This module allows you to deploy a Talos OS-based vSphere virtual machine with a custom configuration. It is a child module of ilpozzd/terraform-talos-vsphere-cluster. The configuration of the virtual machine fully corresponds to the configuration of Talos OS v1.0.x.
It is strongly not recommended to use this module separately, since creating groups of virtual machines does not make a full cycle of Terraform automation (you cannot continue working with the created cluster using Terraform). To create a cluster, use ilpozzd/terraform-talos-vsphere-cluster. This module is useful in some cases when using Terragrunt. See examples.
| Name | Version |
|---|---|
| terraform | >= 1.1.9 |
| hashicorp/vsphere | >= 2.1.1 |
vSphere Version >= 6.7u3
Datastore:
- Allocate space
- Browse datastore
- Low level file operations
- Remove file
- Update virtual machine files
- Update virtual machine metadata
Folder:
- Create folder
- Delete folder
- Move folder
- Rename folder
Network:
- Assign network
Resource:
- Assign virtual machine to resource pool
- Migrate powered off virtual machine
- Migrate powered on virtual machine
Profile-driven storage:
- Profile-driven storage view
vApp:
- Import
- View OVF environment
- vApp application configuration
- vApp instance configuration
- vApp managedBy configuration
- vApp resource configuration
Virtual machine:
- Change Configuration
- Edit Inventory
- Guest Operations
- Interaction
- Provisioning
- vCenter ->
Terraform Role-> This Object - Datacenter ->
Read-only Role-> This object - Datastore Cluster ->
Terraform Role-> This object and it`s children - Hosts Cluster ->
Read-only Role-> This object - Hosts ->
Terraform Role-> This Object - DPG ->
Terraform Role-> This object - Folder ->
Terraform Role-> This object and it`s children - Resource pool ->
Terraform Role-> This object and it`s children
| Name | Version |
|---|---|
| hashicorp/vsphere | >= 2.1.1 |
No modules.
| Name | Type |
|---|---|
| vsphere_virtual_machine.this | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| datacenter | VMware datacenter name. | string |
- |
Yes |
| datastores | VMWare datastore(s) where all virtual machine`s data will be placed in. | list(string) |
- |
Yes |
| hosts | ESXi host(s) where target virtual machine will be created. | list(string) |
- |
Yes |
| resource_pool | VMWare resource pool where target virtual machine will be created. | string |
- |
Yes |
| folder | Folder to create the virtual machine in. | string |
- |
Yes |
| remote_ovf_url | URL to the remote Talos OS ovf/ova file. | string |
- |
Yes |
| vm_count | Number of virtual machines. | number |
1 |
No |
| num_cpus | The total number of virtual processor cores to assign to this virtual machine. | number |
2 |
No |
| memory | The size of the virtual machine`s RAM, in Mb. | number |
2048 |
No |
| disks | A specification list for a virtual disk devices on this virtual machine. | list |
- |
Yes |
| network_interfaces | A specification list for a virtual NIC on this virtual machine. | list |
- |
Yes |
| create_init_node | Whether to create an initialization node. If true, the first virtual machine will be the initialization node. |
bool |
false |
Yes |
| talos_base_configuration | Talos high-level configuration. | object |
object |
No |
| machine_secrets | Secret data used to create Talos stack. | object |
- |
Yes |
| talos_admin_pki | Base64 encoded certificate (signed by machine_secrets.ca.crt and key (in ED25519) to provide access to virtual machine trought talosctl. |
object |
{} |
Yes |
| machine_base_configuration | Machine configuration used in all nodes. | object |
- |
Yes |
| machine_extra_configuration | Optional machine extra configuration. | object |
{} |
No |
| machine_type | Machine's role in the Kubernetes cluster (controlplane or worker). |
string |
- |
Yes |
| machine_cert_sans | A list of certSANs for vm_count virtual machines (optional). | list(list(string)) |
[] |
No |
| machine_network | Network configuration used in all nodes. | object |
{} |
No |
| machine_network_hostnames | A list of hostnames for vm_count virtual machines (if not set will be generated automaticly). | list(string) |
[] |
No |
| machine_network_interfaces | A list of network interfaces for vm_count virtual machines (if not set DHCP will be used). If machine_type = controlplane and create_init_node = true, not less than one element with one static IP address required. |
list |
[] |
No |
| cluster_secrets | Secret data used in all Kubernetes nodes. | object |
- |
Yes |
| control_plane_cluster_secrets | Secret data used in Kubernetes control plane nodes. | object |
{} |
Yes |
| cluster_name | The name of the cluster. | string |
- |
Yes |
| cluster_control_plane | Provides control plane specific configuration options. | object |
- |
No |
| cluster_discovery | Configures cluster member discovery. | object |
object |
No |
| control_plane_cluster_configuration | Cluster configuration used in Kubernetes control plane nodes. | object |
{} |
No |
| cluster_inline_manifests | A list of inline Kubernetes manifests. | list |
[] |
No |
| cluster_extra_manifests | A list of urls that point to additional manifests. These will get automatically deployed as part of the bootstrap. | list(string) |
[] |
No |
| cluster_extra_manifest_headers | A map of key value pairs that will be added while fetching the extraManifests. | map(string) |
{} |
No |
| vmtoolsd_extra_manifest | A link to talos-vmtoolsd Kubernetes manifest. | string |
Link |
No |
list(object({
label = string
size = number
}))- label - Any name for disk (label for Terraform)
- size - Capacity in Gb
list(object({
name = string
}))- name - Distributed Port Group (DPG) name
object({
version = string
persist = bool
})Default:
{
version = "v1alpha1"
persist = false
}See Config section in Talos Configuration Reference for detail description.
object({
token = string
ca = object({
crt = string
key = string
})
})See MachineConfig section in Talos Configuration Reference for detail description.
object({
crt = optional(string)
key = optional(string)
})- crt - Base64 encoded certificate in PEM format
- key - Base64 encoded key in PEM format
Required if machine_type = controlplane and create_init_node = true
object({
install = object({
disk = string
extraKernelArgs = optional(list(string))
image = string
bootloader = bool
wipe = bool
diskSelector = optional(object({
size = string
model = string
busPath = string
}))
extensions = optional(list(string))
})
kubelet = optional(object({
image = string
extraArgs = optional(map(string))
clusterDNS = optional(list(string))
extraMounts = optional(list(object({
destination = string
type = string
source = string
options = list(string)
})))
extraConfig = optional(map(string))
nodeIP = optional(object({
validSubnets = list(string)
}))
}))
time = optional(object({
disabled = optional(bool)
servers = optional(list(string))
bootTimeout = optional(string)
}))
features = optional(object({
rbac = optional(bool)
}))
})See MachineConfig section in Talos Configuration Reference for detail description.
object({
controlPlane = optional(object({
controllerManager = object({
disabled = bool
})
scheduler = object({
disabled = bool
})
}))
pods = optional(list(map(any)))
disks = optional(list(object({
device = string
partitions = list(object({
mountpoint = string
size = string
}))
})))
files = optional(list(object({
content = string
permissions = string
path = string
op = string
})))
env = optional(object({
GRPC_GO_LOG_VERBOSITY_LEVEL = optional(string)
GRPC_GO_LOG_SEVERITY_LEVEL = optional(string)
http_proxy = optional(string)
https_proxy = optional(string)
no_proxy = optional(bool)
}))
sysctl = optional(map(string))
sysfs = optional(map(string))
registries = optional(object({
mirrors = optional(map(object({
endpoints = list(string)
})))
config = optional(map(object({
tls = object({
insecureSkipVerify = bool
clientIdentity = optional(object({
crt = string
key = string
}))
ca = optional(string)
})
auth = optional(object({
username = optional(string)
password = optional(string)
auth = optional(string)
identityToken = optional(string)
}))
})))
}))
systemDiskEncryption = optional(map(object({
provider = string
keys = optional(list(object({
static = optional(object({
passphrase = string
}))
nodeID = optional(map(string))
slot = optional(number)
})))
cipher = optional(string)
keySize = optional(number)
blockSize = optional(number)
options = optional(list(string))
})))
udev = optional(object({
rules = list(string)
}))
logging = optional(object({
destinations = list(object({
endpoint = string
format = string
}))
}))
kernel = optional(object({
modules = list(object({
name = string
}))
}))
})See MachineConfig section in Talos Configuration Reference for detail description.
object({
nameservers = optional(list(string))
extraHostEntries = optional(list(object({
ip = string
aliases = list(string)
})))
kubespan = optional(object({
enabled = bool
}))
})See NetworkConfig section in Talos Configuration Reference for detail description.
hostname and interfaces parameters are described in separate inputs.
list(list(object({
interface = string
addresses = optional(list(string))
routes = optional(list(object({
network = string
gateway = optional(string)
source = optional(string)
metric = optional(number)
})))
vlans = optional(list(object({
addresses = list(string)
routes = optional(list(object({
network = string
gateway = optional(string)
source = optional(string)
metric = optional(number)
})))
dhcp = optional(bool)
vlanId = number
mtu = number
vip = optional(object({
ip = string
equinixMetal = optional(object({
apiToken = string
}))
hcloud = optional(object({
apiToken = string
}))
}))
})))
mtu = optional(number)
bond = optional(object({
interfaces = list(string)
mode = string
lacpRate = string
}))
dhcp = optional(bool)
ignore = optional(bool)
dummy = optional(bool)
dhcpOptions = optional(object({
routeMetric = number
ipv4 = optional(bool)
ipv6 = optional(bool)
}))
wireguard = optional(object({
privateKey = string
listenPort = number
firewallMark = number
peers = list(object({
publicKey = string
endpoint = string
persistentKeepaliveInterval = optional(string)
allowedIPs = list(string)
}))
}))
vip = optional(object({
ip = string
equinixMetal = optional(object({
apiToken = string
}))
hcloud = optional(object({
apiToken = string
}))
}))
})))See Device section in Talos Configuration Reference for detail description.
object({
id = string
secret = string
token = string
ca = object({
crt = string
key = string
})
})See ClusterConfig section in Talos Configuration Reference for detail description.
object({
aescbcEncryptionSecret = optional(string)
aggregatorCA = optional(object({
crt = optional(string)
key = optional(string)
}))
serviceAccount = optional(object({
key = optional(string)
}))
etcd = optional(object({
ca = object({
crt = optional(string)
key = optional(string)
})
}))
})See ClusterConfig section in Talos Configuration Reference for detail description.
Required if machine_type = controlplane.
object({
endpoint = optional(string)
localAPIServerPort = optional(number)
})See ControlPlaneConfig section in Talos Configuration Reference for detail description.
Required if (create_init_node = false or (create_init_node = true and vm_count > 1)).
object({
enabled = bool
registries = optional(object({
kubernetes = optional(object({
disabled = bool
}))
service = optional(object({
disabled = bool
endpoint = string
}))
}))
})Default:
{
enabled = true
}See ClusterDiscoveryConfig section in Talos Configuration Reference for detail description.
object({
network = optional(object({
cni = optional(object({
name = string
urls = optional(list(string))
}))
dnsDomain = optional(string)
podSubnets = optional(list(string))
serviceSubnets = optional(list(string))
}))
apiServer = optional(object({
image = string
extraArgs = optional(map(string))
extraVolumes = optional(list(object({
hostPath = string
mountPath = string
readonly = bool
})))
env = optional(map(string))
certSANs = optional(list(string))
disablePodSecurityPolicy = optional(bool)
admissionControl = optional(list(object({
name = string
configuration = map(any)
})))
}))
controllerManager = optional(object({
image = string
extraArgs = optional(map(string))
extraVolumes = optional(list(object({
hostPath = string
mountPath = string
readonly = bool
})))
env = optional(map(string))
}))
proxy = optional(object({
disabled = bool
image = optional(string)
mode = optional(string)
extraArgs = optional(map(string))
}))
scheduler = optional(object({
image = string
extraArgs = optional(map(string))
extraVolumes = optional(list(object({
hostPath = string
mountPath = string
readonly = bool
})))
env = optional(map(string))
}))
etcd = optional(object({
image = optional(string)
extraArgs = optional(map(string))
subnet = optional(string)
}))
coreDNS = optional(object({
disabled = bool
image = optional(string)
}))
externalCloudProvider = optional(object({
enabled = bool
manifests = list(string)
}))
adminKubeconfig = optional(object({
certLifetime = string
}))
allowSchedulingOnMasters = optional(bool)
})See ClusterConfig section in Talos Configuration Reference for detail description.
list(object({
name = string
contents = string
}))See ClusterConfig section in Talos Configuration Reference for detail description.
| Name | Description | Type | Sensitive |
|---|---|---|---|
| default_ip_addresses | List of nodes IP addresses from VMTools by default. | list(string) |
false |
Module is maintained by Ilya Pozdnov.
Apache 2 Licensed. See LICENSE for full details.