provision vm on proxmox with terraform and ansible

parents
[defaults]
host_key_checking = false
ssh_timeout = 20
\ No newline at end of file
---
proxmox:
hosts:
node1
vars:
ansible_user: farnoosh
ansible_ssh_common_args: '-o StrictHostKeyChecking=no'
ansible_python_interpreter: auto_silent
---
- hosts: proxmox
gather_facts: false
become: yes
tasks:
- pause:
seconds: 60
- name: get VM ID
shell: qm list | grep {{ vm }} | awk '{print $1}'
register: vm_id
- name: stop VM
shell: qm stop {{ vm_id.stdout }}
- name: wait for shut down
shell: qm wait {{ vm_id.stdout }}
async: 60
poll: 5
- pause:
seconds: 10
- name: remove cloudinit drive
shell: qm set {{ vm_id.stdout }} --ide2 none
- pause:
seconds: 10
- name: start VM
command: "qm start {{ vm_id.stdout }}"
- pause:
seconds: 15
- name: tasks completion message
debug:
msg: "{{ vm }} with ID {{ vm_id.stdout }} has been rebooted and ci drive removed"
---
- hosts: all
gather_facts: false
become: yes
tasks:
- pause:
seconds: 30
- name: find if there's any files in /var/lib/dpkg/updates
find:
path: /var/lib/dpkg/updates
pattern: "*"
register: files_to_delete
- name: remove all corrupted files in /var/lib/dpkg/updates/
file:
path: "{{ item.path }}"
state: absent
no_log: true
with_items: "{{ files_to_delete.files }}"
- name: fix apt/dpkg issue caused by corrupted files
command: "dpkg --configure -a"
- name: remove universe repo
command: add-apt-repository -r universe
- name: update apt cache
command: apt update
- name: add universe repo
command: add-apt-repository universe
- name: update apt cache
command: apt update
- name: install qemu guest agent
apt:
name: qemu-guest-agent
state: present
- name: check if cpu hotplug config already exists
stat:
path: /lib/udev/rules.d/80-hotplug-cpu.rules
register: result
- name: create cpu hotplug config file
shell: echo 'SUBSYSTEM=="cpu", ACTION=="add", TEST=="online", ATTR{online}=="0", ATTR{online}="1"' | sudo tee /lib/udev/rules.d/80-hotplug-cpu.rules
when: not result.stat.exists
- name: upgrade all packages
command: apt upgrade -y
- name: reboot host
reboot:
\ No newline at end of file
# A local value assigns a name to an expression, allowing it to be used multiple times within a module
# without repeating it, used to loop through multiple Key Vault secrets
locals {
secret_names = ["proxmoxpass"] #, "sshuser", "sshpubkey"]
}
# Actual Key Vault name - this does not need to be imported by Terraform
data "azurerm_key_vault" "itnoobs-keyvault" {
name = "itnoobs"
resource_group_name = "itnoobs-terraform"
}
# Key Vault Secrets
data "azurerm_key_vault_secret" "itnoobs-keyvault" {
count = "${length(local.secret_names)}"
# Pulls value based on secret name set by count index
name = "${element(local.secret_names, count.index)}"
key_vault_id = "${data.azurerm_key_vault.itnoobs-keyvault.id}"
}
provider "azurerm" {
version = "2.0.0"
features {}
}
\ No newline at end of file
# Terraform state file keeps track of all changes applied and any resources imported.
# It's kept locally by default, however very useful to use remote tfstate in a team environment
# so that state changes are recorded and visible for everyone.
terraform {
backend "azurerm" {
resource_group_name = "itnoobs-terraform"
storage_account_name = "itnoobs"
container_name = "proxmox"
# This is the name of the tfstate file that will be created during first initialization
key = "prod.terraform.tfstate"
}
}
\ No newline at end of file
provider "proxmox" {
pm_api_url = "https://myvms/api2/json"
pm_password = data.azurerm_key_vault_secret.itnoobs-keyvault.0.value
pm_user = "[email protected]"
pm_tls_insecure = true
}
resource "proxmox_vm_qemu" "prox-vm" {
name = "${var.hostname}${count.index}"
desc = var.hostname
target_node = "node1"
count = var.vmcount
full_clone = true
clone = "cloud-init-focal"
pool = "Test"
cores = 8
sockets = 2
vcpus = 4
memory = 2048
balloon = 2048
boot = "c"
bootdisk = "virtio0"
scsihw = "virtio-scsi-pci"
onboot = false
agent = 1
cpu = "kvm64"
numa = true
hotplug = "network,disk,cpu,memory"
network {
id = 0
model = "virtio"
bridge = "vmbr4"
}
disk {
id = 0
type = "virtio"
storage = "nvme-node1"
size = "20"
}
os_type = "cloud-init"
# This is to avoid terraform plan detecting changes that are not handled correctly by the plugin
lifecycle {
ignore_changes = [
network,
bootdisk,
cipassword,
ciuser,
ipconfig0,
nameserver,
sshkeys,
searchdomain,
qemu_os,
]
}
}
variable "vmcount" {
default = "1"
}
variable "hostname" {
default = "ubuntu-srv"
description = ""
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment