generated from IBM/repo-template
-
Notifications
You must be signed in to change notification settings - Fork 6
/
main.tf
213 lines (194 loc) · 8.58 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
################################################################
# Copyright 2023 - IBM Corporation. All rights reserved
# SPDX-License-Identifier: Apache-2.0
################################################################
provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = var.vpc_region
zone = var.vpc_zone
alias = "vpc"
}
provider "ibm" {
ibmcloud_api_key = var.ibmcloud_api_key
region = module.checks.powervs_region
zone = module.checks.powervs_zone
alias = "powervs"
}
# Create a random_id label
resource "random_id" "label" {
count = 1
byte_length = "2" # Since we use the hex, the word lenght would double
}
locals {
cluster_id = var.cluster_id == "" ? random_id.label[0].hex : (var.cluster_id_prefix == "" ? var.cluster_id : "${var.cluster_id_prefix}-${var.cluster_id}")
# Generates vm_id as combination of vm_id_prefix + (random_id or user-defined vm_id)
name_prefix = var.name_prefix == "" ? "mac-${random_id.label[0].hex}" : "${var.name_prefix}"
node_prefix = var.use_zone_info_for_names ? "${var.powervs_zone}-" : ""
}
### Checks VPC compatibility
module "checks" {
providers = {
ibm = ibm.vpc
}
source = "./modules/0_checks"
ibmcloud_api_key = var.ibmcloud_api_key
vpc_name = var.vpc_name
vpc_region = var.vpc_region
vpc_zone = var.vpc_zone
powervs_region = var.powervs_region
powervs_zone = var.powervs_zone
override_region_check = var.override_region_check
}
### Prepares the VPC Support Machine
module "vpc_support" {
providers = {
ibm = ibm.vpc
}
depends_on = [module.checks]
source = "./modules/1_vpc_support"
vpc_name = var.vpc_name
vpc_region = var.vpc_region
vpc_zone = var.vpc_zone
public_key = var.public_key
public_key_file = var.public_key_file
skip_vpc_key = var.skip_vpc_key
openshift_api_url = var.openshift_api_url
powervs_machine_cidr = var.powervs_machine_cidr
vpc_supp_public_ip = var.vpc_supp_public_ip
setup_transit_gateway = var.setup_transit_gateway
transit_gateway_name = var.transit_gateway_name
mac_tags = var.mac_tags
}
### Prepares the PowerVS workspace for Day-2 Workers
module "pvs_prepare" {
providers = {
ibm = ibm.powervs
}
depends_on = [module.vpc_support]
source = "./modules/2_pvs_prepare"
ansible_repo_name = var.ansible_repo_name
bastion = var.bastion
bastion_health_status = var.bastion_health_status
cluster_domain = var.cluster_domain
cluster_id = local.cluster_id
connection_timeout = var.connection_timeout
enable_snat = var.enable_snat
powervs_machine_cidr = var.powervs_machine_cidr
name_prefix = local.name_prefix
powervs_region = module.checks.powervs_region
powervs_zone = module.checks.powervs_zone
powervs_service_instance_id = var.powervs_service_instance_id
private_key_file = var.private_key_file
public_key_file = var.public_key_file
private_network_mtu = var.private_network_mtu
processor_type = var.processor_type
powervs_dns_forwarders = var.powervs_dns_forwarders == "" ? [] : [for dns in split(";", var.powervs_dns_forwarders) : trimspace(dns)]
public_key = var.public_key
rhcos_image_name = var.rhcos_image_name
rhcos_import_image = var.rhcos_import_image
rhcos_import_image_filename = var.rhcos_import_image_filename
rhcos_import_image_region_override = var.rhcos_import_image_region_override
rhcos_import_image_storage_type = var.rhcos_import_image_storage_type
rhel_image_name = var.rhel_image_name
rhel_subscription_org = var.rhel_subscription_org
rhel_subscription_password = var.rhel_subscription_password
rhel_subscription_username = var.rhel_subscription_username
rhel_username = var.rhel_username
rhel_subscription_activationkey = var.rhel_subscription_activationkey
rhel_smt = var.rhel_smt
ssh_agent = var.ssh_agent
system_type = var.system_type
vpc_support_server_ip = module.vpc_support.vpc_support_server_ip
override_network_name = var.override_network_name
}
module "transit_gateway" {
providers = {
ibm = ibm.vpc
}
depends_on = [module.pvs_prepare]
source = "./modules/3_transit_gateway"
cluster_id = local.cluster_id
vpc_name = var.vpc_name
vpc_crn = module.vpc_support.vpc_crn
setup_transit_gateway = var.setup_transit_gateway
transit_gateway_id = module.vpc_support.transit_gateway_id
transit_gateway_name = var.transit_gateway_name
powervs_crn = module.pvs_prepare.powervs_crn
}
module "support" {
providers = {
ibm = ibm.powervs
}
depends_on = [module.transit_gateway]
source = "./modules/4_pvs_support"
private_key_file = var.private_key_file
ssh_agent = var.ssh_agent
connection_timeout = var.connection_timeout
rhel_username = var.rhel_username
bastion_public_ip = module.pvs_prepare.bastion_public_ip[0]
openshift_client_tarball = var.openshift_client_tarball
vpc_support_server_ip = module.vpc_support.vpc_support_server_ip
openshift_api_url = var.openshift_api_url
openshift_user = var.openshift_user
openshift_pass = var.openshift_pass
kubeconfig_file = var.kubeconfig_file
cidrs = module.transit_gateway.mac_vpc_subnets
powervs_machine_cidr = var.powervs_machine_cidr
keep_dns = var.keep_dns
worker = var.worker
nfs_server = module.vpc_support.vpc_support_server_ip
nfs_path = var.nfs_path
cluster_network_mtu = var.cluster_network_mtu
cicd = var.cicd
cicd_disable_defrag = var.cicd_disable_defrag
}
module "worker" {
providers = {
ibm = ibm.powervs
}
depends_on = [module.support]
source = "./modules/5_worker"
key_name = module.pvs_prepare.pvs_pubkey_name
name_prefix = local.name_prefix
powervs_service_instance_id = var.powervs_service_instance_id
powervs_dhcp_network_id = module.pvs_prepare.powervs_dhcp_network_id
powervs_dhcp_network_name = module.pvs_prepare.powervs_dhcp_network_name
powervs_bastion_name = module.pvs_prepare.powervs_bastion_name
processor_type = var.processor_type
rhcos_image_id = module.pvs_prepare.rhcos_image_id
system_type = var.system_type
worker = var.worker
ignition_mac = module.pvs_prepare.bastion_private_mac
ignition_ip = module.worker.bastion_private_ip
powervs_dhcp_service = module.pvs_prepare.powervs_dhcp_service
# Eventually, this should be a bit more dynamic and include MachineConfigPool
private_key_file = var.private_key_file
ssh_agent = var.ssh_agent
bastion_public_ip = module.pvs_prepare.bastion_public_ip[0]
powervs_machine_cidr = var.powervs_machine_cidr
cicd = var.cicd
}
module "post" {
depends_on = [module.worker]
source = "./modules/6_post"
ssh_agent = var.ssh_agent
bastion_public_ip = module.pvs_prepare.bastion_public_ip
private_key_file = var.private_key_file
powervs_region = module.checks.powervs_region
powervs_zone = module.checks.powervs_zone
system_type = var.system_type
nfs_server = module.vpc_support.vpc_support_server_ip
nfs_path = var.nfs_path
remove_nfs_deployment = var.remove_nfs_deployment
name_prefix = local.name_prefix
worker = var.worker
cicd = var.cicd
openshift_api_url = var.openshift_api_url
openshift_user = var.openshift_user
openshift_pass = var.openshift_pass
ibmcloud_api_key = var.ibmcloud_api_key
vpc_rg = module.vpc_support.vpc_resource_group
vpc_name = var.vpc_name
vpc_region = var.vpc_region
cicd_etcd_secondary_disk = var.cicd_etcd_secondary_disk
}