opentofu: add kubespray submodule to deploy via ansible

Not working yet, getting : "msg": "Ansible must be between 2.16.4 and 2.17.0 exclusive - you have 2.17.5"

11 files changed, 81 insertions, 99 deletions

diff --git a/opentofu/docker-server.tf b/opentofu/docker-server.tf
index 3e13b42..04b2cb1 100644
--- a/opentofu/docker-server.tf
+++ b/opentofu/docker-server.tf
@@ -56,21 +56,11 @@ resource "proxmox_vm_qemu" "docker_server" {
   sshkeys   = var.ssh_public_key
 }
 
-# Run Ansible playbook after VM creation
-resource "null_resource" "ansible_provisioner" {
-  triggers = {
-    vm_id = proxmox_vm_qemu.docker_server.id
-  }
-
-  provisioner "local-exec" {
-    command = <<-EOT
-      ANSIBLE_HOST_KEY_CHECKING=False ANSIBLE_CONFIG=${path.root}/../ansible/ansible.cfg ansible-playbook \
-        -i '${proxmox_vm_qemu.docker_server.default_ipv4_address},' \
-        -u ${var.vm_username} \
-        --private-key ${var.ssh_private_key_path} \
-        ${var.ansible_playbook_path}
-    EOT
-  }
-
-  depends_on = [proxmox_vm_qemu.docker_server]
+# Run Ansible playbook after VM creation to install Docker
+module "ansible_provision_docker_server" {
+  source                = "./modules/ansible_provisioner"
+  vm_ip                 = proxmox_vm_qemu.docker_server.default_ipv4_address # Pass only the VM's IP
+  vm_username           = var.vm_username
+  ssh_private_key_path  = var.ssh_private_key_path
+  ansible_playbook_path = var.docker_ansible_playbook_path
 }
diff --git a/opentofu/inventory.ini b/opentofu/inventory.ini
new file mode 100755
index 0000000..f00a94a
--- /dev/null
+++ b/opentofu/inventory.ini
@@ -0,0 +1,14 @@
+[kube_control_plane]
+192.168.1.86
+
+[etcd]
+192.168.1.86
+
+[kube_node]
+192.168.1.84
+192.168.1.85
+
+
+[k8s_cluster:children]
+kube_control_plane
+kube_node
diff --git a/opentofu/inventory.tf b/opentofu/inventory.tf
new file mode 100644
index 0000000..ddf3ba4
--- /dev/null
+++ b/opentofu/inventory.tf
@@ -0,0 +1,18 @@
+resource "local_file" "ansible_inventory" {
+  filename = "${path.module}/inventory.ini"
+  content  = <<-EOT
+    [kube_control_plane]
+    ${proxmox_vm_qemu.k8s_cp.default_ipv4_address}
+
+    [etcd]
+    ${proxmox_vm_qemu.k8s_cp.default_ipv4_address}
+
+    [kube_node]
+    %{for vm in proxmox_vm_qemu.k8s_worker[*]}${vm.default_ipv4_address}
+    %{endfor}
+
+    [k8s_cluster:children]
+    kube_control_plane
+    kube_node
+  EOT
+}
diff --git a/opentofu/k8s-cluster.tf b/opentofu/k8s-cluster.tf
index 1241399..c6392cd 100644
--- a/opentofu/k8s-cluster.tf
+++ b/opentofu/k8s-cluster.tf
@@ -115,22 +115,11 @@ resource "proxmox_vm_qemu" "k8s_worker" {
   sshkeys   = var.ssh_public_key
 }
 
-
-## Run Ansible playbook after VM creation
-#resource "null_resource" "ansible_provisioner" {
-#  triggers = {
-#    vm_id = proxmox_vm_qemu.k8s-[worker][cp]-[count.index].id
-#  }
-#
-#  provisioner "local-exec" {
-#    command = <<-EOT
-#      ANSIBLE_HOST_KEY_CHECKING=False ANSIBLE_CONFIG=${path.root}/../ansible/ansible.cfg ansible-playbook \
-#	-i '${proxmox_vm_qemu.k8s-[worker][cp]-[count.index].default_ipv4_address},' \
-#	-u ${var.vm_username} \
-#	--private-key ${var.ssh_private_key_path} \
-#	${var.ansible_playbook_path}
-#    EOT
-#  }
-#
-#  depends_on = [proxmox_vm_qemu.docker_server]
-#}
+# Provision the control plane node and the workers
+module "ansible_provision_k8s" {
+  source                = "./modules/ansible_provisioner"
+  inventory_file_path   = local_file.ansible_inventory.filename # Pass inventory path here
+  vm_username           = var.vm_username
+  ssh_private_key_path  = var.ssh_private_key_path
+  ansible_playbook_path = var.k8s_ansible_playbook_path
+}
diff --git a/opentofu/modules/README.md b/opentofu/modules/README.md
index 4ba37a9..2dab9cb 100644
--- a/opentofu/modules/README.md
+++ b/opentofu/modules/README.md
@@ -1,6 +1,3 @@
 # OpenTofu Modules
 
 This folder contains reusable OpenTofu modules for provisioning infrastructure.
-
-## Available Modules
--
diff --git a/opentofu/modules/ansible_provisioner/main.tf b/opentofu/modules/ansible_provisioner/main.tf
new file mode 100644
index 0000000..54e3346
--- /dev/null
+++ b/opentofu/modules/ansible_provisioner/main.tf
@@ -0,0 +1,27 @@
+variable "vm_ip" {
+  default = null
+}
+
+variable "inventory_file_path" {
+  default = null
+}
+
+variable "vm_username" {}
+variable "ssh_private_key_path" {}
+variable "ansible_playbook_path" {}
+
+resource "null_resource" "ansible_provisioner" {
+  triggers = {
+    ip_or_inventory = coalesce(var.vm_ip, var.inventory_file_path)  # Choose based on what is provided
+  }
+
+  provisioner "local-exec" {
+    command = <<-EOT
+      ANSIBLE_HOST_KEY_CHECKING=False ANSIBLE_CONFIG=${path.root}/../ansible/ansible.cfg ansible-playbook \
+        -i ${var.inventory_file_path != null ? var.inventory_file_path : "${var.vm_ip},"} \
+        -u ${var.vm_username} \
+        --private-key ${var.ssh_private_key_path} \
+        ${var.ansible_playbook_path}
+    EOT
+  }
+}
diff --git a/opentofu/outputs.tf b/opentofu/outputs.tf
index 7779a10..c6c3d88 100644
--- a/opentofu/outputs.tf
+++ b/opentofu/outputs.tf
@@ -3,7 +3,6 @@ locals {
     [proxmox_vm_qemu.k8s_cp],
     proxmox_vm_qemu.k8s_worker,
     [proxmox_vm_qemu.docker_server],
-    [proxmox_vm_qemu.ubuntu_server_noble]
   ])
 }
 
diff --git a/opentofu/plan.out b/opentofu/plan.out
index 0a6bf9f..a295e16 100644
--- a/opentofu/plan.out
+++ b/opentofu/plan.out
diff --git a/opentofu/terraform.tfvars b/opentofu/terraform.tfvars
index a457908..bbb7b1b 100644
--- a/opentofu/terraform.tfvars
+++ b/opentofu/terraform.tfvars
@@ -5,4 +5,5 @@ ubuntu_server_noble_packer_image_name    = "ubuntu-server-noble-24-04-1-amd64"
 vm_username                              = "mas"
 ssh_private_key_path                     = "~/.ssh/id_ecdsa"
 ssh_public_key                           = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCtB9NZgJMVovVR4foT0OOV9GdHeHZoPtK1TGko2W4wli/reKjpUYBhlSPWbaWD9WUbl0RRqdzkODy1fB001zxs= mas@TMV2"
-ansible_playbook_path                    = "../ansible/playbooks/docker.yml"
+docker_ansible_playbook_path             = "../ansible/playbooks/docker.yml"
+k8s_ansible_playbook_path                = "../ansible/playbooks/k8s.yml"
diff --git a/opentofu/ubuntu-server-noble.tf b/opentofu/ubuntu-server-noble.tf
deleted file mode 100644
index fe64af9..0000000
--- a/opentofu/ubuntu-server-noble.tf
+++ /dev/null
@@ -1,57 +0,0 @@
-resource "proxmox_vm_qemu" "ubuntu_server_noble" {
-
-  lifecycle {
-    ignore_changes = [
-      bootdisk,
-    ]
-  }
-
-  name        = "ubuntu-server-noble"
-  desc        = "Plain ubuntu server noble"
-  agent       = 1 # Qemu Guest Agent
-  target_node = var.proxmox_node
-  tags        = "ubuntu"
-
-  clone      = var.ubuntu_server_noble_packer_image_name
-  full_clone = true
-
-  qemu_os  = "other"
-  cores    = 2
-  sockets  = 1
-  cpu_type = "host"
-  memory   = 4096
-
-  scsihw   = "virtio-scsi-pci"
-  bootdisk = "scsi0"
-
-  disks {
-    ide {
-      ide0 {
-        cloudinit {
-          storage = "local-lvm"
-        }
-      }
-    }
-    virtio {
-      virtio0 {
-        disk {
-          storage   = "local-lvm"
-          size      = "20G"
-          iothread  = true
-          replicate = false
-        }
-      }
-    }
-  }
-
-  network {
-    id     = 0
-    model  = "virtio"
-    bridge = "vmbr0"
-  }
-
-  # Cloud-Init settings
-  ipconfig0 = "ip=dhcp"
-  ciuser    = "mas"
-  sshkeys   = var.ssh_public_key
-}
diff --git a/opentofu/variables.tf b/opentofu/variables.tf
index bdbc17f..c777b21 100644
--- a/opentofu/variables.tf
+++ b/opentofu/variables.tf
@@ -43,11 +43,15 @@ variable "ssh_public_key" {
   sensitive = true
 }
 
-variable "ansible_playbook_path" {
+variable "docker_ansible_playbook_path" {
   description = "Path to the Ansible playbook for Docker installation"
   type        = string
 }
 
+variable "k8s_ansible_playbook_path" {
+  description = "Path to the Ansible playbook for k8s installation"
+  type        = string
+}
 
 variable "k8s_worker_vm_name_prefix" {
   description = "VM name prefix"