Added support for vSphere network protocol profiles (#10)

nilic · Mar 31, 2020 · 914d5ec · 914d5ec
1 parent fba7db4
commit 914d5ec
Show file tree

Hide file tree

Showing 5 changed files with 63 additions and 6 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 2.6.0 (March 31, 2020)
+FEATURES:
+* `rancher2-vsphere-cluster`: Added support for transferring network information (such as IP addresses, default gateway, DNS servers, DNS domain etc) through vApp properties to cluster nodes using node portgroup's network protocol profile. This is done by setting variable `node_network_protocol_profile_addressing` to `true` and can be used along with proper `cloud_config` configuration for setting static IP addresses on cluster nodes
+
 ## 2.5.0 (March 29, 2020)
 FEATURES:
 * `rancher2-vsphere-cluster`: Added support for specifying cloud-config YAML for cluster nodes, either through global setting `node_cloud_config` or through a local `cloud_config` parameter inside `node_spec`; contents of a cloud-config YAML file should be passed to the module, and this can be done either by defining YAML inline using Terraform's `heredoc` synthax or by loading it from a file using Terraform's `file()` function; cloud-config spec is optional, if omitted, cloud-config file will be left empty (set to `#cloud-config`)

diff --git a/rancher2-vsphere-cluster/README.md b/rancher2-vsphere-cluster/README.md
@@ -33,6 +33,7 @@
 | node\_datacenter | Global setting for vSphere datacenter in which to create all cluster nodes; either this or `datacenter` parameter inside `node_spec` (which overrides it) need to be set | `string` | n/a | yes |
 | node\_datastore | Global setting for vSphere datastore in which to create all cluster nodes; either this or `datastore` parameter inside `node_spec` (which overrides it) need to be set | `string` | n/a | yes |
 | node\_folder | Global setting for vSphere VM and template folder in which to create all cluster nodes; `folder` parameter inside `node_spec` overrides this global setting; if neither are set, nodes will be created in datacenter root | `string` | n/a | yes |
+| node\_network\_protocol\_profile\_addressing | (Requires minimum Rancher v2.3.6) Whether to use node portgroup's network protocol profile to transfer network properties such as IP address, subnet mask, default gateway, DNS servers, DNS search path and DNS domain to the node through its vApp properties. In order for the transferred properties to be actually configured in the OS, `cloud_config` can be used to read the vApp properties through VMware Tools and configure the OS network stack. The following vApp properties are read from the network protocol profile and transferred to node VMs: `guestinfo.dns.servers` (DNS servers specified in the network protocol profile), `guestinfo.dns.domain` (domain name), `guestinfo.dns.searchpath` (DNS search path), `guestinfo.interface.0.ip.0.address` (assigned IP address from the IP pool), `guestinfo.interface.0.ip.0.netmask` (subnet mask of the assigned IP address) and `guestinfo.interface.0.route.0.gateway`(default gateway). If set to `false` (default) no vApp properties are configured and cluster nodes will use DHCP assigned addresses | `bool` | `false` | no |
 | node\_portgroup | Global setting for vSphere portgroup to which to connect all cluster nodes; either this or `portgroup` parameter inside `node_spec` (which overrides it) need to be set | `string` | n/a | yes |
 | node\_resource\_pool | Global setting for vSphere resource pool in which to create all cluster nodes; `resource_pool` parameter inside `node_spec` overrides this global setting; if neither are set, nodes will be created in cluster root | `string` | n/a | yes |
 | node\_spec | Specification of node templates for each of the node roles. Available roles are `control_plane`, `etcd`, `master` (consolidated `control_plane` and `etcd`), `worker` and `all_in_one` (`control_plane`, `etcd` and `worker` consolidate on one node, used for creating single node clusters). `node_spec` allows for specifying parameters such as vSphere template, datacenter, cluster etc. on a node role basis. If these parameters are set both through `node_spec` and globally through `node_*`, `node_spec` values will have precedence. As a minimum, each node role needs to have the following inputs set in `node_spec`: `num_vcpu` (VM number of vCPUs), `memory_gb` (VM memory in GB) and `disk_gb` (VM disk size in GB) - all other values can be inherited from global variables. Take a look at the `examples` directory for detailed synthax | `any` | n/a | yes |

diff --git a/rancher2-vsphere-cluster/examples/various-node-roles/main.tf b/rancher2-vsphere-cluster/examples/various-node-roles/main.tf
@@ -187,3 +187,48 @@ module "rancher_cluster_consolidated_control_plane_etcd" {
   master_node_quantity = 3
   worker_node_quantity = 3
 }
+
+# same as above but with network parameters read from vSphere network protocol profiles and transferred to the VM through vApp properties
+# this is useful for setting static IPv4 addresses on cluster nodes
+# in order for it to work, network protocol profile needs to be configured for the portgroup to which nodes are connected
+# and proper cloud-config should be included in order for the transferred properties to be read and actually configured inside the OS
+module "rancher_cluster_consolidated_control_plane_etcd_npp" {
+  source = "../.."
+
+  cloud_credential_name     = "MyVsphereCredentials"
+  cluster_name              = "tf_test_consolidated_npp"
+  cluster_description       = "Terraform test Rancher K8s cluster"
+  enable_monitoring         = true
+  enable_alerting           = false
+  enable_istio              = false
+  kubernetes_network_plugin = "canal"
+
+  node_template                            = "MyFolder/k8s-node-template"
+  node_datacenter                          = "MyDC"
+  node_datastore                           = "MyDatastore"
+  node_cluster                             = "MyCluster"
+  node_resource_pool                       = "MyResourcePool"
+  node_folder                              = "MyFolder"
+  node_portgroup                           = "MyPortgroup"
+  node_template_ssh_user                   = "root"
+  node_template_ssh_password               = "MySecretPass"
+  node_template_ssh_user_group             = "root"
+  node_network_protocol_profile_addressing = true
+  node_cloud_config                        = file("cloud-config.yml")
+
+  node_spec = {
+    master = {
+      num_vcpu  = 2
+      memory_gb = 4
+      disk_gb   = 20
+    }
+    worker = {
+      num_vcpu  = 4
+      memory_gb = 8
+      disk_gb   = 20
+    }
+  }
+
+  master_node_quantity = 3
+  worker_node_quantity = 3
+}
diff --git a/rancher2-vsphere-cluster/main.tf b/rancher2-vsphere-cluster/main.tf
@@ -28,16 +28,17 @@ resource "rancher2_node_template" "node_template" {
     ssh_user                  = contains(keys(each.value), "template_ssh_user") ? each.value.template_ssh_user : var.node_template_ssh_user
     ssh_password              = contains(keys(each.value), "template_ssh_password") ? each.value.template_ssh_password : var.node_template_ssh_password
     ssh_user_group            = contains(keys(each.value), "template_ssh_user_group") ? each.value.template_ssh_user_group : var.node_template_ssh_user_group
-    vapp_ip_allocation_policy = "fixedAllocated"
-    vapp_ip_protocol          = "IPv4"
-    vapp_transport            = "com.vmware.guestInfo"
-    vapp_property = [
+    vapp_ip_allocation_policy = var.node_network_protocol_profile_addressing ? "fixedAllocated" : null
+    vapp_ip_protocol          = var.node_network_protocol_profile_addressing ? "IPv4" : null
+    vapp_transport            = var.node_network_protocol_profile_addressing ? "com.vmware.guestInfo" : null
+    vapp_property = var.node_network_protocol_profile_addressing ? [
       contains(keys(each.value), "portgroup") ? "guestinfo.dns.servers=$${dns:${each.value.portgroup}}" : "guestinfo.dns.servers=$${dns:${var.node_portgroup}}",
-      contains(keys(each.value), "portgroup") ? "guestinfo.dns.domains=$${searchPath:${each.value.portgroup}}" : "guestinfo.dns.domains=$${searchPath:${var.node_portgroup}}",
+      contains(keys(each.value), "portgroup") ? "guestinfo.dns.domain=$${domainName:${each.value.portgroup}}" : "guestinfo.dns.domain=$${domainName:${var.node_portgroup}}",
+      contains(keys(each.value), "portgroup") ? "guestinfo.dns.searchpath=$${searchPath:${each.value.portgroup}}" : "guestinfo.dns.searchpath=$${searchPath:${var.node_portgroup}}",
       contains(keys(each.value), "portgroup") ? "guestinfo.interface.0.ip.0.address=ip:${each.value.portgroup}" : "guestinfo.interface.0.ip.0.address=ip:${var.node_portgroup}",
       contains(keys(each.value), "portgroup") ? "guestinfo.interface.0.ip.0.netmask=$${netmask:${each.value.portgroup}}" : "guestinfo.interface.0.ip.0.netmask=$${netmask:${var.node_portgroup}}",
       contains(keys(each.value), "portgroup") ? "guestinfo.interface.0.route.0.gateway=$${gateway:${each.value.portgroup}}" : "guestinfo.interface.0.route.0.gateway=$${gateway:${var.node_portgroup}}"
-    ]
+    ] : null
     cloud_config = contains(keys(each.value), "cloud_config") ? each.value.cloud_config : (var.node_cloud_config != null ? var.node_cloud_config : "#cloud-config")
   }
 }

diff --git a/rancher2-vsphere-cluster/variables.tf b/rancher2-vsphere-cluster/variables.tf
@@ -69,6 +69,12 @@ variable "node_cloud_config" {
   default     = null
 }
 
+variable "node_network_protocol_profile_addressing" {
+  type        = bool
+  description = "(Requires minimum Rancher v2.3.6) Whether to use node portgroup's network protocol profile to transfer network properties such as IP address, subnet mask, default gateway, DNS servers, DNS search path and DNS domain to the node through its vApp properties. In order for the transferred properties to be actually configured in the OS, `cloud_config` can be used to read the vApp properties through VMware Tools and configure the OS network stack. The following vApp properties are read from the network protocol profile and transferred to node VMs: `guestinfo.dns.servers` (DNS servers specified in the network protocol profile), `guestinfo.dns.domain` (domain name), `guestinfo.dns.searchpath` (DNS search path), `guestinfo.interface.0.ip.0.address` (assigned IP address from the IP pool), `guestinfo.interface.0.ip.0.netmask` (subnet mask of the assigned IP address) and `guestinfo.interface.0.route.0.gateway`(default gateway). If set to `false` (default) no vApp properties are configured and cluster nodes will use DHCP assigned addresses"
+  default     = false
+}
+
 variable "node_spec" {
   description = "Specification of node templates for each of the node roles. Available roles are `control_plane`, `etcd`, `master` (consolidated `control_plane` and `etcd`), `worker` and `all_in_one` (`control_plane`, `etcd` and `worker` consolidate on one node, used for creating single node clusters). `node_spec` allows for specifying parameters such as vSphere template, datacenter, cluster etc. on a node role basis. If these parameters are set both through `node_spec` and globally through `node_*`, `node_spec` values will have precedence. As a minimum, each node role needs to have the following inputs set in `node_spec`: `num_vcpu` (VM number of vCPUs), `memory_gb` (VM memory in GB) and `disk_gb` (VM disk size in GB) - all other values can be inherited from global variables. Take a look at the `examples` directory for detailed synthax"
 }