Adapt terraform main files

Signed-off-by: Silvio Moioli <silvio@moioli.net>

terraform/inputs.tf

@@ -1,36 +1,18 @@
 locals {
-  region                      = "us-east-1"
-  availability_zone           = "us-east-1a"
-  secondary_availability_zone = "us-east-1b"
-
-  bastion_ami = "ami-0abac89b48b8cc3bb" // amazon/suse-sles-15-sp4-byos-v20220621-hvm-ssd-arm64
-
-  upstream_instance_type       = "t3a.xlarge"
-  upstream_ami                 = "ami-0096528c9fcc1a6a9" // Ubuntu: us-east-1 jammy 22.04 LTS amd64 hvm:ebs-ssd 20221118
   upstream_server_count        = 3
   upstream_agent_count         = 0
-  upstream_distro_version      = "v1.4.3/rke_darwin-amd64 v1.24.10-rancher4-1"
+  upstream_distro_version      = "v1.24.12+k3s1"
-  # alternatives:
-  # upstream_distro_version = "v1.24.11+k3s1"
-  # upstream_distro_version = "v1.24.8+rke2r1"
-  rancher_chart                = "https://releases.rancher.com/server-charts/latest/rancher-2.7.2.tgz"
   upstream_san                 = "upstream.local.gd"
-  upstream_kubernetes_api_port = 6443
+  upstream_kubernetes_api_port = 6445
-  rancher_port                 = 8443
+
+  rancher_chart = "https://releases.rancher.com/server-charts/latest/rancher-2.7.2.tgz"
+  rancher_port  = 8443
 
-  downstream_instance_type       = "t3a.xlarge"
-  downstream_ami                 = "ami-0096528c9fcc1a6a9"
-  // Ubuntu: us-east-1 jammy 22.04 LTS amd64 hvm:ebs-ssd 20221118
   downstream_server_count        = 1
-  downstream_agent_count         = 1
+  downstream_agent_count         = 0
-  downstream_distro_version      = "v1.24.11+k3s1"
+  downstream_distro_version      = "v1.24.12+k3s1"
-  # alternatives:
-  # downstream_distro_version = "v1.24.8+rke2r1"
-  # downstream_distro_version = "v1.4.3/rke_darwin-amd64 v1.24.10-rancher4-1"
   downstream_san                 = "downstream.local.gd"
-  downstream_kubernetes_api_port = 6444
+  downstream_kubernetes_api_port = 6446
 
-  project_name         = "moio"
+  project_name = "moio"
-  ssh_private_key_path = "~/.ssh/id_ed25519"
-  ssh_public_key_path  = "~/.ssh/id_ed25519.pub"
 }

terraform/main.tf

@@ -1,21 +1,13 @@
 terraform {
   required_version = "1.3.7"
   required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "4.31.0"
-    }
-    tls = {
-      source  = "hashicorp/tls"
-      version = "4.0.3"
-    }
     helm = {
       source  = "hashicorp/helm"
       version = "2.7.1"
     }
-    ssh = {
+    docker = {
-      source  = "loafoe/ssh"
+      source  = "kreuzwerker/docker"
-      version = "2.2.1"
+      version = "2.23.1"
     }
     k3d = {
       source  = "moio/k3d"
@@ -24,96 +16,48 @@ terraform {
   }
 }
 
-provider "aws" {
+module "network" {
-  region = local.region
+  source       = "./k3d_network"
-}
+  project_name = local.project_name
-
-module "aws_shared" {
-  source              = "./aws_shared"
-  project_name        = local.project_name
-  ssh_public_key_path = local.ssh_public_key_path
-}
-
-module "aws_network" {
-  source                      = "./aws_network"
-  region                      = local.region
-  availability_zone           = local.availability_zone
-  secondary_availability_zone = local.secondary_availability_zone
-  project_name                = local.project_name
-}
-
-module "bastion" {
-  depends_on            = [module.aws_network]
-  source                = "./aws_host"
-  ami                   = local.bastion_ami
-  availability_zone     = local.availability_zone
-  project_name          = local.project_name
-  name                  = "bastion"
-  ssh_key_name          = module.aws_shared.key_name
-  ssh_private_key_path  = local.ssh_private_key_path
-  subnet_id             = module.aws_network.public_subnet_id
-  vpc_security_group_id = module.aws_network.public_security_group_id
 }
 
 module "upstream_cluster" {
-  source                 = "./aws_rke"
+  source                   = "./k3d_k3s"
-  # alternatives:
+  project_name             = local.project_name
-  # source = "./aws_k3s"
+  name                     = "upstream"
-  # source = "./aws_rke2"
+  network_name             = module.network.name
-  ami                    = local.upstream_ami
+  server_count             = local.upstream_server_count
-  instance_type          = local.upstream_instance_type
+  agent_count              = local.upstream_agent_count
-  availability_zone      = local.availability_zone
+  distro_version           = local.upstream_distro_version
-  project_name           = local.project_name
+  sans                     = [local.upstream_san]
-  name                   = "upstream"
+  kubernetes_api_port      = local.upstream_kubernetes_api_port
-  server_count           = local.upstream_server_count
+  additional_port_mappings = [[local.rancher_port, 443]]
-  agent_count            = local.upstream_agent_count
-  ssh_key_name           = module.aws_shared.key_name
-  ssh_private_key_path   = local.ssh_private_key_path
-  ssh_bastion_host       = module.bastion.public_name
-  subnet_id              = module.aws_network.private_subnet_id
-  vpc_security_group_id  = module.aws_network.private_security_group_id
-  kubernetes_api_port    = local.upstream_kubernetes_api_port
-  additional_ssh_tunnels = [[local.rancher_port, 443]]
-  distro_version         = local.upstream_distro_version
-  sans                   = [local.upstream_san]
-  # k3s only
-  # secondary_subnet_id    = module.aws_network.secondary_private_subnet_id
 }
 
 provider "helm" {
   kubernetes {
-    config_path = "../config/upstream.yaml"
+    config_path    = "~/.kube/config"
+    config_context = "k3d-${local.project_name}-upstream"
   }
 }
 
 module "rancher" {
-  depends_on   = [module.upstream_cluster]
+  depends_on         = [module.upstream_cluster]
-  count        = local.upstream_server_count > 0 ? 1 : 0
+  count              = local.upstream_server_count > 0 ? 1 : 0
-  source       = "./rancher"
+  source             = "./rancher"
-  public_name  = local.upstream_san
+  public_name        = local.upstream_san
-  private_name = module.upstream_cluster.first_server_private_name
+  private_name       = module.upstream_cluster.first_server_private_name
-  chart        = local.rancher_chart
+  chart              = local.rancher_chart
 }
 
 module "downstream_cluster" {
-  source                = "./aws_k3s"
+  source              = "./k3d_k3s"
-  # alternatives:
+  project_name        = local.project_name
-  # source = "./aws_rke"
+  name                = "downstream"
-  # source = "./aws_rke2"
+  network_name        = module.network.name
-  ami                   = local.downstream_ami
+  server_count        = local.downstream_server_count
-  instance_type         = local.downstream_instance_type
+  agent_count         = local.downstream_agent_count
-  availability_zone     = local.availability_zone
+  distro_version      = local.downstream_distro_version
-  project_name          = local.project_name
+  sans                = [local.downstream_san]
-  name                  = "downstream"
+  kubernetes_api_port = local.downstream_kubernetes_api_port
-  server_count          = local.downstream_server_count
-  agent_count           = local.downstream_agent_count
-  ssh_key_name          = module.aws_shared.key_name
-  ssh_private_key_path  = local.ssh_private_key_path
-  ssh_bastion_host      = module.bastion.public_name
-  subnet_id             = module.aws_network.private_subnet_id
-  vpc_security_group_id = module.aws_network.private_security_group_id
-  kubernetes_api_port   = local.downstream_kubernetes_api_port
-  distro_version        = local.downstream_distro_version
-  sans                  = [local.downstream_san]
-  secondary_subnet_id   = module.aws_network.secondary_private_subnet_id
 }

terraform/outputs.tf

@@ -7,11 +7,9 @@ output "bootstrap_password" {
 }
 
 output "upstream_cluster" {
-  value = { kubeconfig : pathexpand("../config/upstream.yaml"), context : "upstream.local.gd" }
+  value = { kubeconfig : pathexpand("~/.kube/config"), context : "k3d-${local.project_name}-upstream" }
 }
 
 output "downstream_clusters" {
-  value = [
+  value = [{ name : "downstream", kubeconfig : pathexpand("~/.kube/config"), context : "k3d-${local.project_name}-downstream" }]
-    { name : "downstream", kubeconfig : pathexpand("../config/downstream.yaml"), context : "downstream.local.gd" }
-  ]
 }