Latest changes, works in production.

This commit is contained in:
Emiliano Vavassori 2022-08-18 00:19:30 +02:00
parent 705ac0fc0a
commit a9a712cada
3 changed files with 66 additions and 49 deletions

View File

@ -1,3 +1,7 @@
# Required configuration parameters # # Quick configuration #
- `password`: password of the `root@pam` user (use `--secret` please) Check out the file `input.yml` for a quick setup for a new machine.
Also, don't forget to setup the password for your account on your ProxmoxVE
server configuring `pulumi`:
$ pulumi config set password --secret <yourpassword>

View File

@ -3,46 +3,32 @@
import pulumi import pulumi
import pulumi_proxmoxve as proxmox import pulumi_proxmoxve as proxmox
import pulumi_command as command import pulumi_command as command
import yaml
# Basic PVE configuration # Import configuration parameters from input.yaml
pve_url = "https://pve.vavassori.lcl:8006" i = open("./input.yaml")
pve_username = "root@pam" input_ = yaml.safe_load(i.read())
pve_nodename = "pve" i.close()
pve_storage = "local-lvm"
# Basic VM configuration
vm_name = "virtual-machine"
vm_clone = 802
vm_sockets = 1
vm_cores = 1
vm_ram = 2048
vm_disksize = 20
vm_username = "syntaxerrormmm"
vm_sshkeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFioHkaV1NhX6NCqsJakJw8EVBOcDHm1MEbpY499CPtG syntaxerrormmm@fisso",
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILu91hBh8pNRt4eE1pug0Y4jCHZDCcMJ+vj3CiF5EQHV syntaxerrormmm@syntaxxps",
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/hn/0xn6DRS2B0paFzDQRakupgTQQ5hitQhqOfWcqz syntaxerrormmm@microbo"
]
# Ansible configuration
ansible_playbook = "deploy.yml"
# Start of the program
# Check pulumi configuration
config = pulumi.Config() config = pulumi.Config()
provider = proxmox.Provider("proxmoxve", provider = proxmox.Provider("proxmoxve",
virtual_environment = { virtual_environment = {
"endpoint": pve_url, "endpoint": input_['pve']['url'],
"insecure": True, "insecure": input_['pve']['insecure'],
"username": pve_username, "username": input_['pve']['username'],
"password": config.require_secret("password") "password": config.require_secret("password")
} }
) )
vm_name = input_['vm']['name']
vm_username = input_['vm']['username']
ansible_playbook = input_['ansible_playbook']
vm = proxmox.vm.VirtualMachine("vm", vm = proxmox.vm.VirtualMachine("vm",
name = vm_name, name = vm_name,
node_name = pve_nodename, node_name = input_['pve']['nodename'],
agent = proxmox.vm.VirtualMachineAgentArgs( agent = proxmox.vm.VirtualMachineAgentArgs(
enabled = True, enabled = True,
trim = True, trim = True,
@ -50,22 +36,22 @@ vm = proxmox.vm.VirtualMachine("vm",
), ),
bios = "seabios", bios = "seabios",
cpu = proxmox.vm.VirtualMachineCpuArgs( cpu = proxmox.vm.VirtualMachineCpuArgs(
cores = vm_cores, cores = input_['vm']['cores'],
sockets = vm_sockets sockets = input_['vm']['sockets']
), ),
memory = proxmox.vm.VirtualMachineMemoryArgs( memory = proxmox.vm.VirtualMachineMemoryArgs(
dedicated = vm_ram dedicated = input_['vm']['ram']
), ),
clone = proxmox.vm.VirtualMachineCloneArgs( clone = proxmox.vm.VirtualMachineCloneArgs(
node_name = pve_nodename, node_name = input_['pve']['nodename'],
vm_id = vm_clone, vm_id = input_['vm']['clone'],
full = True full = True
), ),
disks = [ disks = [
proxmox.vm.VirtualMachineDiskArgs( proxmox.vm.VirtualMachineDiskArgs(
interface = "virtio0", interface = "virtio0",
datastore_id = pve_storage, datastore_id = input_['pve']['storage'],
size = vm_disksize, size = input_['vm']['disksize'],
file_format = "raw" file_format = "raw"
) )
], ],
@ -81,11 +67,11 @@ vm = proxmox.vm.VirtualMachine("vm",
), ),
initialization = proxmox.vm.VirtualMachineInitializationArgs( initialization = proxmox.vm.VirtualMachineInitializationArgs(
type = "nocloud", type = "nocloud",
datastore_id = pve_storage, datastore_id = input_['pve']['storage'],
user_account = proxmox.vm.VirtualMachineInitializationUserAccountArgs( user_account = proxmox.vm.VirtualMachineInitializationUserAccountArgs(
username = vm_username, username = vm_username,
password = "cicciopasticcio", password = input_['vm']['password'],
keys = vm_sshkeys keys = input_['vm']['sshkeys']
) )
), ),
opts = pulumi.ResourceOptions( opts = pulumi.ResourceOptions(
@ -95,22 +81,24 @@ vm = proxmox.vm.VirtualMachine("vm",
# First item of the ipv4_addresses is of the loopback interface (so the usual 127.0.0.1). Let's get the second and grab only the text. # First item of the ipv4_addresses is of the loopback interface (so the usual 127.0.0.1). Let's get the second and grab only the text.
# Creating the inventory file (which will not be used by pulumi for ansible, # Creating the inventory file
# btw). inventory = command.local.Command("a-inventory",
inventory = open('inventory', 'w') create = vm.ipv4_addresses[1][0].apply(
vm.ipv4_addresses[1][0].apply( lambda ipaddr: f"echo '{vm_name} ansible_host={lanip} ansible_user={vm_username}' >./inventory"
lambda lanip: inventory.write(f"{vm_name} ansible_host={lanip} ansible_user={vm_username}") ),
delete = "rm -f ./inventory",
opts = pulumi.ResourceOptions(depends_on = [ vm ])
) )
inventory.close()
# Try the deployment with ansible # Try the deployment with ansible
# Applying the command # Applying the command
execute_ansible = command.local.Command("ansible", execute_ansible = command.local.Command("a-deploy",
create = vm.ipv4_addresses[1][0].apply( create = vm.ipv4_addresses[1][0].apply(
lambda ipaddr: f"ansible-playbook -i '{ipaddr},' {ansible_playbook}" lambda ipaddr: f"ansible-playbook {ansible_playbook}"
), ),
opts = pulumi.ResourceOptions(depends_on = [vm]) delete = "rm -f ./ansible.log",
opts = pulumi.ResourceOptions(depends_on = [ inventory ])
) )
# Outputs # Outputs

View File

@ -0,0 +1,25 @@
---
pve:
url: "https://pve.vavassori.lcl:8006"
insecure: true
username: root@pam
nodename: pve
storage: local-lvm
# Basic VM configuration
vm:
name: virtual-machine
clone: 802
sockets: 1
cores: 1
ram: 2048
disksize: 20
username: syntaxerrormmm
password: cicciopasticcio
sshkeys:
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFioHkaV1NhX6NCqsJakJw8EVBOcDHm1MEbpY499CPtG syntaxerrormmm@fisso"
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILu91hBh8pNRt4eE1pug0Y4jCHZDCcMJ+vj3CiF5EQHV syntaxerrormmm@syntaxxps"
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/hn/0xn6DRS2B0paFzDQRakupgTQQ5hitQhqOfWcqz syntaxerrormmm@microbo"
# Ansible configuration
ansible_playbook: deploy.yml