First draft version

.gitignore

@@ -0,0 +1,3 @@
+/.terraform/
+terraform
+inventory*.tfvars.json

.gitlab-ci.yml

@@ -0,0 +1,66 @@
+stages:
+ - inventory
+ - deploy
+ #- configure
+
+.aggregate_rules: &aggregate_rules
+ - if: '$CI_COMMIT_BRANCH == "master"'
+ when: on_success
+ - when: never
+
+variables: &cd_vars
+ REGISTRY: "localhost:5000"
+ ANSIBLE_REMOTE_USER: "admin"
+ ANSIBLE_STDOUT_CALLBACK: "yaml"
+ ANSIBLE_HOST_KEY_CHECKING: "False"
+ ANSIBLE_SSH_PIPELINING: "True"
+ VARS_JSON: "data/inventory_vars.tfvars.json"
+ INVENTORY_JSON: "data/inventory.tfvars.json"
+ TF_INPUT: 0
+ TF_LOG: "TRACE"
+ TF_IN_AUTOMATION: "1"
+ TF_DATA_DIR: "/opt/.terraform"
+ INVENTORY: "ansible_inventory.yml"
+ # MOVE THESE TO VAULT OR AS MASKED VARIABLES
+ VSPHERE_USER: "[email protected]"
+ VSPHERE_PASSWORD: "adminpass123"
+
+prepare:
+ image: ${REGISTRY}/ansible/ansible2.7
+ stage: inventory
+ rules: *aggregate_rules
+ allow_failure: false
+ artifacts:
+ paths:
+ - "data/*.tfvars.json"
+ before_script:
+ - mkdir data/
+ script:
+ - ansible-inventory -i $INVENTORY --list > $INVENTORY_JSON
+ - python create_vars_json.py $INVENTORY_JSON
+
+#TODO: set artifactory backend
+terraform:
+ image: ${REGISTRY}/terraform/terraform:0.12.26
+ stage: deploy
+ rules: *aggregate_rules
+ dependencies:
+ - prepare
+ allow_failure: false
+ script:
+ - terraform init -plugin-dir="$TF_DATA_DIR/plugins"
+ - |
+ if [[ -n "$TAINT_GUEST" ]]; then
+ terraform taint 'vsphere_virtual_machine.vsphere_vms\"${TAINT_GUEST}\"]' -state="${INVENTORY}.tfstate"
+ fi
+ - terraform plan -var="vsphere_user=${VSPHERE_USER}" -var="vsphere_password=${VSPHERE_PASSWORD}" -var-file="$VARS_JSON" -var-file="$INVENTORY_JSON" -state="${INVENTORY}.tfstate" -out=tfplan
+ - terraform apply -state="${INVENTORY}.tfstate" tfplan
+
+## A following stage would be used to configure the VMs with ansible, using the original ansible inventory file
+#ansible:
+# image: ${REGISTRY}/ansible/ansible2.7
+# stage: configure
+# rules: *aggregate_rules
+# allow_failure: false
+# script:
+# - ansible-playbook -i ansible_inventory.yml configure.yml

Dockerfile-terraform

@@ -0,0 +1,17 @@
+FROM centos:centos7
+
+ARG TERRAFORM_VERSION=0.12.26
+ARG VSPHERE_PLUGIN_VERSION=1.18.3
+ENV TF_DATA_DIR="/opt/.terraform"
+
+RUN yum install -y wget unzip && \
+ wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
+ unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
+ mv terraform /usr/bin && \
+ rm -rf terraform_${TERRAFORM_VERSION}_linux_amd64.zip
+
+RUN wget https://releases.hashicorp.com/terraform-provider-vsphere/1.18.3/terraform-provider-vsphere_${VSPHERE_PLUGIN_VERSION}_linux_amd64.zip && \
+ unzip terraform-provider-vsphere_${VSPHERE_PLUGIN_VERSION}_linux_amd64.zip && \
+ mkdir -p ${TF_DATA_DIR}/plugins && \
+ mv terraform-provider-vsphere_v${VSPHERE_PLUGIN_VERSION}_x4 ${TF_DATA_DIR}/plugins && \
+ rm -rf terraform-provider-vsphere_${VSPHERE_PLUGIN_VERSION}_linux_amd64.zip

ansible_inventory.yml

@@ -0,0 +1,52 @@
+all:
+ children:
+ tf_group:
+ hosts:
+ tf-test:
+ name: "tf-test"
+ network_adapters:
+ - name: "VM Network"
+ ip: "172.16.0.170"
+ netmask: '255.255.255.0'
+ gateway: "172.16.0.1"
+ ipv6: "fcf8:ab17:01fd::170"
+ netmaskv6: "64"
+ gatewayv6: "fcf8:ab17:01fd::1"
+ - name: "VM Network2"
+ ip: "172.17.0.170"
+ netmask: '255.255.255.0'
+ ipv6: "fcf8:ab17:02fd::170"
+ netmaskv6: "64"
+ disk_layout:
+ - size_gb: "150"
+ type: "thin"
+ datastore: "datastore-01"
+ tf-test2:
+ name: "tf-test2"
+ network_adapters:
+ - name: "VM Network"
+ ip: "172.16.0.171"
+ netmask: '255.255.255.0'
+ gateway: "172.16.0.1"
+ ipv6: "fcf8:ab17:01fd::171"
+ netmaskv6: "64"
+ gatewayv6: "fcf8:ab17:01fd::1"
+ start_connected: True
+ - name: "VM Network2"
+ ip: "172.17.0.171"
+ netmask: '255.255.255.0'
+ ipv6: "fcf8:ab17:02fd::171"
+ netmaskv6: "64"
+ start_connected: True
+ disk_layout:
+ - size_gb: "150"
+ type: "thin"
+ datastore: "datastore-01"
+ vars:
+ guest_id: centos64Guest
+ guest_memory: 2048
+ guest_vcpu: 2
+ dns_servers:
+ - 8.8.8.8
+ - 8.8.4.4
+ guest_template: vm-template1

create_vars_json.py

@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+
+import os
+import sys
+import json
+
+def create_vars_json(inventories):
+ output_file = os.environ.get("VARS_JSON", "inventory_vars.tfvars.json")
+
+ variables = dict(networks=list(),templates=list(),datastores=list())
+
+ for inventory_path in inventories:
+
+ with open(inventory_path,"r") as inventory_file:
+ inventory = json.loads(inventory_file.read())
+
+ hostvars = inventory["_meta"]["hostvars"]
+ variables["networks"].extend(net_if["name"]
+ for var in hostvars.values()
+ for net_if in var["network_adapters"])
+
+ variables["templates"].extend(var["guest_template"]
+ for var in hostvars.values()
+ if "guest_template" in var)
+
+ variables["datastores"].extend(disk_layout["datastore"]
+ for var in hostvars.values()
+ for disk_layout in var["disk_layout"] if "datastore" in disk_layout)
+
+ if os.path.isfile(output_file):
+ existing_vars = json.loads(open(output_file, "r").read())
+ for k in variables:
+ if k in existing_vars:
+ variables[k].extend(existing_vars[k])
+
+ for k in variables:
+ variables[k] = list(set(variables[k]))
+
+ with open(output_file, "w") as nt:
+ json.dump(variables, nt, indent=2)
+
+
+if __name__ == '__main__':
+ if len(sys.argv) < 2:
+ print("Specify inventory paths as arguments!")
+ sys.exit(1)
+ print(str(sys.argv[1:]))
+ create_vars_json(sys.argv[1:])

inventory.tfvars.json.example

@@ -0,0 +1,93 @@
+{
+ "_meta": {
+ "hostvars": {
+ "tf-test": {
+ "disk_layout": [
+ {
+ "datastore": "datastore-01",
+ "size_gb": "150",
+ "type": "thin"
+ }
+ ],
+ "dns_servers": [
+ "8.8.8.8",
+ "8.8.4.4"
+ ],
+ "guest_id": "centos64Guest",
+ "guest_memory": 2048,
+ "guest_template": "vm-template1",
+ "guest_vcpu": 2,
+ "name": "tf-test",
+ "network_adapters": [
+ {
+ "gateway": "172.16.0.1",
+ "gatewayv6": "fcf8:ab17:01fd::1",
+ "ip": "172.16.0.170",
+ "ipv6": "fcf8:ab17:01fd::170",
+ "name": "VM Network",
+ "netmask": "255.255.255.0",
+ "netmaskv6": "64"
+ },
+ {
+ "ip": "172.17.0.170",
+ "ipv6": "fcf8:ab17:02fd::170",
+ "name": "VM Network2",
+ "netmask": "255.255.255.0",
+ "netmaskv6": "64"
+ }
+ ]
+ },
+ "tf-test2": {
+ "disk_layout": [
+ {
+ "datastore": "datastore-01",
+ "size_gb": "150",
+ "type": "thin"
+ }
+ ],
+ "dns_servers": [
+ "8.8.8.8",
+ "8.8.4.4"
+ ],
+ "guest_id": "centos64Guest",
+ "guest_memory": 2048,
+ "guest_template": "vm-template1",
+ "guest_vcpu": 2,
+ "name": "tf-test2",
+ "network_adapters": [
+ {
+ "gateway": "172.16.0.1",
+ "gatewayv6": "fcf8:ab17:01fd::1",
+ "ip": "172.16.0.171",
+ "ipv6": "fcf8:ab17:01fd::171",
+ "name": "VM Network",
+ "netmask": "255.255.255.0",
+ "netmaskv6": "64",
+ "start_connected": true
+ },
+ {
+ "ip": "172.17.0.171",
+ "ipv6": "fcf8:ab17:02fd::171",
+ "name": "VM Network2",
+ "netmask": "255.255.255.0",
+ "netmaskv6": "64",
+ "start_connected": true
+ }
+ ]
+ }
+ }
+ },
+ "all": {
+ "children": [
+ "tf_group",
+ "ungrouped"
+ ]
+ },
+ "tf_group": {
+ "hosts": [
+ "tf-test",
+ "tf-test2"
+ ]
+ },
+ "ungrouped": {}
+}

inventory_vars.tfvars.json.example

@@ -0,0 +1,12 @@
+{
+ "datastores": [
+ "datastore-01"
+ ], 
+ "templates": [
+ "vm-template1"
+ ], 
+ "networks": [
+ "VM Network2", 
+ "VM Network"
+ ]
+}

terraform.tfvars.json

@@ -0,0 +1,4 @@
+{
+ "vsphere_server": "192.168.0.10",
+ "allow_unverified_ssl": false
+}

vsphere_data.tf

@@ -0,0 +1,68 @@
+variable "vsphere_user" {
+ type = string
+}
+variable "vsphere_password" {
+ type = string
+}
+variable "vsphere_server" {
+ type = string
+}
+variable "allow_unverified_ssl" {
+ type = bool
+}
+
+provider "vsphere" {
+ user = var.vsphere_user
+ password = var.vsphere_password
+ vsphere_server = var.vsphere_server
+ allow_unverified_ssl = var.allow_unverified_ssl
+ version = "~> 1.18"
+}
+
+variable "networks" {
+ type = list(string)
+}
+
+variable "templates" {
+ type = list(string)
+}
+
+variable "datastores" {
+ type = list(string)
+}
+
+data "vsphere_datacenter" "dc" {
+ name = "ha-datacenter"
+}
+
+data "vsphere_compute_cluster" "ha-cluster" {
+ name = "ha-cluster"
+ datacenter_id = data.vsphere_datacenter.dc.id
+}
+
+data "vsphere_datastore" "all" {
+ count = length(var.datastores)
+
+ name = var.datastores[count.index]
+ datacenter_id = data.vsphere_datacenter.dc.id
+}
+
+data "vsphere_distributed_virtual_switch" "dvs1" {
+ name = "dvs1"
+ datacenter_id = data.vsphere_datacenter.dc.id
+}
+
+data "vsphere_network" "all" {
+ count = length(var.networks)
+
+ name = var.networks[count.index]
+ datacenter_id = data.vsphere_datacenter.dc.id
+ distributed_virtual_switch_uuid = data.vsphere_distributed_virtual_switch.dvs1.id
+}
+
+data "vsphere_virtual_machine" "templates" {
+ count = length(var.templates)
+
+ name = var.templates[count.index]
+ datacenter_id = data.vsphere_datacenter.dc.id
+}