capitano/tofu-kubeleo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Configurazione iniziale per cluster k8s su Proxmox

Browse Source
This commit is contained in:
Giaco
2025-07-31 14:15:02 +00:00
parent 74fbf8f73a
commit bb9ed1e76e
6 changed files with 264 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.gitignore vendored Normal file
View File

@@ -0,0 +1,9 @@
# File di stato locali
*.tfstate
*.tfstate.*
# Cartella che contiene i plugin
.terraform/
# File di crash
crash.log

24
.terraform.lock.hcl generated Normal file
View File

@@ -0,0 +1,24 @@
# This file is maintained automatically by "tofu init".
# Manual edits may be lost in future updates.
provider "registry.opentofu.org/telmate/proxmox" {
version = "3.0.1-rc2"
constraints = "3.0.1-rc2"
hashes = [
"h1:FoQkRJvBaRnfmHbDQAuwdvd9sSoFM+UKDkX5UBg6fdc=",
"zh:0158ecead8265f79ca069fcb7e9c07283545f90a09abe8a28a5944c2c9b8dc89",
"zh:04731d141b77b0072bf650ee91670594f3ec93cf01c2612a5a3eecbda01e745e",
"zh:06460b2b32b06684f3ce8416d328868cdc26f88c1e0379522fdf797ba7072ccf",
"zh:15e9ece8a8106e32fa842f84494952298a24883b6dc164acdc375594ed4c3840",
"zh:2ff19ed9d1b36d4890b3c036fa027f831889535e9e9c6bf7aa185423e620d93c",
"zh:45efb6d48df0cab681677fa58557b964cbaec6b5a5acc5ff19f446760670c4ea",
"zh:554351399ef605a708653d7d716ecc36d39e85088c37435b7f391a841e1bee93",
"zh:5b78fe1f4e796cb56cbc6fc7e43e95d2ad0f46f86cb2a4795c617c73681f5374",
"zh:61a379c5380f69d474b8a22fedd68f34e7df57ab24fdfcd0336a3a88e9d1706a",
"zh:73cf31280728ee48b645c537de89881788c6e6aa6a9a2a9a09ec4510f594db2e",
"zh:85e2f22617fa1450deeaefffe6d455f26054ab8a9a6a1eb1a5c50b51703304ec",
"zh:a0cc2bd9581fcddc1f64692c9c431c652e4e0edc035a357aa1279788a8d580d0",
"zh:b99a25084d77075dce5b32604953e4266fc8cdda9ec00cbb06f886331743b492",
"zh:bcaace9bec999f869ecc308075c98139a5762b4a4f45541c7b59aa3df4f7484d",
]
}

35
cloud-init-control-plane.yaml Normal file
View File

@@ -0,0 +1,35 @@
#cloud-config
package_update: true
package_upgrade: true
packages:
- apt-transport-https
- ca-certificates
- curl
- containerd
runcmd:
# Disabilita swap (richiesto da kubelet)
- swapoff -a
- sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
# Carica moduli del kernel e imposta sysctl
- modprobe overlay
- modprobe br_netfilter
- echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
- echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
- sysctl -p
# Installa Kubernetes
- curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
- echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
- apt-get update
- apt-get install -y kubelet=${k8s_version} kubeadm=${k8s_version} kubectl=${k8s_version}
- apt-mark hold kubelet kubeadm kubectl
# Inizializza il cluster con kubeadm
- kubeadm init --pod-network-cidr=${pod_network_cidr} --apiserver-advertise-address=${advertise_ip}
# Configura kubectl per l'utente 'ubuntu' (o il tuo utente di default nel template)
- mkdir -p /home/ubuntu/.kube
- cp -i /etc/kubernetes/admin.conf /home/ubuntu/.kube/config
- chown -R ubuntu:ubuntu /home/ubuntu/.kube

25
cloud-init-script.yaml Normal file
View File

@@ -0,0 +1,25 @@
#cloud-config
runcmd:
- swapoff -a
- sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
- apt-get update -y
- apt-get install -y apt-transport-https ca-certificates curl containerd
- modprobe overlay
- modprobe br_netfilter
- |
cat <<EOF | tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
- sysctl --system
- curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
- echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
- apt-get update -y
%{ if is_control_plane ~}
- apt-get install -y kubelet=${k8s_version} kubeadm=${k8s_version} kubectl=${k8s_version}
- apt-mark hold kubelet kubeadm kubectl
%{ else ~}
- apt-get install -y kubelet=${k8s_version} kubeadm=${k8s_version}
- apt-mark hold kubelet kubeadm
%{ endif ~}

27
cloud-init-worker.yaml Normal file
View File

@@ -0,0 +1,27 @@
#cloud-config
package_update: true
package_upgrade: true
packages:
- apt-transport-https
- ca-certificates
- curl
- containerd
runcmd:
# Disabilita swap
- swapoff -a
- sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
# Carica moduli del kernel e imposta sysctl
- modprobe overlay
- modprobe br_netfilter
- sysctl -p
# Installa Kubernetes
- curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
- echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
- apt-get update
- apt-get install -y kubelet=${k8s_version} kubeadm=${k8s_version}
- apt-mark hold kubelet kubeadm
# Il passo finale (kubeadm join) andrà eseguito manualmente.

144
main.tf Normal file
View File

@@ -0,0 +1,144 @@
# main.tf
terraform {
required_providers {
proxmox = {
source = "telmate/proxmox"
version = "3.0.1-rc2"
}
}
}
provider "proxmox" {
pm_api_url = "https://192.168.178.11:8006/api2/json"
pm_tls_insecure = true
}
# --- Variabili Locali per una facile configurazione ---
locals {
proxmox_node = "Covenant"
template_name = "debian-12-cloudinit"
ssh_user = "debian"
k8s_version = "1.29.3-1.1"
gateway_ip = "10.66.99.254"
dns_server = "10.66.99.254"
ssh_public_key = file("~/.ssh/id_ecdsa.pub")
ssh_private_key = file("~/.ssh/id_ecdsa")
control_planes = {
Alessandro = { ip = "10.66.99.171", vmid = 451 }
Rene = { ip = "10.66.99.172", vmid = 452 }
Arianna = { ip = "10.66.99.173", vmid = 453 }
}
workers = {
Stanis = { ip = "10.66.99.175", vmid = 455 }
Itala = { ip = "10.66.99.176", vmid = 456 }
Duccio = { ip = "10.66.99.177", vmid = 457 }
}
}
# --- Nodi Control Plane ---
resource "proxmox_vm_qemu" "k8s_control_planes" {
for_each = local.control_planes
vmid = each.value.vmid
name = each.key
target_node = local.proxmox_node
clone = local.template_name
os_type = "cloud-init"
agent = 1
cores = 2
sockets = 1
memory = 4096
# Blocco "disks" corretto (plurale)
disks {
scsi {
scsi0 {
disk {
storage = "MD-3"
size = 40
}
}
}
}
network {
model = "virtio"
bridge = "vmbr0"
}
# Argomenti "flat" per la configurazione iniziale
ipconfig0 = "ip=${each.value.ip}/24,gw=${local.gateway_ip}"
nameserver = local.dns_server
sshkeys = local.ssh_public_key
# Provisioner per eseguire lo script di setup
provisioner "remote-exec" {
connection {
type = "ssh"
user = local.ssh_user
private_key = local.ssh_private_key
host = self.default_ipv4_address
}
inline = split("\n", templatefile("cloud-init-script.yaml", {
k8s_version = local.k8s_version
is_control_plane = true
}))
}
}
# --- Nodi Worker ---
resource "proxmox_vm_qemu" "k8s_workers" {
for_each = local.workers
vmid = each.value.vmid
name = each.key
target_node = local.proxmox_node
clone = local.template_name
os_type = "cloud-init"
agent = 1
cores = 2
sockets = 1
memory = 2048
# Blocco "disks" corretto (plurale)
disks {
scsi {
scsi0 {
disk {
storage = "MD-3"
size = 25
}
}
}
}
network {
model = "virtio"
bridge = "vmbr0"
}
# Argomenti "flat" per la configurazione iniziale
ipconfig0 = "ip=${each.value.ip}/24,gw=${local.gateway_ip}"
nameserver = local.dns_server
sshkeys = local.ssh_public_key
# Provisioner per eseguire lo script di setup
provisioner "remote-exec" {
connection {
type = "ssh"
user = local.ssh_user
private_key = local.ssh_private_key
host = self.default_ipv4_address
}
inline = split("\n", templatefile("cloud-init-script.yaml", {
k8s_version = local.k8s_version
is_control_plane = false
}))
}
depends_on = [proxmox_vm_qemu.k8s_control_planes]
}