viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add docker registry vm and allow multiple provisioning cmds in templates [ci skip]

Browse source
This commit is contained in:
Viktor Barzin 2025-10-12 18:54:22 +00:00
parent 5c6e8dd1a2
commit 70647cf888
7 changed files with 171 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

13
modules/create-template-vm/cloud_init.yaml
View file

@ -24,32 +24,43 @@ packages:
- apt-transport-https
- ca-certificates
- gpg
- isc-dhcp-client
# docker
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
%{if is_k8s_template}
# kubernetes
- kubeadm
- kubelet
%{endif}
apt:
sources:
%{if is_k8s_template}
kubernetes:
source: "deb https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /"
keyid: "DE15B14486CD377B9E876E1A234654DA9A296436"
filename: kubernetes.list
docket:
%{endif}
docker:
source: "deb https://download.docker.com/linux/ubuntu noble stable"
keyid: "9DC858229FC7DD38854AE2D88D81803C0EBFCD88"
filename: docker.list
runcmd:
%{if is_k8s_template}
- apt-mark hold kubelet kubeadm kubectl
- systemctl stop kubelet
- containerd config default | sudo tee /etc/containerd/config.toml
- ${containerd_config_update_command}
- systemctl restart containerd
- ${k8s_join_command}
- systemctl enable kubelet
- systemctl start kubelet
%{ endif }
%{ for provision_cmd in provision_cmds ~}
- ${provision_cmd}
%{ endfor ~}

20
modules/create-template-vm/main.tf
View file

@ -13,6 +13,16 @@ variable "k8s_join_command" {
type = string
default = ""
}
variable "containerd_config_update_command" {
type = string
default = ""
description = "Command to execute to update containerd config.toml; e.g add mirror"
}
variable "is_k8s_template" { type = bool }
variable "provision_cmds" {
type = list(string)
default = []
}
# SSH connection to Proxmox
resource "null_resource" "create_template_remote" {
@ -60,7 +70,15 @@ resource "null_resource" "upload_cloud_init" {
provisioner "file" {
destination = "/var/lib/vz/snippets/${var.snippet_name}"
content = templatefile("${path.module}/cloud_init.yaml", { authorized_ssh_key = file("~/.ssh/id_ed25519.pub"), passwd = var.user_passwd, k8s_join_command = var.k8s_join_command })
content = templatefile("${path.module}/cloud_init.yaml", {
is_k8s_template = var.is_k8s_template,
authorized_ssh_key = file("~/.ssh/id_ed25519.pub"),
passwd = var.user_passwd,
provision_cmds = var.provision_cmds,
k8s_join_command = var.k8s_join_command,
containerd_config_update_command = var.containerd_config_update_command
}
)
}
triggers = {

14
modules/create-vm/main.tf
View file

@ -1,20 +1,21 @@
variable "vm_name" { type = string }
variable "vmid" {
type = number
default = 0
}
variable "template_name" { type = string }
variable "vm_name" { default = "terraform-test" }
variable "vm_cpus" {
type = number
default = 4
}
variable "vm_mem_mb" {
type = number
default = 8192
}
variable "vm_disk_size" {
type = string
default = "64G"
}
variable "vm_mac_address" {
type = string
default = null
@ -29,11 +30,6 @@ variable "vlan_tag" {
type = string
default = null
}
variable "vmid" {
type = number
default = 0
}
resource "proxmox_vm_qemu" "cloudinit-vm" {
vmid = var.vmid

40
modules/docker-registry/config.yaml Normal file
View file

@ -0,0 +1,40 @@
version: 0.1
log:
fields:
service: registry
storage:
cache:
blobdescriptor: inmemory
filesystem:
rootdirectory: /var/lib/registry
maxsize: 5GiB
delete:
enabled: true
maintenance:
uploadpurging:
enabled: true
age: 24h
interval: 4h
dryrun: false
readonly:
enabled: false
http:
addr: :5000
headers:
X-Content-Type-Options: [nosniff]
debug:
addr: ":5001"
# Enable proxy on nodes - https://github.com/containerd/containerd/blob/main/docs/cri/registry.md
# https://ops.tips/gists/retrieving-docker-registry-metrics-using-prometheus/
prometheus:
enabled: true
path: "/metrics"
health:
storagedriver:
enabled: true
interval: 10s
threshold: 3
proxy:
remoteurl: https://registry-1.docker.io
username: vbarzin@gmail.com
password: ${password}