From feb9c487b204a54881fc150bac56860ff73fff0d Mon Sep 17 00:00:00 2001
From: Rob Kooper <kooper@illinois.edu>
Date: Thu, 22 Feb 2024 21:39:39 -0600
Subject: [PATCH] remove deprecated code
- removed centos references
- added ability to pick CNI
---
.gitignore | 1 +
CHANGELOG.md | 19 ++++
terraform/modules/rke1/data.tf | 9 +-
terraform/modules/rke1/network.tf | 41 ---------
terraform/modules/rke1/nodes.tf | 138 +-----------------------------
terraform/modules/rke1/outputs.tf | 19 ----
terraform/modules/rke1/rancher.tf | 58 +------------
7 files changed, 27 insertions(+), 258 deletions(-)
diff --git a/.gitignore b/.gitignore
index 9337f20..7ed88e0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+.DS_Store
.idea
.terraform
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 88de55e..eb99235 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,25 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/).
+## 3.0.0 - 2023-02-22
+
+This removes the old variables for creating machines that were deprecated, and removes references to centos.
+
+### Changed
+- removed all deprecated code, clusters are defined in cluster.json
+
+### Added
+- ability to set network. Default is weave to be compatible with previous version but this should be changed. Weave is EOL 12/31/2024
+ - canal (rancher default)
+ - calico
+ - flannel
+ - weave (deprecated)
+ - none
+- ubuntu is an alias for ubuntu22 as an os type in cluster. This is in preperation for ubuntu 24.04.
+
+### Removed
+- removed centos image reference.
+
## 2.4.0 - 2023-12-21
### Changed
diff --git a/terraform/modules/rke1/data.tf b/terraform/modules/rke1/data.tf
index f57b3ea..2577636 100644
--- a/terraform/modules/rke1/data.tf
+++ b/terraform/modules/rke1/data.tf
@@ -3,13 +3,6 @@ data "openstack_networking_network_v2" "ext_net" {
name = var.openstack_external_net
}
-# boot image
-# DEPRECATED
-data "openstack_images_image_v2" "boot" {
- name = var.os
- most_recent = true
-}
-
# openstack project name (bbXX)
data "openstack_identity_auth_scope_v3" "scope" {
name = "my_scope"
@@ -17,6 +10,6 @@ data "openstack_identity_auth_scope_v3" "scope" {
data "openstack_images_image_v2" "os_image" {
for_each = var.openstack_os_image
- name = each.value
+ name = each.value.imagename
most_recent = true
}
diff --git a/terraform/modules/rke1/network.tf b/terraform/modules/rke1/network.tf
index a20e8d2..e4e7e7c 100644
--- a/terraform/modules/rke1/network.tf
+++ b/terraform/modules/rke1/network.tf
@@ -80,44 +80,3 @@ resource "openstack_networking_floatingip_v2" "machine_ip" {
pool = data.openstack_networking_network_v2.ext_net.name
port_id = openstack_networking_port_v2.machine_ip[each.key].id
}
-
-# ----------------------------------------------------------------------
-# control plane
-# DEPRECATED
-# ----------------------------------------------------------------------
-
-resource "openstack_networking_port_v2" "controlplane_ip" {
- count = var.controlplane_count
- name = local.controlplane[count.index]
- network_id = openstack_networking_network_v2.cluster_net.id
- security_group_ids = [openstack_networking_secgroup_v2.cluster_security_group.id]
- depends_on = [openstack_networking_router_interface_v2.kube_gateway]
-}
-
-resource "openstack_networking_floatingip_v2" "controlplane_ip" {
- count = var.controlplane_count
- description = format("%s-controlplane-%d", var.cluster_name, count.index + 1)
- pool = data.openstack_networking_network_v2.ext_net.name
- port_id = element(openstack_networking_port_v2.controlplane_ip.*.id, count.index)
-}
-
-# ----------------------------------------------------------------------
-# worker nodes
-# DEPRECATED
-# ----------------------------------------------------------------------
-
-# create worker ip, this can route the ports for the floating ip as
-# well.
-resource "openstack_networking_port_v2" "worker_ip" {
- count = var.worker_count
- name = local.worker[count.index]
- network_id = openstack_networking_network_v2.cluster_net.id
- security_group_ids = [openstack_networking_secgroup_v2.cluster_security_group.id]
- depends_on = [openstack_networking_router_interface_v2.kube_gateway]
- dynamic "allowed_address_pairs" {
- for_each = openstack_networking_port_v2.floating_ip.*.all_fixed_ips.0
- content {
- ip_address = allowed_address_pairs.value
- }
- }
-}
diff --git a/terraform/modules/rke1/nodes.tf b/terraform/modules/rke1/nodes.tf
index b1c87a9..9c24aa4 100644
--- a/terraform/modules/rke1/nodes.tf
+++ b/terraform/modules/rke1/nodes.tf
@@ -1,9 +1,4 @@
locals {
- usernames = {
- "centos" = "centos",
- "ubuntu" = "ubuntu"
- }
-
node_options = {
"controlplane" = "--address awspublic --internal-address awslocal --controlplane --etcd",
"worker" = "--address awspublic --internal-address awslocal --worker"
@@ -13,10 +8,10 @@ locals {
for x in var.cluster_machines : [
for i in range(contains(keys(x), "count") ? x.count : 1) : {
hostname = format("%s-%s-%02d", var.cluster_name, x.name, (i + (contains(keys(x), "start_index") ? x.start_index : 1)))
- username = lookup(local.usernames, x.os, "UNDEFINED")
- image_name = lookup(var.openstack_os_image, x.os, "UNDEFINED")
+ username = var.openstack_os_image[x.os].username
+ image_name = var.openstack_os_image[x.os].imagename
flavor = try(x.flavor, "gp.medium")
- image_id = data.openstack_images_image_v2.os_image[try(x.os, "UNDEFINED")].id
+ image_id = data.openstack_images_image_v2.os_image[x.os].id
disk_size = try(x.disk, 40)
zone = try(x.zone, "nova")
role = try(x.role, "worker")
@@ -26,11 +21,7 @@ locals {
]
])
- jumphost = concat([for vm in local.machines : vm.hostname if vm.floating_ip], local.controlplane)[0]
-
- # DEPRECATED
- controlplane = [for l in range(var.controlplane_count) : var.old_hostnames ? format("%s-controlplane-%d", var.cluster_name, l) : format("%s-controlplane-%d", var.cluster_name, l + 1)]
- worker = [for l in range(var.worker_count) : var.old_hostnames ? format("%s-worker-%d", var.cluster_name, l) : format("%s-worker-%02d", var.cluster_name, l + 1)]
+ jumphost = [for vm in local.machines : vm.hostname if vm.floating_ip][0]
}
# ----------------------------------------------------------------------
@@ -88,124 +79,3 @@ resource "openstack_compute_instance_v2" "machine" {
]
}
}
-
-# ----------------------------------------------------------------------
-# control-plane nodes
-# DEPRECATED
-# ----------------------------------------------------------------------
-resource "openstack_compute_instance_v2" "controlplane" {
- count = var.controlplane_count
- name = local.controlplane[count.index]
- image_name = var.os
- availability_zone = var.openstack_zone
- flavor_name = var.controlplane_flavor
- key_pair = openstack_compute_keypair_v2.key.name
- config_drive = false
-
- depends_on = [
- openstack_networking_secgroup_rule_v2.same_security_group_ingress_tcp,
- ]
-
- security_groups = [
- openstack_networking_secgroup_v2.cluster_security_group.name
- ]
-
- #echo "update hosts"
- #%{ for ip in openstack_networking_port_v2.worker_ip[count.index].all_fixed_ips }
- #echo "$${ip} $${node_name} $(hostname) $(hostname -f)" >> /etc/hosts
- #%{ endfor }
-
- user_data = base64encode(templatefile("${path.module}/templates/user_data.tmpl", {
- private_key = openstack_compute_keypair_v2.key.private_key
- project_name = data.openstack_identity_auth_scope_v3.scope.project_name
- cluster_name = var.cluster_name
- username = "centos"
- node_name = local.controlplane[count.index]
- node_command = rancher2_cluster.kube.cluster_registration_token.0.node_command
- node_options = "--address awspublic --internal-address awslocal --controlplane --etcd"
- node_labels = ""
- ncsa_security = false
- taiga_enabled = var.taiga_enabled
- install_docker = var.install_docker
- }))
-
- block_device {
- uuid = data.openstack_images_image_v2.boot.id
- source_type = "image"
- volume_size = var.controlplane_disksize
- destination_type = "volume"
- delete_on_termination = true
- }
-
- network {
- port = element(openstack_networking_port_v2.controlplane_ip.*.id, count.index)
- }
-
- lifecycle {
- ignore_changes = [
- key_pair,
- block_device,
- user_data,
- availability_zone
- ]
- }
-}
-
-# ----------------------------------------------------------------------
-# worker nodes
-# DEPRECATED
-# ----------------------------------------------------------------------
-resource "openstack_compute_instance_v2" "worker" {
- count = var.worker_count
- name = local.worker[count.index]
- image_name = var.os
- availability_zone = var.openstack_zone
- flavor_name = var.worker_flavor
- key_pair = local.key
- config_drive = false
-
- depends_on = [
- openstack_networking_secgroup_rule_v2.same_security_group_ingress_tcp
- ]
-
- security_groups = [
- openstack_networking_secgroup_v2.cluster_security_group.name
- ]
-
- user_data = base64encode(templatefile("${path.module}/templates/user_data.tmpl", {
- private_key = openstack_compute_keypair_v2.key.private_key
- project_name = data.openstack_identity_auth_scope_v3.scope.project_name
- cluster_name = var.cluster_name
- node_name = local.worker[count.index]
- username = "centos"
- node_command = rancher2_cluster.kube.cluster_registration_token.0.node_command
- node_options = "--worker"
- node_labels = ""
- ncsa_security = false
- taiga_enabled = var.taiga_enabled
- install_docker = var.install_docker
- }))
-
- block_device {
- uuid = data.openstack_images_image_v2.boot.id
- source_type = "image"
- volume_size = var.worker_disksize
- destination_type = "volume"
- boot_index = 0
- delete_on_termination = true
- }
-
- network {
- port = element(openstack_networking_port_v2.worker_ip.*.id, count.index)
- }
-
- lifecycle {
- ignore_changes = [
- key_pair,
- block_device,
- user_data,
- availability_zone
- ]
- }
-}
-
diff --git a/terraform/modules/rke1/outputs.tf b/terraform/modules/rke1/outputs.tf
index 4e33cd4..2e5a039 100644
--- a/terraform/modules/rke1/outputs.tf
+++ b/terraform/modules/rke1/outputs.tf
@@ -24,15 +24,6 @@ output "ssh_config" {
value = <<-EOT
# Automatically created by terraform
-%{~for i, x in openstack_compute_instance_v2.controlplane.*}
-Host ${x.name}
- HostName ${openstack_networking_floatingip_v2.controlplane_ip[i].address}
- StrictHostKeyChecking no
- UserKnownHostsFile=/dev/null
- IdentityFile ${pathexpand("~/.ssh/${var.cluster_name}.pem")}
- User centos
-%{~endfor}
-
%{~for x in [for m in local.machines : m if m.floating_ip]}
Host ${x.hostname}
HostName ${openstack_networking_floatingip_v2.machine_ip[x.hostname].address}
@@ -42,16 +33,6 @@ Host ${x.hostname}
User ${x.username}
%{~endfor}
-%{~for x in openstack_compute_instance_v2.worker.*}
-Host ${x.name}
- HostName ${x.network[0].fixed_ip_v4}
- StrictHostKeyChecking no
- ProxyJump ${local.jumphost}
- UserKnownHostsFile=/dev/null
- IdentityFile ${pathexpand("~/.ssh/${var.cluster_name}.pem")}
- User centos
-%{~endfor}
-
%{~for x in [for m in local.machines : m if !m.floating_ip]}
Host ${x.hostname}
ProxyJump ${local.jumphost}
diff --git a/terraform/modules/rke1/rancher.tf b/terraform/modules/rke1/rancher.tf
index 71cde4f..b85f038 100644
--- a/terraform/modules/rke1/rancher.tf
+++ b/terraform/modules/rke1/rancher.tf
@@ -14,7 +14,7 @@ resource "rancher2_cluster" "kube" {
kubernetes_version = var.rke1_version
enable_cri_dockerd = true
network {
- plugin = "weave"
+ plugin = var.network_plugin
}
ingress {
provider = "none"
@@ -34,7 +34,7 @@ resource "rancher2_cluster" "kube" {
# Create a new rancher2 Cluster Sync for foo-custom cluster
resource "rancher2_cluster_sync" "kube" {
- depends_on = [openstack_compute_instance_v2.controlplane[0]]
+ depends_on = [openstack_compute_instance_v2.machine]
cluster_id = rancher2_cluster.kube.id
wait_catalogs = false
}
@@ -101,57 +101,3 @@ resource "rancher2_cluster_role_template_binding" "member_groups" {
]
}
}
-
-# ----------------------------------------------------------------------
-# longhorn storage
-# DEPRECATED
-# ----------------------------------------------------------------------
-resource "rancher2_app_v2" "longhorn-system" {
- count = var.longhorn_enabled ? 1 : 0
- cluster_id = rancher2_cluster_sync.kube.cluster_id
- name = "longhorn"
- namespace = "longhorn-system"
- repo_name = "rancher-charts"
- chart_name = "longhorn"
- project_id = rancher2_cluster_sync.kube.system_project_id
- values = <<EOF
-defaultSettings:
- backupTarget: nfs://radiant-nfs.ncsa.illinois.edu:/radiant/projects/${data.openstack_identity_auth_scope_v3.scope.project_name}/${var.cluster_name}/backup
- defaultReplicaCount: ${var.longhorn_replicas}
-persistence:
- defaultClass: false
- defaultClassReplicaCount: ${var.longhorn_replicas}
-EOF
- lifecycle {
- ignore_changes = [
- values
- ]
- }
-}
-
-# ----------------------------------------------------------------------
-# monitoring
-# DEPRECATED
-# ----------------------------------------------------------------------
-resource "rancher2_app_v2" "monitor" {
- count = var.monitoring_enabled ? 1 : 0
- cluster_id = rancher2_cluster_sync.kube.cluster_id
- name = "rancher-monitoring"
- namespace = "cattle-monitoring-system"
- repo_name = "rancher-charts"
- chart_name = "rancher-monitoring"
- project_id = rancher2_cluster_sync.kube.system_project_id
- // values = <<EOF
- //prometheus:
- // resources:
- // core:
- // limits:
- // cpu: "4000m"
- // memory: "6144Mi"
- //EOF
- lifecycle {
- ignore_changes = [
- values
- ]
- }
-}
--
GitLab