From 57d898f06e2504128638c1e904e6be3569526757 Mon Sep 17 00:00:00 2001 From: Christy Norman Date: Fri, 4 Feb 2022 17:48:42 -0600 Subject: [PATCH] Add IBM Power VS: tf data For more background on IPI on Power VS, refer to the enhancement proposal here: openshift/enhancements#736 Older discussions on some of the code here can be found in #5224 Signed-off-by: Christy Norman --- data/data/powervs/cluster/bootstrap/main.tf | 77 +++++++++ .../data/powervs/cluster/bootstrap/outputs.tf | 3 + .../cluster/bootstrap/templates/bootstrap.ign | 16 ++ .../powervs/cluster/bootstrap/variables.tf | 16 ++ .../powervs/cluster/bootstrap/versions.tf | 14 ++ data/data/powervs/cluster/dns/dns.tf | 22 +++ data/data/powervs/cluster/dns/variables.tf | 13 ++ data/data/powervs/cluster/dns/versions.tf | 8 + data/data/powervs/cluster/loadbalancer/alb.tf | 148 +++++++++++++++++ .../powervs/cluster/loadbalancer/outputs.tf | 7 + data/data/powervs/cluster/loadbalancer/sg.tf | 28 ++++ .../powervs/cluster/loadbalancer/variables.tf | 9 + .../powervs/cluster/loadbalancer/versions.tf | 8 + data/data/powervs/cluster/main.tf | 112 +++++++++++++ data/data/powervs/cluster/master/main.tf | 35 ++++ data/data/powervs/cluster/master/outputs.tf | 3 + data/data/powervs/cluster/master/variables.tf | 14 ++ data/data/powervs/cluster/master/versions.tf | 8 + data/data/powervs/cluster/outputs.tf | 7 + data/data/powervs/cluster/versions.tf | 8 + data/data/powervs/iaas/power-iaas.tf | 22 +++ data/data/powervs/iaas/variables.tf | 28 ++++ data/data/powervs/post-install/main.tf | 5 + data/data/powervs/post-install/versions.tf | 8 + data/data/powervs/topology/pi_network.tf | 40 +++++ data/data/powervs/variables-powervs.tf | 156 ++++++++++++++++++ 26 files changed, 815 insertions(+) create mode 100644 data/data/powervs/cluster/bootstrap/main.tf create mode 100644 data/data/powervs/cluster/bootstrap/outputs.tf create mode 100644 data/data/powervs/cluster/bootstrap/templates/bootstrap.ign create mode 100644 data/data/powervs/cluster/bootstrap/variables.tf create mode 100644 data/data/powervs/cluster/bootstrap/versions.tf create mode 100644 data/data/powervs/cluster/dns/dns.tf create mode 100644 data/data/powervs/cluster/dns/variables.tf create mode 100644 data/data/powervs/cluster/dns/versions.tf create mode 100644 data/data/powervs/cluster/loadbalancer/alb.tf create mode 100644 data/data/powervs/cluster/loadbalancer/outputs.tf create mode 100644 data/data/powervs/cluster/loadbalancer/sg.tf create mode 100644 data/data/powervs/cluster/loadbalancer/variables.tf create mode 100644 data/data/powervs/cluster/loadbalancer/versions.tf create mode 100644 data/data/powervs/cluster/main.tf create mode 100644 data/data/powervs/cluster/master/main.tf create mode 100644 data/data/powervs/cluster/master/outputs.tf create mode 100644 data/data/powervs/cluster/master/variables.tf create mode 100644 data/data/powervs/cluster/master/versions.tf create mode 100644 data/data/powervs/cluster/outputs.tf create mode 100644 data/data/powervs/cluster/versions.tf create mode 100644 data/data/powervs/iaas/power-iaas.tf create mode 100644 data/data/powervs/iaas/variables.tf create mode 100644 data/data/powervs/post-install/main.tf create mode 100644 data/data/powervs/post-install/versions.tf create mode 100644 data/data/powervs/topology/pi_network.tf create mode 100644 data/data/powervs/variables-powervs.tf diff --git a/data/data/powervs/cluster/bootstrap/main.tf b/data/data/powervs/cluster/bootstrap/main.tf new file mode 100644 index 000000000000..dd67bf16b991 --- /dev/null +++ b/data/data/powervs/cluster/bootstrap/main.tf @@ -0,0 +1,77 @@ +# TODO(mjturek): network and image data blocks can be in main module +# as master and bootstrap will be using the same +# network and image. Once we add in master module, make +# the move. +data "ibm_pi_network" "network" { + pi_network_name = var.network_name + pi_cloud_instance_id = var.cloud_instance_id +} + +data "ibm_resource_group" "cos_group" { + name = var.resource_group +} + +resource "ibm_resource_instance" "cos_instance" { + name = "${var.cluster_id}-cos" + resource_group_id = data.ibm_resource_group.cos_group.id + service = "cloud-object-storage" + plan = "standard" + location = var.cos_instance_location + tags = [var.cluster_id] +} + +# Create an IBM COS Bucket to store ignition +resource "ibm_cos_bucket" "ignition" { + bucket_name = "${var.cluster_id}-bootstrap-ign" + resource_instance_id = ibm_resource_instance.cos_instance.id + region_location = var.cos_bucket_location + storage_class = var.cos_storage_class +} + +resource "ibm_resource_key" "cos_service_cred" { + name = "${var.cluster_id}-cred" + role = "Reader" + resource_instance_id = ibm_resource_instance.cos_instance.id + parameters = { HMAC = true } +} + +# Place the bootstrap ignition file in the ignition COS bucket +resource "ibm_cos_bucket_object" "ignition" { + bucket_crn = ibm_cos_bucket.ignition.crn + bucket_location = ibm_cos_bucket.ignition.region_location + content = var.ignition + key = "bootstrap.ign" + etag = md5(var.ignition) +} + +data "ibm_iam_auth_token" "iam_token" {} + +# Create the bootstrap instance +resource "ibm_pi_instance" "bootstrap" { + pi_memory = var.memory + pi_processors = var.processors + pi_instance_name = "${var.cluster_id}-bootstrap" + pi_proc_type = var.proc_type + pi_image_id = var.image_id + pi_sys_type = var.sys_type + pi_cloud_instance_id = var.cloud_instance_id + pi_network { + network_id = data.ibm_pi_network.network.id + } + pi_user_data = base64encode(templatefile("${path.module}/templates/bootstrap.ign", { + HOSTNAME = ibm_cos_bucket.ignition.s3_endpoint_public + BUCKET_NAME = ibm_cos_bucket.ignition.bucket_name + OBJECT_NAME = ibm_cos_bucket_object.ignition.key + IAM_TOKEN = data.ibm_iam_auth_token.iam_token.iam_access_token + })) + pi_key_pair_name = var.key_id + pi_health_status = "WARNING" +} + +data "ibm_pi_instance_ip" "bootstrap_ip" { + depends_on = [ibm_pi_instance.bootstrap] + + pi_instance_name = ibm_pi_instance.bootstrap.pi_instance_name + pi_network_name = data.ibm_pi_network.network.pi_network_name + pi_cloud_instance_id = var.cloud_instance_id +} diff --git a/data/data/powervs/cluster/bootstrap/outputs.tf b/data/data/powervs/cluster/bootstrap/outputs.tf new file mode 100644 index 000000000000..1fdff08d8b94 --- /dev/null +++ b/data/data/powervs/cluster/bootstrap/outputs.tf @@ -0,0 +1,3 @@ +output "bootstrap_private_ip" { + value = data.ibm_pi_instance_ip.bootstrap_ip.ip +} diff --git a/data/data/powervs/cluster/bootstrap/templates/bootstrap.ign b/data/data/powervs/cluster/bootstrap/templates/bootstrap.ign new file mode 100644 index 000000000000..cf824f9c531f --- /dev/null +++ b/data/data/powervs/cluster/bootstrap/templates/bootstrap.ign @@ -0,0 +1,16 @@ +{ + "ignition": { + "version": "3.2.0", + "config": { + "replace": { + "source": "https://${HOSTNAME}/${BUCKET_NAME}/${OBJECT_NAME}", + "httpHeaders": [ + { + "name": "Authorization", + "value": "${IAM_TOKEN}" + } + ] + } + } + } +} \ No newline at end of file diff --git a/data/data/powervs/cluster/bootstrap/variables.tf b/data/data/powervs/cluster/bootstrap/variables.tf new file mode 100644 index 000000000000..b5dc45313682 --- /dev/null +++ b/data/data/powervs/cluster/bootstrap/variables.tf @@ -0,0 +1,16 @@ +variable "memory" {} +variable "processors" {} +variable "ignition" {} + +variable "cloud_instance_id" {} +variable "resource_group" {} +variable "image_id" {} +variable "network_name" {} +variable "proc_type" {} +variable "sys_type" {} +variable "cluster_id" {} +variable "key_id" {} + +variable "cos_instance_location" {} +variable "cos_bucket_location" {} +variable "cos_storage_class" {} diff --git a/data/data/powervs/cluster/bootstrap/versions.tf b/data/data/powervs/cluster/bootstrap/versions.tf new file mode 100644 index 000000000000..e9ee2cf299bf --- /dev/null +++ b/data/data/powervs/cluster/bootstrap/versions.tf @@ -0,0 +1,14 @@ +terraform { + required_version = ">= 0.14" + required_providers { + ibm = { + source = "openshift/local/ibm" + } + ibms3presign = { + source = "openshift/local/ibms3presign" + } + ignition = { + source = "openshift/local/ignition" + } + } +} diff --git a/data/data/powervs/cluster/dns/dns.tf b/data/data/powervs/cluster/dns/dns.tf new file mode 100644 index 000000000000..b37f8706e4e8 --- /dev/null +++ b/data/data/powervs/cluster/dns/dns.tf @@ -0,0 +1,22 @@ +data "ibm_cis_domain" "base_domain" { + cis_id = var.cis_id + domain = var.base_domain +} + +resource "ibm_cis_dns_record" "kubernetes_api" { + cis_id = var.cis_id + domain_id = data.ibm_cis_domain.base_domain.id + type = "CNAME" + name = "api.${var.cluster_domain}" + content = var.load_balancer_hostname + ttl = 60 +} + +resource "ibm_cis_dns_record" "kubernetes_api_internal" { + cis_id = var.cis_id + domain_id = data.ibm_cis_domain.base_domain.id + type = "CNAME" + name = "api-int.${var.cluster_domain}" + content = var.load_balancer_int_hostname + ttl = 60 +} diff --git a/data/data/powervs/cluster/dns/variables.tf b/data/data/powervs/cluster/dns/variables.tf new file mode 100644 index 000000000000..c7631cae426c --- /dev/null +++ b/data/data/powervs/cluster/dns/variables.tf @@ -0,0 +1,13 @@ +variable "cis_id" {} + +variable "base_domain" {} + +variable "cluster_domain" {} + +variable "load_balancer_hostname" {} + +variable "load_balancer_int_hostname" {} + + + + diff --git a/data/data/powervs/cluster/dns/versions.tf b/data/data/powervs/cluster/dns/versions.tf new file mode 100644 index 000000000000..8ce324c2a3cc --- /dev/null +++ b/data/data/powervs/cluster/dns/versions.tf @@ -0,0 +1,8 @@ +terraform { + required_version = ">= 0.14" + required_providers { + ibm = { + source = "openshift/local/ibm" + } + } +} diff --git a/data/data/powervs/cluster/loadbalancer/alb.tf b/data/data/powervs/cluster/loadbalancer/alb.tf new file mode 100644 index 000000000000..b6ac3cc52f2b --- /dev/null +++ b/data/data/powervs/cluster/loadbalancer/alb.tf @@ -0,0 +1,148 @@ +locals { + api_servers = concat([var.bootstrap_ip], var.master_ips) + api_servers_count = length(var.master_ips) + 1 # bootstrap + master + app_servers = var.master_ips + app_servers_count = length(var.master_ips) +} + +data "ibm_resource_group" "resource_group" { + name = var.resource_group +} + +resource "ibm_is_lb" "load_balancer" { + name = "${var.cluster_id}-loadbalancer" + resource_group = data.ibm_resource_group.resource_group.id + subnets = [var.vpc_subnet_id] + security_groups = [ibm_is_security_group.ocp_security_group.id] + tags = [var.cluster_id, "${var.cluster_id}-loadbalancer"] + type = "public" +} + +resource "ibm_is_lb" "load_balancer_int" { + name = "${var.cluster_id}-loadbalancer-int" + resource_group = data.ibm_resource_group.resource_group.id + subnets = [var.vpc_subnet_id] + security_groups = [ibm_is_security_group.ocp_security_group.id] + tags = [var.cluster_id, "${var.cluster_id}-loadbalancer-int"] + type = "private" +} + +# Using explicit depends_on as otherwise there are issues with updating and adding of pool members +# Ref: https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/is_lb_listener + +## TODO move this to internal/private LB +# machine config listener and backend pool +resource "ibm_is_lb_listener" "machine_config_listener" { + lb = ibm_is_lb.load_balancer_int.id + port = 22623 + protocol = "tcp" + default_pool = ibm_is_lb_pool.machine_config_pool.id +} +resource "ibm_is_lb_pool" "machine_config_pool" { + depends_on = [ibm_is_lb.load_balancer_int] + + name = "machine-config-server" + lb = ibm_is_lb.load_balancer_int.id + algorithm = "round_robin" + protocol = "tcp" + health_delay = 60 + health_retries = 5 + health_timeout = 30 + health_type = "tcp" +} +resource "ibm_is_lb_pool_member" "machine_config_member" { + depends_on = [ibm_is_lb_listener.machine_config_listener] + count = local.api_servers_count + + lb = ibm_is_lb.load_balancer_int.id + pool = ibm_is_lb_pool.machine_config_pool.id + port = 22623 + target_address = local.api_servers[count.index] +} + +# api listener and backend pool (internal) +resource "ibm_is_lb_listener" "api_listener_int" { + lb = ibm_is_lb.load_balancer_int.id + port = 6443 + protocol = "tcp" + default_pool = ibm_is_lb_pool.api_pool_int.id +} +resource "ibm_is_lb_pool" "api_pool_int" { + depends_on = [ibm_is_lb.load_balancer_int] + + name = "openshift-api-server" + lb = ibm_is_lb.load_balancer_int.id + algorithm = "round_robin" + protocol = "tcp" + health_delay = 60 + health_retries = 5 + health_timeout = 30 + health_type = "tcp" +} +resource "ibm_is_lb_pool_member" "api_member_int" { + depends_on = [ibm_is_lb_listener.api_listener_int, ibm_is_lb_pool_member.machine_config_member] + count = local.api_servers_count + + lb = ibm_is_lb.load_balancer_int.id + pool = ibm_is_lb_pool.api_pool_int.id + port = 6443 + target_address = local.api_servers[count.index] +} + +# api listener and backend pool (external) +resource "ibm_is_lb_listener" "api_listener" { + lb = ibm_is_lb.load_balancer.id + port = 6443 + protocol = "tcp" + default_pool = ibm_is_lb_pool.api_pool.id +} +resource "ibm_is_lb_pool" "api_pool" { + depends_on = [ibm_is_lb.load_balancer] + + name = "openshift-api-server" + lb = ibm_is_lb.load_balancer.id + algorithm = "round_robin" + protocol = "tcp" + health_delay = 60 + health_retries = 5 + health_timeout = 30 + health_type = "tcp" +} +resource "ibm_is_lb_pool_member" "api_member" { + depends_on = [ibm_is_lb_listener.api_listener, ibm_is_lb_pool_member.machine_config_member] + count = local.api_servers_count + + lb = ibm_is_lb.load_balancer.id + pool = ibm_is_lb_pool.api_pool.id + port = 6443 + target_address = local.api_servers[count.index] +} + +# bootstrap listener and backend pool +resource "ibm_is_lb_listener" "bootstrap_listener" { + lb = ibm_is_lb.load_balancer.id + port = 22 + protocol = "tcp" + default_pool = ibm_is_lb_pool.bootstrap_pool.id +} +resource "ibm_is_lb_pool" "bootstrap_pool" { + depends_on = [ibm_is_lb.load_balancer] + + name = "bootstrap-node" + lb = ibm_is_lb.load_balancer.id + algorithm = "round_robin" + protocol = "tcp" + health_delay = 5 + health_retries = 2 + health_timeout = 2 + health_type = "tcp" +} +resource "ibm_is_lb_pool_member" "bootstrap" { + depends_on = [ibm_is_lb_listener.bootstrap_listener] + + lb = ibm_is_lb.load_balancer.id + pool = ibm_is_lb_pool.bootstrap_pool.id + port = 22 + target_address = var.bootstrap_ip +} + diff --git a/data/data/powervs/cluster/loadbalancer/outputs.tf b/data/data/powervs/cluster/loadbalancer/outputs.tf new file mode 100644 index 000000000000..b4c6c184fb8d --- /dev/null +++ b/data/data/powervs/cluster/loadbalancer/outputs.tf @@ -0,0 +1,7 @@ +output "powervs_lb_hostname" { + value = ibm_is_lb.load_balancer.hostname +} + +output "powervs_lb_int_hostname" { + value = ibm_is_lb.load_balancer_int.hostname +} diff --git a/data/data/powervs/cluster/loadbalancer/sg.tf b/data/data/powervs/cluster/loadbalancer/sg.tf new file mode 100644 index 000000000000..64cde9cf93fa --- /dev/null +++ b/data/data/powervs/cluster/loadbalancer/sg.tf @@ -0,0 +1,28 @@ +locals { + tcp_ports = [22623, 6443, 22] +} +data "ibm_is_vpc" "vpc" { + name = var.vpc_name +} + +resource "ibm_is_security_group" "ocp_security_group" { + name = "${var.cluster_id}-ocp-sec-group" + resource_group = data.ibm_resource_group.resource_group.id + vpc = data.ibm_is_vpc.vpc.id + tags = [var.cluster_id] +} + +resource "ibm_is_security_group_rule" "inbound_ports" { + count = length(local.tcp_ports) + group = ibm_is_security_group.ocp_security_group.id + direction = "inbound" + tcp { + port_min = local.tcp_ports[count.index] + port_max = local.tcp_ports[count.index] + } +} + +resource "ibm_is_security_group_rule" "outbound_any" { + group = ibm_is_security_group.ocp_security_group.id + direction = "outbound" +} diff --git a/data/data/powervs/cluster/loadbalancer/variables.tf b/data/data/powervs/cluster/loadbalancer/variables.tf new file mode 100644 index 000000000000..c64b3344fa42 --- /dev/null +++ b/data/data/powervs/cluster/loadbalancer/variables.tf @@ -0,0 +1,9 @@ +variable "cluster_id" {} + +variable "vpc_name" {} +variable "vpc_subnet_id" {} + +variable "bootstrap_ip" {} +variable "master_ips" {} + +variable "resource_group" {} diff --git a/data/data/powervs/cluster/loadbalancer/versions.tf b/data/data/powervs/cluster/loadbalancer/versions.tf new file mode 100644 index 000000000000..8ce324c2a3cc --- /dev/null +++ b/data/data/powervs/cluster/loadbalancer/versions.tf @@ -0,0 +1,8 @@ +terraform { + required_version = ">= 0.14" + required_providers { + ibm = { + source = "openshift/local/ibm" + } + } +} diff --git a/data/data/powervs/cluster/main.tf b/data/data/powervs/cluster/main.tf new file mode 100644 index 000000000000..13cae0e772d2 --- /dev/null +++ b/data/data/powervs/cluster/main.tf @@ -0,0 +1,112 @@ +provider "ibm" { + alias = "vpc" + ibmcloud_api_key = var.powervs_api_key + region = var.powervs_vpc_region + zone = var.powervs_vpc_zone +} + +provider "ibm" { + alias = "powervs" + ibmcloud_api_key = var.powervs_api_key + region = var.powervs_region +} + +resource "ibm_pi_key" "cluster_key" { + provider = ibm.powervs + pi_key_name = "${var.cluster_id}-key" + pi_ssh_key = var.powervs_ssh_key + pi_cloud_instance_id = var.powervs_cloud_instance_id +} + +module "bootstrap" { + providers = { + ibm = ibm.powervs + } + source = "./bootstrap" + cloud_instance_id = var.powervs_cloud_instance_id + cluster_id = var.cluster_id + resource_group = var.powervs_resource_group + + cos_instance_location = var.powervs_cos_instance_location + cos_bucket_location = var.powervs_cos_bucket_location + cos_storage_class = var.powervs_cos_storage_class + + memory = var.powervs_bootstrap_memory + processors = var.powervs_bootstrap_processors + ignition = var.ignition_bootstrap + sys_type = var.powervs_sys_type + proc_type = var.powervs_proc_type + key_id = ibm_pi_key.cluster_key.key_id + image_id = ibm_pi_image.boot_image.image_id + network_name = var.powervs_network_name +} + +module "master" { + providers = { + ibm = ibm.powervs + } + source = "./master" + cloud_instance_id = var.powervs_cloud_instance_id + cluster_id = var.cluster_id + resource_group = var.powervs_resource_group + instance_count = var.master_count + + memory = var.powervs_master_memory + processors = var.powervs_master_processors + ignition = var.ignition_master + sys_type = var.powervs_sys_type + proc_type = var.powervs_proc_type + key_id = ibm_pi_key.cluster_key.key_id + image_id = ibm_pi_image.boot_image.image_id + network_name = var.powervs_network_name +} + +data "ibm_is_subnet" "vpc_subnet" { + provider = ibm.vpc + name = var.powervs_vpc_subnet_name +} + +resource "ibm_pi_image" "boot_image" { + provider = ibm.powervs + pi_image_name = "rhcos-${var.cluster_id}" + pi_cloud_instance_id = var.powervs_cloud_instance_id + pi_image_bucket_name = "rhcos-powervs-images-${var.powervs_vpc_region}" + pi_image_bucket_access = "public" + pi_image_bucket_region = var.powervs_vpc_region + pi_image_bucket_file_name = var.powervs_image_bucket_file_name + pi_image_storage_type = var.powervs_image_storage_type +} + +data "ibm_pi_network" "pvs_net" { + provider = ibm.powervs + pi_network_name = var.powervs_network_name + pi_cloud_instance_id = var.powervs_cloud_instance_id +} + +module "loadbalancer" { + providers = { + ibm = ibm.vpc + } + source = "./loadbalancer" + + cluster_id = var.cluster_id + vpc_name = var.powervs_vpc_name + vpc_subnet_id = data.ibm_is_subnet.vpc_subnet.id + bootstrap_ip = module.bootstrap.bootstrap_private_ip + master_ips = module.master.master_ips + resource_group = var.powervs_resource_group +} + + +module "dns" { + providers = { + ibm = ibm.vpc + } + source = "./dns" + + cis_id = var.powervs_cis_crn + base_domain = var.base_domain + cluster_domain = var.cluster_domain + load_balancer_hostname = module.loadbalancer.powervs_lb_hostname + load_balancer_int_hostname = module.loadbalancer.powervs_lb_int_hostname +} diff --git a/data/data/powervs/cluster/master/main.tf b/data/data/powervs/cluster/master/main.tf new file mode 100644 index 000000000000..737376f13a0b --- /dev/null +++ b/data/data/powervs/cluster/master/main.tf @@ -0,0 +1,35 @@ +# TODO(mjturek): network and image data blocks can be in main module +# as master and bootstrap will be using the same +# network and image. Once we add in master module, make +# the move. +data "ibm_pi_network" "network" { + pi_network_name = var.network_name + pi_cloud_instance_id = var.cloud_instance_id +} + +# Create the master instances +resource "ibm_pi_instance" "master" { + count = var.instance_count + pi_memory = var.memory + pi_processors = var.processors + pi_instance_name = "${var.cluster_id}-master-${count.index}" + pi_proc_type = var.proc_type + pi_image_id = var.image_id + pi_sys_type = var.sys_type + pi_cloud_instance_id = var.cloud_instance_id + pi_network { + network_id = data.ibm_pi_network.network.id + } + pi_user_data = base64encode(var.ignition) + pi_key_pair_name = var.key_id + pi_health_status = "WARNING" +} + +data "ibm_pi_instance_ip" "master_ip" { + count = var.instance_count + depends_on = [ibm_pi_instance.master] + + pi_instance_name = ibm_pi_instance.master[count.index].pi_instance_name + pi_network_name = data.ibm_pi_network.network.pi_network_name + pi_cloud_instance_id = var.cloud_instance_id +} diff --git a/data/data/powervs/cluster/master/outputs.tf b/data/data/powervs/cluster/master/outputs.tf new file mode 100644 index 000000000000..910e18ebb0b3 --- /dev/null +++ b/data/data/powervs/cluster/master/outputs.tf @@ -0,0 +1,3 @@ +output "master_ips" { + value = data.ibm_pi_instance_ip.master_ip.*.ip +} diff --git a/data/data/powervs/cluster/master/variables.tf b/data/data/powervs/cluster/master/variables.tf new file mode 100644 index 000000000000..c977befe3368 --- /dev/null +++ b/data/data/powervs/cluster/master/variables.tf @@ -0,0 +1,14 @@ +variable "instance_count" {} + +variable "memory" {} +variable "processors" {} +variable "ignition" {} +variable "key_id" {} + +variable "cloud_instance_id" {} +variable "resource_group" {} +variable "image_id" {} +variable "network_name" {} +variable "proc_type" {} +variable "sys_type" {} +variable "cluster_id" {} diff --git a/data/data/powervs/cluster/master/versions.tf b/data/data/powervs/cluster/master/versions.tf new file mode 100644 index 000000000000..8ce324c2a3cc --- /dev/null +++ b/data/data/powervs/cluster/master/versions.tf @@ -0,0 +1,8 @@ +terraform { + required_version = ">= 0.14" + required_providers { + ibm = { + source = "openshift/local/ibm" + } + } +} diff --git a/data/data/powervs/cluster/outputs.tf b/data/data/powervs/cluster/outputs.tf new file mode 100644 index 000000000000..7c355853f60e --- /dev/null +++ b/data/data/powervs/cluster/outputs.tf @@ -0,0 +1,7 @@ +output "bootstrap_ip" { + value = module.loadbalancer.powervs_lb_hostname +} + +output "control_plane_ips" { + value = module.master.master_ips +} diff --git a/data/data/powervs/cluster/versions.tf b/data/data/powervs/cluster/versions.tf new file mode 100644 index 000000000000..8ce324c2a3cc --- /dev/null +++ b/data/data/powervs/cluster/versions.tf @@ -0,0 +1,8 @@ +terraform { + required_version = ">= 0.14" + required_providers { + ibm = { + source = "openshift/local/ibm" + } + } +} diff --git a/data/data/powervs/iaas/power-iaas.tf b/data/data/powervs/iaas/power-iaas.tf new file mode 100644 index 000000000000..071535e415bd --- /dev/null +++ b/data/data/powervs/iaas/power-iaas.tf @@ -0,0 +1,22 @@ +provider "ibm" { + ibmcloud_api_key = var.powervs_api_key +} + +data "ibm_resource_group" "group" { + name = var.powervs_resource_group +} + +resource "ibm_resource_instance" "resource_instance" { + name = "${var.cluster_id}-power-iaas" + service = "power-iaas" + plan = "power-virtual-server-group" + location = var.powervs_region + tags = concat(var.service_tags, ["${var.cluster_id}-power-iaas", "${var.cluster_id}"]) + resource_group_id = data.ibm_resource_group.group.id + + timeouts { + create = "10m" + update = "10m" + delete = "10m" + } +} diff --git a/data/data/powervs/iaas/variables.tf b/data/data/powervs/iaas/variables.tf new file mode 100644 index 000000000000..c9569ff8808a --- /dev/null +++ b/data/data/powervs/iaas/variables.tf @@ -0,0 +1,28 @@ +variable "powervs_api_key" { + type = string + description = "IBM Cloud API key associated with user's identity" + default = "" +} + +variable "powervs_resource_group" { + type = string + description = "The cloud instance resource group" + default = "" +} + +variable "powervs_region" { + type = string + description = "The IBM Cloud region where you want to create the resources" + default = "" +} + +variable "cluster_id" { + type = string + default = "" +} + +variable "service_tags" { + type = list(string) + description = "A list of tags for our resource instance." + default = [] +} diff --git a/data/data/powervs/post-install/main.tf b/data/data/powervs/post-install/main.tf new file mode 100644 index 000000000000..2967f6423bd3 --- /dev/null +++ b/data/data/powervs/post-install/main.tf @@ -0,0 +1,5 @@ +provider "ibm" { + alias = "powervs" + ibmcloud_api_key = var.powervs_api_key + region = var.powervs_region +} diff --git a/data/data/powervs/post-install/versions.tf b/data/data/powervs/post-install/versions.tf new file mode 100644 index 000000000000..8ce324c2a3cc --- /dev/null +++ b/data/data/powervs/post-install/versions.tf @@ -0,0 +1,8 @@ +terraform { + required_version = ">= 0.14" + required_providers { + ibm = { + source = "openshift/local/ibm" + } + } +} diff --git a/data/data/powervs/topology/pi_network.tf b/data/data/powervs/topology/pi_network.tf new file mode 100644 index 000000000000..5f5e3a5f7c9a --- /dev/null +++ b/data/data/powervs/topology/pi_network.tf @@ -0,0 +1,40 @@ +## Network +## These are be optional arguments in the install-config (e.g. Platform) +## so that users may specify them. Have them be "hidden" in that the survey doesn't ask for them +## unless the OCP leads disagree. +## And since they're optional, use the count = construct to conditionally create them if the tf +## vars are unset. + +## Note, the following are incomplete placeholders to be tested and reviewed later when the TF +## support for these has been added to the ibmcloud terraform provider (which is now forked into +## https://github.com/openshift/terraform-provider-ibm) + +#resource "ibm_direct_link" "ocp_direct_link" { +# TODO +#} + +#resource "ibm_pi_network" "ocp_network" { +# provider = ibm.powervs +# count = var.powervs_network_name == "" ? 1 : 0 +# pi_network_name = "pvs-net-${var.cluster_id}" +# pi_cloud_instance_id = "powervs_cloud_instance_id" +# pi_network_type = "dhcp" +# pi_cidr = "192.168.0.0/24" +# pi_dns = [<"DNS Servers">] +#} + +#resource "ibm_is_vpc" "ocp_vpc" { +# provider = ibm.vpc +# count = var.powervs_vpc == "" ? 1 : 0 +# name = "vpc_${var.cluster_id}" +# classic_access = false +# resource_group = var.powervs_resource_group +#} + +#resource "ibm_is_subnet" "ocp_vpc_subnet" { +# provider = ibm.vpc +# count = var.powervs_vpc_subnet == "" ? 1 : 0 +# name = "vpc_subnet_${var.cluster_id}" +# vpc = ibm_is_vpc..id +# ipv4_cidr_block = "192.168.0.0/1" +#} diff --git a/data/data/powervs/variables-powervs.tf b/data/data/powervs/variables-powervs.tf new file mode 100644 index 000000000000..21b0001bee52 --- /dev/null +++ b/data/data/powervs/variables-powervs.tf @@ -0,0 +1,156 @@ +################################################################ +# Configure the IBM Cloud provider +################################################################ +variable "powervs_api_key" { + type = string + description = "IBM Cloud API key associated with user's identity" + default = "" +} + +variable "powervs_vpc_region" { + type = string + description = "The IBM Cloud region where you want to create the resources" + default = "eu-gb" +} + +variable "powervs_vpc_zone" { + type = string + description = "The IBM Cloud zone associated with the VPC region you're using" +} + +variable "powervs_region" { + type = string + description = "The IBM Cloud region where you want to create the resources" + default = "lon" +} + +variable "powervs_zone" { + type = string + description = "The IBM Cloud zone associated with the region you're using" +} + +variable "powervs_resource_group" { + type = string + description = "The cloud instance resource group" +} + +variable "powervs_cloud_instance_id" { + type = string + description = "The cloud instance ID of your account" +} + +################################################################ +# Configure storage +################################################################ +variable "powervs_cos_instance_location" { + type = string + description = "The location of your COS instance" + default = "global" +} + +variable "powervs_cos_bucket_location" { + type = string + description = "The location to create your COS bucket" + default = "us-east" +} + +variable "powervs_cos_storage_class" { + type = string + description = "The plan used for your COS instance" + default = "smart" +} + +################################################################ +# Configure instances +################################################################ +variable "powervs_bootstrap_memory" { + type = string + description = "Amount of memory, in GiB, used by the bootstrap node." + default = "32" +} + +variable "powervs_bootstrap_processors" { + type = string + description = "Number of processors used by the bootstrap node." + default = "0.5" +} + +variable "powervs_master_memory" { + type = string + description = "Amount of memory, in GiB, used by each master node." + default = "32" +} + +variable "powervs_master_processors" { + type = string + description = "Number of processors used by each master node." + default = "0.5" +} + +variable "powervs_proc_type" { + type = string + description = "The type of processor mode for all nodes (shared/dedicated)" + default = "shared" +} + +variable "powervs_sys_type" { + type = string + description = "The type of system (s922/e980)" + default = "s922" +} + +variable "powervs_key_name" { + type = string + description = "The name for the SSH key created in the Service Instance" + default = "" +} + +variable "powervs_ssh_key" { + type = string + description = "Public key for keypair used to access cluster. Required when creating 'ibm_pi_instance' resources." + default = "" +} + +variable "powervs_image_bucket_file_name" { + type = string + description = "File name of the image in the COS bucket." +} + +variable "powervs_image_storage_type" { + type = string + description = "Storage type used when storing image in Power VS." + default = "tier3" +} + +################################################################ +# Configure Network Topology +################################################################ +variable "powervs_network_name" { + type = string + description = "Name of the network within the Power VS instance." +} + +variable "powervs_vpc_name" { + type = string + description = "Name of the IBM Cloud Virtual Private Cloud (VPC) to setup the load balancer." +} + +variable "powervs_vpc_subnet_name" { + type = string + description = "Name of the VPC subnet connected via DirectLink to the Power VS private network." +} + +################################################################ +# Configure DNS +################################################################ +## TODO: Pass the CIS CRN from the installer program, refer the IBM Cloud code to see the implementation. +variable "powervs_cis_crn" { + type = string + description = "The CRN of CIS instance to use." +} + +################################################################ +# Output Variables +################################################################ +variable "bootstrap_ip" { default = "" } +variable "control_plane_ips" { default = [] }