├── README.md
├── hosts.ini
├── kubernetes
    ├── install.sh
    ├── k8s_containrd_pkg.yml
    ├── k8s_master_init.yml
    └── k8s_workers.yml
├── main.tf
├── nginx
    ├── install.sh
    ├── nginx-deployment.yaml
    └── nginx-service.yaml
├── output.tf
├── provider.tf
├── variables.tf
├── variables.tfvars.sample
└── wordpress
    ├── install.sh
    ├── mysql-deployment.yaml
    ├── services.yaml
    └── wordpress-deployment.yaml


/README.md:
--------------------------------------------------------------------------------
 1 | # Terraform dengan Kubernetes
 2 | 
 3 | Proyek ini menggunakan Terraform untuk mengelola infrastruktur di platform Proxmox, di mana kami menginstal Kubernetes dan menyebarkan aplikasi WordPress di dalamnya. Proyek ini bertujuan untuk memberikan solusi yang mudah dan otomatis untuk mengatur lingkungan pengembangan dan produksi.
 4 | 
 5 | ## Fitur
 6 | 
 7 | - Mengelola infrastruktur menggunakan Terraform.
 8 | - Menginstal dan mengonfigurasi Kubernetes secara otomatis.
 9 | - Menyebarkan aplikasi WordPress di dalam kluster Kubernetes.
10 | - Menggunakan Proxmox sebagai platform virtualisasi.
11 | 
12 | ## Version
13 | 
14 | - **Proxmox VE**: Versi 8.2
15 | - **Kubernetes**: Versi terbaru (latest)
16 | - **WordPress**: Versi terbaru (latest)
17 | - **MySQL**: Versi 8.0
18 | - **Plugin Proxmox Telmate/Proxmox**: Versi 3.0.1-rc3
19 | - **Terraform**: Versi terbaru
20 | - **kubectl**: Versi terbaru (untuk mengelola kluster Kubernetes)
21 | 
22 | ## Prasyarat
23 | 
24 | Sebelum memulai, pastikan Anda telah memenuhi syarat berikut:
25 | 
26 | - mempunyai username: user, dan akses root
27 | - sudah mempunyai template cloud init
28 | - membuat user api proxmox
29 | - mengganti hosts.ini dengan ip yang akan digunakan
30 | - sesuaikan wordpress/mysql-deployment.yaml, wordpress/wordpress-deployment.yaml
31 | - sesuaikan variables.tfvars setelah anda mengcopy dari sample
32 | 
33 | ## Instalasi
34 | 1. git clone https://github.com/ForensicID/terraform-kubernetes.git
35 | 2. cd terraform-kubernetes
36 | 3. cp -R variables.tfvars.sample variables.tfvars
37 | 4. terraform init
38 | 5. terraform plan -var-file=variables.tfvars
39 | 6. terraform apply -var-file=variables.tfvars
40 | 
41 | ### Jika ada pertanyaan silahkan
42 | 


--------------------------------------------------------------------------------
/hosts.ini:
--------------------------------------------------------------------------------
 1 | [all]
 2 | master ansible_host=192.168.1.x
 3 | worker1 ansible_host=192.168.1.x
 4 | worker2 ansible_host=192.168.1.x
 5 | 
 6 | [masters]
 7 | master
 8 | 
 9 | [workers]
10 | worker1
11 | worker2
12 | 
13 | [all:vars]
14 | ansible_ssh_common_args='-o StrictHostKeyChecking=no'
15 | 


--------------------------------------------------------------------------------
/kubernetes/install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | sleep 320s
 4 | 
 5 | # Variabel
 6 | HOST="hosts.ini"
 7 | 
 8 | # File known_hosts
 9 | KNOWN_HOSTS_FILE="/root/.ssh/known_hosts"
10 | 
11 | # Ambil daftar host dari file inventori
12 | HOSTS=$(grep ansible_host "$INVENTORY_FILE" | awk -F'=' '{print $2}' | awk '{print $1}')
13 | 
14 | # Tambahkan kunci SSH ke file known_hosts
15 | for HOST in $HOSTS; do
16 |     echo "Adding $HOST to known_hosts"
17 |     ssh-keyscan -H "$HOST" >> "$KNOWN_HOSTS_FILE"
18 | done
19 | 
20 | # Execute Ansible playbook to install and configure containerd package on hosts
21 | ansible-playbook -i hosts.ini kubernetes/k8s_containrd_pkg.yml
22 | echo "Containerd package configuration applied."
23 | sleep 300s
24 | 
25 | # Execute Ansible playbook to initialize the Kubernetes master node
26 | ansible-playbook -i hosts.ini kubernetes/k8s_master_init.yml
27 | echo "Kubernetes master node initialized."
28 | sleep 100s
29 | 
30 | # Execute Ansible playbook to configure worker nodes
31 | ansible-playbook -i hosts.ini kubernetes/k8s_workers.yml
32 | echo "Kubernetes worker nodes configured."
33 | sleep 200s


--------------------------------------------------------------------------------
/kubernetes/k8s_containrd_pkg.yml:
--------------------------------------------------------------------------------
  1 | - hosts: all
  2 |   remote_user: user
  3 |   become: yes
  4 | 
  5 |   tasks:
  6 |     - name: Update and upgrade apt packages
  7 |       apt:
  8 |         update_cache: yes
  9 |         upgrade: dist
 10 | 
 11 |     - name: Make the Swap inactive
 12 |       command: swapoff -a
 13 | 
 14 |     - name: Remove Swap entry from /etc/fstab.
 15 |       lineinfile:
 16 |         dest: /etc/fstab
 17 |         regexp: swap
 18 |         state: absent
 19 | 
 20 |     - name: Create a empty file for containerd module.
 21 |       copy:
 22 |         content: ""
 23 |         dest: /etc/modules-load.d/containerd.conf
 24 |         force: no
 25 | 
 26 |     - name: Buat file konfigurasi untuk containerd
 27 |       ansible.builtin.copy:
 28 |         dest: /etc/modules-load.d/containerd.conf
 29 |         content: |
 30 |           overlay
 31 |           br_netfilters
 32 |         owner: root
 33 |         group: root
 34 |         mode: '0644'
 35 | 
 36 |     - name: Muat modul overlay
 37 |       ansible.builtin.command:
 38 |         cmd: modprobe overlay
 39 | 
 40 |     - name: Muat modul br_netfilter
 41 |       ansible.builtin.command:
 42 |         cmd: modprobe br_netfilter
 43 | 
 44 |     - name: Buat file konfigurasi sysctl untuk Kubernetes
 45 |       ansible.builtin.copy:
 46 |         dest: /etc/sysctl.d/kubernetes.conf
 47 |         content: |
 48 |           net.bridge.bridge-nf-call-iptables=1
 49 |           net.bridge.bridge-nf-call-ip6tables = 1
 50 |           net.bridge.bridge-nf-call-iptables = 1
 51 |           net.ipv4.ip_forward = 1
 52 |         owner: root
 53 |         group: root
 54 |         mode: '0644'
 55 | 
 56 |     - name: Terapkan perubahan sysctl
 57 |       ansible.builtin.command:
 58 |         cmd: sysctl --system
 59 | 
 60 |     - name: Apply sysctl changes
 61 |       command: sysctl -p
 62 | 
 63 |     - name: Installing Prerequisites for Kubernetes
 64 |       apt:
 65 |         name:
 66 |           - apt-transport-https
 67 |           - gnupg2
 68 |           - ca-certificates
 69 |           - curl
 70 |           - gnupg-agent
 71 |           - vim
 72 |           - software-properties-common
 73 |         state: present
 74 | 
 75 |     - name: Unduh GPG key Docker dan simpan ke /etc/apt/trusted.gpg.d/docker.gpg
 76 |       ansible.builtin.get_url:
 77 |         url: https://download.docker.com/linux/ubuntu/gpg
 78 |         dest: /tmp/docker.gpg
 79 |         mode: '0644'
 80 | 
 81 |     - name: Konversi GPG key Docker ke format yang benar
 82 |       ansible.builtin.command:
 83 |         cmd: gpg --dearmour -o /etc/apt/trusted.gpg.d/docker.gpg /tmp/docker.gpg
 84 | 
 85 |     - name: Add Docker Repository
 86 |       ansible.builtin.apt_repository:
 87 |         repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable"
 88 |         state: present
 89 |         filename: docker
 90 |         update_cache: yes
 91 | 
 92 |     - name: Install containerd.
 93 |       apt:
 94 |         name:
 95 |           - containerd.io
 96 |         state: present
 97 | 
 98 |     - name: Menghasilkan konfigurasi default containerd
 99 |       command: containerd config default
100 |       register: containerd_config_default
101 |       changed_when: false
102 | 
103 |     - name: Menulis konfigurasi default containerd ke file
104 |       ansible.builtin.copy:
105 |         content: "{{ containerd_config_default.stdout }}"
106 |         dest: /etc/containerd/config.toml
107 |         mode: '0644'
108 | 
109 |     - name: Backup config file
110 |       copy:
111 |         src: /etc/containerd/config.toml
112 |         dest: /etc/containerd/config.toml.bak
113 |         remote_src: yes
114 | 
115 |     - name: Replace SystemdCgroup setting with sed
116 |       shell: sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml
117 | 
118 |     - name: Enable containerd service, and start it.
119 |       systemd:
120 |         name: containerd
121 |         state: restarted
122 |         enabled: yes
123 |         daemon-reload: yes
124 | 
125 |     - name: Add Google official GPG key
126 |       apt_key:
127 |         url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
128 |         state: present
129 | 
130 |     - name: Tambahkan repository Kubernetes ke sumber apt
131 |       ansible.builtin.copy:
132 |         dest: /etc/apt/sources.list.d/kubernetes.list
133 |         content: "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /\n"
134 |         owner: root
135 |         group: root
136 |         mode: '0644'
137 | 
138 |     - name: Unduh kunci GPG Kubernetes
139 |       ansible.builtin.get_url:
140 |         url: https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key
141 |         dest: /tmp/kubernetes-release.key
142 | 
143 |     - name: Konversi kunci GPG Kubernetes ke format yang benar
144 |       ansible.builtin.command:
145 |         cmd: gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg /tmp/kubernetes-release.key
146 | 
147 |     - name: Hapus kunci GPG sementara
148 |       ansible.builtin.file:
149 |         path: /tmp/kubernetes-release.key
150 |         state: absent
151 | 
152 |     - name: Update APT package index
153 |       ansible.builtin.apt:
154 |         update_cache: yes
155 | 
156 |     - name: Installing Kubernetes Cluster Packages.
157 |       apt:
158 |         name:
159 |           - kubeadm
160 |           - kubectl
161 |           - kubelet
162 |         state: present
163 | 
164 |     - name: Enable service kubelet, and enable persistently
165 |       service:
166 |         name: kubelet
167 |         enabled: yes
168 | 
169 |     - name: Reboot all the kubernetes nodes.
170 |       reboot:
171 |         post_reboot_delay: 60
172 |         reboot_timeout: 80
173 |         connect_timeout: 300
174 |         test_command: uptime


--------------------------------------------------------------------------------
/kubernetes/k8s_master_init.yml:
--------------------------------------------------------------------------------
 1 | - hosts: masters
 2 |   remote_user: user
 3 |   become: yes
 4 | 
 5 |   tasks:
 6 | 
 7 |     - name: Intilizing Kubernetes Cluster
 8 |       shell: kubeadm init --ignore-preflight-errors=all
 9 | 
10 |     - pause: seconds=30
11 | 
12 |     - name: Create directory for kube config.
13 |       become: yes
14 |       file:
15 |         path: /root/.kube
16 |         state: directory
17 |         owner: root
18 |         group: root
19 |         mode: 0755
20 | 
21 |     - name: Copy /etc/kubernetes/admin.conf to user home directory /root/.kube/config
22 |       become: yes
23 |       copy:
24 |         src: /etc/kubernetes/admin.conf
25 |         dest: /root/.kube/config
26 |         remote_src: yes
27 |         owner: root
28 |         group: root
29 |         mode: '0644'
30 | 
31 |     - pause: seconds=30
32 | 
33 |     - name: Remove the cache directory.
34 |       become: yes
35 |       file:
36 |         path: /root/.kube/cache
37 |         state: absent
38 | 
39 |     - name: Create Pod Network & RBAC.
40 |       become: yes
41 |       command: "{{ item }}"
42 |       with_items:
43 |           - sudo kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
44 |           - sudo kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/calico.yaml
45 |           
46 |     - pause: seconds=30
47 | 
48 |     - name: Get the token for joining the nodes with Kuberentes master.
49 |       shell: kubeadm token create  --print-join-command
50 |       register: kubernetes_join_command
51 | 
52 |     - debug:
53 |         msg: "{{ kubernetes_join_command.stdout }}"
54 | 
55 |     - name: Copy join command to local file.
56 |       become: false
57 |       local_action: copy content="{{ kubernetes_join_command.stdout_lines[0] }}" dest="/tmp/kubernetes_join_command" mode=0777


--------------------------------------------------------------------------------
/kubernetes/k8s_workers.yml:
--------------------------------------------------------------------------------
 1 | - hosts: masters
 2 |   remote_user: user
 3 |   become: yes
 4 |   become_method: sudo
 5 |   become_user: root
 6 | 
 7 |   tasks:
 8 |     - name: Get the token for joining the nodes with Kubernetes master
 9 |       shell: kubeadm token create --print-join-command
10 |       register: kubernetes_join_command
11 | 
12 |     - name: Debug Kubernetes join command
13 |       debug:
14 |         msg: "{{ kubernetes_join_command.stdout }}"
15 | 
16 |     - name: Construct the join command with ignore preflight errors
17 |       set_fact:
18 |         join_command: "{{ kubernetes_join_command.stdout.strip() }} --ignore-preflight-errors=all"
19 | 
20 |     - name: Copy join command to local file
21 |       ansible.builtin.copy:
22 |         content: "{{ join_command }}"
23 |         dest: "/tmp/kubernetes_join_command"
24 |         mode: '0777'
25 |         owner: "root"
26 |         group: "root"
27 | 
28 | - hosts: workers
29 |   remote_user: user
30 |   become: yes
31 | 
32 |   tasks:
33 |     - name: Ensure file is removed
34 |       ansible.builtin.file:
35 |         path: "/tmp/kubernetes_join_command"
36 |         state: absent
37 | 
38 |     - name: Copy join command to worker nodes
39 |       ansible.builtin.copy:
40 |         src: /tmp/kubernetes_join_command
41 |         dest: /tmp/kubernetes_join_command
42 |         mode: '0777'
43 |         owner: "root"
44 |         group: "root"
45 | 
46 |     - name: Menambahkan perintah ke /tmp/kubernetes_join_command
47 |       shell: echo "--ignore-preflight-errors=all" >> /tmp/kubernetes_join_command
48 | 
49 |     - name: Debug join command file content
50 |       ansible.builtin.command:
51 |         cmd: cat /tmp/kubernetes_join_command
52 |       register: join_command_content
53 | 
54 |     - name: Debug join command content
55 |       debug:
56 |         msg: "{{ join_command_content.stdout }}"
57 | 
58 |     - name: Join the worker nodes with the master
59 |       shell: "sh /tmp/kubernetes_join_command"
60 |       register: joined_or_not
61 | 
62 |     - name: Debug join command execution result
63 |       debug:
64 |         msg: "{{ joined_or_not.stdout }}"
65 | 
66 | - hosts: masters
67 |   remote_user: user
68 |   become: yes
69 | 
70 |   tasks:
71 |     - name: Configure kubectl command auto-completion
72 |       lineinfile:
73 |         dest: /root/.bashrc
74 |         line: 'source <(kubectl completion bash)'


--------------------------------------------------------------------------------
/main.tf:
--------------------------------------------------------------------------------
  1 | resource "proxmox_vm_qemu" "proxmox_vm_master" {
  2 |     count       = var.num_k8s_masters_host
  3 |     name        = "${var.num_k8s_masters_name}-${count.index}"
  4 |     target_node = var.pm_node_name
  5 |     clone       = var.tamplate_vm_name
  6 |     os_type     = "cloud-init"
  7 |     agent       = 1
  8 |     memory      = var.num_k8s_masters_mem
  9 |     sockets     = "1"
 10 |     cores       = var.num_k8s_workers_cpu
 11 |     full_clone  = true
 12 |     scsihw      = "virtio-scsi-pci"
 13 | 
 14 |     disks {
 15 |         ide {
 16 |             ide3 {
 17 |                 cloudinit {
 18 |                     storage = var.storage_name_location
 19 |                 }
 20 |             }
 21 |         }
 22 |         scsi {
 23 |             scsi0 {
 24 |                 disk {
 25 |                     size            = var.num_k8s_masters_disk
 26 |                     storage         = var.storage_name_location
 27 |                     iothread        = false
 28 |                     discard         = false
 29 |                 }
 30 |             }
 31 |         }
 32 |     }
 33 | 
 34 |     network {
 35 |         model = "virtio"
 36 |         bridge = "vmbr0"
 37 |     }
 38 | 
 39 |     ipconfig0 = "ip=${var.master_ips[count.index]}/${var.networkrange},gw=${var.gateway}"
 40 | 
 41 |     lifecycle {
 42 |         ignore_changes = [
 43 |         ciuser,
 44 |         sshkeys,
 45 |         disks,
 46 |         network
 47 |         ]
 48 |     }
 49 | 
 50 |     sshkeys = <<EOF
 51 |     ${var.pub_key}
 52 |     EOF
 53 | }
 54 | 
 55 | resource "proxmox_vm_qemu" "proxmox_vm_workers" {
 56 |     count       = var.num_k8s_workers_host
 57 |     name        = "${var.num_k8s_workers_name}-${count.index + 1}"
 58 |     target_node = var.pm_node_name
 59 |     clone       = var.tamplate_vm_name
 60 |     os_type     = "cloud-init"
 61 |     agent       = 1
 62 |     memory      = var.num_k8s_workers_mem
 63 |     sockets     = "1"
 64 |     cores       = var.num_k8s_workers_cpu
 65 |     full_clone  = true
 66 |     scsihw      = "virtio-scsi-pci"
 67 | 
 68 |     disks {
 69 |         ide {
 70 |             ide3 {
 71 |                 cloudinit {
 72 |                     storage = var.storage_name_location
 73 |                 }
 74 |             }
 75 |         }
 76 |         scsi {
 77 |             scsi0 {
 78 |                 disk {
 79 |                     size            = var.num_k8s_workers_disk
 80 |                     storage         = var.storage_name_location
 81 |                     iothread        = false
 82 |                     discard         = false
 83 |                 }
 84 |             }
 85 |         }
 86 |     }
 87 | 
 88 |     network {
 89 |         model = "virtio"
 90 |         bridge = "vmbr0"
 91 |     }
 92 | 
 93 |     ipconfig0 = "ip=${var.worker_ips[count.index]}/${var.networkrange},gw=${var.gateway}"
 94 | 
 95 |     lifecycle {
 96 |         ignore_changes = [
 97 |         ciuser,
 98 |         sshkeys,
 99 |         disks,
100 |         network
101 |         ]
102 |     }
103 | 
104 | 
105 |     sshkeys = <<EOF
106 |     ${var.pub_key}
107 |     EOF
108 | }
109 | 
110 | provider "null" {
111 |     # Provider kosong untuk menjalankan perintah lokal
112 | }
113 | 
114 | resource "null_resource" "run_local_script" {
115 |     depends_on = [proxmox_vm_qemu.proxmox_vm_master, proxmox_vm_qemu.proxmox_vm_workers]
116 | 
117 |     provisioner "local-exec" {
118 |     command = "bash kubernetes/install.sh"
119 |     }
120 | }
121 | 
122 | # CREATE TAR FOR FOLDER
123 | resource "null_resource" "create_tar" {
124 |     depends_on = [null_resource.run_local_script]
125 | 
126 |     provisioner "local-exec" {
127 |         command = "tar -cvf nginx.tar nginx/"
128 |     }
129 |     provisioner "local-exec" {
130 |         command = "tar -cvf wordpress.tar wordpress/"
131 |     }
132 | }
133 | 
134 | # UPLOAD TAR TO MASTER
135 | resource "null_resource" "upload_tar" {
136 |     depends_on = [null_resource.create_tar, proxmox_vm_qemu.proxmox_vm_master]
137 | 
138 |     provisioner "file" {
139 |         source      = "nginx.tar"
140 |         destination = "/home/user/nginx.tar"
141 |     }
142 | 
143 |     provisioner "file" {
144 |         source      = "wordpress.tar"
145 |         destination = "/home/user/wordpress.tar"
146 |     }
147 | 
148 |     connection {
149 |         type        = "ssh"
150 |         host        = "192.168.1.200"
151 |         user        = "user"
152 |         private_key = file("~/.ssh/id_rsa")
153 |     }
154 | }
155 | 
156 | # EXTRACT TAR TO MASTER
157 | resource "null_resource" "extract_tar" {
158 |     depends_on = [null_resource.upload_tar, proxmox_vm_qemu.proxmox_vm_master]
159 | 
160 |     provisioner "remote-exec" {
161 |         inline = [
162 |         "sudo tar -xvf /home/user/nginx.tar",
163 |         "sudo chmod -R +x /home/user/nginx/install.sh",
164 |         "sudo bash /home/user/nginx/install.sh",
165 |         "sudo tar -xvf /home/user/wordpress.tar",
166 |         "sudo chmod -R +x /home/user/wordpress/install.sh",
167 |         "sudo bash /home/user/wordpress/install.sh",
168 |         ]
169 | 
170 |     connection {
171 |         type        = "ssh"
172 |         host        = "192.168.1.200"
173 |         user        = "user"
174 |         private_key = file("~/.ssh/id_rsa")
175 |     }
176 |     }
177 | }
178 | 


--------------------------------------------------------------------------------
/nginx/install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | echo "Waiting for wordpress installation."
 3 | sleep 60s
 4 | # Apply the namespace configuration
 5 | sudo kubectl apply -f /home/user/nginx/nginx-deployment.yaml
 6 | echo "Created Nginx Deployment."
 7 | sleep 5s
 8 | # Apply the namespace configuration
 9 | sudo kubectl apply -f /home/user/nginx/nginx-service.yaml
10 | echo "Created Nginx Deployment."
11 | sleep 5s
12 | # Apply the namespace configuration
13 | sudo kubectl get all
14 | echo "DONE."
15 | sleep 5s


--------------------------------------------------------------------------------
/nginx/nginx-deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   name: nginx-deployment
 5 | spec:
 6 |   replicas: 2
 7 |   selector:
 8 |     matchLabels:
 9 |       app: nginx
10 |   template:
11 |     metadata:
12 |       labels:
13 |         app: nginx
14 |     spec:
15 |       containers:
16 |       - name: nginx
17 |         image: nginx:latest
18 |         ports:
19 |         - containerPort: 80


--------------------------------------------------------------------------------
/nginx/nginx-service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: nginx-service
 5 | spec:
 6 |   type: NodePort
 7 |   selector:
 8 |     app: nginx
 9 |   ports:
10 |     - protocol: TCP
11 |       port: 80
12 |       targetPort: 80
13 |       nodePort: 30001


--------------------------------------------------------------------------------
/output.tf:
--------------------------------------------------------------------------------
1 | output "Master-IPS" {
2 |   value = ["${proxmox_vm_qemu.proxmox_vm_master.*.default_ipv4_address}"]
3 | }
4 | 
5 | output "worker-IPS" {
6 |   value = ["${proxmox_vm_qemu.proxmox_vm_workers.*.default_ipv4_address}"]
7 | }


--------------------------------------------------------------------------------
/provider.tf:
--------------------------------------------------------------------------------
 1 | terraform {
 2 |   required_providers {
 3 |     proxmox = {
 4 |       source  = "telmate/proxmox"
 5 |       version = "3.0.1-rc3"
 6 |     }
 7 |   }
 8 | }
 9 | 
10 | provider "proxmox" {
11 |   pm_api_url      = "https://${var.pm_host}:8006/api2/json"
12 |   pm_api_token_id = var.pm_user
13 |   pm_api_token_secret     = var.pm_password
14 |   pm_tls_insecure = var.pm_tls_insecure
15 |   pm_parallel     = 10
16 |   pm_timeout      = 600
17 |   pm_debug = true
18 |   pm_log_enable = true
19 |   pm_log_file   = "terraform-plugin-proxmox.log"
20 |   pm_log_levels = {
21 |     _default    = "debug"
22 |     _capturelog = ""
23 |   }
24 | }


--------------------------------------------------------------------------------
/variables.tf:
--------------------------------------------------------------------------------
  1 | variable "pm_user" {
  2 |   description = "The username for the proxmox user"
  3 |   type        = string
  4 |   sensitive   = false
  5 |   default     = "root@pam"
  6 | 
  7 | }
  8 | variable "pm_password" {
  9 |   description = "The password for the proxmox user"
 10 |   type        = string
 11 |   sensitive   = true
 12 | }
 13 | 
 14 | variable "pm_tls_insecure" {
 15 |   description = "Set to true to ignore certificate errors"
 16 |   type        = bool
 17 |   default     = false
 18 | }
 19 | 
 20 | variable "pm_host" {
 21 |   description = "The hostname or IP of the proxmox server"
 22 |   type        = string
 23 | }
 24 | 
 25 | variable "pm_node_name" {
 26 |   description = "name of the proxmox node to create the VMs on"
 27 |   type        = string
 28 |   default     = "pve"
 29 | }
 30 | 
 31 | variable "pub_key" {
 32 |   description = "Public SSH key"
 33 |   type        = string
 34 | }
 35 | 
 36 | variable "storage_name_location" {
 37 |   description = "Storage location in proxmox"
 38 |   type        = string
 39 | }
 40 | 
 41 | 
 42 | variable "num_k8s_masters_name" {
 43 |   description = "name of the vm node to create the VMs on"
 44 |   type        = string
 45 |   default     = "k8s-master"
 46 | }
 47 | 
 48 | variable "num_k8s_masters_host" {
 49 |   default = 1
 50 | }
 51 | 
 52 | variable "num_k8s_masters_cpu" {
 53 |   default = 2
 54 | }
 55 | 
 56 | variable "num_k8s_masters_mem" {
 57 |   default = "4096"
 58 | }
 59 | 
 60 | variable "num_k8s_masters_disk" {
 61 |   default = "32"
 62 | }
 63 | 
 64 | variable "num_k8s_workers_name" {
 65 |   description = "name of the vm node to create the VMs on"
 66 |   type        = string
 67 |   default     = "k8s-workers"
 68 | }
 69 | 
 70 | variable "num_k8s_workers_host" {
 71 |   default = 2
 72 | }
 73 | 
 74 | variable "num_k8s_workers_cpu" {
 75 |   default = 2
 76 | }
 77 | 
 78 | variable "num_k8s_workers_mem" {
 79 |   default = "2048"
 80 | }
 81 | 
 82 | variable "num_k8s_workers_disk" {
 83 |   default = "32"
 84 | }
 85 | 
 86 | variable "tamplate_vm_name" {}
 87 | 
 88 | variable "master_ips" {
 89 |   description = "List of ip addresses for master nodes"
 90 |   type        = list(string)
 91 | }
 92 | 
 93 | variable "worker_ips" {
 94 |   description = "List of ip addresses for worker nodes"
 95 |   type        = list(string)
 96 | }
 97 | 
 98 | variable "networkrange" {
 99 |   default = 24
100 | }
101 | 
102 | variable "gateway" {
103 |   default = "192.168.1.1"
104 | }
105 | 


--------------------------------------------------------------------------------
/variables.tfvars.sample:
--------------------------------------------------------------------------------
 1 | pm_host = "192.168.1.x"
 2 | pm_user = "user-proxmox-api"
 3 | pm_password = "password-proxmox-api"
 4 | pm_node_name = "node-name-proxmox"
 5 | pm_tls_insecure = true
 6 | pub_key = "your-public-key"
 7 | storage_name_location = "local-lvm"
 8 | 
 9 | num_k8s_masters_name = "k8s-master"
10 | num_k8s_masters_host = 1
11 | num_k8s_masters_cpu = 4
12 | num_k8s_masters_mem = 4096
13 | num_k8s_masters_disk = 32
14 | 
15 | num_k8s_workers_name = "k8s-worker"
16 | num_k8s_workers_host = 2
17 | num_k8s_workers_cpu = 4
18 | num_k8s_workers_mem = 2048
19 | num_k8s_workers_disk = 32
20 | 
21 | tamplate_vm_name = "template-cloud-init"
22 | master_ips = [
23 |   "192.168.1.x"
24 | ]
25 | worker_ips = [
26 |   "192.168.1.x",
27 |   "192.168.1.x",
28 | ]
29 | 


--------------------------------------------------------------------------------
/wordpress/install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | echo "Waiting for wordpress installation."
 3 | sleep 60s
 4 | # Apply the namespace configuration
 5 | sudo kubectl apply -f /home/user/wordpress/mysql-deployment.yaml
 6 | echo "Mysql applied."
 7 | sleep 5s
 8 | # Apply the namespace configuration
 9 | sudo kubectl apply -f /home/user/wordpress/wordpress-deployment.yaml
10 | echo "Wordpress applied."
11 | sleep 5s
12 | # Apply the namespace configuration
13 | sudo kubectl apply -f /home/user/wordpress/services.yaml
14 | echo "Service applied."
15 | sleep 200s
16 | # Apply the namespace configuration
17 | sudo kubectl get all
18 | echo "Service applied."
19 | sleep 30s


--------------------------------------------------------------------------------
/wordpress/mysql-deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   name: mysql
 5 | spec:
 6 |   replicas: 1
 7 |   selector:
 8 |     matchLabels:
 9 |       app: mysql
10 |   template:
11 |     metadata:
12 |       labels:
13 |         app: mysql
14 |     spec:
15 |       containers:
16 |         - name: mysql
17 |           image: mysql:8.0
18 |           env:
19 |             - name: MYSQL_ROOT_PASSWORD
20 |               value: example-root-password
21 |             - name: MYSQL_DATABASE
22 |               value: example-wordpress
23 |             - name: MYSQL_USER
24 |               value: example-wp_user
25 |             - name: MYSQL_PASSWORD
26 |               value: example-password
27 |           ports:
28 |             - containerPort: 3306
29 | 


--------------------------------------------------------------------------------
/wordpress/services.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   name: wordpress
 5 | spec:
 6 |   selector:
 7 |     app: wordpress
 8 |   ports:
 9 |     - protocol: TCP
10 |       port: 80
11 |       targetPort: 80
12 |   type: LoadBalancer
13 | 
14 | ---
15 | 
16 | apiVersion: v1
17 | kind: Service
18 | metadata:
19 |   name: mysql
20 | spec:
21 |   selector:
22 |     app: mysql
23 |   ports:
24 |     - protocol: TCP
25 |       port: 3306
26 |       targetPort: 3306


--------------------------------------------------------------------------------
/wordpress/wordpress-deployment.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: apps/v1
 2 | kind: Deployment
 3 | metadata:
 4 |   name: wordpress
 5 | spec:
 6 |   replicas: 1
 7 |   selector:
 8 |     matchLabels:
 9 |       app: wordpress
10 |   template:
11 |     metadata:
12 |       labels:
13 |         app: wordpress
14 |     spec:
15 |       containers:
16 |         - name: wordpress
17 |           image: wordpress:latest
18 |           ports:
19 |             - containerPort: 80
20 |           env:
21 |             - name: WORDPRESS_DB_HOST
22 |               value: mysql:3306
23 |             - name: WORDPRESS_DB_NAME
24 |               value: example-wordpress
25 |             - name: WORDPRESS_DB_USER
26 |               value: example-wp_user
27 |             - name: WORDPRESS_DB_PASSWORD
28 |               value: example-password
29 | 


--------------------------------------------------------------------------------