice"
    listen_type = "address"
    autoport    = "true"
  }
}