Terraform Code to build a local LibVirt Qemu/KVM lab

ebal · ebal · commit d63f66f67f96 · 2022-08-30T21:23:42.000+03:00
diff --git a/tf_libvirt/Cloudinit.tf b/tf_libvirt/Cloudinit.tf
@@ -0,0 +1,36 @@
+resource "random_id" "id" {
+  for_each = local.VMs
+
+  byte_length = 4
+}
+
+data "template_file" "user_data" {
+  for_each = local.VMs
+
+  template = file("templates/user-data.yml")
+  vars = {
+    hostname = each.value.hostname
+    sshdport = each.value.ssh_port
+    timezone = each.value.timezone
+    gh_user  = each.value.gh_user
+  }
+}
+
+data "template_file" "network_config" {
+  template = file("templates/netplan.yml")
+}
+
+resource "libvirt_cloudinit_disk" "cloud-init" {
+  for_each = local.VMs
+
+  name      = "${random_id.id[each.key].id}_cloud-init.iso"
+  user_data = data.template_file.user_data[each.key].rendered
+
+  depends_on = [data.template_file.user_data]
+}
+
+resource "time_sleep" "wait_for_cloud_init" {
+  create_duration = "20s"
+
+  depends_on = [libvirt_cloudinit_disk.cloud-init]
+}
diff --git a/tf_libvirt/Domain.tf b/tf_libvirt/Domain.tf
@@ -0,0 +1,33 @@
+resource "libvirt_domain" "domain-ubuntu" {
+  for_each = local.VMs
+
+  name = each.value.hostname
+
+  memory = each.value.vmem
+  vcpu   = each.value.vcpu
+
+  cloudinit = libvirt_cloudinit_disk.cloud-init[each.key].id
+
+  network_interface {
+    network_name   = "default"
+    wait_for_lease = true
+  }
+
+  console {
+    target_type = "serial"
+    type        = "pty"
+    target_port = "0"
+  }
+  console {
+    target_type = "virtio"
+    type        = "pty"
+    target_port = "1"
+  }
+
+  disk {
+    volume_id = libvirt_volume.ubuntu-base[each.key].id
+  }
+
+  depends_on = [libvirt_cloudinit_disk.cloud-init]
+}
+
diff --git a/tf_libvirt/Output.tf b/tf_libvirt/Output.tf
@@ -0,0 +1,6 @@
+output "VMs" {
+  value = [ for vms in libvirt_domain.domain-ubuntu : format("%s  %s", vms.network_interface.0.addresses[0], vms.name) ]
+
+  depends_on = [libvirt_domain.domain-ubuntu]
+}
+
diff --git a/tf_libvirt/Provider.tf b/tf_libvirt/Provider.tf
@@ -0,0 +1,27 @@
+terraform {
+  required_version = ">= 1.2"
+
+  required_providers {
+    libvirt = {
+      source  = "dmacvicar/libvirt"
+      version = "0.6.14"
+    }
+
+    template = {
+      source  = "hashicorp/template"
+    }
+
+    random = {
+      source = "hashicorp/random"
+    }
+
+    time = {
+      source = "hashicorp/time"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu:///system"
+}
+
diff --git a/tf_libvirt/README.md b/tf_libvirt/README.md
@@ -0,0 +1,74 @@
+# Deploy ubuntu 22.04 LTS to libvirt/qemu via terraform
+
+Terraform repo to deploy a kubernetes cluster for educational purposes.
+
+It spawns three (3) Qemu/KVM Virtual Machines, based on ubuntu 22.04 LTS to libvirt.
+
+## Variables
+
+You need to edit **Variables.tf**
+
+- timezone
+- ssh port
+- hostname
+- vcpu
+- vmem
+- vol_size
+
+and especially the Variable
+
+- github user
+
+so you can have ssh access to these VMs.
+
+## init
+
+```bash
+terraform init
+
+```
+
+## start
+
+```bash
+./start.sh
+
+...
+
+Apply complete! Resources: 16 added, 0 changed, 0 destroyed.
+
+Outputs:
+
+VMs = [
+  "192.168.122.169  k8scpnode",
+  "192.168.122.40   k8wrknode1",
+  "192.168.122.8    k8wrknode2",
+]
+
+
+$ ssh -l ubuntu 192.168.122.169 hostname
+k8scpnode
+
+$ ssh 192.168.122.169 -l ubuntu 'grep ^VERSION= /etc/os-release'
+VERSION="22.04.1 LTS (Jammy Jellyfish)"
+
+```
+
+## destroy
+
+```bash
+./destroy.sh
+
+```
+
+## root password
+
+if needed
+
+```bash
+$ sudo virsh console k8scpnode
+
+userame:  root
+password: ping
+
+````
diff --git a/tf_libvirt/Variables.tf b/tf_libvirt/Variables.tf
@@ -0,0 +1,95 @@
+locals {
+    # Virtual Machines
+    VMs = {
+        k8scpnode = {
+            # The host name of the VM
+            hostname = "k8scpnode"
+
+            # The image source of the VM
+            # cloud_image = "https://cloud-images.ubuntu.com/jammy/current/focal-server-cloudimg-amd64.img"
+            cloud_image = "../jammy-server-cloudimg-amd64.img"
+
+            # TimeZone of the VM: /usr/share/zoneinfo/
+            timezone    = "Europe/Athens"
+
+            # The sshd port of the VM"
+            ssh_port    = 22
+
+            # The default ssh key for user ubuntu
+            # https://github.com/<username>.keys
+            gh_user = "ebal"
+
+            # The disk volume size of the VM
+            # eg. 20G
+            vol_size = 20 * 1024 * 1024 * 1024
+
+            # How many virtual CPUs the VM
+            vcpu = 2
+
+            # How RAM will VM have will have
+            vmem = 2048
+
+        },
+
+        k8wrknode1 = {
+            # The host name of the VM
+            hostname = "k8wrknode1"
+
+            # The image source of the VM
+            # cloud_image = "https://cloud-images.ubuntu.com/jammy/current/focal-server-cloudimg-amd64.img"
+            cloud_image = "../jammy-server-cloudimg-amd64.img"
+
+            # TimeZone of the VM: /usr/share/zoneinfo/
+            timezone    = "Europe/Athens"
+
+            # The sshd port of the VM"
+            ssh_port    = 22
+
+            # The default ssh key for user ubuntu
+            # https://github.com/<username>.keys
+            gh_user = "ebal"
+
+            # The disk volume size of the VM
+            # eg. 40G
+            vol_size = 40 * 1024 * 1024 * 1024
+
+            # How many virtual CPUs the VM
+            vcpu = 4
+
+            # How RAM will VM have will have
+            vmem = 4096
+
+        },
+
+        k8wrknode2 = {
+            # The host name of the VM
+            hostname = "k8wrknode2"
+
+            # The image source of the VM
+            # cloud_image = "https://cloud-images.ubuntu.com/jammy/current/focal-server-cloudimg-amd64.img"
+            cloud_image = "../jammy-server-cloudimg-amd64.img"
+
+            # TimeZone of the VM: /usr/share/zoneinfo/
+            timezone    = "Europe/Athens"
+
+            # The sshd port of the VM"
+            ssh_port    = 22
+
+            # The default ssh key for user ubuntu
+            # https://github.com/<username>.keys
+            gh_user = "ebal"
+
+            # The disk volume size of the VM
+            # eg. 40G
+            vol_size = 40 * 1024 * 1024 * 1024
+
+            # How many virtual CPUs the VM
+            vcpu = 4
+
+            # How RAM will VM have will have
+            vmem = 4096
+
+        }
+
+    }
+}
diff --git a/tf_libvirt/Volume.tf b/tf_libvirt/Volume.tf
@@ -0,0 +1,18 @@
+resource "libvirt_volume" "ubuntu-vol" {
+  for_each = local.VMs
+
+  name = "${random_id.id[each.key].id}_ubuntu-vol"
+  pool = "default"
+  source = each.value.cloud_image
+  format = "qcow2"
+}
+
+resource "libvirt_volume" "ubuntu-base" {
+  for_each = local.VMs
+
+  name           = "${random_id.id[each.key].id}_ubuntu-base"
+  pool           = "default"
+  base_volume_id = libvirt_volume.ubuntu-vol[each.key].id
+  size           = each.value.vol_size
+  format         = "qcow2"
+}
diff --git a/tf_libvirt/destroy.sh b/tf_libvirt/destroy.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+terraform destroy -auto-approve
diff --git a/tf_libvirt/start.sh b/tf_libvirt/start.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+terraform plan -out terraform.out && terraform apply terraform.out
diff --git a/tf_libvirt/templates/netplan.yml b/tf_libvirt/templates/netplan.yml
@@ -0,0 +1,4 @@
+version: 2
+ethernets:
+  ens3:
+    dhcp4: true
diff --git a/tf_libvirt/templates/user-data.yml b/tf_libvirt/templates/user-data.yml
@@ -0,0 +1,74 @@
+#cloud-config
+
+#disable_root: true
+disable_root: false
+chpasswd:
+  list: |
+    root:ping
+  expire: False
+
+ssh_pwauth: no
+
+users:
+  - name: ubuntu
+    ssh_import_id:
+      - gh:${gh_user}
+    shell: /bin/bash
+    sudo: ALL=(ALL) NOPASSWD:ALL
+
+write_files:
+  - path: /etc/ssh/sshd_config
+    content: |
+      AcceptEnv LANG LC_*
+      AllowUsers ubuntu
+      ChallengeResponseAuthentication no
+      Compression NO
+      MaxSessions 3
+      PasswordAuthentication no
+      PermitRootLogin no
+      Port ${sshdport}
+      PrintMotd no
+      Subsystem sftp  /usr/lib/openssh/sftp-server
+      UseDNS no
+      UsePAM yes
+      X11Forwarding no
+      Ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
+      KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
+      MACs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512
+      HostKeyAlgorithms ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
+
+# Set TimeZone
+timezone: ${timezone}
+
+hostname: "${hostname}"
+
+growpart:
+  mode: auto
+  devices: ["/"]
+  ignore_growroot_disabled: false
+
+# Install packages
+packages:
+  - bash-completion
+  - figlet
+  - mlocate
+  - ncdu
+  - python3-apt
+
+# Update/Upgrade & Reboot if necessary
+package_update: true
+package_upgrade: true
+package_reboot_if_required: true
+
+# PostInstall
+runcmd:
+  - figlet ${hostname} > /etc/motd
+  - updatedb
+  # Firewall
+  - ufw allow "${sshdport}"/tcp && ufw enable
+  # Remove cloud-init
+  - apt-get -y autoremove --purge cloud-init lxc lxd snapd
+  - apt-get -y --purge autoremove
+  - apt -y autoclean
+  - apt -y clean all
+  - date -R > /root/Finished.txt

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+#!/bin/bash`
	`2`	`+terraform destroy -auto-approve`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+#!/bin/bash`
	`2`	`+terraform plan -out terraform.out && terraform apply terraform.out`