diff --git a/.gitignore b/.gitignore index 5dfe310..278cec6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ .terraform* terraform.tfstate* +kubeconfig-clusterdev.yaml \ No newline at end of file diff --git a/example/main.tf b/example/main.tf new file mode 100644 index 0000000..6d42b65 --- /dev/null +++ b/example/main.tf @@ -0,0 +1,36 @@ +resource "stackit_network_area" "project_sna" { + organization_id = var.organization_id + name = var.SNA_name + network_ranges = var.SNA_network_ranges + transfer_network = var.SNA_transfer_network +} + +module "projects" { + source = "../project" + + projects = var.Projects_map + organization_id = var.organization_id + sna_id = stackit_network_area.project_sna.network_area_id +} + +locals { + project_ids = { for k, v in module.projects.created_projects : k => v.project_id } +} + +module "stackit_ske_cluster" { + for_each = var.ske_clusters + source = "../ske" + project_id = local.project_ids[each.value.project_key] + name = each.value.name + node_pools = each.value.node_pools + network = { + id = each.value.network_id + } + + kubernetes_version_min = lookup(each.value, "kubernetes_version_min", null) + hibernations = lookup(each.value, "hibernations", null) + maintenance = lookup(each.value, "maintenance", null) + extensions = lookup(each.value, "extensions", null) + default_region = var.default_region +} + diff --git a/example/providers.tf b/example/providers.tf new file mode 100644 index 0000000..ba2ffb3 --- /dev/null +++ b/example/providers.tf @@ -0,0 +1,16 @@ +terraform { + required_version = ">= 1.9.0" + required_providers { + stackit = { + source = "stackitcloud/stackit" + version = "0.56.0" + } + } +} + +provider "stackit" { + default_region = var.default_region + service_account_key_path = var.service_account_key_path + enable_beta_resources = true +} + diff --git a/example/test.tfvars b/example/test.tfvars new file mode 100644 index 0000000..b0d5467 --- /dev/null +++ b/example/test.tfvars @@ -0,0 +1,89 @@ +organization_id = "03a34540-3c1a-4794-b2c6-7111ecf824ef" + +Projects_map = { + "projekt-alpha" = { + name = "tf_modules_test_3" + owner_email = "janis.hahn@stackit.cloud" + }, + "projekt-beta" = { + name = "tf_modules_test_4" + owner_email = "janis.hahn@stackit.cloud" + } +} + +SNA_name = "sna-tf_modules_test" + +SNA_network_ranges = [ + { prefix = "192.168.10.0/24" } +] + +SNA_transfer_network = "172.16.0.0/24" + +ske_clusters = { + + "prod-cluster" = { + name = "clusterprod" + project_key = "projekt-alpha" + network_id = "53917a75-0014-49b0-a4d6-e62934ab479f" # WICHTIG: Hier die Netzwerk-ID connecten + kubernetes_version_min = "1.32.5" + + node_pools = [ + { + name = "defaulpool" + machine_type = "c1.2" + availability_zones = ["eu01-1"] + minimum = 1 + maximum = 2 + cri = "containerd" + volume_type = "storage_premium_perf1" + volume_size = 21 + labels = { "worker" = "default" } + taints = [{ + effect = "NoSchedule" + key = "app" + value = "database" + }] + } + ] + + hibernations = [ + { + start = "00 18 * * 1-5" # Mo-Fr um 18:00 Uhr + end = "00 08 * * 1-5" # Mo-Fr um 08:00 Uhr + timezone = "Europe/Berlin" + } + ] + + maintenance = { + enable_kubernetes_version_updates = true + enable_machine_image_version_updates = true + start = "01:00:00Z" + end = "03:00:00Z" + } + + extensions = { + acl = { + enabled = true + allowed_cidrs = ["0.0.0.0/0"] + } + } + }, + + "dev-cluster" = { + name = "clusterdev" + kubernetes_version_min = "1.32.5" + project_key = "projekt-beta" + network_id = "bedfc709-9285-4078-93ab-8e8a1c0be6bd" # WICHTIG: Hier die Netzwerk-ID connecten + + node_pools = [ + { + name = "devpool" + machine_type = "c1.2" + availability_zones = ["eu01-2"] + minimum = 1 + maximum = 2 + volume_size = 21 + } + ] + } +} diff --git a/example/variables.tf b/example/variables.tf new file mode 100644 index 0000000..3665f68 --- /dev/null +++ b/example/variables.tf @@ -0,0 +1,100 @@ +# SNA & Projects variables + +variable "organization_id" { + description = "Die Container-ID deiner STACKIT Organisation." + type = string +} + +variable "service_account_key_path" { + type = string + default = "/home/hahnjan/.stackit/sa.json" +} + +variable "default_region" { + type = string + default = "eu01" +} + +variable "SNA_name" { + description = "Name der zu erstellenden Service Network Area." + type = string +} + +variable "SNA_network_ranges" { + description = "Liste der Netzwerk-CIDRs für die SNA." + type = list(object({ prefix = string })) +} + +variable "SNA_transfer_network" { + description = "Das Transfer-Netzwerk für die SNA (z.B. 172.16.9.0/24)." + type = string +} + +variable "Projects_map" { + description = "Eine Map von Projekten, die erstellt werden sollen." + type = map(object({ + name = string + owner_email = string + })) +} + + +# SKE variables + +variable "ske_clusters" { + description = "Eine Map von SKE-Clustern" + type = map(object({ + + name = string + project_key = string + network_id = string + + kubernetes_version_min = optional(string) + hibernations = optional(list(object({ + start = string + end = string + timezone = optional(string) + }))) + maintenance = optional(object({ + enable_kubernetes_version_updates = bool + enable_machine_image_version_updates = bool + start = string + end = string + })) + extensions = optional(object({ + acl = optional(object({ + enabled = bool + allowed_cidrs = list(string) + })) + argus = optional(object({ + enabled = bool + argus_instance_id = string + })) + })) + + node_pools = list(object({ + + name = string + machine_type = string + availability_zones = list(string) + minimum = number + maximum = number + + allow_system_components = optional(bool) + cri = optional(string) + labels = optional(map(string)) + max_surge = optional(number) + max_unavailable = optional(number) + os_name = optional(string) + os_version_min = optional(string) + volume_size = optional(number) + volume_type = optional(string) + taints = optional(list(object({ + effect = string + key = string + value = optional(string) + }))) + })) + })) + default = {} +} diff --git a/main.tf b/main.tf index c702464..ecb00bb 100644 --- a/main.tf +++ b/main.tf @@ -10,7 +10,7 @@ terraform { } provider "stackit" { - default_region = var.default_region + default_region = var.default_region service_account_key_path = var.service_account_key_path private_key_path = var.private_key_path enable_beta_resources = true @@ -21,10 +21,12 @@ module "project" { source = "./project" # -- variables for project module - organization_id = var.organization_id - sna_net = var.sna_net + organization_id = var.organization_id + sna_net = var.sna_net } + + diff --git a/project/main.tf b/project/main.tf index 58176f0..b975d4d 100644 --- a/project/main.tf +++ b/project/main.tf @@ -1,34 +1,11 @@ -variable "projects" { - type = map(object({ - name = string - owner_email = string - })) - default = { - project1 = { - name = "project-alpha" - owner_email = "michael.sodan@stackit.cloud" - } - project2 = { - name = "project-beta" - owner_email = "michael.sodan@stackit.cloud" - } - } -} +resource "stackit_resourcemanager_project" "project" { + for_each = var.projects -resource "stackit_resourcemanager_project" "projects" { - for_each = var.projects - parent_container_id = var.organization_id # Nutzt jetzt die übergebene Variable + parent_container_id = var.organization_id name = each.value.name owner_email = each.value.owner_email - # labels = { ... } # Vorerst entfernt, da stackit_network_area nicht definiert war -} -output "project_info" { - value = { - for k, project in stackit_resourcemanager_project.projects : k => { - project_id = project.project_id - container_id = project.container_id - } + labels = { + "networkArea" = var.sna_id } } - diff --git a/project/outputs.tf b/project/outputs.tf new file mode 100644 index 0000000..6aac267 --- /dev/null +++ b/project/outputs.tf @@ -0,0 +1,4 @@ +output "created_projects" { + description = "Eine Map aller erstellten STACKIT Projekte." + value = stackit_resourcemanager_project.project +} \ No newline at end of file diff --git a/project/sna.tf b/project/sna.tf deleted file mode 100644 index 711c80d..0000000 --- a/project/sna.tf +++ /dev/null @@ -1,27 +0,0 @@ -/* resource "time_sleep" "wait_before_destroy" { - destroy_duration = "60s" -} -*/ - -resource "stackit_network_area" "sna" { - organization_id = var.organization_id - name = "bego_sna" - network_ranges = [ - { - prefix = "10.220.0.0/16" - } - ] - transfer_network = "var.sna_net" - //depends_on = [time_sleep.wait_before_destroy] -} - -/* resource "stackit_network_area_route" "sna_route1" { - organization_id = var.organization_id - network_area_id = stackit_network_area.sna.network_area_id - prefix = "10.220.99.0/24" - next_hop = "10.220.0.0" - labels = { - "key" = "value" - } -} -*/ diff --git a/project/variables.tf b/project/variables.tf index 6a8400f..d2419f8 100644 --- a/project/variables.tf +++ b/project/variables.tf @@ -3,8 +3,15 @@ variable "organization_id" { type = string } -variable "sna_net" { - description = "SNA Transfer Network" +variable "projects" { + type = map(object({ + name = string + owner_email = string + })) +} + +variable "sna_id" { + description = "Empfängt die ID der Network Area vom Root-Modul." type = string } diff --git a/ske/main.tf b/ske/main.tf index 90124a0..1cda6b9 100644 --- a/ske/main.tf +++ b/ske/main.tf @@ -1,8 +1,13 @@ resource "stackit_ske_cluster" "this" { - project_id = var.project_id - name = var.name - kubernetes_version_min = var.kubernetes_version_min - node_pools = var.node_pools + project_id = var.project_id + name = var.name + node_pools = var.node_pools + kubernetes_version_min = var.kubernetes_version_min + hibernations = var.hibernations + maintenance = var.maintenance + extensions = var.extensions + network = var.network + region = var.default_region } resource "stackit_ske_kubeconfig" "admin" { diff --git a/ske/variables.tf b/ske/variables.tf index 53533c0..ccae10c 100644 --- a/ske/variables.tf +++ b/ske/variables.tf @@ -1,22 +1,94 @@ variable "project_id" { - type = string + description = "STACKIT project ID to which the cluster is associated." + type = string } variable "name" { - type = string -} - -variable "kubernetes_version_min" { - type = string + description = "The cluster name." + type = string } variable "node_pools" { + description = "One or more node_pool blocks." type = list(object({ - name = string - machine_type = string - availability_zones = list(string) - volume_size = number - minimum = number - maximum = number + name = string + machine_type = string + availability_zones = list(string) + minimum = number + maximum = number + allow_system_components = optional(bool) + cri = optional(string) + labels = optional(map(string)) + max_surge = optional(number) + max_unavailable = optional(number) + os_name = optional(string) + os_version_min = optional(string) + taints = optional(list(object({ + effect = string + key = string + value = optional(string) + }))) + volume_size = optional(number) + volume_type = optional(string) })) } + +# Optionale Variablen +variable "kubernetes_version_min" { + description = "The minimum Kubernetes version." + type = string + default = null +} + +variable "hibernations" { + description = "A list of hibernation schedules for the cluster." + type = list(object({ + start = string + end = string + timezone = optional(string) + })) + default = null +} + +variable "maintenance" { + description = "A single maintenance block." + type = object({ + enable_kubernetes_version_updates = bool + enable_machine_image_version_updates = bool + start = string + end = string + }) + default = null +} +variable "extensions" { + description = "A single extensions block." + type = object({ + acl = optional(object({ + enabled = bool + allowed_cidrs = list(string) + })) + argus = optional(object({ + enabled = bool + argus_instance_id = string + })) + dns = optional(object({ + enabled = bool + zones = optional(list(string)) + })) + }) + default = null +} + +variable "network" { + description = "Network block." + type = object({ + id = string + }) + default = null +} + +variable "default_region" { + description = "The resource region." + type = string + default = null +} \ No newline at end of file